urlscan.io logo urlscan.io
SecurityTrails logo

login.asr.nl Open in urlscan Pro
195.143.24.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mijn.asr.nl/
Effective URL: https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2...
Submission: On December 24 via manual from IN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 8 domains to perform 51 HTTP transactions. The main IP is 195.143.24.98, located in Roehampton, United Kingdom and belongs to GTT-BACKBONE GTT, US. The main domain is login.asr.nl.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 15th 2021. Valid for: a year.
This is the only time login.asr.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 193.105.111.38 50737 (ASRAS)
1 12 109.235.78.154 25151 (CYSO-AS)
10 104.84.56.194 16625 (AKAMAI-AS)
3 18 195.143.24.98 3257 (GTT-BACKB...)
5 2a00:1450:400... 15169 (GOOGLE)
2 193.105.111.26 50737 (ASRAS)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.210.214.221 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 193.105.111.39 50737 (ASRAS)
1 99.86.3.70 16509 (AMAZON-02)
51 11
2    193.105.111.38 (Nieuwegein, Netherlands)

ASN50737 (ASRAS, NL)
mijn.asr.nl
12    109.235.78.154 (Alkmaar, Netherlands)

ASN25151 (CYSO-AS, NL)
PTR: free.cyso.net
leven.asr.nl
10    104.84.56.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
18    195.143.24.98 (Roehampton, United Kingdom)

ASN3257 (GTT-BACKBONE GTT, US)
PTR: mail.maychriste.de
login.asr.nl
5    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    193.105.111.26 (Nieuwegein, Netherlands)

ASN50737 (ASRAS, NL)
www.asr.nl
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    52.210.214.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-214-221.eu-west-1.compute.amazonaws.com
w.usabilla.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    193.105.111.39 (Nieuwegein, Netherlands)

ASN50737 (ASRAS, NL)
www.asrnl.com
1    99.86.3.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-70.fra6.r.cloudfront.net
d6tizftlrpuof.cloudfront.net
Domain Requested by
18 login.asr.nl 3 redirects leven.asr.nl
login.asr.nl
12 leven.asr.nl 1 redirects leven.asr.nl
10 tags.tiqcdn.com leven.asr.nl
tags.tiqcdn.com
login.asr.nl
5 www.google-analytics.com tags.tiqcdn.com
www.google-analytics.com
login.asr.nl
www.googletagmanager.com
2 www.asr.nl login.asr.nl
www.asr.nl
2 w.usabilla.com leven.asr.nl
login.asr.nl
2 mijn.asr.nl 2 redirects
1 d6tizftlrpuof.cloudfront.net login.asr.nl
1 www.asrnl.com login.asr.nl
1 www.googletagmanager.com tags.tiqcdn.com
1 fonts.googleapis.com login.asr.nl
51 11

This site contains links to these domains. Also see Links.

Domain
www.asr.nl
www.asrnederland.nl
Subject Issuer Validity Valid
leven.asr.nl
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
login.asr.nl
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-15 -
2022-03-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.asr.nl
DigiCert SHA2 Extended Validation Server CA		 2020-02-24 -
2022-02-28		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
w.usabilla.com
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
www.asrnederland.nl
DigiCert SHA2 Secure Server CA		 2020-07-23 -
2022-07-28		 2 years crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh

This page contains 5 frames:

Primary Page: https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
Frame ID: 934B92017ED0285B680573663C12ACA3
Requests: 47 HTTP requests in this frame

Frame: https://w.usabilla.com/6aed996eaf59.js?lv=1
Frame ID: 4AC228E1F754121B2E779C03E64ED8F8
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/6aed996eaf59.js?lv=1
Frame ID: 0D8643493D947E98A8A7E493201C313A
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/0156de044165.js?s1
Frame ID: D612E3CA830CF5D8BFAB6C876C6F4C5A
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/live/resources/buttons/btn_asr_white_desktop_left_retina.png
Frame ID: 682631774A0C9CC182904039BEBFF361
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Inloggen

Page URL History Show full URLs

  1. http://mijn.asr.nl/ HTTP 302
    https://mijn.asr.nl/ HTTP 301
    https://leven.asr.nl/ Page URL
  2. https://leven.asr.nl/oauth/login/iwelcome HTTP 302
    https://login.asr.nl/leven/auth/oauth2.0/v1/authorize?scope=openid+profile+lalId&response_type=co... HTTP 302
    https://login.asr.nl/leven/login?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%... HTTP 301
    https://login.asr.nl/leven/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth... HTTP 302
    https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fau... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

