urlscan.io logo urlscan.io
SecurityTrails logo

app.zorgoffice.sziss.nl Open in urlscan Pro
142.132.247.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.zorgoffice.sziss.nl/
Effective URL: https://app.zorgoffice.sziss.nl/app/sessions/new
Submission: On April 24 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 13 HTTP transactions. The main IP is 142.132.247.2, located in Germany and belongs to HETZNER-AS, DE. The main domain is app.zorgoffice.sziss.nl.
TLS certificate: Issued by R3 on April 24th 2024. Valid for: 3 months.
This is the only time app.zorgoffice.sziss.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 142.132.247.2 24940 (HETZNER-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 104.16.86.20 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
13 7
8    142.132.247.2 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.247.132.142.clients.your-server.de
app.zorgoffice.sziss.nl
app.zorgoffice.bendy.nl
1    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:82b::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 sziss.nl
app.zorgoffice.sziss.nl
2 MB
2 gstatic.com
fonts.gstatic.com
31 KB
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 361
fonts.googleapis.com — Cisco Umbrella Rank: 33
14 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
2 KB
1 bendy.nl
app.zorgoffice.bendy.nl
973 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
12 KB
13 7
Domain Requested by
7 app.zorgoffice.sziss.nl 1 redirects app.zorgoffice.sziss.nl
2 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net app.zorgoffice.sziss.nl
1 cdnjs.cloudflare.com app.zorgoffice.sziss.nl
1 fonts.googleapis.com app.zorgoffice.sziss.nl
1 storage.googleapis.com app.zorgoffice.sziss.nl
1 app.zorgoffice.bendy.nl 1 redirects
1 use.fontawesome.com app.zorgoffice.sziss.nl
13 8

This site contains no links.

Subject Issuer Validity Valid
app.zorgoffice.sziss.nl
R3		 2024-04-24 -
2024-07-23		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.zorgoffice.sziss.nl/app/sessions/new
Frame ID: E650EA41ED55CE5757FE61FA7424C6F5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ZorgOffice

Page URL History Show full URLs

  1. https://app.zorgoffice.sziss.nl/ HTTP 302
    https://app.zorgoffice.sziss.nl/app/sessions/new Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

13
Requests

92 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

2209 kB
Transfer

7808 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.zorgoffice.sziss.nl/ HTTP 302
    https://app.zorgoffice.sziss.nl/app/sessions/new Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://app.zorgoffice.bendy.nl/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM3VkZHc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--5101bc555beed27b8034a1635f37b3078095c7cb/ZorgOffice%20SVG.svg HTTP 302
  • https://storage.googleapis.com/bendy-prod/194/qrc30mxijplme8oiawdxgtb2ophu?GoogleAccessId=bendy-web-prod-assets%40bendy-web-prod.iam.gserviceaccount.com&Expires=1714004957&Signature=a%2FuS9BFVF3%2Fsfl6stgEBc6tOLTKllYCW6NkBnQxVEgONuk%2BQ7xM7yT%2BfIpCpYAltIeFCK71UoXAbwcNffJdS8CPKjQVW4aB4whc6awwLnlhMdGOPzdJ8uJwnTmnMzAfZ%2Fl36%2F%2FGVvWxe6erTT50OxAECDLleU4daNsQB%2Bq32x1qBW1ktyb%2Fb7KWJUE6zLlc8szf%2BLSVtMu%2FhHLkuwiqUZN8TyTun1Ioh73RcfZiF0iJWS5%2FlQo%2Fc4iM0mDsYZEcHE%2FW1qrtqu2ZbgKDfvSirKvK8RkyCNyhNLLPHwRvcuGPzAw%2FXB0zngXyF5Saa%2BcFaU6FNi6tQCFKykstGT%2Bs3ig%3D%3D&response-content-disposition=attachment%3B+filename%3D%22ZorgOffice+SVG.svg%22%3B+filename%2A%3DUTF-8%27%27ZorgOffice%2520SVG.svg&response-content-type=image%2Fsvg%2Bxml

