www.onvz.nl Open in urlscan Pro
51.124.62.209  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request premieberekening Show response www.onvz.nl/	94 KB 96 KB	726ms 670ms	Document text/html	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a0a3481ce6b7e948331412336535fb8169adc3bb05e90f82b3b4ff7a341cf0a9 Security Headers Name Value Content-Security-Policy default-src self; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-tAYW5ytRQrVdhun1uHc9a0feAp/AFZNl' https://*.googletagmanager.com https://*.google-analytics.com https://www.googleadservices.com https://*.hotjar.com https://style.onvz.nl https://bat.bing.com https://*.usabilla.com https://js.monitor.azure.com https://d6tizftlrpuof.cloudfront.net https://*.doubleclick.net https://optimize.google.com ; child-src 'self'; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.cloudfront.net https://optimize.google.com https://fonts.googleapis.com; img-src 'self' data: https://bat.bing.com https://*.doubleclick.net https://www.google.com https://www.google.nl https://*.google-analytics.com https://*.cloudfront.net https://*.usabilla.com https://ds1.nl https://optimize.google.com; media-src 'self'; font-src 'self' https://*.typekit.net https://d6tizftlrpuof.cloudfront.net https://fonts.gstatic.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://*.doubleclick.net https://*.doubleclick.net https://*.hotjar.com https://onvz.bbvms.com https://d6tizftlrpuof.cloudfront.net https://optimize.google.com; frame-ancestors 'self'; manifest-src 'self'; connect-src 'self' https://*.onvz.nl https://*.google-analytics.com https://*.doubleclick.net https://*.hotjar.com https://*.hotjar.io https://*.rightnowtech.com https://*.usabilla.com https://dc.services.visualstudio.com https://bat.bing.com wss://*.hotjar.com; Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-type text/html; charset=utf-8 content-length 96395 cache-control no-cache, no-store pragma no-cache expires -1 x-frame-options sameorigin content-security-policy default-src self; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-tAYW5ytRQrVdhun1uHc9a0feAp/AFZNl' https://*.googletagmanager.com https://*.google-analytics.com https://www.googleadservices.com https://*.hotjar.com https://style.onvz.nl https://bat.bing.com https://*.usabilla.com https://js.monitor.azure.com https://d6tizftlrpuof.cloudfront.net https://*.doubleclick.net https://optimize.google.com ; child-src 'self'; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.cloudfront.net https://optimize.google.com https://fonts.googleapis.com; img-src 'self' data: https://bat.bing.com https://*.doubleclick.net https://www.google.com https://www.google.nl https://*.google-analytics.com https://*.cloudfront.net https://*.usabilla.com https://ds1.nl https://optimize.google.com; media-src 'self'; font-src 'self' https://*.typekit.net https://d6tizftlrpuof.cloudfront.net https://fonts.gstatic.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://*.doubleclick.net https://*.doubleclick.net https://*.hotjar.com https://onvz.bbvms.com https://d6tizftlrpuof.cloudfront.net https://optimize.google.com; frame-ancestors 'self'; manifest-src 'self'; connect-src 'self' https://*.onvz.nl https://*.google-analytics.com https://*.doubleclick.net https://*.hotjar.com https://*.hotjar.io https://*.rightnowtech.com https://*.usabilla.com https://dc.services.visualstudio.com https://bat.bing.com wss://*.hotjar.com; request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 x-ua-compatible IE=Edge strict-transport-security max-age=31536000 public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-content-type-options nosniff referrer-policy same-origin x-xss-protection 1; mode=block
GET H2	200	client.bundle.min.js Show response www.onvz.nl/Areas/Onvz/Assets/js/	1 MB 293 KB	102ms 101ms	Script application/x-javascript	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/Areas/Onvz/Assets/js/client.bundle.min.js Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ffa45b87fd518e18348e995a195b1b0bc3cb4fbc3848154c4ee4a51ab181b5bc Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 299115 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Thu, 16 Dec 2021 06:58:27 GMT x-frame-options sameorigin etag "806b50534af2d71:0" strict-transport-security max-age=31536000 content-type application/x-javascript cache-control private,max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	main_onvz.css www.onvz.nl/static/stylesheets/	779 KB 76 KB	123ms 122ms	Stylesheet text/css	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b17824a23d5e844e2d34bd4c631d49c46d870f1486aece84e80c24a9155f0256 Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 