Submitted URL: http://ww1.shop.pcapitalone.com/
Effective URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_c...
Submission: On November 08 via api from US — Scanned from DE

Summary

This website contacted 33 IPs in 5 countries across 31 domains to perform 81 HTTP transactions. The main IP is 52.222.214.42, located in United States and belongs to AMAZON-02, US. The main domain is www.kleertjes.com.
TLS certificate: Issued by Amazon on March 5th 2021. Valid for: a year.
This is the only time www.kleertjes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 70.32.1.32 32181 (ASN-GIGENET)
1 5 103.224.182.206 133618 (TRELLIAN-...)
1 1 49.12.0.235 24940 (HETZNER-AS)
1 1 78.46.197.88 24940 (HETZNER-AS)
2 157.90.169.168 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 104.111.239.217 16625 (AKAMAI-AS)
4 52.222.214.42 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
25 18.66.139.108 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.217 54113 (FASTLY)
1 18.159.120.134 16509 (AMAZON-02)
2 142.250.186.136 15169 (GOOGLE)
1 18.66.97.53 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 18.66.139.58 16509 (AMAZON-02)
1 3 185.184.8.65 204995 (RTB-HOUSE...)
1 142.250.186.162 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42:1f::84 54113 (FASTLY)
1 18.66.112.111 16509 (AMAZON-02)
1 18.66.139.28 16509 (AMAZON-02)
2 52.49.199.119 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2 216.58.212.130 15169 (GOOGLE)
1 52.51.140.204 16509 (AMAZON-02)
2 99.81.212.192 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
3 151.101.192.84 54113 (FASTLY)
1 52.209.224.12 16509 (AMAZON-02)
1 142.250.184.195 15169 (GOOGLE)
2 52.17.239.185 16509 (AMAZON-02)
1 2a00:1450:400... ()
81 33
Apex Domain
Subdomains
Transfer
25 pkleeklrsrci.net
static.pkleeklrsrci.net
813 KB
6 mopinion.com
deploy.mopinion.com
collect.mopinion.com
cacheorcheck.mopinion.com
fonts.mopinion.com
102 KB
5 kleertjes.com
www.kleertjes.com
r.kleertjes.com
30 KB
5 1redirb.com
1redirb.com
8 KB
4 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
63 KB
3 pinterest.com
ct.pinterest.com
1 KB
3 doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
1 KB
3 creativecdn.com
creativecdn.com
cm.creativecdn.com
2 KB
3 cloudfront.net
d81mfvml8p5ml.cloudfront.net
dn1i8v75r669j.cloudfront.net
dkpklk99llpj0.cloudfront.net
23 KB
3 zenaps.com
www.zenaps.com
2 KB
2 facebook.com
www.facebook.com
331 B
2 sciencebehindecommerce.com
the.sciencebehindecommerce.com
5 KB
2 pinimg.com
s.pinimg.com
20 KB
2 fontawesome.com
use.fontawesome.com
54 KB
2 facebook.net
connect.facebook.net
113 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 googletagmanager.com
www.googletagmanager.com
147 KB
2 lookandfind.me
lookandfind.me
975 B
1 gstatic.com
www.gstatic.com
136 KB
1 freshrelevance.com
am.freshrelevance.com
97 B
1 googleadservices.com
www.googleadservices.com
15 KB
1 dwin1.com
www.dwin1.com
10 KB
1 speedcurve.com
cdn.speedcurve.com
6 KB
1 google.com
www.google.com
968 B
1 googleoptimize.com
www.googleoptimize.com
42 KB
1 awin1.com
www.awin1.com
1 KB
1 utkv6nyu.de
utkv6nyu.de
832 B
1 clever-redirect.com
clever-redirect.com
232 B
1 rtpnt.xyz
rtpnt.xyz
189 B
1 pcapitalone.com
ww1.shop.pcapitalone.com
1 KB
0 google.de Failed
www.google.de Failed
81 31
Domain Requested by
25 static.pkleeklrsrci.net www.kleertjes.com
static.pkleeklrsrci.net
5 1redirb.com 1 redirects 1redirb.com
4 www.kleertjes.com lookandfind.me
static.pkleeklrsrci.net
3 ct.pinterest.com s.pinimg.com
www.kleertjes.com
3 www.zenaps.com 1 redirects www.dwin1.com
www.zenaps.com
2 cacheorcheck.mopinion.com collect.mopinion.com
2 cm.g.doubleclick.net 2 redirects
2 www.facebook.com www.kleertjes.com
2 the.sciencebehindecommerce.com www.dwin1.com
the.sciencebehindecommerce.com
2 s.pinimg.com 1redirb.com
s.pinimg.com
2 use.fontawesome.com static.pkleeklrsrci.net
use.fontawesome.com
2 connect.facebook.net 1redirb.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.kleertjes.com
2 creativecdn.com 1 redirects 1redirb.com
2 deploy.mopinion.com 1redirb.com
deploy.mopinion.com
2 www.googletagmanager.com www.kleertjes.com
www.googletagmanager.com
2 lookandfind.me 1redirb.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.mopinion.com collect.mopinion.com
1 www.gstatic.com www.google.com
1 am.freshrelevance.com dkpklk99llpj0.cloudfront.net
1 dkpklk99llpj0.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 collect.mopinion.com deploy.mopinion.com
1 in.hotjar.com script.hotjar.com
1 cm.creativecdn.com creativecdn.com
1 dn1i8v75r669j.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.googleadservices.com www.googletagmanager.com
1 d81mfvml8p5ml.cloudfront.net www.googletagmanager.com
1 www.dwin1.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 r.kleertjes.com www.kleertjes.com
1 cdn.speedcurve.com www.kleertjes.com
1 www.google.com www.kleertjes.com
1 www.googleoptimize.com www.kleertjes.com
1 www.awin1.com 1 redirects
1 utkv6nyu.de 1 redirects
1 clever-redirect.com 1 redirects
1 rtpnt.xyz 1 redirects
1 ww1.shop.pcapitalone.com 1 redirects
0 www.google.de Failed www.kleertjes.com
81 42
Subject Issuer Validity Valid
lookandfind.me
R3
2021-11-03 -
2022-02-01
3 months crt.sh
kleertjes.com
Amazon
2021-03-05 -
2022-04-03
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
www.google.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-10-12 -
2022-11-13
a year crt.sh
r.kleertjes.com
R3
2021-10-22 -
2022-01-20
3 months crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.dwin1.com
Amazon
2020-12-04 -
2022-01-02
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.mopinion.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-07-05 -
2022-07-31
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-30 -
2022-04-12
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-08-17 -
2021-11-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-27 -
2022-08-05
a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA
2021-06-11 -
2022-06-16
a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2
2021-07-19 -
2022-08-20
a year crt.sh
*.freshrelevance.com
Amazon
2021-06-16 -
2022-07-15
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Frame ID: C6DC3C359A1EB1A08F7CD7BA09E8DB95
Requests: 78 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_hD11GeZMX5KVsq8ndRYH&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1636333911550&tc=1
Frame ID: C85A71A97E48F6CB1D57EF606C149C24
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 20BCD31CCAF7D9990102776BA5205C57
Requests: 1 HTTP requests in this frame