51
Requests

96 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

11
IPs

5
Countries

921 kB
Transfer

3018 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mijn.asr.nl/ HTTP 302
    https://mijn.asr.nl/ HTTP 301
    https://leven.asr.nl/ Page URL
  2. https://leven.asr.nl/oauth/login/iwelcome HTTP 302
    https://login.asr.nl/leven/auth/oauth2.0/v1/authorize?scope=openid+profile+lalId&response_type=code&redirect_uri=https%3A%2F%2Fleven.asr.nl%2Fiwelcome%2Foauth%2Fcallback%2Fiwelcome&state=eyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%3D%3D&client_id=ics HTTP 302
    https://login.asr.nl/leven/login?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics HTTP 301
    https://login.asr.nl/leven/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics HTTP 302
    https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mijn.asr.nl/ HTTP 302
  • https://mijn.asr.nl/ HTTP 301
  • https://leven.asr.nl/

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
leven.asr.nl/
Redirect Chain
  • http://mijn.asr.nl/
  • https://mijn.asr.nl/
  • https://leven.asr.nl/
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
49731a7e1ca7e5bf32b73ce86a1a349ea7c2be172e68a02102a55a6f89790138
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 24 Dec 2021 16:16:06 GMT
content-type
text/html
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
x-frame-options
SAMEORIGIN
referrer-policy
same-origin same-origin
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html
Expires
-1
Location
https://leven.asr.nl/
Date
Fri, 24 Dec 2021 16:16:06 GMT
Content-Length
0
Strict-Transport-Security
max-age=16070400; includeSubDomains
config.js
leven.asr.nl/ 		1 KB
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/config.js
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
6012d3ec5a5e69cedf82372a981ba7550813a0bb496d90680b4cc1b65fa30fc0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://leven.asr.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:06 GMT
content-encoding
gzip
referrer-policy
same-origin, same-origin
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
content-type
application/javascript
manifest.d72a22602c7689bc93f2.js
leven.asr.nl/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/js/manifest.d72a22602c7689bc93f2.js
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
47ff2d17fd80166655e7c5f1050ae5ae029b262bf2ae4e3ef5b6c765fd3a79d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://leven.asr.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:06 GMT
content-encoding
gzip
referrer-policy
same-origin, same-origin
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
content-type
application/javascript
vendor.112a268d52bb00208bb3.js
leven.asr.nl/js/ 		325 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/js/vendor.112a268d52bb00208bb3.js
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
a543f92f8029df09584ec0a3e64712c2a45b13868d2d949111a7a43c60ae1fe1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://leven.asr.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:06 GMT
content-encoding
gzip
referrer-policy
same-origin, same-origin
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
content-type
application/javascript
commons.7a706f23f349ac59b7c7.js
leven.asr.nl/js/ 		311 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/js/commons.7a706f23f349ac59b7c7.js
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
0dcc72eeb39565dd7195ff6d60988514d25e6ff83cf4155b2694e5cf41cb06db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://leven.asr.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:06 GMT
content-encoding
gzip
referrer-policy
same-origin, same-origin
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
content-type
application/javascript
index.903d6e3dd19a83550a60.js
leven.asr.nl/js/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/js/index.903d6e3dd19a83550a60.js
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
96297913e27749bece69934212ad836204a5d094ac052b2069d6d5747c9f6a53
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://leven.asr.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:06 GMT
content-encoding
gzip
referrer-policy