76827 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Tue, 14 Dec 2021 11:14:17 GMT x-frame-options sameorigin etag "80acdbbdbf0d71:0" strict-transport-security max-age=31536000 content-type text/css cache-control private,max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	main.min.css www.onvz.nl/Areas/Onvz/Assets/css/themes/onvz/	158 KB 25 KB	157ms 156ms	Stylesheet text/css	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/Areas/Onvz/Assets/css/themes/onvz/main.min.css Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash cd67eeab23fe4843722385b65fb78034952e83ab3d7dd63938e94a0b27d9dfde Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 25168 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Thu, 16 Dec 2021 06:58:29 GMT x-frame-options sameorigin etag "809881544af2d71:0" strict-transport-security max-age=31536000 content-type text/css cache-control private,max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	VisitorIdentification.js Show response www.onvz.nl/layouts/system/	2 KB 3 KB	91ms 91ms	Script application/x-javascript	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/layouts/system/VisitorIdentification.js Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT referrer-policy same-origin last-modified Wed, 13 Nov 2019 17:15:00 GMT etag "04243e1459ad51:0" x-frame-options sameorigin content-type application/x-javascript request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 x-xss-protection 1; mode=block cache-control private,max-age=15 strict-transport-security max-age=31536000 accept-ranges bytes content-length 2203 x-content-type-options nosniff public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge
GET H2	200	base.js Show response www.onvz.nl/static/scripts/	7 KB 3 KB	82ms 82ms	Script application/x-javascript	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/static/scripts/base.js?v=202112141214 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 6d065b805e822d8381549d09bc145f5010f23762361206f3b72b9c3c3a19e6f1 Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 2614 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Tue, 14 Dec 2021 11:14:17 GMT x-frame-options sameorigin etag "80acdbbdbf0d71:0" strict-transport-security max-age=31536000 content-type application/x-javascript cache-control private,max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	main.js Show response www.onvz.nl/static/scripts/	1 MB 245 KB	99ms 99ms	Script application/x-javascript	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/static/scripts/main.js?v=202112141214 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4950a34387fe3d11568d2982e3d1da937c96821ff351643ca8c2de3769220652 Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 249797 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Tue, 14 Dec 2021 11:14:17 GMT x-frame-options sameorigin etag "80acdbbdbf0d71:0" strict-transport-security max-age=31536000 content-type application/x-javascript cache-control private,max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	gtm.js Show response www.googletagmanager.com/	308 KB 91 KB	91ms 42ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N2DST66 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 208d18acc0dda7a8c3d995f830fd0ec755be7263e867f3277824fa671523d357 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 93155 x-xss-protection 0 last-modified Sat, 25 Dec 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 25 Dec 2021 14:51:42 GMT
GET H/1.1	200 OK	rir.js Show response style.onvz.nl/	37 KB 12 KB	99ms 26ms	Script application/javascript	18.157.120.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://style.onvz.nl/rir.js Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.157.120.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-120-20.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e152e829c3c97ea2e85d8d6e285c3b8e761ddee9909d688ed3add080c56e09e6 Security Headers Name Value Content-Security-Policy default-src 'self'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 25 Dec 2021 14:51:42 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS Connection keep-alive Referrer-Policy no-referrer Last-Modified Fri, 26 Nov 2021 10:31:43 GMT Server nginx X-Frame-Options DENY ETag W/"61a0b78f-955c" Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Content-Security-Policy default-src 'self';