Frame: https://www.zenaps.com/alt.php?mid=12476&sv=12476_1636333910_6de28618d6848bbd1c901fd8d4222216
Frame ID: FBDCD35CC04F80E3D6DA24AD9D6E3C59
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B26C896788BADB17DA7B0EFF83BC1AE0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Kinderkleding, babykleding en schoenen - kleertjes.com

Page URL History Show full URLs

  1. http://ww1.shop.pcapitalone.com/ HTTP 302
    http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLg... Page URL
  2. http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1634182453%26sid%3... HTTP 302
    https://rtpnt.xyz/v6/r?s=r7d&s3=1634182453&sid=20211108121145848657965120e071eb HTTP 302
    https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1634182453 HTTP 302
    https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3... Page URL
  3. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
  4. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=a3065479e5c1492a62f7bdf68... HTTP 302
    https://www.awin1.com/cread.php?awinmid=12476&awinaffid=101248&clickref=at107999_a116809_m12_p1347... HTTP 302
    https://www.zenaps.com/rclick.php?mid=12476&c_len=1296000&c_ts=1636333910&c_cnt=101248%7C0%7C0%7C16... HTTP 302
    https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_me... Page URL

Page Statistics

81
Requests

90 %
HTTPS

32 %
IPv6

31
Domains

42
Subdomains

33
IPs

5
Countries

1611 kB
Transfer

3972 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ww1.shop.pcapitalone.com/ HTTP 302
    http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D Page URL
  2. http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1634182453%26sid%3D20211108121145848657965120e071eb&s=j&enc=K0ZKVXlMR0Y2VUJoaGk1c0s0L0xTWDQ5Zm10cFpHOUtRMGR5WmtWaFFsbEZkbk5IYVZWNFkwcDJkMFZsYTNOMmRraFlNMnhMVXl0c0syYzBTbGhxYVV0dU9FZEtkSEZXYjNSTWRHdEZhQzloV2xaUVl5OXhZMlpCWW5wVWJXcHNhbEJrZUVkVmJYSldhMnBzTkhrMGFrazBNamRhT1c5NVdESTNSelZwWWtodFpFRndXREJqVGl0SGVXMWhTamN6UmpsRVYweExkWHBIVjNWUWRGTmliVkJTV0VObldtYzRhbXN6WXk5WlJFRXpVV3RCU3paUFZEUmFUVlZvTldoRlEycHRkRUZWVTFKdWJYWkhRM0pRU0c1aGRIUk5RVWgyZUdSUGVuRklSVU0zU0dwb2QxRlBRVEJGV0VSRmVtRndTVkJUZG5OSGNXZE9kSHA1UW5SVmVrdHNORk5tYTJ0WE5rTkRabmx1YVRnemNEZFBkVUpsVFdnNVpUZGxlbTlUU2k5VEsyVlpWWEJEWVVreE0ySjJkWGx2Y0ZZeGIyUnlWM1J0Yms5dVIzaEZkMHhUZFhjeFJWSjNWMmhFV2tOTVZVOVpTM1pTY201bWNGSnBVa3h5TVU1TFUxbG9hMFpSTTB4VVdtNTBhM2x6UVUweWFWUmhZVlZ0U1ZvMlFtaGxMekE1YmpWTWQzWXdkVXBhVlUxRWJWcFZUR2xPVEVsb1pVWm5kM05WV0ZKM1VqaG9TMms1ZGt4SlMzVmlWR0pGTm5sTlNHMXRkbmx6WmpaQmVsSlNVM1ZaYUU5Wk5HUmhPSFE0ZUZkcVoyWmpObEo0Tkd4eldFcFVXWGRVVDBSaWJFZElTR2RsUVVsUlJ6UnFlQ3R0ZUhSR0wydFRUVkowY1VaWFRFcGxjVGh6UnpJNGRUUjNabkZqVDJvclpuZzFZazlZY0dGS2JHWXhTSGd2Vm10aGQweHBVM1JQVXpsQ1ZtSlpNbkZPVVRCelRXbzBRMkZrT1VkaU1DOW9XSEYwVEZwTEsyZG5lRFptTWt3MFpDdFdibk40ZHpoUk1WSlFjelpDTVVkU04xSnVUbGRPU0hNM1JVRTVTbXRMT1Zwd1JYTXhNaTlTZVhWdWRtbEdNVXc1TUhVelJXMU1VbkpaYUV4U1YxQXZaMUpoYWpselVIQXdieko1WTBJM04zWktNa0ZJVm5aUmJrTlNja2xQU2pkc1FYYzFUQ3RKTmtKR1VucEROazkwTVU1R1UzSTBjWFZZYzJWQ2RFcEpOa3hVU1dKdk1TdEZNRTlxYm5WR05FdDVjMGhLUlN0U1NHRkVhRkpQWWxCNFJsRnFjUzhyVkd0eFprY3hla2ROYm5KNk5USnlPRW80ZG5WSlYySlFabk5SVkVScE5VRm9PRXBwYkZwb1N6ZG5UVk41VWlzeWFYQnNNQ3Q1U1daclVGbzVTVmhRYVVGVFNIVTVRV2t4U20xRlZIVTNWVEpVWW0xNFZsaEpkRzFPZVVOb2Npcz0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
    https://rtpnt.xyz/v6/r?s=r7d&s3=1634182453&sid=20211108121145848657965120e071eb HTTP 302
    https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1634182453 HTTP 302
    https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1634182453&s5=2 Page URL
  3. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Da3065479e5c1492a62f7bdf68ed41872%26url%3Dhttps%253A%252F%252Fwww.kleertjes.com%252F&h=fc56d3fc4f72881ce866563bb4f057c9 Page URL
  4. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=a3065479e5c1492a62f7bdf68ed41872&url=https%3A%2F%2Fwww.kleertjes.com%2F HTTP 302
    https://www.awin1.com/cread.php?awinmid=12476&awinaffid=101248&clickref=at107999_a116809_m12_p134708_cDE_sa3065479e5c1492a62f7bdf68ed41872 HTTP 302
    https://www.zenaps.com/rclick.php?mid=12476&c_len=1296000&c_ts=1636333910&c_cnt=101248%7C0%7C0%7C1636333910%7Cat107999_a116809_m12_p134708_cDE_sa3065479e5c1492a62f7bdf68ed41872%7Caw%7C0&ir=d9f988e0-4030-11ec-9278-2234ffce0f80&pr=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&bId=HLEX_61887956912766.13071668&cookie=1&c_d=zenaps.com HTTP 302
    https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ww1.shop.pcapitalone.com/ HTTP 302
  • http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
Request Chain 4
  • http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1634182453%26sid%3D20211108121145848657965120e071eb&s=j&enc=K0ZKVXlMR0Y2VUJoaGk1c0s0L0xTWDQ5Zm10cFpHOUtRMGR5WmtWaFFsbEZkbk5IYVZWNFkwcDJkMFZsYTNOMmRraFlNMnhMVXl0c0syYzBTbGhxYVV0dU9FZEtkSEZXYjNSTWRHdEZhQzloV2xaUVl5OXhZMlpCWW5wVWJXcHNhbEJrZUVkVmJYSldhMnBzTkhrMGFrazBNamRhT1c5NVdESTNSelZwWWtodFpFRndXREJqVGl0SGVXMWhTamN6UmpsRVYweExkWHBIVjNWUWRGTmliVkJTV0VObldtYzRhbXN6WXk5WlJFRXpVV3RCU3paUFZEUmFUVlZvTldoRlEycHRkRUZWVTFKdWJYWkhRM0pRU0c1aGRIUk5RVWgyZUdSUGVuRklSVU0zU0dwb2QxRlBRVEJGV0VSRmVtRndTVkJUZG5OSGNXZE9kSHA1UW5SVmVrdHNORk5tYTJ0WE5rTkRabmx1YVRnemNEZFBkVUpsVFdnNVpUZGxlbTlUU2k5VEsyVlpWWEJEWVVreE0ySjJkWGx2Y0ZZeGIyUnlWM1J0Yms5dVIzaEZkMHhUZFhjeFJWSjNWMmhFV2tOTVZVOVpTM1pTY201bWNGSnBVa3h5TVU1TFUxbG9hMFpSTTB4VVdtNTBhM2x6UVUweWFWUmhZVlZ0U1ZvMlFtaGxMekE1YmpWTWQzWXdkVXBhVlUxRWJWcFZUR2xPVEVsb1pVWm5kM05WV0ZKM1VqaG9TMms1ZGt4SlMzVmlWR0pGTm5sTlNHMXRkbmx6WmpaQmVsSlNVM1ZaYUU5Wk5HUmhPSFE0ZUZkcVoyWmpObEo0Tkd4eldFcFVXWGRVVDBSaWJFZElTR2RsUVVsUlJ6UnFlQ3R0ZUhSR0wydFRUVkowY1VaWFRFcGxjVGh6UnpJNGRUUjNabkZqVDJvclpuZzFZazlZY0dGS2JHWXhTSGd2Vm10aGQweHBVM1JQVXpsQ1ZtSlpNbkZPVVRCelRXbzBRMkZrT1VkaU1DOW9XSEYwVEZwTEsyZG5lRFptTWt3MFpDdFdibk40ZHpoUk1WSlFjelpDTVVkU04xSnVUbGRPU0hNM1JVRTVTbXRMT1Zwd1JYTXhNaTlTZVhWdWRtbEdNVXc1TUhVelJXMU1VbkpaYUV4U1YxQXZaMUpoYWpselVIQXdieko1WTBJM04zWktNa0ZJVm5aUmJrTlNja2xQU2pkc1FYYzFUQ3RKTmtKR1VucEROazkwTVU1R1UzSTBjWFZZYzJWQ2RFcEpOa3hVU1dKdk1TdEZNRTlxYm5WR05FdDVjMGhLUlN0U1NHRkVhRkpQWWxCNFJsRnFjUzhyVkd0eFprY3hla2ROYm5KNk5USnlPRW80ZG5WSlYySlFabk5SVkVScE5VRm9PRXBwYkZwb1N6ZG5UVk41VWlzeWFYQnNNQ3Q1U1daclVGbzVTVmhRYVVGVFNIVTVRV2t4U20xRlZIVTNWVEpVWW0xNFZsaEpkRzFPZVVOb2Npcz0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
  • https://rtpnt.xyz/v6/r?s=r7d&s3=1634182453&sid=20211108121145848657965120e071eb HTTP 302
  • https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1634182453 HTTP 302
  • https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1634182453&s5=2
Request Chain 47
  • https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_hD11GeZMX5KVsq8ndRYH&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1636333911550 HTTP 302
  • https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_hD11GeZMX5KVsq8ndRYH&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1636333911550&tc=1
Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=MHh1UDNjaFpKV1pIWlcwR3Nqenc%3D&pi=adx&tdc=ams&chain= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm=&google_sc=&google_ula=5153224&google_hm=MHh1UDNjaFpKV1pIWlcwR3Nqenc%3D&pi=adx&tdc=ams&chain=&google_tc= HTTP 302
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPMy3JyDS7Uu24vJDXwXNMA&google_cver=1&google_ula=5153224,0

