urlscan.io logo urlscan.io
SecurityTrails logo

zomer.bankgiroloterij.nl Open in urlscan Pro
2600:9000:214f:5e00:5:c1e0:4940:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://zomer.bankgiroloterij.nl/
Submission: On March 11 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 33 HTTP transactions. The main IP is 2600:9000:214f:5e00:5:c1e0:4940:93a1, located in United States and belongs to AMAZON-02, US. The main domain is zomer.bankgiroloterij.nl.
TLS certificate: Issued by Amazon on July 17th 2019. Valid for: a year.
This is the only time zomer.bankgiroloterij.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    2600:9000:214f:5e00:5:c1e0:4940:93a1 (United States)

ASN16509 (AMAZON-02, US)
zomer.bankgiroloterij.nl
3    2a03:5500:1:2:79:99:184:106 (Netherlands)

ASN8315 (SENTIA, NL)
secure.cdn.vellance.com
1    143.204.202.116 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-116.fra53.r.cloudfront.net
ssl.synovite-scripts.com
4    143.204.202.33 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-33.fra53.r.cloudfront.net
tdn.r42tag.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.213.228.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-228-244.eu-west-1.compute.amazonaws.com
csp.prod.online-campaign-platform.nl
1    2600:9000:214f:ce00:16:7f87:ecc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.accutics.net
Domain Requested by
19 zomer.bankgiroloterij.nl zomer.bankgiroloterij.nl
4 tdn.r42tag.com ssl.synovite-scripts.com
3 www.google-analytics.com zomer.bankgiroloterij.nl
3 secure.cdn.vellance.com zomer.bankgiroloterij.nl
1 cdn.accutics.net zomer.bankgiroloterij.nl
1 csp.prod.online-campaign-platform.nl zomer.bankgiroloterij.nl
1 www.googletagmanager.com ssl.synovite-scripts.com
1 ssl.synovite-scripts.com zomer.bankgiroloterij.nl
33 8

This site contains links to these domains. Also see Links.

Domain
www.postcodeloterij.nl
www.bankgiroloterij.nl
www.vriendenloterij.nl
bankgiroloterij.nl
Subject Issuer Validity Valid
zomer.bgl.prod.online-campaign-platform.nl
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
secure.cdn.vellance.com
Let's Encrypt Authority X3		 2020-03-04 -
2020-06-02		 3 months crt.sh
*.synovite-scripts.com
Amazon		 2019-08-19 -
2020-09-19		 a year crt.sh
tdn.r42tag.com
Amazon		 2020-01-21 -
2021-02-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
csp.prod.online-campaign-platform.nl
Amazon		 2020-03-11 -
2021-04-11		 a year crt.sh
cdn.accutics.net
Amazon		 2019-04-25 -
2020-05-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://zomer.bankgiroloterij.nl/
Frame ID: 5CE9203E933C32B604EEA2A4BC264C03
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?\/vue(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

