urlscan.io logo urlscan.io
SecurityTrails logo

allianz-devel.threadstone.eu Open in urlscan Pro
37.97.212.24  Public Scan

Go To Rescan Add Verdict Report
URL: https://allianz-devel.threadstone.eu/
Submission: On March 31 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 43 HTTP transactions. The main IP is 37.97.212.24, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is allianz-devel.threadstone.eu.
TLS certificate: Issued by R3 on March 31st 2023. Valid for: 3 months.
This is the only time allianz-devel.threadstone.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    37.97.212.24 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 37-97-212-24.colo.transip.net
allianz-devel.threadstone.eu
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
7    2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    2606:4700::6812:ace7 (United States)

ASN13335 (CLOUDFLARENET, US)
aodp.allianz.nl
7    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:223c:3600:d:c8b9:46c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
deploy.mopinion.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a05:d018:f65:f801:5ddf:c8f1:a7ef:869b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
collect.mopinion.com
3    2600:9000:2127:2c00:0:c708:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cacheorcheck.mopinion.com
1    143.198.251.116 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
fonts.mopinion.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2284
21 KB
8 threadstone.eu
allianz-devel.threadstone.eu
555 KB
7 mopinion.com
deploy.mopinion.com — Cisco Umbrella Rank: 28780
collect.mopinion.com — Cisco Umbrella Rank: 59737
cacheorcheck.mopinion.com — Cisco Umbrella Rank: 53652
fonts.mopinion.com — Cisco Umbrella Rank: 80073
118 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 433
123 KB
5 allianz.nl
aodp.allianz.nl
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
289 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 933
3 KB
1 gstatic.com
fonts.gstatic.com
17 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
455 B
43 9
Domain Requested by
8 allianz-devel.threadstone.eu allianz-devel.threadstone.eu
7 www.google-analytics.com www.googletagmanager.com
7 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
5 aodp.allianz.nl www.googletagmanager.com
aodp.allianz.nl
3 cacheorcheck.mopinion.com collect.mopinion.com
3 region1.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com allianz-devel.threadstone.eu
www.googletagmanager.com
2 deploy.mopinion.com allianz-devel.threadstone.eu
deploy.mopinion.com
2 unpkg.com 1 redirects
1 fonts.gstatic.com fonts.mopinion.com
1 fonts.mopinion.com collect.mopinion.com
1 collect.mopinion.com deploy.mopinion.com
1 pagead2.googlesyndication.com www.googletagmanager.com
43 13

This site contains links to these domains. Also see Links.

Domain
www.allianz.nl
www.onetrust.com
allianz.mopinion.com
mopinion.com
Subject Issuer Validity Valid
allianz-be-devel.threadstone.eu
R3		 2023-03-31 -
2023-06-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
*.mopinion.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-07-02 -
2023-07-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://allianz-devel.threadstone.eu/
Frame ID: 9678B14EBEB6709218C9FA49688ECDC9
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Allianz Cyber RisicoscanBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

43
Requests

98 %
HTTPS

85 %
IPv6

9
Domains

13
Subdomains

14
IPs

4
Countries

1128 kB
Transfer

2621 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.3.0/dist/web-vitals.iife.js