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
r2.php
1redirb.com/
Redirect Chain
  • http://ww1.shop.pcapitalone.com/
  • http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2...
4 KB
3 KB
Document
General
Full URL
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
7b6276adbd95eb541d75084f24cfea1b4e295ffc1f1d458a30454fa3ecda0833

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 08 Nov 2021 01:11:47 GMT
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2261
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 08 Nov 2021 01:11:45 GMT
Server
Apache/2.4.25 (Debian)
Location
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
jscheck.js
1redirb.com/javascript/
899 B
718 B
Script
General
Full URL
http://1redirb.com/javascript/jscheck.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 01:11:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Sep 2021 05:45:18 GMT
Server
Apache/2.4.25 (Debian)
ETag
"383-5ccf39a1a3a9a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
405
swfobject.js
1redirb.com/javascript/
10 KB
4 KB
Script
General
Full URL
http://1redirb.com/javascript/swfobject.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 01:11:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Sep 2021 05:15:56 GMT
Server
Apache/2.4.25 (Debian)
ETag
"27ef-5ccf33116ad0b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3949
jscheck.php
1redirb.com/
0
166 B
XHR
General
Full URL
http://1redirb.com/jscheck.php?enc=K0ZKVXlMR0Y2VUJoaGk1c0s0L0xTWDQ5Zm10cFpHOUtRMGR5WmtWaFFsbEZkbk5IYVZWNFkwcDJkMFZsYTNOMmRraFlNMnhMVXl0c0syYzBTbGhxYVV0dU9FZEtkSEZXYjNSTWRHdEZhQzloV2xaUVl5OXhZMlpCWW5wVWJXcHNhbEJrZUVkVmJYSldhMnBzTkhrMGFrazBNamRhT1c5NVdESTNSelZwWWtodFpFRndXREJqVGl0SGVXMWhTamN6UmpsRVYweExkWHBIVjNWUWRGTmliVkJTV0VObldtYzRhbXN6WXk5WlJFRXpVV3RCU3paUFZEUmFUVlZvTldoRlEycHRkRUZWVTFKdWJYWkhRM0pRU0c1aGRIUk5RVWgyZUdSUGVuRklSVU0zU0dwb2QxRlBRVEJGV0VSRmVtRndTVkJUZG5OSGNXZE9kSHA1UW5SVmVrdHNORk5tYTJ0WE5rTkRabmx1YVRnemNEZFBkVUpsVFdnNVpUZGxlbTlUU2k5VEsyVlpWWEJEWVVreE0ySjJkWGx2Y0ZZeGIyUnlWM1J0Yms5dVIzaEZkMHhUZFhjeFJWSjNWMmhFV2tOTVZVOVpTM1pTY201bWNGSnBVa3h5TVU1TFUxbG9hMFpSTTB4VVdtNTBhM2x6UVUweWFWUmhZVlZ0U1ZvMlFtaGxMekE1YmpWTWQzWXdkVXBhVlUxRWJWcFZUR2xPVEVsb1pVWm5kM05WV0ZKM1VqaG9TMms1ZGt4SlMzVmlWR0pGTm5sTlNHMXRkbmx6WmpaQmVsSlNVM1ZaYUU5Wk5HUmhPSFE0ZUZkcVoyWmpObEo0Tkd4eldFcFVXWGRVVDBSaWJFZElTR2RsUVVsUlJ6UnFlQ3R0ZUhSR0wydFRUVkowY1VaWFRFcGxjVGh6UnpJNGRUUjNabkZqVDJvclpuZzFZazlZY0dGS2JHWXhTSGd2Vm10aGQweHBVM1JQVXpsQ1ZtSlpNbkZPVVRCelRXbzBRMkZrT1VkaU1DOW9XSEYwVEZwTEsyZG5lRFptTWt3MFpDdFdibk40ZHpoUk1WSlFjelpDTVVkU04xSnVUbGRPU0hNM1JVRTVTbXRMT1Zwd1JYTXhNaTlTZVhWdWRtbEdNVXc1TUhVelJXMU1VbkpaYUV4U1YxQXZaMUpoYWpselVIQXdieko1WTBJM04zWktNa0ZJVm5aUmJrTlNja2xQU2pkc1FYYzFUQ3RKTmtKR1VucEROazkwTVU1R1UzSTBjWFZZYzJWQ2RFcEpOa3hVU1dKdk1TdEZNRTlxYm5WR05FdDVjMGhLUlN0U1NHRkVhRkpQWWxCNFJsRnFjUzhyVkd0eFprY3hla2ROYm5KNk5USnlPRW80ZG5WSlYySlFabk5SVkVScE5VRm9PRXBwYkZwb1N6ZG5UVk41VWlzeWFYQnNNQ3Q1U1daclVGbzVTVmhRYVVGVFNIVTVRV2t4U20xRlZIVTNWVEpVWW0xNFZsaEpkRzFPZVVOb2Npcz0%3D&rand=0.8619775792686502
Requested by
Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 01:11:48 GMT
Server
Apache/2.4.25 (Debian)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
a
lookandfind.me/s/
Redirect Chain
  • http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1634182453%26sid%3D20211108121145848657965120e071eb&s=j&enc=K0ZKVXlMR0Y2VUJoaGk1c0s0L0xTWDQ5Zm10cFpHOUtRMGR5WmtWaFFsbEZk...
  • https://rtpnt.xyz/v6/r?s=r7d&s3=1634182453&sid=20211108121145848657965120e071eb
  • https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1634182453
  • https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1634182453&s5=2
431 B
598 B
Document
General
Full URL
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1634182453&s5=2
Requested by
Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash
03dafe40bb63eb769a454ea6492a4683cfcf9ca7890ff6f61f9086cd78925874

