urlscan.io logo urlscan.io
SecurityTrails logo

demo.plechtigheidonline.nl Open in urlscan Pro
2a02:1398:825:1::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://demo.plechtigheidonline.nl/
Effective URL: https://demo.plechtigheidonline.nl/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 17 via api from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2a02:1398:825:1::2, located in Netherlands and belongs to ECHELON-AS Institutenweg 38, NL. The main domain is demo.plechtigheidonline.nl.
TLS certificate: Issued by R3 on March 18th 2024. Valid for: 3 months.
This is the only time demo.plechtigheidonline.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2a02:1398:825... 16350 (ECHELON-A...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
12 4
Apex Domain
Subdomains		 Transfer
9 plechtigheidonline.nl
demo.plechtigheidonline.nl
2 MB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
261 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
956 B
12 4
Domain Requested by
9 demo.plechtigheidonline.nl demo.plechtigheidonline.nl
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com demo.plechtigheidonline.nl
1 fonts.googleapis.com demo.plechtigheidonline.nl
12 4

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
Subject Issuer Validity Valid
demo.plechtigheidonline.nl
R3		 2024-03-18 -
2024-06-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://demo.plechtigheidonline.nl/
Frame ID: 1D9BF880F7F4D5B4AE87DB11DF90F3A4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Crematorium Berkenbos | Plechtigheid Online

Page URL History Show full URLs

  1. http://demo.plechtigheidonline.nl/ HTTP 307
    https://demo.plechtigheidonline.nl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

2232 kB
Transfer

5205 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://demo.plechtigheidonline.nl/ HTTP 307
    https://demo.plechtigheidonline.nl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
demo.plechtigheidonline.nl/
Redirect Chain
  • http://demo.plechtigheidonline.nl/
  • https://demo.plechtigheidonline.nl/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo.plechtigheidonline.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:1398:825:1::2 , Netherlands, ASN16350 (ECHELON-AS Institutenweg 38, NL),
Reverse DNS
Software
/
Resource Hash
49941a044239ce2b4ea9ac8c162909b1247204742b7c85163164d7c902122bfc
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-security-policy
default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
content-type
text/html; charset=UTF-8
date
Fri, 17 May 2024 21:59:18 GMT
expect-ct
max-age=43200, enforce
permissions-policy
microphone=(),camera=()
referrer-policy
same-origin
strict-transport-security
max-age=16070400; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
x-robots-tag
index,nofollow