same-origin, same-origin
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
content-type
application/javascript
commons.7a706f23f349ac59b7c7.css
leven.asr.nl/css/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/css/commons.7a706f23f349ac59b7c7.css
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
7209b531fa25229bcb42be972350763834d5add005e72d2fd058331ed2e84abd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://leven.asr.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:06 GMT
content-encoding
gzip
referrer-policy
same-origin, same-origin
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
content-type
text/css
index.903d6e3dd19a83550a60.css
leven.asr.nl/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/css/index.903d6e3dd19a83550a60.css
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
f52d791b9ab904d3b49b6a7bdcdaeab4b9e3498967a3f1b6f0b5d820fa42182c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://leven.asr.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:06 GMT
content-encoding
gzip
referrer-policy
same-origin, same-origin
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
content-type
text/css
ajax-loader.gif
leven.asr.nl/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leven.asr.nl/images/ajax-loader.gif
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://leven.asr.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:06 GMT
referrer-policy
same-origin, same-origin
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
content-type
image/gif
utag.js
tags.tiqcdn.com/utag/asr/main/prod/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/js/commons.7a706f23f349ac59b7c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
last-modified
Fri, 17 Dec 2021 15:52:58 GMT
server
AkamaiNetStorage
etag
"8913a457b7d5f0fd72a6990820ff4972:1639756378.349822"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
14743
expires
Fri, 24 Dec 2021 16:21:07 GMT
active
leven.asr.nl/api/content/maintenance/ 		400 B
638 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/api/content/maintenance/active
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/js/commons.7a706f23f349ac59b7c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
6903c5c3443595162528ecb4e119da4ce93051b86c793d7728d8ea2a00fe4fdf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leven.asr.nl/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:16:06 GMT
referrer-policy
same-origin
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
cache-control
no-store, max-age=0
x-content-type-options
nosniff
content-length
400
x-xss-protection
1; mode=block
expires
-1
jwttoken
leven.asr.nl/iwelcome/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://leven.asr.nl/iwelcome/jwttoken
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/js/commons.7a706f23f349ac59b7c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.78.154 Alkmaar, Netherlands, ASN25151 (CYSO-AS, NL),
Reverse DNS
free.cyso.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leven.asr.nl/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
referrer-policy
same-origin
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-origin
https://leven.asr.nl
access-control-allow-credentials
true
x-content-type-options
nosniff
vary
Origin
x-xss-protection
1; mode=block
Primary Request /
login.asr.nl/mijnasr/login/
Redirect Chain
  • https://leven.asr.nl/oauth/login/iwelcome
  • https://login.asr.nl/leven/auth/oauth2.0/v1/authorize?scope=openid+profile+lalId&response_type=code&redirect_uri=https%3A%2F%2Fleven.asr.nl%2Fiwelcome%2Foauth%2Fcallback%2Fiwelcome&state=eyJyZWRpcm...
  • https://login.asr.nl/leven/login?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri...
  • https://login.asr.nl/leven/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_ur...
  • https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_...
12 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
Requested by
Host: leven.asr.nl
URL: https://leven.asr.nl/js/commons.7a706f23f349ac59b7c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
f42d8f748e69833e46dfb682cdd508fdb7a7d008ca3338bee851d43d88ba9e56
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://leven.asr.nl/