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
431
content-type
text/html; charset=UTF-8
date
Mon, 08 Nov 2021 01:11:49 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy
no-referrer
x-powered-by
PHP/7.4.24
location
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1634182453&s5=2
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 08 Nov 2021 01:11:49 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
r
lookandfind.me/s/
347 B
377 B
Document
General
Full URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Da3065479e5c1492a62f7bdf68ed41872%26url%3Dhttps%253A%252F%252Fwww.kleertjes.com%252F&h=fc56d3fc4f72881ce866563bb4f057c9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1634182453&s5=2

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
347
content-type
text/html; charset=UTF-8
date
Mon, 08 Nov 2021 01:11:49 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
Primary Request /
www.kleertjes.com/
Redirect Chain
  • https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=a3065479e5c1492a62f7bdf68ed41872&url=https%3A%2F%2Fwww.kleertjes.com%2F
  • https://www.awin1.com/cread.php?awinmid=12476&awinaffid=101248&clickref=at107999_a116809_m12_p134708_cDE_sa3065479e5c1492a62f7bdf68ed41872
  • https://www.zenaps.com/rclick.php?mid=12476&c_len=1296000&c_ts=1636333910&c_cnt=101248%7C0%7C0%7C1636333910%7Cat107999_a116809_m12_p134708_cDE_sa3065479e5c1492a62f7bdf68ed41872%7Caw%7C0&ir=d9f988e0...
  • https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
61 KB
15 KB
Document
General
Full URL
https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Requested by
Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Da3065479e5c1492a62f7bdf68ed41872%26url%3Dhttps%253A%252F%252Fwww.kleertjes.com%252F&h=fc56d3fc4f72881ce866563bb4f057c9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-42.fra56.r.cloudfront.net
Software
Apache/2.4.51 (Debian) /
Resource Hash
b8810c8090bd26cb484abd4f115a19552ec4142f4e29d63b774c977b17177ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Da3065479e5c1492a62f7bdf68ed41872%26url%3Dhttps%253A%252F%252Fwww.kleertjes.com%252F&h=fc56d3fc4f72881ce866563bb4f057c9

Response headers

content-type
text/html; charset=UTF-8
content-length
14955
date
Mon, 08 Nov 2021 01:11:50 GMT
server
Apache/2.4.51 (Debian)
expires
Wed, 28 Jan 1976 11:52:00 GMT
cache-control
no-cache no-store, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
pragma
no-cache
last-modified
Mon, 08 Nov 2021 01:11:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 e026b2802d48048e9935caadbecf124f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
C1sbBoljPelPrPb9SVGB7uMOZS4EDRaMZ9isnTurcTr9LhtU8UhIPw==

Redirect headers

Content-Length
0
Location
https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Allow
GET
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Mon, 08 Nov 2021 01:11:50 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
optimize.js
www.googleoptimize.com/
126 KB
42 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-W8SG3HX
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2583bae14eee6282c8a9286c5ac994b344a995a108c45dbe761baf5814a633d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42640
x-xss-protection
0
expires
Mon, 08 Nov 2021 01:11:50 GMT
cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
static.pkleeklrsrci.net/tl_files/cache/style/
419 KB
62 KB
Stylesheet
General
Full URL
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0b55e61708bcd211cc4af99df4ae844ad57f673cbd8b8e9de1ecfe0ff2cee99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 09:07:07 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 09:06:59 GMT
server
AmazonS3
age
2390684
etag
"12e503c0c502ac2e1b293e203ae0b61f"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
63106
x-amz-cf-id
F5QYtV6tYd_qvlxJZhe0Kh5CTT5FMJcjNw9t4HUGW6mEeVbRtHbCVg==
expires
Thu, 11 Oct 6018 18:49:47 GMT
5c169e810e293e9a279f31872f2321ad.js
static.pkleeklrsrci.net/tl_files/cache/scripts/
272 KB
90 KB
Script
General
Full URL
https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40fd6d7734b8421e48a48d833c96fff6c4703198cc85cb9b69684171d3a1cb6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 10:34:53 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 10:34:53 GMT
server
AmazonS3
age
1435018
etag
W/"5c169e810e293e9a279f31872f2321ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
4mLSb9qvf6NHvLn0W4Rc3vGAO7eeor1n2OPTdeTGjcgTy9A2qzilUw==
api.js
www.google.com/recaptcha/
850 B
968 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=nl
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b4bd391467986e3fe78943144f1ba192c46379306ae41afd0a58a2fcc51250e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Mon, 08 Nov 2021 01:11:51 GMT
lux.js
cdn.speedcurve.com/js/
17 KB
6 KB
Script
General
Full URL
https://cdn.speedcurve.com/js/lux.js?id=4173546566
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
21c48d40ecb6ef30229910310807163b38fd274753935098976b4533de217b55