Redirect headers

Location
https://demo.plechtigheidonline.nl/
Non-Authoritative-Reason
HttpsUpgrades
app.css
demo.plechtigheidonline.nl/css/ 		170 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo.plechtigheidonline.nl/css/app.css?id=2b56d16062dd5c2191d2dd4d3ecab7fd
Requested by
Host: demo.plechtigheidonline.nl
URL: https://demo.plechtigheidonline.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:1398:825:1::2 , Netherlands, ASN16350 (ECHELON-AS Institutenweg 38, NL),
Reverse DNS
Software
/
Resource Hash
04bc2ff9041c3ecbb33cdea0522b1b06b35eb65d93733a075a6494ed01041b2d
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://demo.plechtigheidonline.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 21:59:18 GMT
content-security-policy
default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Tue, 07 May 2024 20:09:22 GMT
referrer-policy
same-origin
content-encoding
gzip
etag
W/"663a8a72-2a985"
expect-ct
max-age=43200, enforce
vary
Accept-Encoding
x-frame-options
deny
content-type
text/css; charset=utf-8
permissions-policy
microphone=(),camera=()
css2
fonts.googleapis.com/ 		2 KB
956 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lobster&display=swap
Requested by
Host: demo.plechtigheidonline.nl
URL: https://demo.plechtigheidonline.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e3a3cce53a90fd6a9c3ab5627bf52d3f29cc77badfd7eba057b25da79b1e5fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 May 2024 21:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 May 2024 20:26:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 May 2024 21:59:18 GMT
js
www.googletagmanager.com/gtag/ 		296 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-24NN6PPKPW
Requested by
Host: demo.plechtigheidonline.nl
URL: https://demo.plechtigheidonline.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d5b796d1659326ea26a5b11f45f75c9109af4b2435ade27687cce24101ef93c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 21:59:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100823
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 May 2024 21:59:18 GMT
manifest.js
demo.plechtigheidonline.nl/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.plechtigheidonline.nl/js/manifest.js?id=2b1d04bd2ddec8be0088cd3293c04228
Requested by
Host: demo.plechtigheidonline.nl
URL: https://demo.plechtigheidonline.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:1398:825:1::2 , Netherlands, ASN16350 (ECHELON-AS Institutenweg 38, NL),
Reverse DNS
Software
/
Resource Hash
d2ec29d70080d4862a2c8c22e722d4c311dafeb78ea38df70143c1f249a21583
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://demo.plechtigheidonline.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 21:59:18 GMT
content-security-policy
default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Tue, 07 May 2024 20:09:22 GMT
referrer-policy
same-origin
content-encoding
gzip
etag
W/"663a8a72-6b3"
expect-ct
max-age=43200, enforce
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript
permissions-policy
microphone=(),camera=()
vendor.js
demo.plechtigheidonline.nl/js/ 		3 MB
851 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.plechtigheidonline.nl/js/vendor.js?id=e2a89ee7b4aa71f84bc4047ae7bb23fe
Requested by
Host: demo.plechtigheidonline.nl
URL: https://demo.plechtigheidonline.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:1398:825:1::2 , Netherlands, ASN16350 (ECHELON-AS Institutenweg 38, NL),
Reverse DNS
Software
/
Resource Hash
afe38dca7680ec4c87f36c27144c0a074687fabe2e1e8e49d92096a36600fb88
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://demo.plechtigheidonline.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 21:59:18 GMT
content-security-policy
default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Tue, 07 May 2024 20:09:23 GMT
referrer-policy
same-origin
content-encoding
gzip
etag
W/"663a8a73-313c38"
expect-ct
max-age=43200, enforce
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript
permissions-policy
microphone=(),camera=()
app.js
demo.plechtigheidonline.nl/js/ 		416 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.plechtigheidonline.nl/js/app.js?id=e032c774dcd5025188c288cb91345ee1
Requested by
Host: demo.plechtigheidonline.nl
URL: https://demo.plechtigheidonline.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:1398:825:1::2 , Netherlands, ASN16350 (ECHELON-AS Institutenweg 38, NL),
Reverse DNS
Software
/
Resource Hash
c0dbd6c83ba0524b03e0b11c4f01a641794462a213efac5a2600899a07cc5312
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://demo.plechtigheidonline.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 21:59:18 GMT
content-security-policy
default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Tue, 07 May 2024 20:09:22 GMT
referrer-policy
same-origin
content-encoding
gzip
etag
W/"663a8a72-68010"
expect-ct
max-age=43200, enforce
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript
permissions-policy
microphone=(),camera=()
grijs-bg.jpg
demo.plechtigheidonline.nl/images/ 		429 KB
431 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.plechtigheidonline.nl/images/grijs-bg.jpg
Requested by
Host: demo.plechtigheidonline.nl
URL: https://demo.plechtigheidonline.nl/css/app.css?id=2b56d16062dd5c2191d2dd4d3ecab7fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:1398:825:1::2 , Netherlands, ASN16350 (ECHELON-AS Institutenweg 38, NL),
Reverse DNS
Software
/
Resource Hash
2175109f9a78d7c92a5b2c58f32f3079959312d2fa62fa77dd3139aff34b5132
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://demo.plechtigheidonline.nl/css/app.css?id=2b56d16062dd5c2191d2dd4d3ecab7fd
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 21:59:18 GMT
content-security-policy
default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Tue, 07 May 2024 20:09:22 GMT
referrer-policy
same-origin
etag
"663a8a72-6b558"
expect-ct
max-age=43200, enforce
x-frame-options
deny
content-type
image/jpeg
permissions-policy
microphone=(),camera=()
accept-ranges
bytes
content-length
439640
logo@2x.png
demo.plechtigheidonline.nl/images/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.plechtigheidonline.nl/images/logo@2x.png
Requested by
Host: demo.plechtigheidonline.nl
URL: https://demo.plechtigheidonline.nl/css/app.css?id=2b56d16062dd5c2191d2dd4d3ecab7fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:1398:825:1::2 , Netherlands, ASN16350 (ECHELON-AS Institutenweg 38, NL),
Reverse DNS
Software
/
Resource Hash
ddf4de7fb256ef218a557acd73aae0346f3b101cbb09c8c87ad52b1ad1f631f6
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://demo.plechtigheidonline.nl/css/app.css?id=2b56d16062dd5c2191d2dd4d3ecab7fd
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 21:59:18 GMT
content-security-policy
default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Tue, 07 May 2024 20:09:22 GMT
referrer-policy
same-origin
etag
"663a8a72-d2bd"
expect-ct
max-age=43200, enforce
x-frame-options
deny
content-type
image/png
permissions-policy
microphone=(),camera=()
accept-ranges
bytes
content-length
53949
header.jpg
demo.plechtigheidonline.nl/images/ 		665 KB
668 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.plechtigheidonline.nl/images/header.jpg
Requested by
Host: demo.plechtigheidonline.nl
URL: https://demo.plechtigheidonline.nl/css/app.css?id=2b56d16062dd5c2191d2dd4d3ecab7fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:1398:825:1::2 , Netherlands, ASN16350 (ECHELON-AS Institutenweg 38, NL),
Reverse DNS
Software
/
Resource Hash
056a67eaf2e5528c79acae186d8a4afdb8b6f855b62bc5cf094b13ecd4422636
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://demo.plechtigheidonline.nl/css/app.css?id=2b56d16062dd5c2191d2dd4d3ecab7fd
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 21:59:18 GMT
content-security-policy
default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Tue, 07 May 2024 20:09:22 GMT
referrer-policy
same-origin
etag
"663a8a72-a6396"
expect-ct
max-age=43200, enforce
x-frame-options
deny
content-type
image/jpeg
permissions-policy
microphone=(),camera=()
accept-ranges
bytes
content-length
680854
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-24NN6PPKPW&gtm=45je45f0v9102106004za200&_p=1715983158245&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=203607464.1715983158&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715983158&sct=1&seg=0&dl=https%3A%2F%2Fdemo.plechtigheidonline.nl%2F&dt=Crematorium%20Berkenbos%20%7C%20Plechtigheid%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=502
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24NN6PPKPW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 21:59:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://demo.plechtigheidonline.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
demo.plechtigheidonline.nl/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://demo.plechtigheidonline.nl/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:1398:825:1::2 , Netherlands, ASN16350 (ECHELON-AS Institutenweg 38, NL),
Reverse DNS
Software
/
Resource Hash
ca8e969cefb779f7d438454ecd96e3b7236a70c0e3d49b3924a78c667532436a
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://demo.plechtigheidonline.nl/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 21:59:18 GMT
content-security-policy
default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Tue, 07 May 2024 20:09:22 GMT
referrer-policy
same-origin
content-encoding
gzip
etag
W/"663a8a72-3c2e"
expect-ct
max-age=43200, enforce
vary
Accept-Encoding
x-frame-options
deny
content-type
image/x-icon
permissions-policy
microphone=(),camera=()