Response headers

server
nginx
date
Fri, 24 Dec 2021 16:16:07 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Thu, 23 Dec 2021 07:00:45 GMT
etag
W/"61c41e9d-2bc0"
strict-transport-security
max-age=31536000; includeSubdomains
expect-ct
enforce, max-age=300
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
referrer-policy
same-origin
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-xss-protection
1; mode=block
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
cache-control
no-cache
content-encoding
gzip

Redirect headers

server
nginx
date
Fri, 24 Dec 2021 16:16:07 GMT
content-type
text/html
content-length
487
location
https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
strict-transport-security
max-age=31536000; includeSubdomains
expect-ct
enforce, max-age=300
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
referrer-policy
same-origin
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-xss-protection
1; mode=block
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
utag.10.js
tags.tiqcdn.com/utag/asr/main/prod/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/asr/main/prod/utag.10.js?utv=ut4.46.202112141509
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:09:10 GMT
server
AkamaiNetStorage
etag
"e5d2d2956df3c7107384d61ae7afbe7c:1639494550.132921"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6349
expires
Sat, 08 Jan 2022 16:16:07 GMT
utag.2.js
tags.tiqcdn.com/utag/asr/main/prod/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/asr/main/prod/utag.2.js?utv=ut4.46.202108200831
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
last-modified
Wed, 07 Oct 2020 07:00:01 GMT
server
AkamaiNetStorage
etag
"8d769dcc5050c00af1b1cc58e79e4d19:1602054001.54752"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2836
expires
Sat, 08 Jan 2022 16:16:07 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=asr/main/202112171552&cb=1640362567084
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 24 Dec 2021 16:26:07 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2473
date
Fri, 24 Dec 2021 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 24 Dec 2021 17:34:54 GMT
6aed996eaf59.js
w.usabilla.com/ Frame 4AC2 		0
0
utag.93.js
tags.tiqcdn.com/utag/asr/main/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/asr/main/prod/utag.93.js?utv=ut4.46.202112171552
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
last-modified
Fri, 15 Jan 2021 08:31:22 GMT
server
AkamaiNetStorage
etag
"7f11c90628d4b291969df2d64d8d4666:1610699482.557407"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1490
expires
Sat, 08 Jan 2022 16:16:07 GMT
collect
www.google-analytics.com/j/ 		0
0
main.js
www.asr.nl/areas/ExternCookiebar/Assets/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.asr.nl/areas/ExternCookiebar/Assets/js/main.js
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.105.111.26 Nieuwegein, Netherlands, ASN50737 (ASRAS, NL),
Reverse DNS
Software
/
Resource Hash
fdebe85810b73e01c6d30de17c13f08267250eb0b112b918c21b43e715372165
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:16:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 07:38:07 GMT
ETag
"c1f17dde4ff2d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
5010
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Dec 2021 15:07:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Dec 2021 16:16:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Dec 2021 16:16:07 GMT
2.b6375a18.chunk.css
login.asr.nl/mijnasr/login/static/css/ 		188 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/static/css/2.b6375a18.chunk.css
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
e630c8592d79a5dffa54792d908160efeffb434cfca7475b461f7d16081a5dce
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
x-content-type-options
nosniff
content-length
188
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 24 Sep 2021 10:43:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"614dabde-bc"
expect-ct
enforce, max-age=300
strict-transport-security
max-age=31536000; includeSubdomains
content-type
text/css
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
accept-ranges
bytes
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
main.bc716d94.chunk.css
login.asr.nl/mijnasr/login/static/css/ 		188 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/static/css/main.bc716d94.chunk.css
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
e630c8592d79a5dffa54792d908160efeffb434cfca7475b461f7d16081a5dce
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
x-content-type-options
nosniff
content-length
188
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 24 Sep 2021 10:43:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"614dabde-bc"
expect-ct
enforce, max-age=300
strict-transport-security
max-age=31536000; includeSubdomains
content-type
text/css
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
accept-ranges
bytes
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
2.e1042e5b.chunk.js
login.asr.nl/mijnasr/login/static/js/ 		1 MB
342 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/static/js/2.e1042e5b.chunk.js
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
2e02bfe7c37f8886496476d9461d8e942924a924564332546960a3243040d74f
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 18 Jan 2021 14:46:02 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"60059f2a-1377bb"
expect-ct
enforce, max-age=300
strict-transport-security
max-age=31536000; includeSubdomains
content-type
application/javascript
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
main.583c34d8.chunk.js
login.asr.nl/mijnasr/login/static/js/ 		251 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/static/js/main.583c34d8.chunk.js
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
83b7877bf713cda2b089b6602264e180c0c6f55609197bec699e505afb45c387
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 18 Jan 2021 14:46:02 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"60059f2a-3ea49"
expect-ct
enforce, max-age=300
strict-transport-security
max-age=31536000; includeSubdomains
content-type
application/javascript
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
font-face.css
login.asr.nl/mijnasr/login/static/fonts/ 		1 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/static/fonts/font-face.css
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/css/2.b6375a18.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
295dfab9bb9c93fdc4448a29c485874ce8c3cbbf02557aba94319be646be568d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/static/css/2.b6375a18.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 24 Sep 2021 10:43:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"614dabde-4cc"
expect-ct
enforce, max-age=300
strict-transport-security
max-age=31536000; includeSubdomains
content-type
text/css
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
normalize.min.css
login.asr.nl/mijnasr/login/static/base/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/static/base/css/normalize.min.css
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/css/2.b6375a18.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
8f65665cbd1cb762710826523e39d245110fe35bacdea1a425185f472a369cc5
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/static/css/2.b6375a18.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 24 Sep 2021 10:43:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"614dabde-73e"
expect-ct
enforce, max-age=300
strict-transport-security
max-age=31536000; includeSubdomains
content-type
text/css
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
utag.js
tags.tiqcdn.com/utag/asr/main/prod/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.asr.nl%2Fleven%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fscope%3Dopenid%2Bprofile%2BlalId%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fleven.asr.nl%252Fiwelcome%252Foauth%252Fcallback%252Fiwelcome%26state%3DeyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ%253D%253D%26client_id%3Dics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a72987c00d20d3219059740fe1d7c9d1cc04a5f3352d96dc2225d86b54650172