Request headers

Referer
https://www.kleertjes.com/
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
via
1.1 vegur, 1.1 varnish
age
338
x-cache
HIT
x-cache-hits
1
content-encoding
gzip
content-length
6224
x-served-by
cache-hhn4058-HHN
last-modified
Mon, 08 Nov 2021 01:06:13 GMT
server
Apache
x-timer
S1636333911.069771,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Nov 2021 01:06:13 GMT
kleertjes-logo.svg
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/
7 KB
3 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/kleertjes-logo.svg
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
184ebb69fdafee46b23ce24f64530474a5de34ee61f2ead9258ef7f6fb439059

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 01:46:51 GMT
content-encoding
gzip
last-modified
Mon, 25 Jun 2018 12:17:10 GMT
server
AmazonS3
age
7428300
etag
W/"f5139cdbaeaadb8bc8c36236dea17972"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
cache-control
max-age=94608000, public
x-amz-meta-s3b-last-modified
20180625T121508Z
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
InX61iNB_u-0OoO7VYrCPks6gjm7VO0UxnbPI09146mLb-JFQQxqWQ==
expires
Wed, 10 Oct 2046 08:25:22 GMT
wk45-ma-singlesweek-grote-banner-1092x403.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week45/MA/
83 KB
84 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week45/MA/wk45-ma-singlesweek-grote-banner-1092x403.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d1845adf11c6e6a508420c121db9a34f6ededba52b618b08660a1bfe333e1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 00:01:18 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 14:57:25 GMT
server
AmazonS3
age
4233
etag
"d420db4633c1cacc3a4f35c56c3076ef"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
85168
x-amz-cf-id
cChz3tjNIjYwZGTpk9UbRpwAr0rWz8-Q-QM-oqeS8ptK2nY62Aam4Q==
wk43-di-categorie-ingang-sweaterss-143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/
10 KB
10 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/wk43-di-categorie-ingang-sweaterss-143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
839f7f43539d7c85d0b74bd2aa59cd25922bc38d84b33929c3ee6b900f0a0d6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:06:11 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 12:00:34 GMT
server
AmazonS3
age
1170340
etag
"94876d9fd25a9c726d3cfd9d784ca5dd"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
10143
x-amz-cf-id
taxItKAL4ZxaC5Y2ThvG03p0n8KXo1Gcmi4OveHzOek7d36diEVhfg==
wk43-di-categorie-ingang-broeken-143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/
7 KB
8 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/wk43-di-categorie-ingang-broeken-143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bdf435372972a250688fe0dd9c12300e63ba36465a6c104fe6b805deab76b9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:06:11 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 12:00:28 GMT
server
AmazonS3
age
1170340
etag
"353704610822a902cf54b048e53de488"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
7566
x-amz-cf-id
t59wtu-URfba8W45ezyPJjXdKhnNF5YY8kqh7xPh-G5_A63Y4knbNQ==
wk43-di-categorie-ingang-schoenen-143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/
6 KB
7 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/wk43-di-categorie-ingang-schoenen-143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13b6b76823f3aeda95b8a5afcb57096971a8e6a57204b32675ffea761d9da756

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:06:11 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 12:00:31 GMT
server
AmazonS3
age
1170340
etag
"cb4b9fdbb2a93d2e73a9f568807f2e13"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
6605
x-amz-cf-id
SNPLL0wfoWFFoDXYRapRnlgjqn4GVboBeyxJVSDwkEyRigYlRePvxA==
wk43-di-categorie-ingang-jassen-143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/
10 KB
11 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/wk43-di-categorie-ingang-jassen-143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
316939c7deb4517cb503120b53588f0daffae905178cf40109ba08368db188ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:06:11 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 12:00:28 GMT
server
AmazonS3
age
1170340
etag
"9ec524acca12945e108f1e6268ceaf00"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
10447
x-amz-cf-id
NwBOErkIVCeVcFDcQpznrcCVWmqxTeR5MIu4Fyxi1Qxcv5wSCufz2w==
wk43-di-categorie-ingang-speelgoed-143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/
6 KB
6 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week43/wk43-di-categorie-ingang-speelgoed-143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a028eca1f7ced16f39b56ae5b595d64f692aa4f07aa2175c32a26d1b7db0015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:06:11 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 12:00:34 GMT
server
AmazonS3
age
1170340
etag
"1693835cc7753a18d855f2e84d05daa5"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
6059
x-amz-cf-id
ikfowKuNv6ScOPx7uXV92-G78LT1zgK5kp8FH9YOSpWlBRmknhzTiA==
wk44-zo-schoenendeal-470.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week44/ZO/
57 KB
58 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week44/ZO/wk44-zo-schoenendeal-470.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3194c0b885119587edb7b6d0db66578dff3af5f8a0abed8c6b2f2243ee9920c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 00:08:34 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 14:55:21 GMT
server
AmazonS3
age
90197
etag
"b62e8bec8b83258f3b0c1b191f75bbcb"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
58763
x-amz-cf-id
6ZogL_xmnUk8tn8bhdRzstPb1EWgL3yN1l1A02Ri6YwGbscaCYueQg==
wk45-ma-single-baby-kleine-platte-banner.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week45/MA/
22 KB
22 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week45/MA/wk45-ma-single-baby-kleine-platte-banner.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91add3d87b978fc054347ce2edd7140ae863855fd3222037a67a5ca02f4e39af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 00:00:15 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 14:57:25 GMT
server
AmazonS3
age
4296
etag
"a2765f619cd53a778dde0c37ab7e45f5"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
22464
x-amz-cf-id
62aS6g1xVJ5xfa9Sr1bvK2z6Ar9jwDMsudaO0Cb9ZMjE6sGrsmP94g==
wk45-ma-470x470-seller-premium.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week45/MA/
101 KB
101 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week45/MA/wk45-ma-470x470-seller-premium.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbee3db6d27c60ab4ca2143a7f0c5da0abaccf674037d49440ffce9938614d65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 00:00:15 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 14:51:36 GMT
server
AmazonS3
age
4296
etag
"ef73b0f54fd52f4a79acfa849f0630b6"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
103397
x-amz-cf-id
lEBYc76-LNslWIjhTfAjD78PgzSNxZxR_DXbIJtLgU8Anu4qr8FhJg==
wk44-do-winactie-speelgoed-platte-banner.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week44/DO/
31 KB
31 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week44/DO/wk44-do-winactie-speelgoed-platte-banner.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97511adf492630e7f7a10da3be4ede35eb1a18f1e41a088cc427f5e1a5467789