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
allianz-devel.threadstone.eu/ 		51 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://allianz-devel.threadstone.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.212.24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-212-24.colo.transip.net
Software
Apache /
Resource Hash
ac786e441e5585e02bf16f7c8afea7d8930c1a8cf5ef2ef33a47b254d81b4507
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 31 Mar 2023 08:29:25 GMT
Keep-Alive
timeout=5, max=100
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
app.css
allianz-devel.threadstone.eu/css/ 		198 KB
199 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://allianz-devel.threadstone.eu/css/app.css?id=5873ef2a63ffc8440447
Requested by
Host: allianz-devel.threadstone.eu
URL: https://allianz-devel.threadstone.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.212.24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-212-24.colo.transip.net
Software
Apache /
Resource Hash
c77e08640c4a70cee2e82b55f2a1b2b08e979f41ba5ab70fba1602304f319ac3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 08:29:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Mar 2019 12:19:24 GMT
Server
Apache
ETag
"319ee-5847183fedb0c"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
203246
X-XSS-Protection
1; mode=block
allianz-logo-transparent.svg
allianz-devel.threadstone.eu/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allianz-devel.threadstone.eu/img/allianz-logo-transparent.svg
Requested by
Host: allianz-devel.threadstone.eu
URL: https://allianz-devel.threadstone.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.212.24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-212-24.colo.transip.net
Software
Apache /
Resource Hash
0865c32af3b523e8ea534a090c318959c77cbdea31c234dc186610dc6728d308
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 08:29:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Mar 2019 12:19:24 GMT
Server
Apache
ETag
"1933-5847183ff67ac"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6451
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		477 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WRSJV6
Requested by
Host: allianz-devel.threadstone.eu
URL: https://allianz-devel.threadstone.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ef4e44e4eba715b22a2188a5f36b31bf14bb5f516f093cb9004837f0b346050
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 08:29:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127789
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 31 Mar 2023 08:29:26 GMT
back.svg
allianz-devel.threadstone.eu/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allianz-devel.threadstone.eu/img/back.svg
Requested by
Host: allianz-devel.threadstone.eu
URL: https://allianz-devel.threadstone.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.212.24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-212-24.colo.transip.net
Software
Apache /
Resource Hash
4e9f6d77f7a875994cc98c06db7fb48ff3b4a37d44dbdb1ef14caf3183ca439a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 08:29:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Mar 2019 12:19:24 GMT
Server
Apache
ETag
"926-5847183ff7b34"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2342
X-XSS-Protection
1; mode=block
app.js
allianz-devel.threadstone.eu/js/ 		242 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allianz-devel.threadstone.eu/js/app.js?id=4d38b9a0653143bf78f8
Requested by
Host: allianz-devel.threadstone.eu
URL: https://allianz-devel.threadstone.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.212.24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-212-24.colo.transip.net
Software
Apache /
Resource Hash