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
last-modified
Fri, 17 Dec 2021 15:52:58 GMT
server
AkamaiNetStorage
etag
"8913a457b7d5f0fd72a6990820ff4972:1639756378.349822"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
14743
expires
Fri, 24 Dec 2021 16:21:07 GMT
main.css
www.asr.nl/areas/ExternCookiebar/Assets/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.asr.nl/areas/ExternCookiebar/Assets/css/main.css
Requested by
Host: www.asr.nl
URL: https://www.asr.nl/areas/ExternCookiebar/Assets/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.105.111.26 Nieuwegein, Netherlands, ASN50737 (ASRAS, NL),
Reverse DNS
Software
/
Resource Hash
2464f635afbcbeb2670809315624aee831a60a12b95746924e1759cd7d59985b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:16:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 07:38:07 GMT
ETag
"795a55de4ff2d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
1406
avenir.woff2
login.asr.nl/mijnasr/login/static/fonts/avenir/ 		17 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/static/fonts/avenir/avenir.woff2
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/fonts/font-face.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
9f7a71037e8eeaf46723509336f01207e1293eda787d06e2df8ee3002950364a
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.asr.nl/mijnasr/login/static/fonts/font-face.css
Origin
https://login.asr.nl
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
x-content-type-options
nosniff
content-length
17008
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 24 Sep 2021 10:43:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"614dabde-4270"
expect-ct
enforce, max-age=300
strict-transport-security
max-age=31536000; includeSubdomains
content-type
application/octet-stream
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
accept-ranges
bytes
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
configuration
login.asr.nl/mijnasr/uic/api/v1/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/uic/api/v1/configuration?type=page&name=default
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/js/2.e1042e5b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
a194b30362a0804accffdc894f44c437bf4ad596e37b6eeca969d275db46e9a3
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
referrer-policy
same-origin
server
nginx
expect-ct
enforce, max-age=300
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
memphis.woff2
login.asr.nl/mijnasr/login/static/fonts/memphis/ 		17 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/static/fonts/memphis/memphis.woff2
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/fonts/font-face.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
3d37b09b598c596278fd1ef3a5e72d4c74951f22e9bd1299f71feb1facb16ef0
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.asr.nl/mijnasr/login/static/fonts/font-face.css
Origin
https://login.asr.nl
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
x-content-type-options
nosniff
content-length
17768
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 24 Sep 2021 10:43:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"614dabde-4568"
expect-ct
enforce, max-age=300
strict-transport-security
max-age=31536000; includeSubdomains
content-type
application/octet-stream
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
accept-ranges
bytes
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
utag.10.js
tags.tiqcdn.com/utag/asr/main/prod/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/asr/main/prod/utag.10.js?utv=ut4.46.202112141509
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0ff10df16cf1e54eeebce8169e98a09c0b20a88c933aa6eb354c55323318e888

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:09:10 GMT
server
AkamaiNetStorage
etag
"e5d2d2956df3c7107384d61ae7afbe7c:1639494550.132921"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6349
expires
Sat, 08 Jan 2022 16:16:07 GMT
utag.2.js
tags.tiqcdn.com/utag/asr/main/prod/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/asr/main/prod/utag.2.js?utv=ut4.46.202108200831
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3269e70a73a3d39075e2eba92e5723593e964d9dd44785df8e2f7c7b7a6e2eb0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
last-modified
Wed, 07 Oct 2020 07:00:01 GMT
server
AkamaiNetStorage
etag
"8d769dcc5050c00af1b1cc58e79e4d19:1602054001.54752"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2836
expires
Sat, 08 Jan 2022 16:16:07 GMT
utag.38.js
tags.tiqcdn.com/utag/asr/main/prod/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/asr/main/prod/utag.38.js?utv=ut4.46.202108200831
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7bf30fd4d1aef42bd45956156fdea813a72b9da71bf3669b09d71080cd73593c

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
last-modified
Wed, 07 Oct 2020 07:00:03 GMT
server
AkamaiNetStorage
etag
"db4c10b4903e90c48414f7874713317f:1602054003.574037"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2930
expires
Sat, 08 Jan 2022 16:16:07 GMT
utag.116.js
tags.tiqcdn.com/utag/asr/main/prod/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/asr/main/prod/utag.116.js?utv=ut4.46.202110011349
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
83381047a9386589274b64907dc2995a11518924a28621fd5a425b54b92caeae

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 13:49:08 GMT
server
AkamaiNetStorage
etag
"54582f8acb134ad8f02bafb1fc279fac:1633096148.957135"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3966
expires
Sat, 08 Jan 2022 16:16:07 GMT
configuration
login.asr.nl/mijnasr/uic/api/v1/ 		104 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/uic/api/v1/configuration?type=workflowEngine&name=iwMUITheme
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/js/2.e1042e5b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
5b61170a5df669a2f4bab55bc707147671de438a7291bca0548e3da2baa33e35
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
referrer-policy
same-origin
server
nginx
expect-ct
enforce, max-age=300
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
6aed996eaf59.js
w.usabilla.com/ Frame 0D86 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.usabilla.com/6aed996eaf59.js?lv=1
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.214.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-214-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
17033e31f5c70ade911bcb1230c50a62bc3646aa3a738ea8ef798932a9ef9337

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"0bf62b827aaf0e16c0cab8191900d915"
content-type
text/javascript
cache-control
public,max-age=0
content-length
15568
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2473
date
Fri, 24 Dec 2021 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 24 Dec 2021 17:34:54 GMT
js
www.googletagmanager.com/gtag/ 		181 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8MNWXSWWHK
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/asr/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efe453fd24ce3eeb8c92bbbf2bf4ef5535516b5a85756b60a054fba84620b726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63537
x-xss-protection
0
expires
Fri, 24 Dec 2021 16:16:07 GMT
0156de044165.js
w.usabilla.com/ Frame D612 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.usabilla.com/0156de044165.js?s1
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.214.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-214-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
17f18f8fe7418475aec5eec6c9826f4d4fcac9eb666a01ccca9940ae7b48b171