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 15:49:41 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Wed, 03 Nov 2021 15:33:53 GMT
server
AmazonS3
age
379331
etag
"b17d337eb19e31fa6ae4128290742575"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
31511
x-amz-cf-id
9AXQxZLxQW2oDG-gH66t1UMjbhPO2uWw3gtmdkqMaa4Ged-L-O9F2A==
regulier.jpg
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week42/DO/
93 KB
94 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week42/DO/regulier.jpg
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
710c51c12d28a5dfe737ed96eab42d4052be3e20076eac9dfcfcaa2794494cd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:37:44 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Wed, 20 Oct 2021 13:25:17 GMT
server
AmazonS3
age
1596848
etag
"582fa177cb8dc2fbdef9bd556cadaebe"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
95595
x-amz-cf-id
RR6kcfi8vUZRtt0ZgcZFHrgLNBR4S_JWFu-FnjkScdBPGAp8gC4Sfg==
wk4-onlinemagazine.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week4/DI/
3 KB
3 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week4/DI/wk4-onlinemagazine.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64cda99e454271f765db186db573f8a41af2024d4e8ea559d45c16a9ecb553a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 05:30:02 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Thu, 26 Aug 2021 13:24:28 GMT
server
AmazonS3
age
6291710
etag
"38be1caf3810d86e2e64e60828c4ade7"
x-amz-meta-sha256
64cda99e454271f765db186db573f8a41af2024d4e8ea559d45c16a9ecb553a5
content-type
image/png
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2623
x-amz-cf-id
evnkjmnizPZX0SjiSrEEkLFSBCzR8KSejlXJudd-Lmljhdtf4EGznA==
x-amz-meta-s3b-last-modified
20210125T083655Z
kleine-platte-banner-pampers.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week28/MA/
16 KB
16 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week28/MA/kleine-platte-banner-pampers.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d291f894bfc4febf529d8019165b6dcf6622b18c4cd26fb9880ddd083a27195a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 06:30:01 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Thu, 26 Aug 2021 13:24:26 GMT
server
AmazonS3
age
5942511
etag
"275b7948e856f2e8c15aa07d2eaf6afd"
x-amz-meta-sha256
d291f894bfc4febf529d8019165b6dcf6622b18c4cd26fb9880ddd083a27195a
content-type
image/png
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
16248
x-amz-cf-id
VQHUbfJthIY0HkR46GL11_a55L_SXy303keljsqHLXVr73xPPMXS-w==
x-amz-meta-s3b-last-modified
20200630T101021Z
logo-magazine.png
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/
990 B
1 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/logo-magazine.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
176ad8d6d1385c134350eec79860d189e049ba482f485db6a7c548b81f9118d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 05:11:36 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Thu, 26 Aug 2021 13:26:10 GMT
server
AmazonS3
age
6206416
etag
"7da8065846fc2767e810e28354fe038a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-meta-s3b-last-modified
20181015T072846Z
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
990
x-amz-cf-id
S850951lS_zBwMijGcDYSd_V9QBJ6hHvSCXTht-U5S4hTKCRZZhCeg==
expires
Wed, 26 Sep 2046 04:58:10 GMT
AW21-Email-1090x190.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Footer-Banners/2021/AW21/
67 KB
68 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Footer-Banners/2021/AW21/AW21-Email-1090x190.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
024eebe32b057a32537813f1a74e10f95d564db95b3fa2c4b59c987f46e77b92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 07:13:47 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Fri, 03 Sep 2021 07:13:15 GMT
server
AmazonS3
age
5680685
etag
"e2778a17d723b262394aae6c93170b93"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
68799
x-amz-cf-id
HyDGajow6a9jSSse6QRwOA-0SvHJMmc445sOOfR2KnlEp95_FOP-lw==
Logo_Thuiswinkel_Waarborg_10jaar.png
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/
3 KB
3 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/Logo_Thuiswinkel_Waarborg_10jaar.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc1e359c31671b24c7eb0ae954bf7841321d27b514e659c536840326343efdb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 05:36:02 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
age
9228950
x-amz-meta-sha256
cc1e359c31671b24c7eb0ae954bf7841321d27b514e659c536840326343efdb8
x-cache
Hit from cloudfront
content-length
2973
last-modified
Thu, 24 Oct 2019 13:22:11 GMT
server
AmazonS3
etag
"63acb7f19baf41d6d007e141bdc8217e"
content-type
image/png
expires
Wed, 26 Sep 2046 04:58:10 GMT
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
lPxWJT4bz1SGGIn9iNVyJDr-vj_DcHexX8lq7gSaCNGT2Iq7YFfkyg==
x-amz-meta-s3b-last-modified
20191024T132116Z
202632b102f062d13805828b12c62571.js
static.pkleeklrsrci.net/tl_files/cache/scripts/
218 KB
58 KB
Script
General
Full URL
https://static.pkleeklrsrci.net/tl_files/cache/scripts/202632b102f062d13805828b12c62571.js
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08077323db510f7c73784640799b8721d530767fe4c2a5a9b6f26f356a839d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:16:54 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:04:23 GMT
server
AmazonS3
age
2202896
etag
W/"202632b102f062d13805828b12c62571"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
LHGVZjK73DWiPvbk_FNvc-X6FNvuiAZIEEYDDgRsOos4D0qE-QjDfg==
giin.js
r.kleertjes.com/
37 KB
12 KB
Script
General
Full URL
https://r.kleertjes.com/giin.js
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.120.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-120-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
033c727a0d1f3cb475db3f22e6cbef3547318fc52da87511e0c9d619e5139ea2
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 01:11:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Connection
keep-alive
Referrer-Policy
no-referrer
Last-Modified
Tue, 26 Oct 2021 21:32:41 GMT
Server
nginx
X-Frame-Options
DENY
ETag
W/"617873f9-94a6"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src 'self';
gtm.js
www.googletagmanager.com/
298 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e1f7e605fdd6ab75a908555fd5170e5125ca1529649ae875c5591b8bcc2158b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89320
x-xss-protection
0
expires
Mon, 08 Nov 2021 01:11:51 GMT
usp-check-2-min.png
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/
1 KB
1 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/usp-check-2-min.png
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
101965af73a97aabfec5a6e49db47fdf4de2dca44fc859d8d8b6444ea807f563

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 06:08:25 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Thu, 26 Aug 2021 13:26:10 GMT
server
AmazonS3
age
6289407
etag
"676067561793549540157957076e39e9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
1080
x-amz-cf-id
aby22vVGnwGXMTZc7ND7TGX0r55Dik8gS0LZpPAFJWegv9mOTpJhIg==
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81a5dafd9389dafc97ab80fa6a031db8babac927392b73a2d6ed764e8443838f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541eb42d376e446209a865b53cd04c23afd397691db40433c61898d670e89acf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
nettoot-bold-webfont.woff
static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/
30 KB
30 KB
Font
General
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/nettoot-bold-webfont.woff
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a1bf1cad38252b6e62edeb31cd5c9769577404b22a97cdb95b45997f11302a8

Request headers

Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:48:44 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
age
12925388
x-cache
Hit from cloudfront
content-length
30208
last-modified
Fri, 11 Jun 2021 09:39:05 GMT
server
AmazonS3
etag
"2d8622b4123ae6922dc22b6a6890e0d0"
vary
Origin
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
W4vUsId-NFWVZ_U_GzuH-hO8RB6YLJkEU4XeZ6IprcXjYXtLdVmPbg==
expires
Wed, 11 Jun 2031 09:39:04 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
745d74f097901d4047ce8959ac2fb429268d6c9a665cc9212e08dea7dc2577e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
sprite-winkelen-03.png
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/
8 KB
9 KB
Image
General
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/sprite-winkelen-03.png
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c00b5d026c6bdcdac2b31ecdfc77eb486dba6a92bb6282c99c6e36facb30745