33
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

636 kB
Transfer

805 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zomer.bankgiroloterij.nl/ 		13 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
299216308320a46c99684b08d7e4a716b5066c27ac78c65d634700558a569ff6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
zomer.bankgiroloterij.nl
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
content-type
text/html
content-length
13746
date
Mon, 09 Mar 2020 16:21:26 GMT
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
etag
"5fad28c8f7b9719a88cec21449c76b18"
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-cache
RefreshHit from cloudfront
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
DKfP6cnZzgcwxzCpeQtA8ziBh5bZ4qPWHRkZrUq2VOtx4I54cMiVAQ==
bgl.css
zomer.bankgiroloterij.nl/project/css/ 		83 KB
85 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/project/css/bgl.css
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4822d23dbb5e54cbfc4650cbbc60c18abf3ace615e7fae4dbbfe79a9126430a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 09 Mar 2020 18:21:24 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
85198
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
server
AmazonS3
x-frame-options
DENY
etag
"af446c3846ebd77b70c9f947d1b51d03"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
hB9QLKrDdaqksaD1xgKvYL03FPbzhls18dbAon_L0ehCpJmmFN8QwA==
gdl.min.js
secure.cdn.vellance.com/postcodeloterij/gdl/gdl/0.4/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.vellance.com/postcodeloterij/gdl/gdl/0.4/gdl.min.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5500:1:2:79:99:184:106 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software
VellanceBlast /
Resource Hash
854b34c31094c6e76a19cc9b62abf2cdc2f83b1821bde67d1aefedd3960690ea
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Origin
https://zomer.bankgiroloterij.nl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 10 Mar 2020 10:49:21 GMT
content-encoding
gzip
x-blast-cdn-version
3
age
65338
status
200
content-length
6128
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Tue, 26 Feb 2019 09:53:32 GMT
server
VellanceBlast
etag
"fee3658e18cf59785a53e2d4a5471d43-df"
expect-ct
max-age=0
vary
Accept-Encoding
content-type
application/x-javascript
via
http/1.1 pkg (VellanceBlast [cHs f ])
cache-control
max-age=604800
accept-ranges
bytes
x-blast-geo-country
NL-7602
relayBindings.min.js
secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/ 		24 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5500:1:2:79:99:184:106 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software
VellanceBlast /
Resource Hash
f237f587288fb7e655d40f9cde052e03c71cf8902cc34791fa4514d15e71bdc3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Origin
https://zomer.bankgiroloterij.nl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 10 Mar 2020 16:50:14 GMT
content-encoding
gzip
x-blast-cdn-version
3
age
43685
status
200
content-length
3884
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Mon, 19 Aug 2019 14:15:34 GMT
server
VellanceBlast
etag
"e8b4c8e362a9e62e1896bafceb0563a0-df"
expect-ct
max-age=0
vary
Accept-Encoding
content-type
application/x-javascript
via
http/1.1 pkg (VellanceBlast [cRs f ])
cache-control
max-age=604800
accept-ranges
bytes
x-blast-geo-country
NL-7602
utm.js
zomer.bankgiroloterij.nl/js/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/js/utm.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59995f1a2009663447d4c210c617c29bff1f6cb54ad0abb7c155c2887f93dd85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 18:21:24 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
18074
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
server
AmazonS3
x-frame-options
DENY
etag
"69a285aaa2c11adf150fa8a202b3e334"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
0-FByxlrYkLHjl9llZpX1LZA6t85k8bhGAvva81tHz4o-uTpzIqr_A==
ca-9-site-448.js
ssl.synovite-scripts.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.synovite-scripts.com/ca-9-site-448.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa45e27732f27b58ec136f80b90fdf98ea485e57c00fe7dcf8dd5695c6225895

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
FyH2qBGVPG2L07q6jB.dQ_kWrCge2dtA
content-encoding
gzip
last-modified
Thu, 12 Dec 2019 10:52:07 GMT
server
AmazonS3
age
7766
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400, public
date
Wed, 11 Mar 2020 02:48:52 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
cesmYbY1H24lcyNlF2sWrXNiApPVgA5pm5lWBnnfQSu-oc8X-ZYEvA==
via
1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
_gdl_ssd.min.js
secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/legacyGdl/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/legacyGdl/_gdl_ssd.min.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5500:1:2:79:99:184:106 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software
VellanceBlast /
Resource Hash
3dd725eb34bb6f8d9593bedbef4fb58722e9ec5cc175953abd091c9d75385da5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Origin
https://zomer.bankgiroloterij.nl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 10 Mar 2020 10:49:21 GMT
content-encoding
gzip
x-blast-cdn-version
3
age
65338
status
200
content-length
3058
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Tue, 26 Feb 2019 09:53:40 GMT
server
VellanceBlast
etag
"249ae2cff6a8f718dcee58fea93efcad-df"
expect-ct
max-age=0
vary
Accept-Encoding
content-type
application/x-javascript
via
http/1.1 pkg (VellanceBlast [cHs f ])
cache-control
max-age=604800
accept-ranges
bytes
x-blast-geo-country
NL-7602
vue.min.js
zomer.bankgiroloterij.nl/js/ 		84 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/js/vue.min.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 16:41:45 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
86452
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
server
AmazonS3
x-frame-options
DENY
etag
"5283b86cbf48a538ee3cbebac633ccd4"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
7HztUOXIHcDt7vU-U8J7jlUTScNnQtzJmV1l2rXGsgE5cFA0L2pYDQ==
navigo.min.js
zomer.bankgiroloterij.nl/js/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/js/navigo.min.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1c5a62f63e1b671391fc31534449b45aac1d6eab5273316f13488b0a84c5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 16:41:45 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
8843
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
server
AmazonS3
x-frame-options
DENY
etag
"294be882e05c6205115e35787927e51d"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
sAF_-DBh0VvSdLkihnf8ufYa44MOo9KsuYmI9cOA9vNyi1z8eOrBcw==
vuelidate.min.js
zomer.bankgiroloterij.nl/js/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/js/vuelidate.min.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8907aba1a65492a24bb36465d7d3cdc9f321eb2eb06dc1a1260abb0d9165fab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 17:50:35 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
9361
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
server
AmazonS3
x-frame-options
DENY
etag
"c17504cc3a9484cb538b0d965004de37"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
nkVrNZNzYSmAx07EN7-9Y0tTHmkzLWSpCXVrlzeYdMJDfDcL3mPLKA==
validators.min.js
zomer.bankgiroloterij.nl/js/ 		7 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/js/validators.min.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5355e2fd7f663c21648d14a69ee629f5f31d64198abaee945a7e313f00de8021
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 16:41:46 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
7402
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
server
AmazonS3
x-frame-options
DENY
etag
"389c973c437a1027e2664d3516a86e5b"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
yXZe-ieYb4BI0hwzumwK93zZ9gZ-dXsX5RF20oMmE8Te7WCox9_e-w==
custom_validators.js
zomer.bankgiroloterij.nl/js/ 		15 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/js/custom_validators.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d412a2c16f106f7a922a705f56ebb89919ec5c13b9ff5d6fd40aef79da3b5a6f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 16:41:47 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
15651
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
server
AmazonS3
x-frame-options
DENY
etag
"06816ee5598f9c7770c8bab36f70a67e"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
WtQEtCbvtuvOYL1Y9TIIeKg49RdiJr91Th7pKaYGUrakzmM0TF5QQw==
main.js
zomer.bankgiroloterij.nl/js/ 		112 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/js/main.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
817b3c3916ff08f2a1a62ef159eeeb4aac0faf8c0702ee0ed64beeffb05c0d54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 18:21:25 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
114958
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
server
AmazonS3
x-frame-options
DENY
etag
"8e933ce2c84caecd7a6e0a2f7e903974"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
2KCh_lQI4yMZEGJnUxaYRC-UkJyplW11r-79iDDG6kU8DrTzHALwag==
routing.txt
zomer.bankgiroloterij.nl/project/json/ 		12 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/project/json/routing.txt
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d98c42f5745d5db3edd060f9ce870c3da2d8045f050fbaf11be98f786ac5b393
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