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request new
app.zorgoffice.sziss.nl/app/sessions/
Redirect Chain
  • https://app.zorgoffice.sziss.nl/
  • https://app.zorgoffice.sziss.nl/app/sessions/new
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.zorgoffice.sziss.nl/app/sessions/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.247.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.247.132.142.clients.your-server.de
Software
/
Resource Hash
18f182e05ba1183d290152529323c011535accc7f8269c91a077c8d4ec50b0a1
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
connect-src 'self' *
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 23:29:17 GMT
etag
W/"33eea8a9f5a98764f2960485d7b9c940"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
19279fe060c47c8332fd73c4b07bc82c
x-runtime
0.036312
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
connect-src 'self' *
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 23:29:17 GMT
location
https://app.zorgoffice.sziss.nl/app/sessions/new
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ced9277e956855aa3c298f290b61834e
x-runtime
0.020740
x-xss-protection
1; mode=block
appstyle.css
app.zorgoffice.sziss.nl/app/stylesheets/ 		214 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.zorgoffice.sziss.nl/app/stylesheets/appstyle.css
Requested by
Host: app.zorgoffice.sziss.nl
URL: https://app.zorgoffice.sziss.nl/app/sessions/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.247.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.247.132.142.clients.your-server.de
Software
/
Resource Hash
d86d0cbf21215cb0000a9878e32e44dcdff96ff483ece6eaeac6f38f0bed5daa
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.zorgoffice.sziss.nl/app/sessions/new
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
connect-src 'self' *
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
x-request-id
597118a327c19f710a6c28366ff9efd2
x-runtime
0.030095
referrer-policy
strict-origin-when-cross-origin
etag
W/"7bf93258cf37a9486e8b3506f9c3137c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=0, private, must-revalidate
application-4c05b1c6ff2df2f1aea7b0ea27161096d3c4b55b1cef909cbacd5505ff0002ec.js
app.zorgoffice.sziss.nl/assets/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.zorgoffice.sziss.nl/assets/application-4c05b1c6ff2df2f1aea7b0ea27161096d3c4b55b1cef909cbacd5505ff0002ec.js
Requested by
Host: app.zorgoffice.sziss.nl
URL: https://app.zorgoffice.sziss.nl/app/sessions/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.247.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.247.132.142.clients.your-server.de
Software
/
Resource Hash
82d9223f78a90c078141db3058c8ecdd9b6105f141a5273429805e6a6879c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.zorgoffice.sziss.nl/app/sessions/new
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:29:17 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 24 Apr 2024 14:22:26 GMT
content-length
2089366
vary
Accept-Encoding
content-type
application/javascript
app-144939c9b88a66895f38c0b88e6c304f32cd02c893fc9b4446416a2dac3508e3.js
app.zorgoffice.sziss.nl/assets/ 		739 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.zorgoffice.sziss.nl/assets/app-144939c9b88a66895f38c0b88e6c304f32cd02c893fc9b4446416a2dac3508e3.js
Requested by
Host: app.zorgoffice.sziss.nl
URL: https://app.zorgoffice.sziss.nl/app/sessions/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.247.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.247.132.142.clients.your-server.de
Software
/
Resource Hash
52091aad2ab3d61ff12cee9110377ee75023dff39ad3af8cadff705f9f3555f4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.zorgoffice.sziss.nl/app/sessions/new
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:29:17 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 24 Apr 2024 14:22:26 GMT
content-length
297
vary
Accept-Encoding
content-type
application/javascript
app-4219f22459e3d4ca5beb.js
app.zorgoffice.sziss.nl/packs/js/ 		396 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.zorgoffice.sziss.nl/packs/js/app-4219f22459e3d4ca5beb.js
Requested by
Host: app.zorgoffice.sziss.nl
URL: https://app.zorgoffice.sziss.nl/app/sessions/new
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.247.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.247.132.142.clients.your-server.de
Software
/
Resource Hash
90102220cf2bf7820c771714d684123bddfa71b834f4946a248f14e8ac21f64e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.zorgoffice.sziss.nl/app/sessions/new
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:29:17 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 24 Apr 2024 14:22:44 GMT
content-length
65855
vary
Accept-Encoding
content-type
application/javascript
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: app.zorgoffice.sziss.nl
URL: https://app.zorgoffice.sziss.nl/app/sessions/new
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.zorgoffice.sziss.nl/
Origin
https://app.zorgoffice.sziss.nl
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:29:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1LTE3ER5T9PVGR3YDz70ExOVMGcLqSTa6kTEjAnkLninjUzLbnLvqSOWaLj9P2oPQaOuyccA5MAua%2Bq0dqGp2LiqB9hGkpqHOdjoNo9OVfR3Cxf9c9m5DaudlkrwgpFo4UUUWxK09KRv4TE8YL000XZT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8799dfe64bf196fd-AMS
alt-svc
h3=":443"; ma=86400
qrc30mxijplme8oiawdxgtb2ophu
storage.googleapis.com/bendy-prod/194/
Redirect Chain
  • https://app.zorgoffice.bendy.nl/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM3VkZHc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--5101bc555beed27b8034a1635f37b3078095c7c...
  • https://storage.googleapis.com/bendy-prod/194/qrc30mxijplme8oiawdxgtb2ophu?GoogleAccessId=bendy-web-prod-assets%40bendy-web-prod.iam.gserviceaccount.com&Expires=1714004957&Signature=a%2FuS9BFVF3%2F...
12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/bendy-prod/194/qrc30mxijplme8oiawdxgtb2ophu?GoogleAccessId=bendy-web-prod-assets%40bendy-web-prod.iam.gserviceaccount.com&Expires=1714004957&Signature=a%2FuS9BFVF3%2Fsfl6stgEBc6tOLTKllYCW6NkBnQxVEgONuk%2BQ7xM7yT%2BfIpCpYAltIeFCK71UoXAbwcNffJdS8CPKjQVW4aB4whc6awwLnlhMdGOPzdJ8uJwnTmnMzAfZ%2Fl36%2F%2FGVvWxe6erTT50OxAECDLleU4daNsQB%2Bq32x1qBW1ktyb%2Fb7KWJUE6zLlc8szf%2BLSVtMu%2FhHLkuwiqUZN8TyTun1Ioh73RcfZiF0iJWS5%2FlQo%2Fc4iM0mDsYZEcHE%2FW1qrtqu2ZbgKDfvSirKvK8RkyCNyhNLLPHwRvcuGPzAw%2FXB0zngXyF5Saa%2BcFaU6FNi6tQCFKykstGT%2Bs3ig%3D%3D&response-content-disposition=attachment%3B+filename%3D%22ZorgOffice+SVG.svg%22%3B+filename%2A%3DUTF-8%27%27ZorgOffice%2520SVG.svg&response-content-type=image%2Fsvg%2Bxml
Requested by
Host: app.zorgoffice.sziss.nl
URL: https://app.zorgoffice.sziss.nl/app/sessions/new
Protocol
H2
Server
2a00:1450:4001:82b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5315406bc83b885ddc66069d06067df374f7163247753987577e532ab06afebc