GET H2	200	nunito-sans-v5-latin-300.woff2 www.onvz.nl/static/fonts/nunito-sans/	16 KB 17 KB	89ms 89ms	Font application/font-woff2	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/static/fonts/nunito-sans/nunito-sans-v5-latin-300.woff2 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash dd0d7b0bd9b543ac1655f000d5db598194d9a6c0c79815600b59ee49a81e8c62 Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Origin https://www.onvz.nl Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 16690 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Thu, 16 Dec 2021 06:58:26 GMT x-frame-options sameorigin etag "0d5b7524af2d71:0" strict-transport-security max-age=31536000 content-type application/font-woff2 cache-control max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	onvz-icons.woff www.onvz.nl/static/fonts/onvz-icons/	16 KB 17 KB	42ms 42ms	Font application/font-woff	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/static/fonts/onvz-icons/onvz-icons.woff Requested by Host: www.onvz.nl URL: https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 6d5b0abc5ecb9ff1cbb4a2d3dc3ec3e655475eed436139f89f46ef112a7a9671 Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Origin https://www.onvz.nl Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 16423 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Tue, 14 Dec 2021 11:14:17 GMT x-frame-options sameorigin etag "80acdbbdbf0d71:0" strict-transport-security max-age=31536000 content-type application/font-woff cache-control max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	nunito-sans-v5-latin-700.woff2 www.onvz.nl/static/fonts/nunito-sans/	17 KB 17 KB	105ms 105ms	Font application/font-woff2	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/static/fonts/nunito-sans/nunito-sans-v5-latin-700.woff2 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920 Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Origin https://www.onvz.nl Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 17043 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Thu, 16 Dec 2021 06:58:26 GMT x-frame-options sameorigin etag "0d5b7524af2d71:0" strict-transport-security max-age=31536000 content-type application/font-woff2 cache-control max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	a-icons.woff2 www.onvz.nl/static/fonts/onvz/	11 KB 12 KB	103ms 103ms	Font application/font-woff2	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/static/fonts/onvz/a-icons.woff2?1639053549234 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/Areas/Onvz/Assets/css/themes/onvz/main.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 69c970b7606ab28ad603450894490f46a92bf764c48c8d71f60580b1347e4d7f Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://www.onvz.nl/Areas/Onvz/Assets/css/themes/onvz/main.min.css Origin https://www.onvz.nl Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT referrer-policy same-origin last-modified Thu, 16 Dec 2021 06:58:26 GMT etag "f384e534af2d71:0" x-frame-options sameorigin content-type application/font-woff2 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 x-xss-protection 1; mode=block cache-control max-age=15 strict-transport-security max-age=31536000 accept-ranges bytes content-length 11568 x-content-type-options nosniff public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge
GET H2	200	ai.2.min.js Show response js.monitor.azure.com/scripts/b/	119 KB 38 KB	172ms 28ms	Script text/javascript	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://js.monitor.azure.com/scripts/b/ai.2.min.js Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780 Request headers Referer Origin https://www.onvz.nl Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding br x-azure-ref-originshield 09yrHYQAAAABj37d2tmLbTqW5AU+EGICBTE9OMjFFREdFMDExNQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY= content-md5 eo/NA/cIfC8rvfmGvcVN1w== x-cache TCP_HIT x-ms-meta-aijssdksrc [cdn]/scripts/b/ai.2.7.2.min.js last-modified Wed, 08 Dec 2021 18:03:24 GMT x-ms-meta-aijssdkver 2.7.2 etag 0x8D9BA750718AE66 x-azure-ref 0/y/HYQAAAAD5GcJsDSWAR4OOnSxkKQYQQlJVMzBFREdFMDQxNgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY= content-type text/javascript; charset=utf-8 access-control-allow-origin * x-ms-request-id 7145109b-d01e-00a2-1f98-f9d26c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800, immutable, no-transform x-ms-version 2009-09-19