date
Mon, 09 Mar 2020 16:41:48 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
12682
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:21 GMT
server
AmazonS3
x-frame-options
DENY
etag
"7cabbdcb3f86cb0bf1575fba4cdd6d16"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/plain
accept-ranges
bytes
x-amz-cf-id
h57081_TiZtiNGIczj2lolHs8AjQ-0MJiECYu0iLOs5iPXucVc7q2w==
error_messages.txt
zomer.bankgiroloterij.nl/project/json/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/project/json/error_messages.txt
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce694b67b8f994f05d4a102febc4165f1ca5973dbe8ee8d759227e9ec1562381
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
date
Wed, 11 Mar 2020 04:58:22 GMT
content-length
4911
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:21 GMT
server
AmazonS3
etag
"3dc5f5fa45ca90125eaa059b1ab1c5cd"
x-frame-options
DENY
content-type
text/plain
accept-ranges
bytes
x-amz-cf-id
rbYCUp8BXycy0u4YwiKowkxfhO-55NbUUxdjxj7H4GqIJu2oDFOr6g==
router.js
zomer.bankgiroloterij.nl/js/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/js/router.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d8a962387d632aac45d39b90bf204b11a2ca58737a827de035ac74fa13b81ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 16:41:49 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
31262
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:15 GMT
server
AmazonS3
x-frame-options
DENY
etag
"f7910232a1125fc4eb40a11442c86891"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
J-uIhbprEI6wkMp-BvYOkTkqOeDwUuyCiD9lMDQ7sMPq98VR0_iCpA==
eindeactie.js
zomer.bankgiroloterij.nl/project/views/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/project/views/eindeactie.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3a3683d5b21f957ac37c4da1995678d7e1c731cdacd9741cecac37aec72d43a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/eindeactie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 18:21:26 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
5248
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:21 GMT
server
AmazonS3
x-frame-options
DENY
etag
"d53ce71dd6e6050cebd6cb0c7aca311e"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
3EvJK68bdlRp2cgwjfXHKBlDUN7MIJvGHMyeTrSSDTo4JVZOl4NPcA==
prod
tdn.r42tag.com/tags-448/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/tags-448/prod?s=bgl%7Ccampaign%7Ceinde-actie%7Czomer.bankgiroloterij.nl%7C%2Feindeactie&scp=31&p=reset%3A1&u=https%3A%2F%2Fzomer.bankgiroloterij.nl%2Feindeactie&r=&cb=1583902702192
Requested by
Host: ssl.synovite-scripts.com
URL: https://ssl.synovite-scripts.com/ca-9-site-448.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-33.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
d6f3487bead0a35a73f7b8999ca83c3c358868af4190bff38ed3802743300fc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Wed, 11 Mar 2020 04:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0
x-backend
tdn-588f71d4
x-amz-cf-id
wDzg9jR3fl95djYBCnwN4RQHIepTtZOQnNWr_AD9JGmVO6_cOaCqAw==
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
referrer-policy
no-referrer
expires
Thu, 01 Jan 1970 00:00:00 GMT
bg.jpg
zomer.bankgiroloterij.nl/project/images/ 		61 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zomer.bankgiroloterij.nl/project/images/bg.jpg
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0362a298f3dd32c1f322e4baa70c6452ef4cc5af5e2743f039eb429d03aa3dce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/project/css/bgl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 09 Mar 2020 18:21:27 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
62590
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:16 GMT
server
AmazonS3
x-frame-options
DENY
etag
"4a453f77dcf862eb5ae33c9eeb35821a"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
9wkyPU1ACSPavovm0-WmR9KhhvifulXbeSMEEuXaREaBTDQB7UkSpg==
8c92eb68-ce37-4962-a9f4-5b47d336bd1c.woff2
zomer.bankgiroloterij.nl/project/images/fonts/frutiger/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zomer.bankgiroloterij.nl/project/images/fonts/frutiger/8c92eb68-ce37-4962-a9f4-5b47d336bd1c.woff2
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/project/css/bgl.css
Origin
https://zomer.bankgiroloterij.nl
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Mar 2020 04:58:23 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
Miss from cloudfront
status
200
content-length
17216
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:17 GMT
server
AmazonS3
x-frame-options
DENY
etag
"38f765ebf31015515a549b80a8e2a37a"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
-U1buKK4kgLemqjnkWTNQcFoqqySQjSdepGYZCuyVkPDwH5T5y9xnw==
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
665a7681da3deaf93755b582f10e3a29837b6a18e3bf1e980c7a87eb9e394886