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://app.zorgoffice.sziss.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 23:29:20 GMT
x-guploader-uploadid
ABPtcPqbPuv83xw7D59FlfiLpeTu6KXlwFFChMx2mcOfLQjzm3P-lyivRYzEtvPnPf9oAvHVhVA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
attachment; filename="ZorgOffice SVG.svg"; filename*=UTF-8''ZorgOffice%20SVG.svg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12755
last-modified
Wed, 24 Apr 2024 07:11:40 GMT
server
UploadServer
etag
"fea783248d7d23cdf6177910cc629a4f"
x-goog-generation
1713942700907549
content-type
image/svg+xml
x-goog-hash
crc32c=TQnjmw==, md5=/qeDJI19I832F3kQzGKaTw==
cache-control
private, max-age=0
x-goog-stored-content-length
12755
accept-ranges
bytes
expires
Wed, 24 Apr 2024 23:29:20 GMT

Redirect headers

date
Wed, 24 Apr 2024 23:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
connect-src 'self' *
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
x-request-id
65c33b5782c77c88f2fbfe547130a730
x-runtime
0.009762
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://storage.googleapis.com/bendy-prod/194/qrc30mxijplme8oiawdxgtb2ophu?GoogleAccessId=bendy-web-prod-assets%40bendy-web-prod.iam.gserviceaccount.com&Expires=1714004957&Signature=a%2FuS9BFVF3%2Fsfl6stgEBc6tOLTKllYCW6NkBnQxVEgONuk%2BQ7xM7yT%2BfIpCpYAltIeFCK71UoXAbwcNffJdS8CPKjQVW4aB4whc6awwLnlhMdGOPzdJ8uJwnTmnMzAfZ%2Fl36%2F%2FGVvWxe6erTT50OxAECDLleU4daNsQB%2Bq32x1qBW1ktyb%2Fb7KWJUE6zLlc8szf%2BLSVtMu%2FhHLkuwiqUZN8TyTun1Ioh73RcfZiF0iJWS5%2FlQo%2Fc4iM0mDsYZEcHE%2FW1qrtqu2ZbgKDfvSirKvK8RkyCNyhNLLPHwRvcuGPzAw%2FXB0zngXyF5Saa%2BcFaU6FNi6tQCFKykstGT%2Bs3ig%3D%3D&response-content-disposition=attachment%3B+filename%3D%22ZorgOffice+SVG.svg%22%3B+filename%2A%3DUTF-8%27%27ZorgOffice%2520SVG.svg&response-content-type=image%2Fsvg%2Bxml
cache-control
max-age=3600, private
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: app.zorgoffice.sziss.nl
URL: https://app.zorgoffice.sziss.nl/app/stylesheets/appstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.zorgoffice.sziss.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 23:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 23:08:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Apr 2024 23:29:20 GMT
bootstrap-datepicker.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/css/bootstrap-datepicker.min.css
Requested by
Host: app.zorgoffice.sziss.nl
URL: https://app.zorgoffice.sziss.nl/app/stylesheets/appstyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22c8ea45fe905650f8087108b5ed32c1923bcd80d400adc9b0241f18be40208
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.zorgoffice.sziss.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:29:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1731
last-modified
Mon, 04 May 2020 16:06:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8e-3d73"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CU0z0XTfkOwLKC%2BIc5CvqGTwvAl9QUZDSnuwaLGtDcjzEFoj3dd4y6cM6UeTX30DYC9VK%2FbARA06H3fVSFtqVEoGnMDfHu6fnBThszTtZHPve70UM1rI9zGNW1XFwnNmkHAsujqo"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8799dff5cb9c1cce-AMS
expires
Mon, 14 Apr 2025 23:29:20 GMT
jquery.timepicker.min.css
cdn.jsdelivr.net/npm/timepicker@1.13.18/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/timepicker@1.13.18/jquery.timepicker.min.css
Requested by
Host: app.zorgoffice.sziss.nl
URL: https://app.zorgoffice.sziss.nl/app/stylesheets/appstyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13330ec03e8aeaca1745a4214fe81170eab689b6497c22175afa0eff23dd5127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.zorgoffice.sziss.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1792092
x-jsd-version