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"b7a29a5916597ed670f6ac2b63066d08"
content-type
text/javascript
cache-control
public,max-age=0
content-length
2431
configuration
login.asr.nl/mijnasr/login/api/ 		561 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/api/configuration
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/js/2.e1042e5b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
b96726c2eb37f3b71d7c3bea39f2ff4ac125bee0693144759e1693f6f72e5088
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
referrer-policy
same-origin
server
nginx
expect-ct
enforce, max-age=300
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=652138910&t=pageview&_s=1&dl=https%3A%2F%2Flogin.asr.nl%2Fmijnasr%2Flogin%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCCACAABBAAAAC~&cid=1187053425.1640362567&tid=UA-81901053-5&_gid=879346338.1640362567&_slc=1&cd8=1640362567037&cd9=017ded3a657c0013d62cd5e7a4a403072001506a00b08&cd17=niet%20herkend&z=1240187789
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:16:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.asr.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
configuration
login.asr.nl/mijnasr/uic/api/v1/ 		5 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/uic/api/v1/configuration?type=page&name=login
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/js/2.e1042e5b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
0754bf4f91ef3ee020ccef41754363813d339d9496865c16e05633078e487ec8
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
referrer-policy
same-origin
server
nginx
expect-ct
enforce, max-age=300
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
translations
login.asr.nl/mijnasr/uic/api/v1/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/uic/api/v1/translations?language=nl_NL_login
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/js/2.e1042e5b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
d672c4d08fa5b15cc779913f819b2e0bc9383d9005cb6e7333e839953a047727
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
content-encoding
gzip
referrer-policy
same-origin
server
nginx
expect-ct
enforce, max-age=300
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://www.googletagmanager.com https://static2.creative-serving.com https://www.google-analytics.com https://w.usabilla.com https://ssl.google-analytics.com https://googleads.g.doubleclick.net https://ads.creative-serving.com https://www.googleadservices.com https://api.usabilla.com/ https://d6tizftlrpuof.cloudfront.net https://visitor-service.tealiumiq.com/ https://connect.facebook.net https://www.asr.nl/; style-src 'self' 'unsafe-inline' https://gateway.zscloud.net https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net https://www.asr.nl/; img-src 'self' data: *; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com https://d6tizftlrpuof.cloudfront.net; connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.asr.nl/ https://www.amersfoortse.nl/ https://d6tizftlrpuof.cloudfront.net; worker-src 'self'; frame-ancestors 'self'; form-action 'self' https://ehm01.iwelcome.nl https://ehm02.iwelcome.nl https://approvalportal.asrrealestate.nl https://iwelcome.sso.eherkenning.nl https://gateway.zscloud.net https://datacloud.tealiumiq.com; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads; manifest-src 'self';
authenticate
login.asr.nl/mijnasr/login/api/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.asr.nl/mijnasr/login/api/authenticate
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/static/js/2.e1042e5b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.143.24.98 Roehampton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
mail.maychriste.de
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/mijnasr/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:16:07 GMT
server
nginx
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=652138910&t=pageview&_s=2&dl=https%3A%2F%2Flogin.asr.nl%2Fmijnasr%2Flogin%2F&dp=%2Fmijnasr%2Flogin&ul=en-us&de=UTF-8&dt=usernameandpassword_version2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCCACAABBAAAAC~&cid=1187053425.1640362567&tid=UA-81901053-5&_gid=879346338.1640362567&cd8=1640362567037&cd9=017ded3a657c0013d62cd5e7a4a403072001506a00b08&cd17=niet%20herkend&cd3=mijnasr&cg1=iam&cd13=mijnasr&z=1763953790
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 01:10:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54315
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
asr_logo.svg
www.asrnl.com/Areas/asrnl/Assets/img/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.asrnl.com/Areas/asrnl/Assets/img/asr_logo.svg
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.105.111.39 Nieuwegein, Netherlands, ASN50737 (ASRAS, NL),
Reverse DNS
Software
/
Resource Hash
7d65c7ca60e8886fda3e539a31118ec0d22d9fe8bf0665ca7e230f0508e351d7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://login.asr.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:16:08 GMT
Last-Modified
Thu, 16 Dec 2021 08:43:38 GMT
ETag
"e41483559f2d71:0"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/svg+xml
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
15464
Request-Context
appId=cid-v1:fcc82f5b-1e09-4554-a513-bb8af4040b85
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8MNWXSWWHK&gtm=2oec10&_p=652138910&sr=1600x1200&gdid=dYmQxMT&ul=en-us&cid=1187053425.1640362567&_s=1&dl=https%3A%2F%2Flogin.asr.nl%2Fmijnasr%2Flogin%2F&dt=Inloggen&sid=1640362568&sct=1&seg=0&en=page_view&_fv=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MNWXSWWHK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:16:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.asr.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
btn_asr_white_desktop_left_retina.png
d6tizftlrpuof.cloudfront.net/live/resources/buttons/ Frame 6826 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6tizftlrpuof.cloudfront.net/live/resources/buttons/btn_asr_white_desktop_left_retina.png
Requested by
Host: login.asr.nl
URL: https://login.asr.nl/mijnasr/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-70.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75bdbdcfcb2dd942d07bbb6a33e42aec5473444d7399a5b4c7d7f4b11aeca0b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
YPJHDHffmKtRuSr0ZAPsjwPRSlKkWAsy
Via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 11 Nov 2016 11:19:56 GMT
Server
AmazonS3
Age
3416
ETag
"5f167d0355875d441ff057b58bc76fc1"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
Date
Fri, 24 Dec 2021 15:19:13 GMT
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
9570
X-Amz-Cf-Id
1hd15Bo7LwMDdWjlvvvqN-OU0oivrTfv45v-Jecp315xQ6iIQIwKZQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
w.usabilla.com
URL
https://w.usabilla.com/6aed996eaf59.js?lv=1
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=2111943966&t=pageview&_s=1&dl=https%3A%2F%2Fleven.asr.nl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Mijn%20a.s.r.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&cid=1187053425.1640362567&tid=UA-81901053-5&_gid=879346338.1640362567&_slc=1&cd8=1640362567037&cd9=017ded3a657c0013d62cd5e7a4a403072001506a00b08&cg1=portal&cd13=leven&cd17=niet%20herkend&z=1381759777