Request headers

Origin
https://zomer.bankgiroloterij.nl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
b-1923-ch-qs.png
zomer.bankgiroloterij.nl/project/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zomer.bankgiroloterij.nl/project/images/b-1923-ch-qs.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f615299aa3f54468cf8dc75af5b389925e54c78a03bf50402bc027f730d4b136
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/eindeactie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 09 Mar 2020 18:21:28 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
16252
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:16 GMT
server
AmazonS3
x-frame-options
DENY
etag
"cf05576d34a57f642d49f5eb57eca0d4"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
owdr_RO3_0dbvAGUWH8uE2NJFph6YXigZ5bVBfHIxehbjzYDgIwvtA==
leeg.gif
zomer.bankgiroloterij.nl/project/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zomer.bankgiroloterij.nl/project/images/leeg.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46a821ff15aa78caae871e0ce5389ba2570084a197c2d32d6d8c10b436e4f633
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/eindeactie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 09 Mar 2020 18:21:27 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
1099
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:20 GMT
server
AmazonS3
x-frame-options
DENY
etag
"0d56e596dce643d48c745afdfe926bd6"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
gPgev-NjU2umYy-MnpXG5D6BK68aWoJTrLVZisuf6B32V5yLLeiF9Q==
vinkje.png
zomer.bankgiroloterij.nl/project/images/ 		412 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zomer.bankgiroloterij.nl/project/images/vinkje.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96a5d41006d1e5ff9d2f39be7f76556bca3bd2849344576462972030b0d58355
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/eindeactie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 09 Mar 2020 18:21:27 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
412
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:21 GMT
server
AmazonS3
x-frame-options
DENY
etag
"6c740611e9d73d17fce76eea1f3713e8"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
sExfUBrH3N5C1dVsjTjgNUPI97tiW20CEgYb8uoS3Ee7AtyZFlzSvQ==
bgl-logo.png
zomer.bankgiroloterij.nl/project/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zomer.bankgiroloterij.nl/project/images/bgl-logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5e00:5:c1e0:4940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96803f2f5055d85a69bbb028f1177f70c0efa29290ae01a20bdc19e4ebcc9848
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zomer.bankgiroloterij.nl/eindeactie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 09 Mar 2020 18:21:28 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://secure.cdn.vellance.com https://ssl.synovite-scripts.com https://cdn.jsdelivr.net https://unpkg.com https://tdn.r42tag.com https://connect.facebook.net www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com https://static.ads-twitter.com https://in.hotjar.com https://script.hotjar.com https://static.hotjar.com https://stats.g.doubleclick.net https://bat.bing.com https://track.adform.net https://cdn.trackjs.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://secure.cdn.vellance.com https://tdn.r42tag.com https://t.svtrd.com https://a.svtrd.com https://flextrack.msi-aci.com https://stats.g.doubleclick.net https://usage.trackjs.com https://t.co https://dmp.adform.net https://www.facebook.com https://www.google-analytics.com https://bat.bing.com; font-src 'self' https://secure.cdn.vellance.com data:; object-src 'none'; media-src 'self'; frame-src 'self' https://4497336.fls.doubleclick.net https://vars.hotjar.com https://4497336.fls.doubleclick.net; report-uri https://csp.prod.online-campaign-platform.nl/postreport
x-cache
RefreshHit from cloudfront
status
200
content-length
10894
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 29 Aug 2019 08:10:16 GMT
server
AmazonS3
x-frame-options
DENY
etag
"2f8f7e5dcaaa71c25585d02cef1c1edf"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
uWcOTemG2VS6qldx5rTbAgG3s6rcxjer9OPS7KSUGXpJxzeDXdGlaw==
448_58
tdn.r42tag.com/data/segment/448/88445818-e9bb-4ee9-b6b3-783aabad6c84/ 		124 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/data/segment/448/88445818-e9bb-4ee9-b6b3-783aabad6c84/448_58
Requested by
Host: ssl.synovite-scripts.com
URL: https://ssl.synovite-scripts.com/ca-9-site-448.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-33.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
2583e6ad1e698277cd72aef21724bc77737cbf6beff17227f2d6e9fecda4c139

