mijndomein.frontend.staging.energyzero.nl Open in urlscan Pro
35.189.198.59  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mijndomein.frontend.staging.energyzero.nl/	6 KB 3 KB	219ms 59ms	Document text/html	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash 928b7e153747588946fabe4fdc0c1e76e8374349a37ea5ddbf8b399fde844e06 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control must-revalidate content-encoding gzip content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; content-type text/html date Sat, 20 Jul 2024 08:43:20 GMT etag W/"669a8b07-1639" last-modified Fri, 19 Jul 2024 15:49:27 GMT referrer-policy strict-origin-when-cross-origin server istio-envoy strict-transport-security max-age=31622400; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-envoy-upstream-service-time 4 x-frame-options SAMEORIGIN
GET H2	200	fonts.css mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/	3 KB 480 B	47ms 44ms	Stylesheet text/css	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts.css Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash 9a15a92391f85522bdd13ab0fde2617a9ee04b22873ffd6e82ca7d70ed7bfb34 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ Origin https://mijndomein.frontend.staging.energyzero.nl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:20 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy strict-transport-security max-age=31622400; includeSubDomains x-content-type-options nosniff etag W/"669a8a89-c71" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css cache-control must-revalidate x-envoy-upstream-service-time 17
GET H2	200	themeSettings.js Show response mijndomein.frontend.staging.energyzero.nl/vendor_theme/	367 KB 71 KB	86ms 83ms	Script application/javascript	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/themeSettings.js Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash e73bc1af9cc985ee6971a49d51ffaf120ffc95831ed50d7e5288380cd3c5b938 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:20 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy strict-transport-security max-age=31622400; includeSubDomains x-content-type-options nosniff etag W/"669a8a89-5baf4" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control must-revalidate x-envoy-upstream-service-time 32
GET H2	200	all.css use.fontawesome.com/releases/v5.5.0/css/	50 KB 11 KB	269ms 218ms	Stylesheet text/css	2606:4700:3036::6815:1b98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.5.0/css/all.css Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2 Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ Origin https://mijndomein.frontend.staging.energyzero.nl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:20 GMT content-encoding br cf-cache-status MISS last-modified Fri, 22 Sep 2023 01:45:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1cc6c92172d124fbd305ba3d8e263333" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1YHL3IyoszjzEAouwUAOj3AYQ9pQRtoBkrX202yomvGoDCPRzxHIQ0aes1qsu72phqaO%2F1%2BnSo%2BCgRruqO4O2ZL3YHh7BF%2FWH7YP0if4u6F%2BFb78mWbuSJNmvcsw4aG1z8FiQjRylEUlQ%2BDUcHvBWGN"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 8a61a9baeee22c7a-FRA alt-svc h3=":443"; ma=86400
GET H2	200	app.d1cd5bcb59579e19796a.js Show response mijndomein.frontend.staging.energyzero.nl/	15 MB 4 MB	80ms 80ms	Script application/javascript	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/app.d1cd5bcb59579e19796a.js Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash ffaeadfd1f54b09b8fee9669f6c59b693e9f57a9dba9520713d8f09f535815dc Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:20 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy strict-transport-security max-age=31622400; includeSubDomains x-content-type-options nosniff etag W/"669a8a89-f15421" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control must-revalidate x-envoy-upstream-service-time 30
GET H2	200	index.css mijndomein.frontend.staging.energyzero.nl/	1 KB 573 B	80ms 79ms	Stylesheet text/css	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/index.css Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash 92d109ccb661a8a5d98545a6d5a9fac366351183898eb797def94732ddd74ef1 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:20 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy strict-transport-security max-age=31622400; includeSubDomains x-content-type-options nosniff etag W/"669a8a89-524" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css cache-control must-revalidate x-envoy-upstream-service-time 37
GET H2	200	CircularStd-Book.woff2 mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts/	24 KB 24 KB	36ms 36ms	Font font/woff2	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts/CircularStd-Book.woff2 Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash c275d17a94d65cf98ecdbf84ba94f03304ad54128c06777dfb7e960e44cba509 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts.css Origin https://mijndomein.frontend.staging.energyzero.nl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:20 GMT content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31622400; includeSubDomains last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy x-content-type-options nosniff etag "669a8a89-6170" x-frame-options SAMEORIGIN content-type font/woff2 cache-control must-revalidate x-envoy-upstream-service-time 2 accept-ranges bytes content-length 24944
GET H2	200	gtm.js Show response www.googletagmanager.com/	262 KB 93 KB	132ms 55ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5TRD8TG Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/app.d1cd5bcb59579e19796a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 356358583cad860db7f1de3d1a565c49725af2f608f177f2b77219288ea2b83b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95282 x-xss-protection 0 last-modified Sat, 20 Jul 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 20 Jul 2024 08:43:21 GMT