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 06:05:46 GMT
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jan 2021 05:30:53 GMT
server
AmazonS3
age
24519966
etag
"7f78d75cbb2640eb926b85200fa6b307"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
8351
x-amz-cf-id
BsnFwOT8j71xG32UhZIfDFtatMLlxDuNmoJTUZbi0GVvwEJQKK4ztg==
expires
Tue, 28 Jan 2031 05:30:52 GMT
kleertjes.6.woff
static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/
10 KB
11 KB
Font
General
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/kleertjes.6.woff
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb42c637f5f49872c175d1b2d5686bd1b370fc8f1fc4510c2c5a2faed4b02857

Request headers

Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 23:36:56 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
age
12360896
x-cache
Hit from cloudfront
content-length
10392
last-modified
Thu, 17 Jun 2021 23:29:28 GMT
server
AmazonS3
etag
"51fc6b2efa0c499f6ccc00a63e4a101c"
vary
Origin
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
xxaKcAmOAgwDtf-WPZsqW-S-cEJtAAywQdXNPTWd2Ccwpz1G9LQYQw==
expires
Tue, 17 Jun 2031 23:29:27 GMT
museo-500.ttf
static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/
54 KB
25 KB
Font
General
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/museo-500.ttf
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f89b91ffe4f86e4d185ca280cf41b8a860657e5d2205ad9b079f65fcdc8ca6e4

Request headers

Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 07:33:46 GMT
content-encoding
gzip
age
5679486
x-amz-meta-sha256
f89b91ffe4f86e4d185ca280cf41b8a860657e5d2205ad9b079f65fcdc8ca6e4
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 26 Aug 2021 13:26:09 GMT
server
AmazonS3
etag
W/"4ecbcdf4e36ac92baa9965af3eeb128d"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD
content-type
application/x-font-ttf
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
expires
Thu, 11 Oct 2040 09:14:22 GMT
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
juaNfWFp1145zHtNiPdpEpCiylZZcjx49I0bWSf1jhGX5llfqUCPdw==
x-amz-meta-s3b-last-modified
20191004T085728Z
load.php
www.kleertjes.com/system/modules/ajax/lib/webservice/
501 B
909 B
XHR
General
Full URL
https://www.kleertjes.com/system/modules/ajax/lib/webservice/load.php
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-42.fra56.r.cloudfront.net
Software
Apache/2.4.51 (Debian) /
Resource Hash
19ca5f86feab27208db9f946f00ff843551cb6bb2f7332661e12356909aeb97a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
gzip
server
Apache/2.4.51 (Debian)
x-amz-cf-pop
FRA56-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/json;charset=UTF-8
via
1.1 e026b2802d48048e9935caadbecf124f.cloudfront.net (CloudFront)
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
content-length
301
x-amz-cf-id
cd3qRY_-zj7lpMzFMy5z2fY8kOK9L-bZMwOs2uyj9ecS2DPMpfI-Wg==
expires
Thu, 19 Nov 1981 08:52:00 GMT
load.php
www.kleertjes.com/system/modules/ajax/lib/webservice/
392 B
786 B
XHR
General
Full URL
https://www.kleertjes.com/system/modules/ajax/lib/webservice/load.php
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-42.fra56.r.cloudfront.net
Software
Apache/2.4.51 (Debian) /
Resource Hash
4c60e09af0cdaefbdede9d7022dc0f2d153f7cf32a614f211e9d7073a658c0c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
gzip
server
Apache/2.4.51 (Debian)
x-amz-cf-pop
FRA56-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/json;charset=UTF-8
via
1.1 e026b2802d48048e9935caadbecf124f.cloudfront.net (CloudFront)
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
content-length
273
x-amz-cf-id
VtiOsXTZkVXGdE9cgPG5dWl40TYnDnG6ZLf26HTW9qMYK-1Boe1o_A==
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
www.kleertjes.com/api/user-preference/has-newsletter-subscription/
17 B
486 B
XHR
General
Full URL
https://www.kleertjes.com/api/user-preference/has-newsletter-subscription/?t=1636333910
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-42.fra56.r.cloudfront.net
Software
Apache/2.4.51 (Debian) /
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 01:11:51 GMT
via
1.1 e026b2802d48048e9935caadbecf124f.cloudfront.net (CloudFront)
server
Apache/2.4.51 (Debian)
x-amz-cf-pop
FRA56-P3
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
content-length
17
x-amz-cf-id
rLXsgfRA0pteECSfYEyryocL1RXQNJc28DYo1my0HBCE2sgnjHQnmg==
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.googletagmanager.com/gtag/
160 KB
59 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DP0B9JGB5P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f748b2c0abc62732d7db4daf733b0a010aee70735b9106c352ad15e8f3480be4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60604
x-xss-protection
0
expires
Mon, 08 Nov 2021 01:11:51 GMT
hotjar-37743.js
static.hotjar.com/c/
5 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-37743.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
31e30685fd2aa77bcd80cc49d58c4769fdfca38a37da9dc8cb6d4444e87c48ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
etag
W/646c7d81c6a291ee1cb133d75dc3db5d
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
msQqLI7lPuF4nrP-MI_EAQ3z2U6LD5JgO-KFN4IWOy5tVNoz8F2YcQ==
via
1.1 5d5481cfa85227a3fdd5ff0b03093c63.cloudfront.net (CloudFront)
12476.js
www.dwin1.com/
35 KB
10 KB
Script
General
Full URL
https://www.dwin1.com/12476.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
614c1f440909784c75aee606f9aeb2b6813b4aaa635d57eae29cfc73c405966e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
bAlJnxUDflPCiMZaSNoY_MAdlRvWGkFL
content-encoding
gzip
etag
W/"bca219cc976dc99aefa3c72b978a23ae"
age
148
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 04 Nov 2021 12:11:14 GMT
server
AmazonS3
date
Mon, 08 Nov 2021 01:09:23 GMT
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
cache-control
max-age=600, s-maxage=600
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
uANkrURsEQTj-ZqTdhs8dVFjbMhq49DVCC6E_oupjt4AFcvV8kJwhA==
a6876cfw.js
d81mfvml8p5ml.cloudfront.net/
13 KB
5 KB
Script
General
Full URL
https://d81mfvml8p5ml.cloudfront.net/a6876cfw.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:dc00:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d93d46611f9d76728684f9bc8e6a75b19cd6004e49e3bfadbb37ea7175ade9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:09:23 GMT
content-encoding
br
last-modified
Fri, 25 Jun 2021 16:33:40 GMT
server
AmazonS3
age
459
etag
W/"c51c3c2b8a2a762368140eae949afd5a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 387adc951beb5181d840dfb5d1f09489.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
YS0LzYSj0_NvNibbsOAWOOvStvemWFNLkIZRjOsr7UKX-gYWDYjDFw==
pastease.js
deploy.mopinion.com/js/
27 KB
10 KB
Script
General
Full URL
https://deploy.mopinion.com/js/pastease.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
404e553148c76b0949a09f99394fde3eb9a7aa402e96ed13806e226766acca69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
44929
x-powered-by
Pastea.se
x-cache
Hit from cloudfront
date
Sun, 07 Nov 2021 12:43:02 GMT
via
1.1 70d755f7200c02162c7545e4ce74649b.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2021 12:10:07 GMT
server
nginx
etag
W/"6afe-17b9c1ddbc9"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
M9y6Fs3GIqEGxnljkjNgAj9UOFEH95Ov-1g5KQ_tJC7fL10uGjDwmg==
tags
creativecdn.com/ Frame C85A
Redirect Chain
  • https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_hD11GeZMX5KVsq8ndRYH&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848b...
  • https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_hD11GeZMX5KVsq8ndRYH&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848b...
244 B
552 B
Document
General
Full URL
https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_hD11GeZMX5KVsq8ndRYH&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1636333911550&tc=1
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
3d9de1a109afc4ccd7f7ff43fc89465887b228ea4fc110f62a29c72c5bffa975