7ac2b1124ccaab44641f1169a6ee31ae6b8c1829dde398454192a0880616586c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 08:29:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Mar 2019 12:19:24 GMT
Server
Apache
ETag
"3c64f-5847183fedb0c"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
247375
X-XSS-Protection
1; mode=block
plus.svg
allianz-devel.threadstone.eu/img/ 		780 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allianz-devel.threadstone.eu/img/plus.svg
Requested by
Host: allianz-devel.threadstone.eu
URL: https://allianz-devel.threadstone.eu/css/app.css?id=5873ef2a63ffc8440447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.212.24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-212-24.colo.transip.net
Software
Apache /
Resource Hash
6a587db2634dca2d4fbf437dcdb5e9242db375915412b6ea6180f1344398f898
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/css/app.css?id=5873ef2a63ffc8440447
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 08:29:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Mar 2019 12:19:24 GMT
Server
Apache
ETag
"30c-5847183fffc1c"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
780
X-XSS-Protection
1; mode=block
AllianzSans-Regular.woff
allianz-devel.threadstone.eu/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://allianz-devel.threadstone.eu/fonts/AllianzSans-Regular.woff
Requested by
Host: allianz-devel.threadstone.eu
URL: https://allianz-devel.threadstone.eu/css/app.css?id=5873ef2a63ffc8440447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.212.24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-212-24.colo.transip.net
Software
Apache /
Resource Hash
554d002bf1dc9c2e3a413ab67d749b8ab8d247544250f6f4f929c40e5ea3b1fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://allianz-devel.threadstone.eu/css/app.css?id=5873ef2a63ffc8440447
Origin
https://allianz-devel.threadstone.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 08:29:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Mar 2019 12:19:24 GMT
Server
Apache
ETag
"64c4-5847184003e84"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
25796
X-XSS-Protection
1; mode=block
AllianzSans-Light.woff
allianz-devel.threadstone.eu/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://allianz-devel.threadstone.eu/fonts/AllianzSans-Light.woff
Requested by
Host: allianz-devel.threadstone.eu
URL: https://allianz-devel.threadstone.eu/css/app.css?id=5873ef2a63ffc8440447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.212.24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-212-24.colo.transip.net
Software
Apache /
Resource Hash
af68bd4fa0e6664e3729dea4d5af8cfd6865ddb1c9488f798ec786199484c818
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://allianz-devel.threadstone.eu/css/app.css?id=5873ef2a63ffc8440447
Origin
https://allianz-devel.threadstone.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 08:29:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Mar 2019 12:19:24 GMT
Server
Apache
ETag
"6290-58471840036b4"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
25232
X-XSS-Protection
1; mode=block
landing
pagead2.googlesyndication.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=G101&rnd=628949165.1680251366&url=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&gtm=45He33t0n71WRSJV6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSJV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 08:29:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.3.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.3.0/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.3.0/dist/web-vitals.iife.js
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 08:29:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
651833
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GW7YXZ63AP7TF9NTF2JZ4WS3-ams
server
cloudflare
etag
W/"1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7b0739807eca1c99-AMS