GET H2	200	ns.html www.googletagmanager.com/ Frame 2273	0 0	172ms 54ms	Document text/html	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/ns.html?id=GTM-5TRD8TG Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/app.d1cd5bcb59579e19796a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate content-encoding br content-length 92 content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 20 Jul 2024 08:43:22 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains vary * x-xss-protection 0
GET H2	200	css fonts.googleapis.com/	22 KB 2 KB	163ms 34ms	Stylesheet text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Mono:400,700|Roboto:400,300,300italic,400italic,500,500italic,700,700italic Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/app.d1cd5bcb59579e19796a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 744dc96327abc5d4c714de9872df22afb790330372b4afb85a4a534ef3a544e8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ Origin https://mijndomein.frontend.staging.energyzero.nl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 20 Jul 2024 08:43:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 20 Jul 2024 07:37:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 20 Jul 2024 08:43:22 GMT
GET H2	200	5.d1cd5bcb59579e19796a.js Show response mijndomein.frontend.staging.energyzero.nl/	2 KB 1 KB	57ms 50ms	Script application/javascript	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/5.d1cd5bcb59579e19796a.js Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/app.d1cd5bcb59579e19796a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash d60dbdd4e0295fb8d78d1c3852479357a9f4d36acbb827c4f9c4fb38e186d20f Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:22 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy strict-transport-security max-age=31622400; includeSubDomains x-content-type-options nosniff etag W/"669a8a89-881" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control must-revalidate x-envoy-upstream-service-time 14
GET H2	200	14.d1cd5bcb59579e19796a.js Show response mijndomein.frontend.staging.energyzero.nl/	687 B 773 B	35ms 34ms	Script application/javascript	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/14.d1cd5bcb59579e19796a.js Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/app.d1cd5bcb59579e19796a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash 69f83454d77a54134544cf6bc55ef26b648097d8f485d01f053b86aad74021c8 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:22 GMT content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31622400; includeSubDomains last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy x-content-type-options nosniff etag "669a8a89-2af" x-frame-options SAMEORIGIN content-type application/javascript cache-control must-revalidate x-envoy-upstream-service-time 3 accept-ranges bytes content-length 687
GET H2	200	logo.svg mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/	4 KB 2 KB	39ms 38ms	Image image/svg+xml	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/logo.svg Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash b7c13528bcdcecb3b7e8648502cde0c66d79f758a7051b3772fa367ac7f2affc Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:22 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy strict-transport-security max-age=31622400; includeSubDomains x-content-type-options nosniff etag W/"669a8a89-1125" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control must-revalidate x-envoy-upstream-service-time 7
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	98ms 30ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TRD8TG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 20 Jul 2024 07:41:01 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3741 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 20 Jul 2024 09:41:01 GMT
GET H2	200	hotjar-116180.js Show response static.hotjar.com/c/	9 KB 4 KB	166ms 67ms	Script application/javascript	18.66.102.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-116180.js?sv=6 Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-11.fra56.r.cloudfront.net Software / Resource Hash 9beba2a3f9b6a290012fbf1b006a144afbad400f5489aaf7660a4e1235300eb4 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Sat, 20 Jul 2024 08:43:22 GMT via 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/78c8594f990f155421f750b98b968847 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id 0MRbaWx7kPMvi0_sqknGNWjxrTMEIOLkfScgTUY9QWXYcLWGZwFXlA==
GET H2	200	modules.e4b2dc39f985f11fb1e4.js Show response script.hotjar.com/	223 KB 56 KB	132ms 36ms	Script application/javascript	13.32.27.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-116180.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-54.fra56.r.cloudfront.net Software / Resource Hash 619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 01 Jul 2024 08:11:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 1643535 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56291 last-modified Mon, 01 Jul 2024 08:10:34 GMT etag "ca025d2d8ae4b3dc51e058b782590501" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id xOrj2NNavH2wtDdWpWEfRl1fNtmv2dtFmrteRuZFfggmtN69W-Hlww==
POST H2	200	/ Show response content.hotjar.io/	56 B 171 B	309ms 106ms	XHR application/json	34.252.158.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?site_id=116180&gzip=1 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.252.158.105 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-158-105.eu-west-1.compute.amazonaws.com Software / Resource Hash 1fc7081b10c112b822d2da7f6b79562d6baead1b3415f24f7f497cccda994d8b Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Sat, 20 Jul 2024 08:43:23 GMT content-length 56 access-control-max-age 86400 content-type application/json