1.13.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220052-FRA, cache-lga21940-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"634-cLwvI7rBH5V61kAPRGhyYeu5PUQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57MijncOqRa3u0I13ZYakpRik2BbREUX5Gns%2BI63%2FiKhT7pk9%2B35eY%2F8B4o7pVwawFxFEpRuOvDrWB%2BEfQ7fhVaDh%2BghT3P6uUF0bPKNLtvokjwZ0Sv2EgAaia9hHTQjyYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8799dff5cc7f664f-AMS
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://app.zorgoffice.sziss.nl
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 20:54:29 GMT
x-content-type-options
nosniff
age
182091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 20:54:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://app.zorgoffice.sziss.nl
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
416314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 03:50:46 GMT
favicon.ico
app.zorgoffice.sziss.nl/ 		9 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.zorgoffice.sziss.nl/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.247.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.247.132.142.clients.your-server.de
Software
/
Resource Hash
3b7006b7098726553f54a12f8f0da842a0749ae7539f6e1171e7cc72d2a01c18
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.zorgoffice.sziss.nl/app/sessions/new
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 23:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
connect-src 'self' *
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15724800; includeSubDomains
content-transfer-encoding
binary
content-disposition
attachment; filename="48x48.ico"; filename*=UTF-8''48x48.ico
x-xss-protection
1; mode=block
x-request-id
e4562fdce24c213dc125af3d3a035cfd
x-runtime
0.210582
referrer-policy
strict-origin-when-cross-origin
etag
W/"207f832cabe8f2158ac44b1a4a511b8e"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
ico
cache-control
max-age=604800, public

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Bendy function| setTabValue function| countCheckboxes function| initNotification function| initSelect2 function| initInputs function| initTimepicker function| addChangeEventToDatepicker function| initForReflex function| resetApp function| getScrollHeight function| addEventClickHandler function| addSelectAllHandler function| initSubmitFormsWithCtrlEnter function| checkNotificationPromise function| askNotificationPermission function| initDoneTypingFilter function| resetPage function| initDatePicker function| insertText function| clear_month function| change_dates function| change_year function| set_dates function| initDefaultDatatable function| initAffix function| createAffix function| resizeCanvas function| hideAnnouncement function| createCookie function| readCookie function| eraseCookie function| $ function| jQuery function| Popper object| bootstrap object| jQuery112402980182625480048 function| DataTable function| JSZip function| saveAs object| pdfMake function| createPdf function| Inputmask function| Cookies function| moment object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex function| ApexCharts function| ImageZoom function| SignaturePad object| TinyMCERails object| tinymce object| tinyMCE object| webpackJsonp boolean| _rails_loaded object| regeneratorRuntime object| reflexes object| Turbo object| multiOptions object| singleOptions object| futureOptions

2 Cookies

Domain/Path Name / Value
app.zorgoffice.sziss.nl/ Name: _bendy_session
Value: 3e671b4f4a35919a3d0874419583dee2
app.zorgoffice.sziss.nl/ Name: user_id
Value: hUZsbG%2FK9q2HIVTBLoPtENIJPwfLGHHybXI8ll0hTcOoItiifAIuJ%2FhlzGYhZUvyBCPwgkhHqA3K4s9u3vaK--ULG68ceE0PndNBIe--HEgO0WZFDbmODmxa4vOiOw%3D%3D

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://app.zorgoffice.sziss.nl/app/sessions/new
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block