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| readCookie function| setCookie function| _setAppBrand string| brand function| getPagePathAov function| getPagePathLeven function| getPagePathSchade function| getPagePathMijnasr function| isEventEligible object| trackEvent object| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__ number| __JSS_VERSION_COUNTER__ function| _ function| classNames undefined| stepUpTrackId undefined| return_from undefined| trackingId undefined| authToken boolean| utag_condload object| utag undefined| getURLParams function| addEvent boolean| useV2authentication undefined| clientId undefined| clientSecret string| redirectUri boolean| isTagManagerEnable function| lightningjs function| usabilla_live function| usabilla string| GoogleAnalyticsObject function| ga string| gtagRename object| dataLayer function| gtag object| theme object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady

14 Cookies

Domain/Path Name / Value
.login.asr.nl/mijnasr/ Name: iWelcome-Segment
Value: segment3
.login.asr.nl/leven/ Name: iWelcome-Segment
Value: segment3
mijn.asr.nl/ Name: ASP.NET_SessionId
Value: lpur5xnxbiuzauxbbit41mb3
mijn.asr.nl/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: 9686b624285b48468b2e61260e03e9ee|False
mijn.asr.nl/ Name: asr.nl_mijn
Value: rd2o00000000000000000000ffff0a91eaf2o80
mijn.asr.nl/ Name: TS013740c8
Value: 01c9c9af6d3b9be3dbf01ff8cc32f9455b188d9a4f41a61804dbcc7a7d513d4b4067aeadff457487f65e0a444d138b836ad4dd49053e3cdcc5ad4af65099f9f119f30b6b5fcc4713249c509ce4f0aa7414e800720ec3a0e023d07238ca837151c6b1f142f0
leven.asr.nl/ Name: OAUTH2_STATE
Value: eyJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vbGV2ZW4uYXNyLm5sL2l3ZWxjb21lL29hdXRoL2NhbGxiYWNrL2l3ZWxjb21lIiwibm9uY2UiOiJmYmEwNDQ3NS1jZDlmLTQ0ZDgtYjA1NC01ZjY2NTM3ZTQ5NjQifQ==
.asr.nl/ Name: OPTOUTMULTI
Value: 0:0%7Cc1:1%7Cc4:1
login.asr.nl/ Name: iwopbs
Value:
.asr.nl/ Name: _gid
Value: GA1.2.879346338.1640362567
login.asr.nl/ Name: iWelcome-Locale
Value: nl_NL
.asr.nl/ Name: utag_main
Value: v_id:017ded3a657c0013d62cd5e7a4a403072001506a00b08$_sn:1$_se:3$_ss:0$_st:1640364367929$ses_id:1640362567037%3Bexp-session$_pn:2%3Bexp-session$recommender_test:1
.asr.nl/ Name: _ga_8MNWXSWWHK
Value: GS1.1.1640362568.1.0.1640362568.0
.asr.nl/ Name: _ga
Value: GA1.1.1187053425.1640362567