Redirect headers

date
Fri, 31 Mar 2023 08:29:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GWVCBC01JT225RPJEM9PYDTH-ams
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
228
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.3.0/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7b0739800e4e1c99-AMS
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSJV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 08:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XP5ufGIMVAznk1F+pqtwzg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
8618
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 06:31:51 GMT
server
cloudflare
etag
0x8DB301F482ACD4D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cd84d4f9-a01e-0176-4c84-621a0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b07397fe998b912-AMS
refresh
aodp.allianz.nl/functions/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aodp.allianz.nl/functions/refresh
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSJV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ace7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0e59ae741490aa77ed868d19f5ea6841c402ade4386e526af4dea5d91ada287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 08:29:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
strict-transport-security
max-age=31536000; preload
content-type
application/javascript
x-cloud-trace-context
ffdf990f85f5c5976abf662810ded250
cache-control
no-cache
function-execution-id
tw7izh1a3y8n
content-disposition
inline; filename=aodp-event.js
cf-ray
7b0739801f7bb8be-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		239 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EM4TM7QRR2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSJV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
555b026d675098ed62c5399f006d1a1a4c2d05de61b92e0503ed5c546fe4c209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 08:29:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83069
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 31 Mar 2023 08:29:26 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSJV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 31 Mar 2023 08:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1455
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 31 Mar 2023 10:05:11 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QJYNRWP754&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSJV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35227e5ae332f04e71fa9e410b7b34f03a3c83408faabd1899fc2106b5bf4daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 08:29:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84163
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 31 Mar 2023 08:29:26 GMT
pastease.js
deploy.mopinion.com/js/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deploy.mopinion.com/js/pastease.js
Requested by
Host: allianz-devel.threadstone.eu
URL: https://allianz-devel.threadstone.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3600:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
0a24fba1eb7e7d9eee64e6f4351c7b926bfc0fcba7ff28d505bc931abe20f6ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:49:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-powered-by
Pastea.se
age
74385
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 29 Mar 2023 10:08:03 GMT
server
nginx
etag
W/"75bf-1872cd6bd94"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
GW9FtZTNqH8HN8zij8dFdoIMelsLUsz2FonRDtc6Fmy4bC8yD-WytQ==
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1329899216&t=pageview&_s=1&dl=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&dp=welkom&dh=allianz-devel.threadstone.eu&ul=en-us&de=UTF-8&dt=Allianz%20Cyber%20Risicoscan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAIAAAIg~&cid=92459839.1680251367&tid=UA-28075554-10&_gid=581007332.1680251367&gtm=45He33t0n71WRSJV6&cd2=GTM-WRSJV6%20-%20779&cd3=2023-03-31T08%3A29%3A26.373%2B00%3A00&cd5=undefined&cd6=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&cd9=ua.pageview.all&cd16=ITP%3D%26MDM%3D&cd17=allow%20limited%20-%20no%20choice&gcs=G101&z=127636422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51855
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
aodp_event
aodp.allianz.nl/functions/ 		16 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aodp.allianz.nl/functions/aodp_event
Requested by
Host: aodp.allianz.nl
URL: https://aodp.allianz.nl/functions/refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:ace7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8709be2c5dc779d2aef3cca4cf1cd4c1a1a4948937fd9ddcb786fc443b68c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://allianz-devel.threadstone.eu/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 31 Mar 2023 08:29:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000; preload
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
f73575a4d1ec3ca02de7c83b53a1662c
cache-control
private
function-execution-id
q15ks256zfii
cf-ray
7b0739819a14b92d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aodp_event
aodp.allianz.nl/functions/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aodp.allianz.nl/functions/aodp_event
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:ace7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://allianz-devel.threadstone.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b07398149b0b92d-AMS
content-type
text/html
date
Fri, 31 Mar 2023 08:29:26 GMT
function-execution-id
ktzy2kwf0btr
server
cloudflare
strict-transport-security