GET H2	200	montserrat-v18-latin-500.woff2 www.onvz.nl/static/fonts/montserrat/	19 KB 20 KB	29ms 29ms	Font application/font-woff2	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/static/fonts/montserrat/montserrat-v18-latin-500.woff2 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Origin https://www.onvz.nl Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 19906 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Tue, 14 Dec 2021 11:14:17 GMT x-frame-options sameorigin etag "80acdbbdbf0d71:0" strict-transport-security max-age=31536000 content-type application/font-woff2 cache-control max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	montserrat-v18-latin-300.woff2 www.onvz.nl/static/fonts/montserrat/	19 KB 20 KB	51ms 51ms	Font application/font-woff2	51.124.62.209 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onvz.nl/static/fonts/montserrat/montserrat-v18-latin-300.woff2 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.124.62.209 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223 Security Headers Name Value Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://www.onvz.nl/static/stylesheets/main_onvz.css?v=202112141214 Origin https://www.onvz.nl Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:42 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-length 19575 x-xss-protection 1; mode=block public-key-pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains x-ua-compatible IE=Edge referrer-policy same-origin last-modified Tue, 14 Dec 2021 11:14:17 GMT x-frame-options sameorigin etag "80acdbbdbf0d71:0" strict-transport-security max-age=31536000 content-type application/font-woff2 cache-control max-age=15 request-context appId=cid-v1:ae473476-d19a-4726-bfcc-cab819166426 accept-ranges bytes
GET H2	200	js Show response www.googletagmanager.com/gtag/	187 KB 60 KB	39ms 39ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6ZFC85PEHT&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2DST66 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 45159687b008aaef901f49d62074314d59c2c3ea2379a73220fba873068662ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:43 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61103 x-xss-protection 0 expires Sat, 25 Dec 2021 14:51:43 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	67ms 19ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2DST66 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 4609 date Sat, 25 Dec 2021 13:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 25 Dec 2021 15:34:54 GMT
GET H2	200	53cfe8b2382d.js Show response w.usabilla.com/ Frame C8EA	43 KB 12 KB	153ms 43ms	Script text/javascript	52.209.153.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w.usabilla.com/53cfe8b2382d.js?lv=1 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=gezinssamenstelling Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.153.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-153-188.eu-west-1.compute.amazonaws.com Software / Resource Hash 436cde5f05984d065b574202f9858742113f61b4406c5bf2e8f682f5cf95df8c Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 25 Dec 2021 14:51:43 GMT content-encoding gzip x-widget-server 2.1 etag "859b1b2027c4d604162e00b18b0fe6ae" content-type text/javascript cache-control public,max-age=0 content-length 12514
POST H3	204	collect www.google-analytics.com/g/	0 17 B	55ms 27ms	Ping text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-6ZFC85PEHT&gtm=2oec10&_p=2072191672&sr=1600x1200&ul=en-us&cid=2012110076.1640443903&_s=1&dl=https%3A%2F%2Fwww.onvz.nl%2Fpremieberekening%3Fcoll-nummer%3D100636%26view%3Ddetail%26step%3DGezinssamenstelling&dt=Bereken%20uw%20premie%20-%20ONVZ&sid=1640443903&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=form_page&ep.platform=web&ep.environment=production&ep.debug_mode=false&ep.page_category=premieberekening&ep.user_loginstatus=anoniem&ep.customer_known=False&ep.layout=desktop&up.Cookie%20Consent=functional%7Canalytics Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6ZFC85PEHT&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 25 Dec 2021 14:51:43 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.onvz.nl cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	40ms 26ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2072191672&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onvz.nl%2Fpremieberekening%3Fcoll-nummer%3D100636%26view%3Ddetail%26step%3DGezinssamenstelling&ul=en-us&de=UTF-8&dt=Bereken%20uw%20premie%20-%20ONVZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEADQAAAAC~&jid=1486728560&gjid=878575343&cid=2012110076.1640443903&tid=UA-7389731-2&_gid=422059953.1640443903&_r=1&gtm=2wgc10N2DST66&cg4=form_page&cd5=anoniem&cd10=Gezinssamenstelling&cd11=Gezinssamenstelling%20active&cd12=False&cd13=False&cd14=False&cd15=False&cm5=1&cm6=0&z=1800901404 Requested by Host: js.monitor.azure.com URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 25 Dec 2021 14:51:43 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.onvz.nl cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.google-analytics.com/gtm/	107 KB 38 KB	43ms 32ms	Script application/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-T98RM9R&t=gtm29&cid=2012110076.1640443903 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 