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 04:58:22 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
cache-control
no-cache, no-store, max-age=0
x-r42-source
profile
x-backend
ads-64b1e3dc
x-amz-cf-id
22wbMDKAqvYhQy1Qw2Vw6mJYfuT0VAdifmK5YbTZ2uVcqeVCG_jInw==
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-4497939
Requested by
Host: ssl.synovite-scripts.com
URL: https://ssl.synovite-scripts.com/ca-9-site-448.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10dd3dc0009907d4b1c623e0177513db5d458e69c07b25a912da5bbe1f6e83de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 04:58:22 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28485
x-xss-protection
0
last-modified
Wed, 11 Mar 2020 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Mar 2020 04:58:22 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1491
date
Wed, 11 Mar 2020 04:33:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Wed, 11 Mar 2020 06:33:31 GMT
postreport
csp.prod.online-campaign-platform.nl/ 		20 B
207 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.prod.online-campaign-platform.nl/postreport
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.228.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-228-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ab827e3fe17da220a9a652087a35d20adda002aa4df887c5d813b2b1e95228f9

Request headers

Origin
https://zomer.bankgiroloterij.nl
Sec-Fetch-Dest
report
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/csp-report

Response headers

status
400
date
Wed, 11 Mar 2020 04:58:23 GMT
x-amzn-trace-id
Root=1-5e686fee-a3ecf26092d55000ffaaccc0;Sampled=0
x-amz-apigw-id
JNZtTEnMjoEFjFA=
x-amzn-requestid
73b542f2-5363-4ea7-bdb6-83f2908e2196
content-length
20
content-type
application/json
main.min.js
cdn.accutics.net/cookiesaver/3/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.accutics.net/cookiesaver/3/main.min.js
Requested by
Host: zomer.bankgiroloterij.nl
URL: https://zomer.bankgiroloterij.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:ce00:16:7f87:ecc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e374011d98b778fdaaad8286788bfba6da364961256cd8ffdb7697798bfc8d48

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
UwCz6_lwB15D8hVYd0qX4MR.c6ieKD.A
Content-Encoding
gzip
Last-Modified
Thu, 06 Feb 2020 10:19:37 GMT
Server
AmazonS3
Age
83522
Date
Tue, 10 Mar 2020 05:46:21 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
Connection
keep-alive
X-Amz-Cf-Id
s67ND-KY6_TvzI2CI9pfJEmfc43PMl7Q0PELHkjzkRBDlcW2CY7ULQ==
stats
tdn.r42tag.com/ 		35 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdn.r42tag.com/stats?siteId=448&counterId=21&cb=1583902702462
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-33.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 11 Mar 2020 04:58:22 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
referrer-policy
no-referrer
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
x-backend
tdn-0d9750b4
content-length
35
x-content-type-options
nosniff
x-amz-cf-id
m3fhPLdtjZUY91JSlMJvGk1-Vko0wPMazEhVtsJe7-5SeztHkLB8iA==
stats
tdn.r42tag.com/ 		35 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdn.r42tag.com/stats?siteId=448&counterId=94&cb=1583902702467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-33.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 11 Mar 2020 04:58:22 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
referrer-policy
no-referrer
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
x-backend
tdn-588f71d4
content-length
35
x-content-type-options
nosniff
x-amz-cf-id
23dKytP-rW5OtC0vvwnALwy7cQbsX5pK9ehtm6qwHli7NIiQ2xJUEA==
collect
www.google-analytics.com/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=1837777426&t=pageview&_s=1&dl=https%3A%2F%2Fzomer.bankgiroloterij.nl%2Feindeactie&dp=eindeactie&ul=en-us&de=UTF-8&dt=bankgiroloterij.nl%2Fzomer%20%7C%20Vul%20hier%20uw%20code%20in&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEDAAEAB~&cid=1913077841.1583902702&tid=UA-46058122-1&_gid=369411954.1583902702&cd1=&cd2=&cd3=&cd4=eindeactie&cd5=&cd6=&cd7=&cd8=&cd11=b1923zomeraanbod&cd12=zomeraanbod&cd13=b1923&cd14=eerste-maand-gratis&cd15=corporatesite&cd17=false&cd18=&cd21=zomer.bankgiroloterij.nl&cd22=eindeactie&cd23=1&cd24=&cd25=einde-actie&cd26=eindeactie&cd27=&cd28=bgl&cd29=ocp&cd30=campaign&cd31=&cd32=&cd33=bgl&cd34=&cd35=&cd36=&cd37=&cd38=&cd39=&cd40=&cd41=&cd42=&cd44=&cd45=&cd48=&cd49=0&cd50=spi&cd51=&cd52=88445818-e9bb-4ee9-b6b3-783aabad6c84&cd54=&cd55=&cd56=&cd57=&cd58=&cd59=&cd60=&cd61=&cd62=&cd65=&cg1=ocp&cg2=campaign&cg3=&cg4=einde-actie&cg5=eindeactie&cm2=&z=1155584907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 19:58:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32414
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=1837777426&t=pageview&_s=1&dl=https%3A%2F%2Fzomer.bankgiroloterij.nl%2Feindeactie&dp=eindeactie&ul=en-us&de=UTF-8&dt=bankgiroloterij.nl%2Fzomer%20%7C%20Vul%20hier%20uw%20code%20in&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEDAAEAB~&cid=1913077841.1583902702&tid=UA-44844909-1&_gid=369411954.1583902702&cd1=&cd2=&cd3=&cd4=eindeactie&cd5=&cd6=&cd7=&cd8=&cd11=b1923zomeraanbod&cd12=zomeraanbod&cd13=b1923&cd14=eerste-maand-gratis&cd15=corporatesite&cd17=false&cd18=&cd21=zomer.bankgiroloterij.nl&cd22=eindeactie&cd23=1&cd24=&cd25=einde-actie&cd26=eindeactie&cd27=&cd28=bgl&cd29=ocp&cd30=campaign&cd31=&cd32=&cd33=bgl&cd34=&cd35=&cd36=&cd37=&cd38=&cd39=&cd40=&cd41=&cd42=&cd44=&cd45=&cd48=&cd49=0&cd50=spi&cd51=&cd52=88445818-e9bb-4ee9-b6b3-783aabad6c84&cd54=&cd55=&cd56=&cd57=&cd58=&cd59=&cd60=&cd61=&cd62=&cd65=&cg1=ocp&cg2=campaign&cg3=&cg4=einde-actie&cg5=eindeactie&z=1717417206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 19:58:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32414
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| path string| protocolDomainPath function| detectIE boolean| isIEVersion function| gdl function| _st object| gdlConfig function| CustomError function| isSpecificValue function| cloneSpecificValue function| deepCloneArray function| deepExtend object| gdlGlobalConfig object| gdl_data_layer undefined| gdl_data_layer_init object| _gdl function| log function| hasOwnProperty number| _dpr string| _orientation number| _longSide number| _shortSide object| _stq object| _stTracker object| dataFilters function| hitFontTeller function| snakeToCamel function| camelToSnake function| utm function| Vue function| Navigo object| validators object| vuelidate function| mountView object| main object| overlay object| routing number| cp string| p number| rn number| ipwav object| _obj object| optimizely object| sessionVars string| collection_version undefined| cv undefined| tpn object| c function| tagOnce object| gaLib string| GoogleAnalyticsObject function| ga string| dialogText object| _stCookiePopup boolean| cookie_shown object| acqps function| acq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| dataLayer function| gtag

0 Cookies

90 Console Messages

Source Level URL
Text
console-api log URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/gdl/0.4/gdl.min.js(Line 1)
Message:
gdl ready in: 216ms
console-api log URL: https://zomer.bankgiroloterij.nl/(Line 126)
Message:
legacyGDL loaded
console-api log URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
Relay42 ready in: 389ms
console-api log URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relayBindings ready in: 390ms
console-api log URL: https://zomer.bankgiroloterij.nl/(Line 121)
Message:
utm loaded
console-api log URL: https://zomer.bankgiroloterij.nl/(Line 135)
Message:
OCP: vue loaded
console-api log URL: https://zomer.bankgiroloterij.nl/(Line 137)
Message:
OCP: navigo loaded
console-api log URL: https://zomer.bankgiroloterij.nl/(Line 142)
Message:
validators loaded
console-api log URL: https://zomer.bankgiroloterij.nl/(Line 139)
Message:
OCP: vuelidate loaded
console-api log URL: https://zomer.bankgiroloterij.nl/(Line 144)
Message:
custom validators loaded
console-api log URL: https://zomer.bankgiroloterij.nl/(Line 146)
Message:
OCP: main loaded
console-api log URL: https://zomer.bankgiroloterij.nl/js/main.js(Line 1660)
Message:
OCP: router loaded - call router init...
console-api log URL: https://zomer.bankgiroloterij.nl/js/router.js(Line 532)
Message:
OCP: init _router
console-api log URL: https://zomer.bankgiroloterij.nl/js/router.js(Line 514)
Message:
asking checkChecks utm,0===0
console-api log URL: https://zomer.bankgiroloterij.nl/js/router.js(Line 514)
Message:
asking checkChecks dmp,1===0
console-api log URL: https://zomer.bankgiroloterij.nl/js/router.js(Line 509)
Message:
asking checkForSplitTest already
console-api log URL: https://zomer.bankgiroloterij.nl/js/router.js(Line 299)
Message:
OCP: rootsRocking - possible target: eindeactie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: productBrand bgl
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: appType spi
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: campaignId b1923zomeraanbod
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: campaignName zomeraanbod
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: campaignNumber b1923
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: campaignProposition eerste-maand-gratis
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: platformBrand bgl
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: platformType ocp
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: platformSiteType campaign
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: platformTemplate
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: autoPageView false
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: ledenservice 0
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageType einde-actie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: urlPath /eindeactie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageTopNavigation zomer.bankgiroloterij.nl
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageSubNavigation eindeactie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageSubSubNavigation
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: randomNumber bdc752aa-26b8-4be4-bc34-76db8e74b756
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: ocpNodeId eindeactie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageFunnelStepName eindeactie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageFunnelStepNumber 1
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: productBrand bgl
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: appType spi
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: campaignId b1923zomeraanbod
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: campaignName zomeraanbod
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: campaignNumber b1923
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: campaignProposition eerste-maand-gratis
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: platformBrand bgl
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: platformType ocp
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: platformSiteType campaign
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: platformTemplate
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: autoPageView false
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: ledenservice 0
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageType einde-actie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: urlPath /eindeactie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageTopNavigation zomer.bankgiroloterij.nl
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageSubNavigation eindeactie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageSubSubNavigation
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: randomNumber bdc752aa-26b8-4be4-bc34-76db8e74b756
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: ocpNodeId eindeactie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageFunnelStepName eindeactie
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: pageFunnelStepNumber 1
console-api log (Line 67)
Message:
length added to Relay DL2.
console-api log (Line 67)
Message:
key added to Relay DL2.
console-api log (Line 67)
Message:
getItem added to Relay DL2.
console-api log (Line 67)
Message:
setItem added to Relay DL2.
console-api log (Line 67)
Message:
removeItem added to Relay DL2.
console-api log (Line 67)
Message:
clear added to Relay DL2.
console-api log (Line 7)
Message:
ga init
console-api log (Line 2)
Message:
ga bind event handlers
console-api log (Line 11)
Message:
Relay: page-event: params in sync
console-api info (Line 11)
Message:
page event: page pageview [object Object]
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: gclid
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_source
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_medium
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_campaign
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_content
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_term
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: corporatesite
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: gclid
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_source
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_medium
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_campaign
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_content
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: utm_term
console-api info URL: https://secure.cdn.vellance.com/postcodeloterij/gdl/module/generic/relay/0.0.6/relayBindings.min.js(Line 1)
Message:
relaybindings: Sync to Relay: corporatesite
console-api info (Line 2)
Message:
relaybindings: Sync to Relay: gclid
console-api info (Line 2)
Message:
relaybindings: Sync to Relay: utm_source
console-api info (Line 2)
Message:
relaybindings: Sync to Relay: utm_medium
console-api info (Line 2)
Message:
relaybindings: Sync to Relay: utm_campaign
console-api info (Line 2)
Message:
relaybindings: Sync to Relay: utm_content
console-api info (Line 2)
Message:
relaybindings: Sync to Relay: utm_term
console-api info (Line 2)
Message:
relaybindings: Sync to Relay: corporatesite

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.accutics.net
csp.prod.online-campaign-platform.nl
secure.cdn.vellance.com
ssl.synovite-scripts.com
tdn.r42tag.com
www.google-analytics.com
www.googletagmanager.com
zomer.bankgiroloterij.nl
143.204.202.116
143.204.202.33
2600:9000:214f:5e00:5:c1e0:4940:93a1
2600:9000:214f:ce00:16:7f87:ecc0:93a1
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a03:5500:1:2:79:99:184:106
52.213.228.244
0362a298f3dd32c1f322e4baa70c6452ef4cc5af5e2743f039eb429d03aa3dce
10dd3dc0009907d4b1c623e0177513db5d458e69c07b25a912da5bbe1f6e83de
2583e6ad1e698277cd72aef21724bc77737cbf6beff17227f2d6e9fecda4c139
299216308320a46c99684b08d7e4a716b5066c27ac78c65d634700558a569ff6
3dd725eb34bb6f8d9593bedbef4fb58722e9ec5cc175953abd091c9d75385da5
46a821ff15aa78caae871e0ce5389ba2570084a197c2d32d6d8c10b436e4f633
4822d23dbb5e54cbfc4650cbbc60c18abf3ace615e7fae4dbbfe79a9126430a2
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
5355e2fd7f663c21648d14a69ee629f5f31d64198abaee945a7e313f00de8021
59995f1a2009663447d4c210c617c29bff1f6cb54ad0abb7c155c2887f93dd85
665a7681da3deaf93755b582f10e3a29837b6a18e3bf1e980c7a87eb9e394886
817b3c3916ff08f2a1a62ef159eeeb4aac0faf8c0702ee0ed64beeffb05c0d54
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854b34c31094c6e76a19cc9b62abf2cdc2f83b1821bde67d1aefedd3960690ea
96803f2f5055d85a69bbb028f1177f70c0efa29290ae01a20bdc19e4ebcc9848
96a5d41006d1e5ff9d2f39be7f76556bca3bd2849344576462972030b0d58355
9d8a962387d632aac45d39b90bf204b11a2ca58737a827de035ac74fa13b81ca
aa45e27732f27b58ec136f80b90fdf98ea485e57c00fe7dcf8dd5695c6225895
ab827e3fe17da220a9a652087a35d20adda002aa4df887c5d813b2b1e95228f9
c1c5a62f63e1b671391fc31534449b45aac1d6eab5273316f13488b0a84c5e03
c8907aba1a65492a24bb36465d7d3cdc9f321eb2eb06dc1a1260abb0d9165fab
ce694b67b8f994f05d4a102febc4165f1ca5973dbe8ee8d759227e9ec1562381
d412a2c16f106f7a922a705f56ebb89919ec5c13b9ff5d6fd40aef79da3b5a6f
d6f3487bead0a35a73f7b8999ca83c3c358868af4190bff38ed3802743300fc1
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
d98c42f5745d5db3edd060f9ce870c3da2d8045f050fbaf11be98f786ac5b393
e374011d98b778fdaaad8286788bfba6da364961256cd8ffdb7697798bfc8d48
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f237f587288fb7e655d40f9cde052e03c71cf8902cc34791fa4514d15e71bdc3
f3a3683d5b21f957ac37c4da1995678d7e1c731cdacd9741cecac37aec72d43a
f615299aa3f54468cf8dc75af5b389925e54c78a03bf50402bc027f730d4b136