max-age=31536000; preload
via
1.1 google
x-cloud-trace-context
b10c0b15a37ab3092decc0e3c431721c
aodp_event
aodp.allianz.nl/functions/ 		16 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aodp.allianz.nl/functions/aodp_event
Requested by
Host: aodp.allianz.nl
URL: https://aodp.allianz.nl/functions/refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:ace7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8709be2c5dc779d2aef3cca4cf1cd4c1a1a4948937fd9ddcb786fc443b68c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://allianz-devel.threadstone.eu/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 31 Mar 2023 08:29:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000; preload
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
5d43170cf92e266132c9d3afe77db276
cache-control
private
function-execution-id
a8xsulfhk64x
cf-ray
7b0739819a16b92d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aodp_event
aodp.allianz.nl/functions/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aodp.allianz.nl/functions/aodp_event
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:ace7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://allianz-devel.threadstone.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b07398149aeb92d-AMS
content-type
text/html
date
Fri, 31 Mar 2023 08:29:26 GMT
function-execution-id
q15k1sb9xab5
server
cloudflare
strict-transport-security
max-age=31536000; preload
via
1.1 google
x-cloud-trace-context
2fd5a3b94c3e1353d7846cde2a61bc79
429bce39-e3b3-405a-8a09-de5e22ac6a98.json
cdn.cookielaw.org/consent/429bce39-e3b3-405a-8a09-de5e22ac6a98/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/429bce39-e3b3-405a-8a09-de5e22ac6a98/429bce39-e3b3-405a-8a09-de5e22ac6a98.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44a12b5876aa6aa674f2146931b32d38d52a1709bece4d5f55335bb5f4370b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 08:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
l1eV0WGj4Y3L/9hc7rcQeA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1266
x-ms-lease-status
unlocked
last-modified
Mon, 21 Feb 2022 13:26:41 GMT
server
cloudflare
etag
0x8D9F53DCBF6455C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cb723e59-901e-0175-1eaa-631908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0739819a5c0bb6-AMS
expires
Sat, 01 Apr 2023 08:29:26 GMT
collect
region1.google-analytics.com/g/ 		0
263 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QJYNRWP754&gtm=45je33t0&_p=1329899216&gcs=G101&cid=92459839.1680251367&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&cu=EUR&dl=welkom&sid=1680251366&sct=1&seg=0&dt=Allianz%20Cyber%20Risicoscan&en=page_view&_fv=1&_ss=1&ep.debug_mode=true&up._npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QJYNRWP754&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 08:29:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://allianz-devel.threadstone.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EM4TM7QRR2&gtm=45je33t0&_p=1329899216&gcs=G101&cid=92459839.1680251367&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680251366&sct=1&seg=0&dl=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&dt=Allianz%20Cyber%20Risicoscan&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EM4TM7QRR2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 08:29:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://allianz-devel.threadstone.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.31.0/ 		334 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 08:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
D263R6OySncrpIc5uRH3nQ==
age
15212
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
80955
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:24 GMT
server
cloudflare
etag
0x8DA032EC5D12B02
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6c2c2504-801e-00c4-7de1-5aa720000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0739820c06b912-AMS
rzhwcyu6fso00uz5y9rxygdcj7ilcklc26f
deploy.mopinion.com/config/ 		33 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://deploy.mopinion.com/config/rzhwcyu6fso00uz5y9rxygdcj7ilcklc26f
Requested by
Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3600:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
3eb8c23475f20f85335017b272120b3f04642e21c9a44bdd9e0b227576c579bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 07:54:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-powered-by
Pastea.se
age
2092
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
HMypWrojPbG54fucBNdVCmKO-A2NoXsjeQzU0YiYUD6UOC3pGJL86w==
nl.json
cdn.cookielaw.org/consent/429bce39-e3b3-405a-8a09-de5e22ac6a98/a1a34671-ff02-442d-acc0-fdd474ce7e48/ 		63 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/429bce39-e3b3-405a-8a09-de5e22ac6a98/a1a34671-ff02-442d-acc0-fdd474ce7e48/nl.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c437bb8204d7041eed95d9ce76bb4796d61f168b67aa4ee42042f0c1576cfa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 08:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
S62K+hVBdE+Kt5akC+QIiQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14575
x-ms-lease-status
unlocked
last-modified
Mon, 21 Feb 2022 13:26:42 GMT
server
cloudflare
etag
0x8D9F53DCCEE8C41
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e6fb7457-401e-0096-05aa-63bad2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0739827b850bb6-AMS
expires
Sat, 01 Apr 2023 08:29:26 GMT
survey.min.js
collect.mopinion.com/assets/surveys/2.0/js/ 		260 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js
Requested by
Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:f65:f801:5ddf:c8f1:a7ef:869b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d14e728b244768bd4b9a17df4d25d3d028d49596617ad85c5b24ad5de967b5b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
date
Fri, 31 Mar 2023 08:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 21 Mar 2023 14:24:07 GMT
server
nginx
etag
W/"6419be07-40ffe"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires
Fri, 07 Apr 2023 08:29:26 GMT
otFloatingRoundedCorner.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otFloatingRoundedCorner.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b65d01fc7528ea948471c674a1da19229a4f0859fe1b1b171e3b59a7b86b230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 08:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
S6utKXPS7v00rqdtO2Y2fg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2566
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:15 GMT
server
cloudflare
etag
0x8DA032EC00442F6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ab00f5e6-c01e-0087-2faa-638dc9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0739835c8d0bb6-AMS
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 08:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ZpEAbh0BppVJFPu0Tn1v0w==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11558
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:15 GMT
server
cloudflare
etag
0x8DA032EC085471F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
15039eea-501e-0089-13aa-6361c2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0739835c8f0bb6-AMS
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 08:29:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
2HSefDmVwJneRQMu6SXIPw==
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
257a303e-d01e-0179-42aa-63f7f9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7b0739835c900bb6-AMS
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QJYNRWP754&gtm=45je33t0&_p=1329899216&gcs=G101&cid=92459839.1680251367&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&cu=EUR&dl=%2F&sid=1680251366&sct=1&seg=1&dt=Allianz%20Cyber%20Risicoscan&en=page_view&ep.debug_mode=true&_et=618
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QJYNRWP754&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 08:29:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://allianz-devel.threadstone.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1329899216&t=pageview&_s=1&dl=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&dp=%2F&dh=allianz-devel.threadstone.eu&ul=en-us&de=UTF-8&dt=Allianz%20Cyber%20Risicoscan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABBAAAIAAAIg~&cid=92459839.1680251367&tid=UA-28075554-10&_gid=581007332.1680251367&gtm=45He33t0n71WRSJV6&cd2=GTM-WRSJV6%20-%20779&cd3=2023-03-31T08%3A29%3A26.444%2B00%3A00&cd5=undefined&cd6=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&cd9=ua.pageview.all&cd16=ITP%3D%26MDM%3D&cd17=allow%20limited%20-%20no%20choice&gcs=G101&z=2111784438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51856
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1329899216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&dp=%2F&dh=allianz-devel.threadstone.eu&ul=en-us&de=UTF-8&dt=Allianz%20Cyber%20Risicoscan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25&_u=aGDAiEABBAAAIAAAIg~&cid=92459839.1680251367&tid=UA-28075554-10&_gid=581007332.1680251367&gtm=45He33t0n71WRSJV6&cd2=GTM-WRSJV6%20-%20779&cd3=2023-03-31T08%3A29%3A26.495%2B00%3A00&cd5=undefined&cd6=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&cd9=ua.event.scrollDepth&cd16=ITP%3D%26MDM%3D&cd17=allow%20limited%20-%20no%20choice&gcs=G101&z=1255211747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51856
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1329899216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&dp=%2F&dh=allianz-devel.threadstone.eu&ul=en-us&de=UTF-8&dt=Allianz%20Cyber%20Risicoscan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50&_u=aGDAiEABBAAAIAAAIg~&cid=92459839.1680251367&tid=UA-28075554-10&_gid=581007332.1680251367&gtm=45He33t0n71WRSJV6&cd2=GTM-WRSJV6%20-%20779&cd3=2023-03-31T08%3A29%3A26.512%2B00%3A00&cd5=undefined&cd6=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&cd9=ua.event.scrollDepth&cd16=ITP%3D%26MDM%3D&cd17=allow%20limited%20-%20no%20choice&gcs=G101&z=681731664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51856
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1329899216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&dp=%2F&dh=allianz-devel.threadstone.eu&ul=en-us&de=UTF-8&dt=Allianz%20Cyber%20Risicoscan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=75&_u=aGDAiEABBAAAIAAAIg~&cid=92459839.1680251367&tid=UA-28075554-10&_gid=581007332.1680251367&gtm=45He33t0n71WRSJV6&cd2=GTM-WRSJV6%20-%20779&cd3=2023-03-31T08%3A29%3A26.534%2B00%3A00&cd5=undefined&cd6=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&cd9=ua.event.scrollDepth&cd16=ITP%3D%26MDM%3D&cd17=allow%20limited%20-%20no%20choice&gcs=G101&z=1868486962
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51856
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1329899216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&dp=%2F&dh=allianz-devel.threadstone.eu&ul=en-us&de=UTF-8&dt=Allianz%20Cyber%20Risicoscan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=100&_u=aGDAiEABBAAAIAAAIg~&cid=92459839.1680251367&tid=UA-28075554-10&_gid=581007332.1680251367&gtm=45He33t0n71WRSJV6&cd2=GTM-WRSJV6%20-%20779&cd3=2023-03-31T08%3A29%3A26.551%2B00%3A00&cd5=undefined&cd6=https%3A%2F%2Fallianz-devel.threadstone.eu%2F&cd9=ua.event.scrollDepth&cd16=ITP%3D%26MDM%3D&cd17=allow%20limited%20-%20no%20choice&gcs=G101&z=1483896420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51856