GET H2	200	favicon-32x32.png mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/icons/	709 B 803 B	33ms 28ms	Other image/png	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/icons/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash dbe1b4b1a52c6871aa5cf3b68ad185c3a66f100ddab5364f16ccec89ae2c44f5 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:23 GMT content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31622400; includeSubDomains last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy x-content-type-options nosniff etag "669a8a89-2c5" x-frame-options SAMEORIGIN content-type image/png cache-control must-revalidate x-envoy-upstream-service-time 1 accept-ranges bytes content-length 709
GET H2	200	CircularStd-Black.woff2 mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts/	28 KB 28 KB	475ms 475ms	Font font/woff2	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts/CircularStd-Black.woff2 Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash a7633ea23fcfd0e8b5f2e6b0daab347a5a929e91bf49dd7be8bd309fc9972fea Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts.css Origin https://mijndomein.frontend.staging.energyzero.nl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:23 GMT content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31622400; includeSubDomains last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy x-content-type-options nosniff etag "669a8a89-6f28" x-frame-options SAMEORIGIN content-type font/woff2 cache-control must-revalidate x-envoy-upstream-service-time 2 accept-ranges bytes content-length 28456
GET H2	200	CircularStd-Bold.woff2 mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts/	28 KB 28 KB	475ms 474ms	Font font/woff2	35.189.198.59 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts/CircularStd-Bold.woff2 Requested by Host: mijndomein.frontend.staging.energyzero.nl URL: https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.189.198.59 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS 59.198.189.35.bc.googleusercontent.com Software istio-envoy / Resource Hash 7f04348ee4f384bdf7a6740305e508ad68c2a3f2a393fa353879561261b6ccdb Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://mijndomein.frontend.staging.energyzero.nl/vendor_theme/assets/fonts.css Origin https://mijndomein.frontend.staging.energyzero.nl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 08:43:23 GMT content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none'; referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31622400; includeSubDomains last-modified Fri, 19 Jul 2024 15:47:21 GMT server istio-envoy x-content-type-options nosniff etag "669a8a89-6fac" x-frame-options SAMEORIGIN content-type font/woff2 cache-control must-revalidate x-envoy-upstream-service-time 2 accept-ranges bytes content-length 28588

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| env object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| _frontendConnect_ object| webpackJsonp object| STDHeaders function| displayMessage object| dataLayer string| VENDOR string| APP_URL string| API_LINK object| whitelabelPluginData object| whitelabelTheme object| CapacitorPlatforms object| Capacitor object| reactiveElementVersions object| scopedElementsVersions object| Vaadin object| ShadyCSS object| store object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.energyzero.nl/	1970-01-21 00:20:41	Name: _gcl_au Value: 1.1.1071990697.1721465003
			.energyzero.nl/	1970-01-21 06:56:41	Name: _hjSessionUser_116180 Value: eyJpZCI6IjA1OTA3NzRkLWU1YjUtNTNhZi05ZWE2LTNmMDNjZjExOWM5NCIsImNyZWF0ZWQiOjE3MjE0NjUwMDI5MzEsImV4aXN0aW5nIjp0cnVlfQ==
			.energyzero.nl/	1970-01-20 22:11:06	Name: _hjSession_116180 Value: eyJpZCI6ImZhZjM4ZWRlLTBiZTctNDE5Ni1iMzczLTMzOTJiMTA3ZjA2MSIsImMiOjE3MjE0NjUwMDI5MzMsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js(Line 1) Message: Refused to connect to 'wss://ws.hotjar.com/api/v2/client/ws?v=7&site_id=116180' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.hotjar.com *.hotjar.io *.weave.nl *.tradetracker.net *.doubleclick.net *.mijndomein.nl *.plusleven.nl *.energyzero.nl *.anwb.nl *.blueconic.net; frame-src *.googletagmanager.com *.hotjar.com; frame-ancestors 'none';
Strict-Transport-Security	max-age=31622400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.hotjar.io
fonts.googleapis.com
mijndomein.frontend.staging.energyzero.nl
script.hotjar.com
static.hotjar.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
13.32.27.54
18.66.102.11
2606:4700:3036::6815:1b98
2a00:1450:4001:80b::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:82f::200e
34.252.158.105
35.189.198.59
1fc7081b10c112b822d2da7f6b79562d6baead1b3415f24f7f497cccda994d8b
356358583cad860db7f1de3d1a565c49725af2f608f177f2b77219288ea2b83b
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
69f83454d77a54134544cf6bc55ef26b648097d8f485d01f053b86aad74021c8
744dc96327abc5d4c714de9872df22afb790330372b4afb85a4a534ef3a544e8
7f04348ee4f384bdf7a6740305e508ad68c2a3f2a393fa353879561261b6ccdb
928b7e153747588946fabe4fdc0c1e76e8374349a37ea5ddbf8b399fde844e06
92d109ccb661a8a5d98545a6d5a9fac366351183898eb797def94732ddd74ef1
9a15a92391f85522bdd13ab0fde2617a9ee04b22873ffd6e82ca7d70ed7bfb34
9beba2a3f9b6a290012fbf1b006a144afbad400f5489aaf7660a4e1235300eb4
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a7633ea23fcfd0e8b5f2e6b0daab347a5a929e91bf49dd7be8bd309fc9972fea
b7c13528bcdcecb3b7e8648502cde0c66d79f758a7051b3772fa367ac7f2affc
c275d17a94d65cf98ecdbf84ba94f03304ad54128c06777dfb7e960e44cba509
d60dbdd4e0295fb8d78d1c3852479357a9f4d36acbb827c4f9c4fb38e186d20f
dbe1b4b1a52c6871aa5cf3b68ad185c3a66f100ddab5364f16ccec89ae2c44f5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e73bc1af9cc985ee6971a49d51ffaf120ffc95831ed50d7e5288380cd3c5b938
ffaeadfd1f54b09b8fee9669f6c59b693e9f57a9dba9520713d8f09f535815dc