44f279a5f72b295091c0b0d83b2af11577c88d0af491446cf689ffb057acb39a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 25 Dec 2021 14:51:43 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39315 x-xss-protection 0 expires Sat, 25 Dec 2021 14:51:43 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 440 B	55ms 18ms	XHR text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7389731-2&cid=2012110076.1640443903&jid=1486728560&gjid=878575343&_gid=422059953.1640443903&_u=YADAAEACQAAAAC~&z=1279716160 Requested by Host: js.monitor.azure.com URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 25 Dec 2021 14:51:43 GMT content-type text/plain access-control-allow-origin https://www.onvz.nl cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	19ms 19ms	Image image/gif	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2072191672&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.onvz.nl%2Fpremieberekening%3Fcoll-nummer%3D100636%26view%3Ddetail%26step%3DGezinssamenstelling&ul=en-us&de=UTF-8&dt=Bereken%20uw%20premie%20-%20ONVZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=form_interaction&el=1-2%20Gezinssamenstelling&_u=aDDAAEADQAAAAC~&jid=&gjid=&cid=2012110076.1640443903&tid=UA-7389731-2&_gid=422059953.1640443903&gtm=2wgc10N2DST66&cg4=form_page&cd5=anoniem&cd10=Gezinssamenstelling&cd11=Gezinssamenstelling%20active&cd12=False&cd13=False&cd14=False&cd15=False&cm5=1&cm6=0&z=703872063 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=Gezinssamenstelling Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 25 Dec 2021 01:51:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 46829 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	20ms 20ms	Image image/gif	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2072191672&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.onvz.nl%2Fpremieberekening%3Fcoll-nummer%3D100636%26view%3Ddetail%26step%3DGezinssamenstelling&ul=en-us&de=UTF-8&dt=Bereken%20uw%20premie%20-%20ONVZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Merkle%20Cookiebar&ea=show&el=first&_u=aDDAAUADQAAAAC~&cid=2012110076.1640443903&tid=UA-7389731-2&_gid=422059953.1640443903&gtm=2wgc10N2DST66&cd6=functional%7Canalytics&cd20=2021-12-25*%2015%3A51%3A42&z=1195887038 Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=Gezinssamenstelling Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 25 Dec 2021 01:51:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 46829 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	1217c97014b6da8500b4de2e2606763a d6tizftlrpuof.cloudfront.net/themes/prod/ Frame 5AA2	5 KB 5 KB	89ms 27ms	Image image/png	52.222.206.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d6tizftlrpuof.cloudfront.net/themes/prod/1217c97014b6da8500b4de2e2606763a Requested by Host: www.onvz.nl URL: https://www.onvz.nl/premieberekening?coll-nummer=100636&view=detail&step=Gezinssamenstelling Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.206.77 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-206-77.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 3cd84f211a744cdcfba25b51a8409f650e0e3c6d79e2ee8123a1a30ba6096724 Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sun, 07 Feb 2021 03:37:15 GMT Content-Encoding gzip Age 27774869 X-Cache Hit from cloudfront Connection keep-alive Content-Length 4351 Last-Modified Wed, 03 May 2017 15:07:13 GMT Server AmazonS3 ETag "d3042d25971b729059589542af714975" x-amz-version-id null Via 1.1 3092bdd288d2a449c56d11f2cf4a9b89.cloudfront.net (CloudFront) Cache-Control max-age=315360000, no-transform, public X-Amz-Cf-Pop FRA56-P3 Accept-Ranges bytes Content-Type image/png X-Amz-Cf-Id SEf49L2MR0pszVbrVbVsuuZvX8m9qFVdVIkq1fGr_EWA_BNTHzTPYg==
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	92ms 44ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7389731-2&cid=2012110076.1640443903&jid=1486728560&_u=YADAAEACQAAAAC~&z=2014669311 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 25 Dec 2021 14:51:43 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/	42 B 501 B	91ms 43ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7389731-2&cid=2012110076.1640443903&jid=1486728560&_u=YADAAEACQAAAAC~&z=2014669311 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 25 Dec 2021 14:51:43 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	track dc.services.visualstudio.com/v2/ Frame	0 0	150ms 16ms	Preflight	13.69.106.90 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.106.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,sdk-context Origin https://www.onvz.nl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-methods POST access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-origin * access-control-max-age 3600 x-content-type-options nosniff date Sat, 25 Dec 2021 14:51:43 GMT content-length 0
POST H2	200	track Show response dc.services.visualstudio.com/v2/	96 B 281 B	120ms 120ms	XHR application/json	13.69.106.90 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: js.monitor.azure.com URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.106.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 41879da8a7f661c6974ecc11cb1d8ff0b292a7570a437eeff428f296e3c1e7f4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer Accept-Language nl-NL,nl;q=0.9 Sdk-Context appId User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-type application/json Response headers x-ms-session-id 46F194B7-4E95-421E-80FB-5EEA5CD9FE94 strict-transport-security max-age=31536000 x-content-type-options nosniff date Sat, 25 Dec 2021 14:51:43 GMT access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context content-length 96
POST H/1.1	200 OK	ez style.onvz.nl/	0 720 B	19ms 19ms	Ping text/plain	18.157.120.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://style.onvz.nl/ez Requested by Host: style.onvz.nl URL: https://style.onvz.nl/rir.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.157.120.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-120-20.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sat, 25 Dec 2021 14:51:44 GMT Referrer-Policy no-referrer Server nginx X-Frame-Options DENY Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Content-Security-Policy default-src 'self'; Connection keep-alive Content-Length 0 X-Content-Type-Options nosniff

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| React object| ReactDOM object| onvz function| subscribeEvent function| unsubscribeEvent function| startActivityHandler function| placeCheckerRequest function| placeCssAspxRequest function| timeoutSleep function| getMetatagContent object| dataLayer function| pageLayout function| platform function| init object| appInsights object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ function| iFrameResize object| regeneratorRuntime object| picturefillCFG function| picturefill object| td object| _db1 object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga string| ostSiteName string| ostCustomerPortalName string| ostCustomerPortalNameEN string| ostCookieStatementUrl string| ostCookieStatementUrlEN string| ostPrivacyStatementUrl string| ostPrivacyStatementUrlEN string| ostHookTag string| ostCookieName boolean| ostShowConfirmationOnSave boolean| ostShowConfirmationOnEscape string| ostAcceptDefaultValue string| ostCookieValueOnEscape string| ostLinkIdToOpenFromWebsite string| ostAnchorIdToOpenFromWebsite boolean| ostCloseOnOutsideClick boolean| ostShowRefuseButton boolean| ostShowSettingsButton string| ostSettingsButtonText string| ostCookieValueOnRefuse boolean| ostShowSettingsLink boolean| ostShowPersistentCloseButton boolean| sendEventsToDataLayer boolean| sendEventsToGoogleAnalytics boolean| ostShowFunctionDescription number| ostDefaultOption string| ostLanguage string| ostGAEventName string| ostEventCategoryVariable string| ostEventActionVariable string| ostEventLabelVariable boolean| ostTopBarMode function| ostSiteTopSelector1 function| ostSiteTopSelector2 object| ostCookieOptions object| ostCookieOptionsEN object| ostFunctionList object| ostFunctionListEN string| ostCookiewallContent1 string| ostCookiewallContent1EN string| ostCookiewallContent2 string| ostCookiewallContent2EN string| ostCookiewallContent3 string| ostCookiewallContent3EN function| ostLoadCookiewall function| ostUpdateCookiewallContent function| barHeight function| ostTopHeightHandler function| ostShowCookiewall function| ostHideCookiewall function| ostAcceptDefaultCookies function| ostSaveCookieSettings function| ostToCookieSettings function| ostRefuseCookies function| ostConfirm function| ostEscape function| ostOutsideClickHandler function| ostAddFormOptions function| ostUpdateFunctionDescription function| ostSetCookieOption function| ostGetRadioSelection function| ostSetCookie function| ostGetCookie function| ostSendGAEvent function| ostDatalayerPush object| parameters function| ostSetSecundaryCookie function| lightningjs function| usabilla_live number| defWidth undefined| stepValue undefined| page function| reportWindowSize object| e function| t object| Microsoft object| gaGlobal object| gaplugins object| gaData object| google_optimize object| datalayerIndexTriggered

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.onvz.nl/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: lzjattyccac42ee33uaicdg5
			www.onvz.nl/	1970-01-23 15:16:43	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 26ddd5c1b2464e989e7f76c4f4d5b616|False