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
json-config
cacheorcheck.mopinion.com/survey/public/ 		194 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cacheorcheck.mopinion.com/survey/public/json-config?key=d951c4fb5e97278103258f67e4bc10c921e91972&domain=allianz.mopinion.com&withBase=true
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:0:c708:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Mopinion.com
Resource Hash
9fd70db805e160248c011fca5a386adbcce5382333d2eccccce92646e173e546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 03:50:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-powered-by
Mopinion.com
age
16750
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 31 Mar 2023 03:49:27 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-Api-Version, X-Request-Id, X-Response-Time
cache-control
public, max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Expose-Headers,Cache-Control,Last-Modified,X-Frame-Options,Strict-Transport-Security,X-Content-Type-Options,X-XSS-Protection,Server,Origin,Accept,Accept-Version,Content-Length,Content-MD5,Content-Type,Date,X-Api-Version,X-Response-Time,X-PINGOTHER,X-CSRF-Token,Authorization
x-amz-cf-id
RSlN6gk775n0wrtc4FXlPr1ucuwnAEQtF0leyiwwp7RyDHYtzmLVqw==
icons
cacheorcheck.mopinion.com/survey/public/ 		634 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cacheorcheck.mopinion.com/survey/public/icons?icons=comment-o&domain=undefined
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:0:c708:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Mopinion.com
Resource Hash
746619dc4c64546fe1bfe72c2ea0c1eda9743267c5f101403e019e7c7454de2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 31 Mar 2023 04:47:27 GMT
x-content-type-options
nosniff
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
24104
x-powered-by
Mopinion.com
x-cache
Hit from cloudfront
content-length
634
x-xss-protection
1; mode=block
last-modified
Tue, 28 Mar 2023 23:49:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-Api-Version, X-Request-Id, X-Response-Time
cache-control
public, max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Expose-Headers,Cache-Control,Last-Modified,X-Frame-Options,Strict-Transport-Security,X-Content-Type-Options,X-XSS-Protection,Server,Origin,Accept,Accept-Version,Content-Length,Content-MD5,Content-Type,Date,X-Api-Version,X-Response-Time,X-PINGOTHER,X-CSRF-Token,Authorization
x-amz-cf-id
gmUuwibi1viilCpFb8xCn6hbnxv-1mGc3-H9ItRgqiLlMAEqk7G5NQ==
css
fonts.mopinion.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.mopinion.com/css?family=Open+Sans
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.251.116 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c93f8a5a8f57578d60e2e71813052495fe385771aada66be95ad672fad53bd62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 08:29:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
transfer-encoding
chunked
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 08:16:31 GMT
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Mar 2024 08:29:27 GMT
emoji
cacheorcheck.mopinion.com/survey/public/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cacheorcheck.mopinion.com/survey/public/emoji?blockId=21&domain=undefined
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:0:c708:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Mopinion.com
Resource Hash
c201e9425b3de3f349fe1e5dea1895ec6411785299a8b729e04e600a9a32a50c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://allianz-devel.threadstone.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 05:59:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-powered-by
Mopinion.com
age
8978
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 31 Mar 2023 05:59:49 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-Api-Version, X-Request-Id, X-Response-Time
cache-control
public, max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Expose-Headers,Cache-Control,Last-Modified,X-Frame-Options,Strict-Transport-Security,X-Content-Type-Options,X-XSS-Protection,Server,Origin,Accept,Accept-Version,Content-Length,Content-MD5,Content-Type,Date,X-Api-Version,X-Response-Time,X-PINGOTHER,X-CSRF-Token,Authorization
x-amz-cf-id
r2X015JuX4EnUna9gCqQjdnH2fc45GMQ5FEZuVLGadODpQhhiOZsVQ==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.mopinion.com
URL: https://fonts.mopinion.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.mopinion.com/
Origin
https://allianz-devel.threadstone.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:58 GMT
x-content-type-options
nosniff
age
251849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:58 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| dataLayer function| setImmediate function| clearImmediate function| jQuery function| $ object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| gtag string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| webVitals function| aodp_init function| aodp_getcookie function| aodp_setcookie function| aodp_setaodpsid function| aodp_checkaodpuid function| aodp_checkaodpsid function| aodp_event object| gaplugins object| gaGlobal object| gaData object| OneTrustStub function| OptanonWrapper object| Pastease string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust object| srv