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| webpackChunk object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __core-js_shared__ object| $cookies object| FontAwesomeConfig object| ___FONT_AWESOME___ function| Pusher function| _ function| Popper function| jQuery function| $ function| axios object| poper object| socket function| moment function| Vue object| core object| regeneratorRuntime object| vttjs function| WebVTT function| videojs object| activeRequests function| Message

5 Cookies

Domain/Path Name / Value
demo.plechtigheidonline.nl/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik0ydTNiVFBlMms2bktxQWVyd0h0dkE9PSIsInZhbHVlIjoiRjc1ekIxVGZ3QXZWRHVUb1JETndMVlhrZVVEaEN4eGpuTnJyQ2hSWVp2VW5VVlhMc0liMHYxc2hQZU8xZUtIeSs1T1Y0NTNhb21wNnhad3lXaWlXYnJNaDVXZ0dBQ1YvN0F1YUwyMnRmRUdjUkM2cUhVSW1BT1QyVDIwc3RiZFIiLCJtYWMiOiI3OGY2YTljMmUxNmU5M2I4MzIzOTczMDMxZDgxNmFiOTA4ZDJkMGRjMmEzYjUwYzg3Mjg4M2EzMDc5ODRiNzQzIiwidGFnIjoiIn0%3D
demo.plechtigheidonline.nl/ Name: stichting_berkebos_session
Value: eyJpdiI6InhRdjdwU09CMzVwOHg3U0gzV05RU2c9PSIsInZhbHVlIjoiQkU2WkFwTUt3bWtmbmFhMmw3V3JIZW1iYXMvSXFTU05MWWUwVHl2QnBzTUc1eUZTMDk0MGpYZU53eWJwMFJTNTVYeEl1Y2psRGJmRzAvRDFpM21PRFpPUmFIVXVBeHJVQ1U5d3VZcGcrZHBIWmpSMERXVlNiWkJMNFdkRTVYVmoiLCJtYWMiOiI3YmM4MjQ0NzAwZWFhNjNiYzRiMGY0MDUzYjBkYzhlN2Q5OTVlN2Q0MDUzMTEzM2ViMjk1NjFmYmVhMjdhZThhIiwidGFnIjoiIn0%3D
demo.plechtigheidonline.nl/ Name: SERVER
Value: ws2
.plechtigheidonline.nl/ Name: _ga
Value: GA1.1.203607464.1715983158
.plechtigheidonline.nl/ Name: _ga_24NN6PPKPW
Value: GS1.1.1715983158.1.0.1715983158.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; img-src 'self' blob: data: www.google-analytics.com https://www.googletagmanager.com player.wowza.com *.videodelivery.net *.cloudflarestream.com; media-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.akamaihd.net https://*.wowza.com latencytimer.azurewebsites.net https://cdn.plyr.io *.videodelivery.net *.cloudflarestream.com; frame-src 'self'; font-src 'self' fonts.gstatic.com data: https://fonts.googleapis.com ; connect-src 'self' blob: https://*.maximedia.nl https://*.plechtigheidonline.nl https://*.wowza.com https://*.akamaihd.net latencytimer.azurewebsites.net https://cdn.plyr.io https://*.google-analytics.com *.videodelivery.net *.cloudflarestream.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny