www.susa.nl Open in urlscan Pro
77.94.252.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://codiad.susa.nl/
Effective URL:
https://www.susa.nl/
Submission: On July 01 via api (July 1st 2024, 8:36:44 pm UTC) from US — Scanned from NL

Summary HTTP 51 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 51 HTTP transactions. The main IP is 77.94.252.133, located in Netherlands and belongs to CLDIN-NL Your.Online, NL. The main domain is www.susa.nl.
TLS certificate: Issued by R3 on May 3rd 2024. Valid for: 3 months.

This is the only time www.susa.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	31.3.109.169 31.3.109.169	197731 (TUXIS) (TUXIS)
34	77.94.252.133 77.94.252.133	48635 (CLDIN-NL ...) (CLDIN-NL Your.Online)
2	23.36.162.220 23.36.162.220	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.40.28 104.16.40.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
3	23.45.111.185 23.45.111.185	16625 (AKAMAI-AS) (AKAMAI-AS)
6	3.73.7.152 3.73.7.152	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
51	9

1 31.3.109.169 (Netherlands) 1 redirects

ASN197731 (TUXIS, NL)

codiad.susa.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 77.94.252.133 (Netherlands)

ASN48635 (CLDIN-NL Your.Online, NL)

www.susa.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.162.220 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-220.deploy.static.akamaitechnologies.com

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.40.28 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.45.111.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-111-185.deploy.static.akamaitechnologies.com

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.73.7.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-7-152.eu-central-1.compute.amazonaws.com

analytics.onrecruit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	susa.nl 1 redirects codiad.susa.nl www.susa.nl	493 KB
6	onrecruit.net analytics.onrecruit.net	5 KB
5	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4936 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5488 imgsct.cookiebot.com — Cisco Umbrella Rank: 5824	136 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	298 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137	64 B
1	fonts.net cdn.fonts.net — Cisco Umbrella Rank: 16315	587 B
51	7

	Domain	Requested by
34	www.susa.nl	www.susa.nl consent.cookiebot.com
6	analytics.onrecruit.net	www.susa.nl
3	www.googletagmanager.com	www.susa.nl www.googletagmanager.com
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	consent.cookiebot.com	www.susa.nl consent.cookiebot.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	imgsct.cookiebot.com
1	cdn.fonts.net	www.susa.nl
1	codiad.susa.nl	1 redirects
51	10

This site contains links to these domains. Also see Links.

Domain
mijn.susa.nl
www.instagram.com
www.linkedin.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
www.susa.nl R3	`2024-05-03` - `2024-08-01`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
fonts.net GTS CA 1P5	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
*.onrecruit.net Sectigo RSA Domain Validation Secure Server CA	`2024-03-13` - `2025-04-13`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.susa.nl/
Frame ID: D30DA856BDFAD9F81179F46DF847F453
Requests: 55 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: B62D868339595CA6F88F5124D8743881
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SUSA | Flexibele bijbanen voor studenten

Page URL History Show full URLs

https://codiad.susa.nl/ HTTP 302
https://www.susa.nl/ Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

51
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

933 kB
Transfer

2231 kB
Size

4
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://mijn.susa.nl/#/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.instagram.com/susastudenten/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/susa/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@susa.studenten

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@susastudenten

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C83-HlWoklY/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C8uTFrRIBMY/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C8rnbGmoSi3/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C8dxldLIGLL/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C8cSjfCh872/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C8KP4LaoXbj/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C8Em-mOoXza/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C73sqc8IAla/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://codiad.susa.nl/ HTTP 302
https://www.susa.nl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.susa.nl/
Redirect Chain

https://codiad.susa.nl/
https://www.susa.nl/

65 KB
21 KB

541ms
110ms

Document
text/html

77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

9d92f410e3312da57cd8822a88c73131fb5f9c02301cd1be1ca77b06eae0587e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://info.susa.nl
cache-control: no-cache,no-store
content-encoding: gzip
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
content-type: text/html; charset=utf-8
date: Mon, 01 Jul 2024 20:36:38 GMT
expires: -1
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma: no-cache
referrer-policy: origin-when-cross-origin
server
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Mon, 01 Jul 2024 20:36:37 GMT
Location: https://www.susa.nl/
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H2 200 style.css
www.susa.nl/dist/assets/stylesheets/ 301 KB
60 KB 32ms
16ms Stylesheet
text/css 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

9e9b3caae321f67bfddef9b13e7684169f3ababe1ed364c312b9f7139b22ffdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-permitted-cross-domain-policies: none
date: Mon, 01 Jul 2024 20:36:38 GMT
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:48 GMT
server
etag: "1dacba3d55765f2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 109 KB
34 KB 392ms
31ms Script
application/javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.susa.nl
URL: https://www.susa.nl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ea833e2735a61a60b815b434da037b82495d0e3c5436340ae79247af6d25488b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Mon, 01 Jul 2024 20:36:38 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2024 09:23:46 GMT
etag: "83a342b673c8da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=767
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 34250
expires: Mon, 01 Jul 2024 20:49:25 GMT

GET
H2 200 Functions.js Show response
www.susa.nl/scripts/ 6 KB
2 KB 32ms
17ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/scripts/Functions.js?942D40EF44E5004C92BD06F755DD7DE8

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

d8d6917987995c00c5880f5edaf121a279afa4bf80cbf4cd8481d2030c24059d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-permitted-cross-domain-policies: none
date: Mon, 01 Jul 2024 20:36:38 GMT
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:25:41 GMT
server
etag: "1dacba105e65842"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 polyfill.min.js Show response
www.susa.nl/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/ 4 KB
2 KB 33ms
19ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/polyfill.min.js?v=13.1.2

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

e96f2b2cde976e741236c5358aafbc25b3527eeb73431521da778414fabdc2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-permitted-cross-domain-policies: none
date: Mon, 01 Jul 2024 20:36:38 GMT
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 08 Apr 2024 13:55:14 GMT
server
etag: "1da89bc614ac226"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 aspnet-validation.min.js Show response
www.susa.nl/App_Plugins/UmbracoForms/Assets/aspnet-client-validation/dist/ 17 KB
7 KB 34ms
20ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/App_Plugins/UmbracoForms/Assets/aspnet-client-validation/dist/aspnet-validation.min.js?v=13.1.2

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

4f99755eef5dd38df42fca6145b2d4ce1bc077461087dd3dea13cfd6602c080f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-permitted-cross-domain-policies: none
date: Mon, 01 Jul 2024 20:36:38 GMT
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 08 Apr 2024 13:55:16 GMT
server
etag: "1da89bc627bb938"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 logo-bg-green.png
www.susa.nl/dist/assets/images/ 7 KB
7 KB 34ms
21ms Image
image/png 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/dist/assets/images/logo-bg-green.png

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

1da060e423d28b8cf622744169c233d9a959bd979df84870b5cbd70f0f23aa54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 7494
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:46:00 GMT
server
etag: "1dacba3dc7af946"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 close.png
www.susa.nl/dist/assets/images/ 704 B
767 B 35ms
21ms Image
image/png 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/dist/assets/images/close.png

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

b0321deb31266670b34269735ab683b721fedf53ce79d5518845d2c6fea13bc4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 704
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:46:00 GMT
server
etag: "1dacba3dc7ae6c0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 logo-green.png
www.susa.nl/dist/assets/images/ 38 KB
38 KB 19ms
18ms Image
image/png 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/dist/assets/images/logo-green.png

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

9e693d2ee1d53a8ee7c72c0496783eb8335d020c76efdcf060b815bf1409ad62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 38552
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:46:02 GMT
server
etag: "1dacba3ddac8798"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 susa_fotografie-2022_lowres-75.jpg
www.susa.nl/media/ekoobhke/ 28 KB
28 KB 22ms
21ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/ekoobhke/susa_fotografie-2022_lowres-75.jpg?rxy=0.516772150918379,0.24123298699367574&width=700&height=400&v=1d895d9842838e0&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

d9a4a1d0fb7d40f456156b1dcd27d0a8da7768284c99bdbba9a0a9336a9d0664

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 28892
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:43:55 GMT
server
etag: "1dac92eed6e9f5c"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 susa_fotografie-2022_lowres-20.jpg
www.susa.nl/media/0cefb2xu/ 44 KB
45 KB 33ms
32ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/0cefb2xu/susa_fotografie-2022_lowres-20.jpg?rxy=0.49683240597807538,0.30735394963035328&width=600&height=300&v=1d895d9ef7dcab0&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

2cdbba7f232c354eca6b68df52e152ea9fb65bf8b2ba42479b930aac74cdcbc8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 44846
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:43:55 GMT
server
etag: "1dac92eed6e40ae"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 lazysizes.min.js Show response
www.susa.nl/dist/assets/plugins/ 14 KB
7 KB 31ms
31ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/plugins/lazysizes.min.js

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

62f54e5af0f21ac30871f7b033aeaf364b956448136314c1b875b2882175e82c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-permitted-cross-domain-policies: none
date: Mon, 01 Jul 2024 20:36:38 GMT
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:59 GMT
server
etag: "1dacba3dbe27bdf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 tiny-slider.js Show response
www.susa.nl/dist/assets/plugins/ 31 KB
15 KB 17ms
17ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/plugins/tiny-slider.js

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

c95012ece1485315483ac970a2fb4cc203483f61281a2e523241380e8ea3e369

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-permitted-cross-domain-policies: none
date: Mon, 01 Jul 2024 20:36:38 GMT
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:59 GMT
server
etag: "1dacba3dbe23645"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 1.css
cdn.fonts.net/t/ 0
587 B 402ms
41ms Stylesheet
text/css 104.16.40.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/t/1.css?apiType=css&projectid=000706c6-9e53-42f4-9560-25dbb6b88ae3
Requested by: Host: www.susa.nl
URL: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.40.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 20:36:38 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: ZXFEHT2STK9RYXF7
age: 119465
x-amz-server-side-encryption: AES256
content-length: 0
x-amz-id-2: nsNZmlEca4TNwIgsQLIdriHBFtvIHCgcPlPfdiqrZV9UOK7CJCCXTXH3kWzT5m8/nRcmJJeh5wnOnXURqmUHt6yCUprLfz5ktI9FCFr18WM=
last-modified: Thu, 20 Oct 2022 08:49:27 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 89c9307f9fd691f5-FRA
expires: Mon, 01 Jul 2024 20:41:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 369 KB
113 KB 446ms
75ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFMFX4

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7f4e4008318393e5284991177d3af5fcb8d4122fa9a0be2aa0d0cb8f5eb90969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 20:36:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115354
x-xss-protection: 0
last-modified: Mon, 01 Jul 2024 19:42:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Jul 2024 20:36:39 GMT

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/a799ad10-cb5d-4408-ab22-362c77b88a45/susa.nl/ 2 KB
1015 B 372ms
20ms Script
application/x-javascript 23.45.111.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/a799ad10-cb5d-4408-ab22-362c77b88a45/susa.nl/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.111.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-111-185.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 20f87311089a44ce89d00ea31b17d37ac787111ef73bb36333ca76415dbc1856

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 20:36:39 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2024 09:10:14 GMT
server: AkamaiNetStorage
etag: "54767c78dbeb53a6f6272deeaefb4cf7:1719479414.761461"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=18218
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719866199348_390277150_165087783_57_683_19_24_146";dur=1
accept-ranges: bytes
content-length: 649
expires: Tue, 02 Jul 2024 01:40:17 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/a799ad10-cb5d-4408-ab22-362c77b88a45/ 291 KB
101 KB 90ms
90ms Script
application/x-javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/a799ad10-cb5d-4408-ab22-362c77b88a45/cc.js?renew=false&referer=www.susa.nl&dnt=false&init=false&culture=NL
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6484794649790e8828bd1345a8459e238dd3a6ce0078d92fd6ffce504f5be9e3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 20:36:39 GMT
content-encoding: gzip
last-modified: Mon, 01 Jul 2024 20:36:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
content-length: 103364
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 NeueHelvetica35Thin_normal_normal.woff2
www.susa.nl/dist/assets/fonts/000706c6-9e53-42f4-9560-25dbb6b88ae3/NeueHelvetica/ 24 KB
24 KB 18ms
18ms Font
font/woff2 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/fonts/000706c6-9e53-42f4-9560-25dbb6b88ae3/NeueHelvetica/NeueHelvetica35Thin_normal_normal.woff2

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

de392d7621922e735698f870bf603b17394fe0668f8d39e46534fb934b7a0f52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC
Origin: https://www.susa.nl
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 24956
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:59 GMT
server
etag: "1dacba3dbe22cfc"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 276 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c1e275f9a95a12c4cd570cfd820ab359babaa3a073d3bd1b69da4f7ed026b0c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.susa.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 splash.png
www.susa.nl/dist/assets/images/ 35 KB
36 KB 31ms
30ms Image
image/png 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/dist/assets/images/splash.png

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

9e447a2de2afc2e0b8da2f06a7724da621c0e86b613630872eaa30d0a5117ab5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 36251
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:46:04 GMT
server
etag: "1dacba3deddb39b"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 logo-black-alt.png
www.susa.nl/dist/assets/images/ 37 KB
37 KB 32ms
32ms Image
image/png 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/dist/assets/images/logo-black-alt.png

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

9bbac8b716116c474505e466e2c006c431adb537afcc49b8e4b17132043e5427

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 38003
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:46:01 GMT
server
etag: "1dacba3dd13eef3"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 263 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db9f6bff4202eea06c35c3e08d2ff39c910018ec70dbce52ade8655cb7670e1a

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.susa.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 441 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: befc9a1198e792a5e35fcef4b9262f64434817061a4297e6efd9bbe363eef6e4

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.susa.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 NeueHelvetica55Roman_normal_normal.woff2
www.susa.nl/dist/assets/fonts/000706c6-9e53-42f4-9560-25dbb6b88ae3/NeueHelvetica/ 25 KB
25 KB 41ms
39ms Font
font/woff2 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/fonts/000706c6-9e53-42f4-9560-25dbb6b88ae3/NeueHelvetica/NeueHelvetica55Roman_normal_normal.woff2

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

d72c48a362a9d2c17ea6e97fb24db1911a46ffdf4f0b88a868656ab68dc76e90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC
Origin: https://www.susa.nl
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 25228
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:59 GMT
server
etag: "1dacba3dbe22f0c"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 NeueHelvetica75Bold_normal_normal.woff2
www.susa.nl/dist/assets/fonts/000706c6-9e53-42f4-9560-25dbb6b88ae3/NeueHelvetica/ 25 KB
25 KB 41ms
39ms Font
font/woff2 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/fonts/000706c6-9e53-42f4-9560-25dbb6b88ae3/NeueHelvetica/NeueHelvetica75Bold_normal_normal.woff2

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

629dd79fc585c6c12d009045eea5670ec0e7a0f1e6710eada70302315dad4513

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC
Origin: https://www.susa.nl
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 25520
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:59 GMT
server
etag: "1dacba3dbe22e30"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 abn-amro-nieuw.png
www.susa.nl/media/4kin5rcc/ 4 KB
5 KB 37ms
33ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/4kin5rcc/abn-amro-nieuw.png?rmode=min&width=300&v=1d963d2401d14f0&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

314522febdcc86cd5bb3be7430a7476900b4dc0b51f558008726165c1f85c9c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 4530
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:43:54 GMT
server
etag: "1dac92eecd648b2"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 zilveren-kruis-logo.png
www.susa.nl/media/3ofhb1ry/ 6 KB
6 KB 41ms
37ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/3ofhb1ry/zilveren-kruis-logo.png?rmode=min&width=300&v=1d9f06042c7fe70&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

6574da86b883959b5ab3e2c27d1743e512cd34306b2065021890ea73579f6bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 5936
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:44:16 GMT
server
etag: "1dac92ef9f35f30"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 rabobank-300x300.png
www.susa.nl/media/3a1jer2x/ 32 KB
32 KB 38ms
35ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/3a1jer2x/rabobank-300x300.png?rmode=min&width=300&v=1d96612232b6030&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

06df65519ef7e316fe45594da056de39fcbfbf29753e6585843a3e104f51fe27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 32706
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:43:55 GMT
server
etag: "1dac92eed6e9042"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 nn-nieuw.png
www.susa.nl/media/1vdcidxj/ 9 KB
9 KB 38ms
34ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/1vdcidxj/nn-nieuw.png?rmode=min&width=300&v=1d966125d812710&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

8a4635e71a3d01fd8c4b230b71b5cd90c83693449163589b4c4d884c39ae7afc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 8920
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:43:54 GMT
server
etag: "1dac92eecd67bd8"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 mediahuis-kleur.png
www.susa.nl/media/2pppvku0/ 5 KB
5 KB 42ms
38ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/2pppvku0/mediahuis-kleur.png?rmode=min&width=300&v=1d966125d7a2230&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

95321d92d1c10a3e5a0a33ac98bd90ef9c18d351f2ff01398a2da43563566166

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 5042
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:44:16 GMT
server
etag: "1dac92ef9f35bb2"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 basic-fit.png
www.susa.nl/media/mxblhg2k/ 10 KB
10 KB 45ms
42ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/mxblhg2k/basic-fit.png?rmode=min&width=300&v=1d963d240a44650&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

95b93ab052c40f24b03425c1d1be297b4b6c7cb6f4eb951890700a7b04814a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 10020
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:44:16 GMT
server
etag: "1dac92ef9f36f24"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 cyg_logo-nieuw.png
www.susa.nl/media/obqeneqw/ 7 KB
7 KB 46ms
43ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/obqeneqw/cyg_logo-nieuw.png?rmode=min&width=300&v=1da066b7629d010&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

16f9062afddd9b6c48c0cef0bb48668840318e9698a1f260f46ac7007ec64e88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 7288
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:44:16 GMT
server
etag: "1dac92ef9f35478"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 essent-logo-p-rgb.png
www.susa.nl/media/wz0dm053/ 26 KB
28 KB 45ms
42ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/wz0dm053/essent-logo-p-rgb.png?rmode=min&width=300&v=1d966125d622d60&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

59e3601d6c6db48d34e46b7f97969094339be379d17a4f550fb0440f8347d4e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 26768
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:44:16 GMT
server
etag: "1dac92ef9f32090"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 sunweb-vierkant.png
www.susa.nl/media/iytfxuoc/ 2 KB
2 KB 48ms
45ms Image
image/webp 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/media/iytfxuoc/sunweb-vierkant.png?rmode=min&width=300&v=1d6515ed74c8420&quality=80&format=webp

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

cbf5f3a137305070810c59cd4d38cc1caac0abf628609bd14a129dc7bbb0888b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 1734
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 28 Jun 2024 07:43:54 GMT
server
etag: "1dac92eecd65fc6"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=604800, immutable
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 295 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc7c3212d74e0e1f14fb43fd3190b3857d5d61f69c59984af1050c0948fff30b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.susa.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 lines.svg
www.susa.nl/dist/assets/images/ 509 B
630 B 32ms
32ms Image
image/svg+xml 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.susa.nl/dist/assets/images/lines.svg

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

4a08ce528f14b60440a22b540538490fa27baf713a7ea5339b26c796568138bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/dist/assets/stylesheets/style.css?3157AE271713C80018CE62B069057CAC
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
content-length: 509
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:46:00 GMT
server
etag: "1dacba3dc7ae5fd"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame B62D 0
0 371ms
21ms Document
text/html 23.45.111.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.111.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-111-185.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.susa.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=30682741
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 Jul 2024 20:36:39 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sat, 21 Jun 2025 23:35:40 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1719866199480_390277150_165087915_34_1056_19_23_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 884f3ce1b3a6f0ce8e579e1f26cce8c745c2b22b2f6fc870b4933dd24496648a

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://www.susa.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
103 KB 65ms
64ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D21GRV865Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFMFX4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8482c48aae681f19da8e8a02b00b2fd4eb0a404dffda73449c78fb3b4bae048c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 20:36:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jul 2024 20:36:39 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 67ms
66ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1042488374&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFMFX4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bdb7a55e2c7fb5b56862044d56861b149b5ed8fe953e42b4e8897b8639f6bd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 20:36:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83679
x-xss-protection: 0
last-modified: Mon, 01 Jul 2024 19:42:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Jul 2024 20:36:39 GMT

GET
H2 200 analytics.js Show response
analytics.onrecruit.net/static/scripts/v3/ 10 KB
4 KB 198ms
99ms Script
application/javascript 3.73.7.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.onrecruit.net/static/scripts/v3/analytics.js?v=0.7469876706319154
Requested by: Host: www.susa.nl
URL: https://www.susa.nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.7.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-7-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ffd545af9f2901ff1181b722b749d505aba42a07ca70f145d8905f87a763daa3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 20:36:39 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2024 18:54:22 GMT
etag: W/"22dc2712e37cb047732d412f9fc4030b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript

GET
H2 204 /
analytics.onrecruit.net/api/v2/visitor-information/ping/ 0
224 B 25ms
24ms Image
text/plain 3.73.7.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.onrecruit.net/api/v2/visitor-information/ping/?x=eyJ0cmFja2luZ191dWlkIjoiMDEyOWNkN2YtOGJhMC00ZjQ0LWE0YWEtOTE0ZWI0OWU3ZjczIiwiY3VzdG9tZXJfaWQiOiIyNTQiLCJzZXNzaW9uIjp7ImlkIjoiZWZlZDUzNTgtY2VkMi00OTZlLWE0NjYtNTg4NTc2M2U2N2Q0Iiwic2Vzc2lvbl9zdGFydCI6IjIwMjQtMDctMDFUMjA6MzY6MzkuODA5WiIsInV0bV9zb3VyY2UiOiIoZGlyZWN0KSIsInV0bV9tZWRpdW0iOiIobm90IHNldCkiLCJ1dG1fY2FtcGFpZ24iOiIobm90IHNldCkifSwib3ZlcnJpZGUiOnRydWV9
Requested by: Host: www.susa.nl
URL: https://www.susa.nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.7.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-7-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 01 Jul 2024 20:36:39 GMT
cache-control: no-cache
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST, GET, OPTIONS

GET
H2 204 /
analytics.onrecruit.net/api/v1/log-event/careersite/ 0
149 B 24ms
23ms Image
text/plain 3.73.7.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.onrecruit.net/api/v1/log-event/careersite/?uuid=0129cd7f-8ba0-4f44-a4aa-914eb49e7f73&customer_id=254&customer=Susa&referer=&location=https%3A%2F%2Fwww.susa.nl%2F&
Requested by: Host: www.susa.nl
URL: https://www.susa.nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.7.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-7-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 01 Jul 2024 20:36:39 GMT
cache-control: no-cache
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST, GET, OPTIONS

GET
H2 204 /
analytics.onrecruit.net/api/v1/log-page-view/ 0
149 B 24ms
24ms Image
text/plain 3.73.7.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.onrecruit.net/api/v1/log-page-view/?uuid=0129cd7f-8ba0-4f44-a4aa-914eb49e7f73&x=eyJjdXN0b21lcl9pZCI6IjI1NCIsImN1c3RvbWVyIjoiU3VzYSIsInJlZmVyZXIiOiIiLCJsb2NhdGlvbiI6Imh0dHBzOi8vd3d3LnN1c2EubmwvIiwicGFnZV90aXRsZSI6IlNVU0EgfCBGbGV4aWJlbGUgYmlqYmFuZW4gdm9vciBzdHVkZW50ZW4ifQ==
Requested by: Host: www.susa.nl
URL: https://www.susa.nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.7.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-7-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 01 Jul 2024 20:36:39 GMT
cache-control: no-cache
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST, GET, OPTIONS

GET
H2 200 Functions.js Show response
www.susa.nl/scripts/ 6 KB
0 0ms
0ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/scripts/Functions.js?942D40EF44E5004C92BD06F755DD7DE8

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

d8d6917987995c00c5880f5edaf121a279afa4bf80cbf4cd8481d2030c24059d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:25:41 GMT
server
etag: "1dacba105e65842"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 1.gif
imgsct.cookiebot.com/ 35 B
474 B 23ms
22ms Image
image/gif 23.45.111.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=a799ad10-cb5d-4408-ab22-362c77b88a45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.111.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-111-185.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 20:36:39 GMT
x-guploader-uploadid: ACJd0NprUzrDGAO7Fv1hZ579RBFfI8PxwNr2XKd-zgOPO4uZ8G68pKJYpk80RyPQ2XaD2OQ4Ek4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35
last-modified: Mon, 23 Oct 2023 11:39:32 GMT
server: UploadServer
etag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-generation: 1698061172769999
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=1800
x-goog-stored-content-length: 35
accept-ranges: bytes
content-type: image/gif

GET
H2 200 favicon-32x32.png
www.susa.nl/dist/assets/favicons/ 2 KB
2 KB 23ms
23ms Other
image/png 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/favicons/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

04e77cd159c089d0765a859d8b282278b00c4772ba52069ccaa0749b752cca9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:39 GMT
x-permitted-cross-domain-policies: none
content-length: 2425
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:59 GMT
server
etag: "1dacba3dbe244f9"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 polyfill.min.js Show response
www.susa.nl/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/ 4 KB
0 0ms
0ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/polyfill.min.js?v=13.1.2

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

e96f2b2cde976e741236c5358aafbc25b3527eeb73431521da778414fabdc2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 08 Apr 2024 13:55:14 GMT
server
etag: "1da89bc614ac226"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 aspnet-validation.min.js Show response
www.susa.nl/App_Plugins/UmbracoForms/Assets/aspnet-client-validation/dist/ 17 KB
0 0ms
0ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/App_Plugins/UmbracoForms/Assets/aspnet-client-validation/dist/aspnet-validation.min.js?v=13.1.2

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

4f99755eef5dd38df42fca6145b2d4ce1bc077461087dd3dea13cfd6602c080f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 08 Apr 2024 13:55:16 GMT
server
etag: "1da89bc627bb938"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 lazysizes.min.js Show response
www.susa.nl/dist/assets/plugins/ 14 KB
0 0ms
0ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/plugins/lazysizes.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

62f54e5af0f21ac30871f7b033aeaf364b956448136314c1b875b2882175e82c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:59 GMT
server
etag: "1dacba3dbe27bdf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 tiny-slider.js Show response
www.susa.nl/dist/assets/plugins/ 31 KB
0 0ms
0ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/plugins/tiny-slider.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

c95012ece1485315483ac970a2fb4cc203483f61281a2e523241380e8ea3e369

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 20:36:38 GMT
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:59 GMT
server
etag: "1dacba3dbe23645"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 script.js Show response
www.susa.nl/dist/assets/scripts/ 18 KB
6 KB 22ms
21ms Script
text/javascript 77.94.252.133
CLDIN-NL Your.Online

General

Check archive.org

Show headers Download Go to

Full URL

https://www.susa.nl/dist/assets/scripts/script.js?AC51D3BC05593FD67A93DC2565D122AF

Requested by

Host: www.susa.nl
URL: https://www.susa.nl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.94.252.133 , Netherlands, ASN48635 (CLDIN-NL Your.Online, NL),

Reverse DNS

Software

Resource Hash

e069f4d496e9b22ac7cfb981bc6706f35e7e4480acd4a828ed904ab8619d816f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com *.snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' *.susa.nl consentcdn.cookiebot.com *.google-analytics.com *.google.com *.google.nl *.googlesyndication.com *.doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com *.snapchat.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
x-permitted-cross-domain-policies: none
date: Mon, 01 Jul 2024 20:36:39 GMT
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:45:23 GMT
server
etag: "1dacba3c66d6b53"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://info.susa.nl
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 204 /
analytics.onrecruit.net/api/v1/log-event/careersite/ 0
149 B 24ms
24ms Image
text/plain 3.73.7.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.onrecruit.net/api/v1/log-event/careersite/?uuid=0129cd7f-8ba0-4f44-a4aa-914eb49e7f73&customer_id=254&customer=Susa&referer=&location=https%3A%2F%2Fwww.susa.nl%2F&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.7.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-7-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 01 Jul 2024 20:36:39 GMT
cache-control: no-cache
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST, GET, OPTIONS

GET
H2 204 /
analytics.onrecruit.net/api/v1/log-page-view/ 0
149 B 28ms
28ms Image
text/plain 3.73.7.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.onrecruit.net/api/v1/log-page-view/?uuid=0129cd7f-8ba0-4f44-a4aa-914eb49e7f73&x=eyJjdXN0b21lcl9pZCI6IjI1NCIsImN1c3RvbWVyIjoiU3VzYSIsInJlZmVyZXIiOiIiLCJsb2NhdGlvbiI6Imh0dHBzOi8vd3d3LnN1c2EubmwvIiwicGFnZV90aXRsZSI6IlNVU0EgfCBGbGV4aWJlbGUgYmlqYmFuZW4gdm9vciBzdHVkZW50ZW4ifQ==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.7.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-7-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 01 Jul 2024 20:36:40 GMT
cache-control: no-cache
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST, GET, OPTIONS

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 94ms
54ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&tag_exp=0&rnd=827474080.1719866200&url=https%3A%2F%2Fwww.susa.nl%2F&dma_cps=-&dma=1&npa=1&gtm=45He46q0n71MFMFX4v71851714za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFMFX4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 20:36:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 357ms
19ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D21GRV865Z&gtm=45je46q0v881749978z871851714za200zb71851714&_p=1719866199006&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&gtm_up=1&cid=108521466.1719866200&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1719866199&sct=1&seg=0&dl=https%3A%2F%2Fwww.susa.nl%2F&dt=SUSA%20%7C%20Flexibele%20bijbanen%20voor%20studenten&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymizeIP=true&tfd=2957&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D21GRV865Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.susa.nl/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 20:36:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.susa.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.susa.nl/	1969-12-31 23:59:59	Name: UMB_SESSION Value: CfDJ8KbYKZCsDu9Gq9aHFysazmqXBwPBmWDh1XecxSVdZsB5VLMbmPWwIQjKA34NLlOaVpkdXGRNPc43ZZ3NrgusLG5pFXQPdEtgeA0roKS6h3wEKHXeCFDpQCxPMTg4IdxYAMj3W6At9NuP7SjTo0SQNDp9WjKtmERrDpCrie3W6qz2
.fonts.net/	1970-01-20 21:44:27	Name: __cf_bm Value: cbkrBmybcV7.zcH6qwPVMCPnmmBGmzHk6Mn00v06ZiM-1719866198-1.0.1.1-u.N.AhJy5pLbP0HUq0H.r0nBSP12KWm.Kgo8wwIpYsYHXPmGUXxzVXNyk.H.HyUZLmrYe7cyLNp28wY5zcVsXw
.susa.nl/	1970-01-21 06:30:02	Name: __orqid Value: 0129cd7f-8ba0-4f44-a4aa-914eb49e7f73
.susa.nl/	1970-01-20 21:44:27	Name: __orqsession Value: eyJpZCI6ImVmZWQ1MzU4LWPEiTItNDk2ZS1hNDY2LcSNODU3NjNlNjdkNCIsInV0bV9zb3VyxJDEhCIoZGlyZWN0KcSpxKvErV9txIlpdW3EtShub3Qgc2XEvcS%2FxKzErmNhbXBhaWduxYjFisWMxY7FkMSqxY5zc2lvbsSvdGFydMS1MjAyNC0wN8WyMVTFrjozNsW5OS44MDlaIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; font-src * https://fonts.gstatic.com; img-src * data: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com variations-cdn.figpii.com data:; script-src 'unsafe-inline' 'unsafe-eval' * https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com; style-src 'unsafe-inline' * https://optimize.google.com https://fonts.googleapis.com variations-cdn.figpii.com; frame-ancestors 'self' mijn.susa.nl https://localhost:8080 http://localhost:8080 capacitor://localhost http://localhost; frame-src consentcdn.cookiebot.com info.susa.nl www.google.com www.youtube.com www.youtube-nocookie.com .snapchat.com vars.hotjar.com www.facebook.com https://optimize.google.com susaflexibelstudentenwerk.outgrow.us www.susa.nl makeitcount.susa.nl https://td.doubleclick.net; connect-src 'self' .susa.nl consentcdn.cookiebot.com .google-analytics.com .google.com .google.nl .googlesyndication.com .doubleclick.net cdn.linkedin.oribi.io https://px.ads.linkedin.com .snapchat.com .hotjar.com .hotjar.io wss://.hotjar.com .umbraco.com tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com wss://tdw.figpii.com visitor.figpii.com sessions.bugsnag.com https://.algolia.net https://.algolianet.com https://*.algolia.io https://analytics.tiktok.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.onrecruit.net
cdn.fonts.net
codiad.susa.nl
consent.cookiebot.com
consentcdn.cookiebot.com
imgsct.cookiebot.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.googletagmanager.com
www.susa.nl
104.16.40.28
142.250.186.136
172.217.16.130
216.239.32.36
23.36.162.220
23.45.111.185
3.73.7.152
31.3.109.169
77.94.252.133
04e77cd159c089d0765a859d8b282278b00c4772ba52069ccaa0749b752cca9a
06df65519ef7e316fe45594da056de39fcbfbf29753e6585843a3e104f51fe27
16f9062afddd9b6c48c0cef0bb48668840318e9698a1f260f46ac7007ec64e88
1da060e423d28b8cf622744169c233d9a959bd979df84870b5cbd70f0f23aa54
20f87311089a44ce89d00ea31b17d37ac787111ef73bb36333ca76415dbc1856
2cdbba7f232c354eca6b68df52e152ea9fb65bf8b2ba42479b930aac74cdcbc8
314522febdcc86cd5bb3be7430a7476900b4dc0b51f558008726165c1f85c9c1
4a08ce528f14b60440a22b540538490fa27baf713a7ea5339b26c796568138bf
4f99755eef5dd38df42fca6145b2d4ce1bc077461087dd3dea13cfd6602c080f
59e3601d6c6db48d34e46b7f97969094339be379d17a4f550fb0440f8347d4e4
629dd79fc585c6c12d009045eea5670ec0e7a0f1e6710eada70302315dad4513
62f54e5af0f21ac30871f7b033aeaf364b956448136314c1b875b2882175e82c
6484794649790e8828bd1345a8459e238dd3a6ce0078d92fd6ffce504f5be9e3
6574da86b883959b5ab3e2c27d1743e512cd34306b2065021890ea73579f6bb3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7f4e4008318393e5284991177d3af5fcb8d4122fa9a0be2aa0d0cb8f5eb90969
8482c48aae681f19da8e8a02b00b2fd4eb0a404dffda73449c78fb3b4bae048c
884f3ce1b3a6f0ce8e579e1f26cce8c745c2b22b2f6fc870b4933dd24496648a
8a4635e71a3d01fd8c4b230b71b5cd90c83693449163589b4c4d884c39ae7afc
95321d92d1c10a3e5a0a33ac98bd90ef9c18d351f2ff01398a2da43563566166
95b93ab052c40f24b03425c1d1be297b4b6c7cb6f4eb951890700a7b04814a0f
9bbac8b716116c474505e466e2c006c431adb537afcc49b8e4b17132043e5427
9c1e275f9a95a12c4cd570cfd820ab359babaa3a073d3bd1b69da4f7ed026b0c
9d92f410e3312da57cd8822a88c73131fb5f9c02301cd1be1ca77b06eae0587e
9e447a2de2afc2e0b8da2f06a7724da621c0e86b613630872eaa30d0a5117ab5
9e693d2ee1d53a8ee7c72c0496783eb8335d020c76efdcf060b815bf1409ad62
9e9b3caae321f67bfddef9b13e7684169f3ababe1ed364c312b9f7139b22ffdd
b0321deb31266670b34269735ab683b721fedf53ce79d5518845d2c6fea13bc4
bdb7a55e2c7fb5b56862044d56861b149b5ed8fe953e42b4e8897b8639f6bd7c
befc9a1198e792a5e35fcef4b9262f64434817061a4297e6efd9bbe363eef6e4
c95012ece1485315483ac970a2fb4cc203483f61281a2e523241380e8ea3e369
cbf5f3a137305070810c59cd4d38cc1caac0abf628609bd14a129dc7bbb0888b
d72c48a362a9d2c17ea6e97fb24db1911a46ffdf4f0b88a868656ab68dc76e90
d8d6917987995c00c5880f5edaf121a279afa4bf80cbf4cd8481d2030c24059d
d9a4a1d0fb7d40f456156b1dcd27d0a8da7768284c99bdbba9a0a9336a9d0664
db9f6bff4202eea06c35c3e08d2ff39c910018ec70dbce52ade8655cb7670e1a
dc7c3212d74e0e1f14fb43fd3190b3857d5d61f69c59984af1050c0948fff30b
de392d7621922e735698f870bf603b17394fe0668f8d39e46534fb934b7a0f52
e069f4d496e9b22ac7cfb981bc6706f35e7e4480acd4a828ed904ab8619d816f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96f2b2cde976e741236c5358aafbc25b3527eeb73431521da778414fabdc2d4
ea833e2735a61a60b815b434da037b82495d0e3c5436340ae79247af6d25488b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffd545af9f2901ff1181b722b749d505aba42a07ca70f145d8905f87a763daa3

www.susa.nl Open in urlscan Pro 77.94.252.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

0 %IPv6

7 Domains

10 Subdomains

9 IPs

4 Countries

933 kBTransfer

2231 kBSize

4 Cookies

13 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.susa.nl Open in urlscan Pro
77.94.252.133 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

933 kB
Transfer

2231 kB
Size

4
Cookies

51 HTTP transactions
5 data transactions