8 Cookies

Domain/Path Name / Value
allianz-devel.threadstone.eu/ Name: XSRF-TOKEN
Value: eyJpdiI6ImR4QTNBcmhrZ0N5TG5sUzlKN1wvVEZ3PT0iLCJ2YWx1ZSI6InlMM1RWcWhMemJWb1NtSUR0S1VVVWxheFczM3ZDRTRZK3VncUtzQTRYUVNIdWo3aUJRUWQ2SU5iV1ZXUHByWHoiLCJtYWMiOiJlNGI0ZjhmNmIxMzQ4ZmQ4MDE0ZTIyNmFlNGQyOTg3ZTIyZDAzMDkzODg2ODAwNzM0MWY5Y2QyZjU4OGIxYjY2In0%3D
allianz-devel.threadstone.eu/ Name: allianz_assessment_session
Value: eyJpdiI6InY4QzVMeld6cHdJMjFXMGt0YjhCdmc9PSIsInZhbHVlIjoiUjFaMTJoVjlcL1FiV3JGRkNWdHVXMW94Y1EyT1FhdUlXc3h2cmJmM3pUV0xENU9OVUMyRmVueUJ3T0ZRKzkrTFAiLCJtYWMiOiJiNzkzODc0OWYxNTQ4Zjc4OTA0ZDIwODJmMTM3YTAwMmI4ZjkzZjViMjEzNDA3MDRhYzhhMjRlM2I3YTQzOTQ5In0%3D
.threadstone.eu/ Name: _gid
Value: GA1.2.581007332.1680251367
.threadstone.eu/ Name: aodpsid
Value: 509117955-1680253166577
.threadstone.eu/ Name: _ga_EM4TM7QRR2
Value: GS1.1.1680251366.1.0.1680251366.0.0.0
collect.mopinion.com/ Name: AWSALBCORS
Value: xmOfqc39LoqTtTMlb0W3IzizFISyTDUQfO0opTg9qgfCo8FvW1f2zpYaVS3cLNy0rhj3u6W6Oer56UEua1wvcp2giIkbCDdlvUKTM0z70NDxCXiB1ficgEAP+BNQ
.threadstone.eu/ Name: _ga
Value: GA1.2.92459839.1680251367
.threadstone.eu/ Name: _ga_QJYNRWP754
Value: GS1.1.1680251366.1.1.1680251366.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allianz-devel.threadstone.eu
aodp.allianz.nl
cacheorcheck.mopinion.com
cdn.cookielaw.org
collect.mopinion.com
deploy.mopinion.com
fonts.gstatic.com
fonts.mopinion.com
pagead2.googlesyndication.com
region1.google-analytics.com
unpkg.com
www.google-analytics.com
www.googletagmanager.com
143.198.251.116
2001:4860:4802:34::36
2600:9000:2127:2c00:0:c708:1080:93a1
2600:9000:223c:3600:d:c8b9:46c0:93a1
2606:4700::6810:7baf
2606:4700::6812:ace7
2606:4700::6813:bb61
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82b::2003
2a05:d018:f65:f801:5ddf:c8f1:a7ef:869b
37.97.212.24
0865c32af3b523e8ea534a090c318959c77cbdea31c234dc186610dc6728d308
0a24fba1eb7e7d9eee64e6f4351c7b926bfc0fcba7ff28d505bc931abe20f6ae
146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd
1d14e728b244768bd4b9a17df4d25d3d028d49596617ad85c5b24ad5de967b5b
2c437bb8204d7041eed95d9ce76bb4796d61f168b67aa4ee42042f0c1576cfa1
35227e5ae332f04e71fa9e410b7b34f03a3c83408faabd1899fc2106b5bf4daa
3eb8c23475f20f85335017b272120b3f04642e21c9a44bdd9e0b227576c579bb
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
4e9f6d77f7a875994cc98c06db7fb48ff3b4a37d44dbdb1ef14caf3183ca439a
554d002bf1dc9c2e3a413ab67d749b8ab8d247544250f6f4f929c40e5ea3b1fc
555b026d675098ed62c5399f006d1a1a4c2d05de61b92e0503ed5c546fe4c209
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6a587db2634dca2d4fbf437dcdb5e9242db375915412b6ea6180f1344398f898
746619dc4c64546fe1bfe72c2ea0c1eda9743267c5f101403e019e7c7454de2f
7ac2b1124ccaab44641f1169a6ee31ae6b8c1829dde398454192a0880616586c
7ef4e44e4eba715b22a2188a5f36b31bf14bb5f516f093cb9004837f0b346050
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9b65d01fc7528ea948471c674a1da19229a4f0859fe1b1b171e3b59a7b86b230
9fd70db805e160248c011fca5a386adbcce5382333d2eccccce92646e173e546
ac786e441e5585e02bf16f7c8afea7d8930c1a8cf5ef2ef33a47b254d81b4507
af68bd4fa0e6664e3729dea4d5af8cfd6865ddb1c9488f798ec786199484c818
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
c201e9425b3de3f349fe1e5dea1895ec6411785299a8b729e04e600a9a32a50c
c44a12b5876aa6aa674f2146931b32d38d52a1709bece4d5f55335bb5f4370b5
c77e08640c4a70cee2e82b55f2a1b2b08e979f41ba5ab70fba1602304f319ac3
c8709be2c5dc779d2aef3cca4cf1cd4c1a1a4948937fd9ddcb786fc443b68c82
c93f8a5a8f57578d60e2e71813052495fe385771aada66be95ad672fad53bd62
d0e59ae741490aa77ed868d19f5ea6841c402ade4386e526af4dea5d91ada287
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66