			www.onvz.nl/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: TapsDIb2-hZkmkZia1qXGsvqwYqNi54QGPuubEOZ1KbHjtjR5w1hiDtYayQnDxwj8NCFDn7cI7mP8Xdi7rvMYYLwdnj1qBnOPM3WsPbQqANnK-Bw0tpgmKG6ZrtTfz5tQktY5qDZXy8Xv7meIzkd1A2
			www.onvz.nl/	1969-12-31 23:59:59	Name: sxa_site Value: Onvznl
			.www.onvz.nl/	1969-12-31 23:59:59	Name: ARRAffinity Value: c7df65c96d826a300fc49a6de72f92388a3c6d155bbab19d7b24883663324cb2
			.www.onvz.nl/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: c7df65c96d826a300fc49a6de72f92388a3c6d155bbab19d7b24883663324cb2
			www.onvz.nl/	1969-12-31 23:59:59	Name: pCount Value: 1
			www.onvz.nl/	1970-01-20 08:26:19	Name: ai_user Value: +HD/ZkMWm4NcuVpTG0gRWz|2021-12-25T14:51:43.160Z
			.onvz.nl/	1970-01-20 17:11:55	Name: _ga_6ZFC85PEHT Value: GS1.1.1640443903.1.0.1640443903.0
			.onvz.nl/	1970-01-20 03:59:55	Name: _ga Value: GA1.2.2012110076.1640443903
			.onvz.nl/	1970-01-19 23:42:10	Name: _gid Value: GA1.2.422059953.1640443903
			.onvz.nl/	1970-01-19 23:40:43	Name: _gat_UA-7389731-2 Value: 1
			www.onvz.nl/	1970-01-19 23:40:45	Name: ai_session Value: k9bDtSTIq67k3bcnaoCTEd|1640443903257|1640443903257
			.onvz.nl/	1970-01-20 03:59:55	Name: _tdid Value: 2012110076.1640443903__1
			www.onvz.nl/	1969-12-31 23:59:59	Name: usbls Value: 1
			.onvz.nl/	1970-01-20 03:59:55	Name: _tdbu Value: t1640443904274||_ga~~GA1.2.2012110076.1640443903

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src self; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-tAYW5ytRQrVdhun1uHc9a0feAp/AFZNl' https://*.googletagmanager.com https://*.google-analytics.com https://www.googleadservices.com https://*.hotjar.com https://style.onvz.nl https://bat.bing.com https://*.usabilla.com https://js.monitor.azure.com https://d6tizftlrpuof.cloudfront.net https://*.doubleclick.net https://optimize.google.com ; child-src 'self'; style-src 'self' 'unsafe-inline' https://*.typekit.net https://*.cloudfront.net https://optimize.google.com https://fonts.googleapis.com; img-src 'self' data: https://bat.bing.com https://*.doubleclick.net https://www.google.com https://www.google.nl https://*.google-analytics.com https://*.cloudfront.net https://*.usabilla.com https://ds1.nl https://optimize.google.com; media-src 'self'; font-src 'self' https://*.typekit.net https://d6tizftlrpuof.cloudfront.net https://fonts.gstatic.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://*.doubleclick.net https://*.doubleclick.net https://*.hotjar.com https://onvz.bbvms.com https://d6tizftlrpuof.cloudfront.net https://optimize.google.com; frame-ancestors 'self'; manifest-src 'self'; connect-src 'self' https://*.onvz.nl https://*.google-analytics.com https://*.doubleclick.net https://*.hotjar.com https://*.hotjar.io https://*.rightnowtech.com https://*.usabilla.com https://dc.services.visualstudio.com https://bat.bing.com wss://*.hotjar.com;
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d6tizftlrpuof.cloudfront.net
dc.services.visualstudio.com
js.monitor.azure.com
stats.g.doubleclick.net
style.onvz.nl
w.usabilla.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.onvz.nl
13.69.106.90
18.157.120.20
2620:1ec:46::44
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:400c:c06::9a
51.124.62.209
52.209.153.188
52.222.206.77
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
208d18acc0dda7a8c3d995f830fd0ec755be7263e867f3277824fa671523d357
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
3cd84f211a744cdcfba25b51a8409f650e0e3c6d79e2ee8123a1a30ba6096724
41879da8a7f661c6974ecc11cb1d8ff0b292a7570a437eeff428f296e3c1e7f4
436cde5f05984d065b574202f9858742113f61b4406c5bf2e8f682f5cf95df8c
44f279a5f72b295091c0b0d83b2af11577c88d0af491446cf689ffb057acb39a
45159687b008aaef901f49d62074314d59c2c3ea2379a73220fba873068662ec
4950a34387fe3d11568d2982e3d1da937c96821ff351643ca8c2de3769220652
69c970b7606ab28ad603450894490f46a92bf764c48c8d71f60580b1347e4d7f
6d065b805e822d8381549d09bc145f5010f23762361206f3b72b9c3c3a19e6f1
6d5b0abc5ecb9ff1cbb4a2d3dc3ec3e655475eed436139f89f46ef112a7a9671
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
a0a3481ce6b7e948331412336535fb8169adc3bb05e90f82b3b4ff7a341cf0a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b17824a23d5e844e2d34bd4c631d49c46d870f1486aece84e80c24a9155f0256
cd67eeab23fe4843722385b65fb78034952e83ab3d7dd63938e94a0b27d9dfde
dd0d7b0bd9b543ac1655f000d5db598194d9a6c0c79815600b59ee49a81e8c62
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e152e829c3c97ea2e85d8d6e285c3b8e761ddee9909d688ed3add080c56e09e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780
ffa45b87fd518e18348e995a195b1b0bc3cb4fbc3848154c4ee4a51ab181b5bc