5 Console Messages

Source Level URL
Text
network error URL: https://leven.asr.nl/iwelcome/jwttoken
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security error URL: https://login.asr.nl/mijnasr/login/static/js/2.e1042e5b.chunk.js
Message:
Refused to connect to 'https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js' because it violates the following Content Security Policy directive: "connect-src 'self' https://collect-eu-central-1.tealiumiq.com https://google-analytics.com https://my.tealiumiq.com https://www.google-analytics.com/".
javascript error URL: https://login.asr.nl/mijnasr/login/static/js/2.e1042e5b.chunk.js
Message:
Refused to connect to 'https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js' because it violates the document's Content Security Policy.
network error URL: https://login.asr.nl/mijnasr/login/api/authenticate
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d6tizftlrpuof.cloudfront.net
fonts.googleapis.com
leven.asr.nl
login.asr.nl
mijn.asr.nl
tags.tiqcdn.com
w.usabilla.com
www.asr.nl
www.asrnl.com
www.google-analytics.com
www.googletagmanager.com
w.usabilla.com
www.google-analytics.com
104.84.56.194
109.235.78.154
193.105.111.26
193.105.111.38
193.105.111.39
195.143.24.98
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:827::200a
52.210.214.221
99.86.3.70
0754bf4f91ef3ee020ccef41754363813d339d9496865c16e05633078e487ec8
0dcc72eeb39565dd7195ff6d60988514d25e6ff83cf4155b2694e5cf41cb06db
0ff10df16cf1e54eeebce8169e98a09c0b20a88c933aa6eb354c55323318e888
17033e31f5c70ade911bcb1230c50a62bc3646aa3a738ea8ef798932a9ef9337
17f18f8fe7418475aec5eec6c9826f4d4fcac9eb666a01ccca9940ae7b48b171
2464f635afbcbeb2670809315624aee831a60a12b95746924e1759cd7d59985b
295dfab9bb9c93fdc4448a29c485874ce8c3cbbf02557aba94319be646be568d
2e02bfe7c37f8886496476d9461d8e942924a924564332546960a3243040d74f
3269e70a73a3d39075e2eba92e5723593e964d9dd44785df8e2f7c7b7a6e2eb0
3d37b09b598c596278fd1ef3a5e72d4c74951f22e9bd1299f71feb1facb16ef0
47ff2d17fd80166655e7c5f1050ae5ae029b262bf2ae4e3ef5b6c765fd3a79d1
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
49731a7e1ca7e5bf32b73ce86a1a349ea7c2be172e68a02102a55a6f89790138
5b61170a5df669a2f4bab55bc707147671de438a7291bca0548e3da2baa33e35
6012d3ec5a5e69cedf82372a981ba7550813a0bb496d90680b4cc1b65fa30fc0
6903c5c3443595162528ecb4e119da4ce93051b86c793d7728d8ea2a00fe4fdf
7209b531fa25229bcb42be972350763834d5add005e72d2fd058331ed2e84abd
75bdbdcfcb2dd942d07bbb6a33e42aec5473444d7399a5b4c7d7f4b11aeca0b8
7bf30fd4d1aef42bd45956156fdea813a72b9da71bf3669b09d71080cd73593c
7d65c7ca60e8886fda3e539a31118ec0d22d9fe8bf0665ca7e230f0508e351d7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83381047a9386589274b64907dc2995a11518924a28621fd5a425b54b92caeae
83b7877bf713cda2b089b6602264e180c0c6f55609197bec699e505afb45c387
8f65665cbd1cb762710826523e39d245110fe35bacdea1a425185f472a369cc5
96297913e27749bece69934212ad836204a5d094ac052b2069d6d5747c9f6a53
9f7a71037e8eeaf46723509336f01207e1293eda787d06e2df8ee3002950364a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a194b30362a0804accffdc894f44c437bf4ad596e37b6eeca969d275db46e9a3
a543f92f8029df09584ec0a3e64712c2a45b13868d2d949111a7a43c60ae1fe1
a72987c00d20d3219059740fe1d7c9d1cc04a5f3352d96dc2225d86b54650172
b96726c2eb37f3b71d7c3bea39f2ff4ac125bee0693144759e1693f6f72e5088
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
d672c4d08fa5b15cc779913f819b2e0bc9383d9005cb6e7333e839953a047727
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e630c8592d79a5dffa54792d908160efeffb434cfca7475b461f7d16081a5dce
efe453fd24ce3eeb8c92bbbf2bf4ef5535516b5a85756b60a054fba84620b726
f42d8f748e69833e46dfb682cdd508fdb7a7d008ca3338bee851d43d88ba9e56
f52d791b9ab904d3b49b6a7bdcdaeab4b9e3498967a3f1b6f0b5d820fa42182c
fdebe85810b73e01c6d30de17c13f08267250eb0b112b918c21b43e715372165