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT Mon, 08 Nov 2021 01:11:51 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-max-age
3600
vary
Origin, Accept-Encoding
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-encoding
gzip
content-length
194

Redirect headers

date
Mon, 08 Nov 2021 01:11:51 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-max-age
3600
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_hD11GeZMX5KVsq8ndRYH&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1636333911550&tc=1
content-length
0
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
4245
date
Mon, 08 Nov 2021 00:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 08 Nov 2021 02:01:06 GMT
conversion_async.js
www.googleadservices.com/pagead/
37 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
55aa0299a6b880ddee3b6e438a6e155730fca9eaf992e5e4ac105ca1de5f3312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14369
x-xss-protection
0
server
cafe
etag
15288909967828865177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 08 Nov 2021 01:11:51 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
K1uoqyaf6g4ACAe2QV7e6HwAIWg/LiSYial5oiVCgKWGYREh2wab9qpaFulbmzmzecTTmogl4/zh9Zlat3o8LA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 08 Nov 2021 01:11:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
all.css
use.fontawesome.com/releases/v5.0.12/css/
38 KB
9 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.0.12/css/all.css
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10731857
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
EBVYAX31CPN695AG
x-amz-id-2
NO0Q1ssxCYKZHzzW3oJKYBlmzlIzcfaufVTVftEmyXnNlo3WeGqsWSDN96wIi628nbgIpmus/bU=
last-modified
Wed, 30 Jun 2021 15:27:17 GMT
server
cloudflare
etag
W/"d896a88b71aa2ba5d6bd670429bf1bad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAdKUfbimJkV2v18sAiZ4qKm0x5EAMfc4XQZvbw2fk28Xx5cYgUSuUUQGr76pRABRVjV6KYEmvD1UGaRAd4Nm6GpLEZ2ee3H2vR0u6DuYvPQcx6QhoLnB4u93a7X6oZXpncRVEmJFQnZ8ghK9O7HjhuJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6aaaee035b6b4e4f-FRA
core.js
s.pinimg.com/ct/
1 KB
1 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKpLQ6uR0a1h%2FO4v3LMUqhJSA%2Bm9JtcOL1YC6OGbvLgS9fL8t6QpEiq5DMUgBP5N%2FwqFwJ4g%2BBX%2FieQlma%2BGhDFS7XDud55EBfAut0XMUB0kRBh3dCqdAfYIckEyQL0PJt3G%2F%2BcsiV0z6moskCGJ1KFF1O%2FmBuo2xZH70QUCxpHGvuMQwQ1ud0V5ulwYh%2FZg4hSIkzuWkGz95L%2BwK5qX7MKotUPRJmILo3kD%2FWUtl6b%2BGmH3eTQtzB%2FiCrN%2BRA1RgcG6jI3%2BNMO2weaoGnRT9oVEFO27qLWN2htaTqwv%2BQoSOK%2BaQTkFk8IXIXmV%2B92Kq1Yt9HwLJ5jv2yP1SokFOx8QAwp9KR8AWlj2fwmOkNIJKw7Lb4lHuNkSV5YVn3PFMhcTFE6Wlt0qcJmFXAWKPpABY7baINfmQMBYkIaKHNarGr3is3ImcfMsLcRSGG7Ul83i4RATq798N1zz2%2B0SPVj%2FbQT1PPvaHzQdWR90FbEqbuM2uG1YhwdFQRGHmSFNwZFUMqgOOYBU7EqNQG0Qs8FA3NiybKGir%2BmZ4Ow8Gi1Ieoqqjb4i8IhoCjkkeYCQsaDanMW1nUyG19toXMOhJoBy6%2FmVZneQZlhPBVsrUS%2Bs9YAw%2B%2BUnpXmANjklj7Qp7X2HuFjME%2Fz9IWu5EVkOWceCGcORQo%2FwI0f6X7L1%2Bv2CUG%2BZ0FTlVgNoLIfIaTpXHNvElCOm%2Fmfwo8MgTACNvtOQIKfVZvR7hg62%2Bltr8LODHCTwr78vujAQDq34zIUR2w%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
fastly-restarts
1
x-cdn
fastly
etag
"95580b4fad0d5513b92f05a5be0d5a38"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
modules.d4630e91cffbd6b56a37.js
script.hotjar.com/
222 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-37743.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
916246
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59861
access-control-allow-origin
*
last-modified
Thu, 28 Oct 2021 10:40:59 GMT
etag
"fe2e85deda154f5a6e0e0112bec8a18c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
kF6jJmbnRz2ttLOyQKwmsrFUwvngRpuDJ6b5NJ94ZRWf9yoP0HBk2g==
1802294463357935
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1802294463357935?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a7c552e8ec38740e9708195f6d84002b197ff35904d64e47eeb2d5c1f042ad2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
88828
x-xss-protection
0
pragma
public
x-fb-debug
mfdcLsH8c250DmrWJ1g6Libs42r7EQWgPOehzpX3++jOWqAJM7Gmlspg6rDCnLeAZ1Ub54OdY1sTSpEDwXlNLA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 08 Nov 2021 01:11:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.12/webfonts/
44 KB
45 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.0.12/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.12/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.12/css/all.css
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9312400
cf-ray
6aaaee03bb634e6d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45132
x-amz-id-2
97IzafoIBXaI3+QGZ0ZLkXOCN/2eGsZdeyobOxyAaxbJEhdDS8D4T/EU/g2G/L+bsPOu6C8hyI4=
last-modified
Wed, 30 Jun 2021 15:27:31 GMT
server
cloudflare
etag
"62e224193aeed0b428e83d1cccfd6d91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zcjn4HdfNQFbVH7%2FgQOkNqtAfHHZs72Rvrjlxlyi2OIBzfVZ3QustCzmC3c41UdZLb3y6kOI17TTCcqXjmDYe9hGh0hGyjVxCe1pXyFi2ShFs3eioGf86UNDPsWOanr117eNqa6GD2%2FQCwQnAYSB0ww"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
V88SB4J1RY0SZD75
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
box-d09a446edefba0dcce5d5143e1840e9a.html
vars.hotjar.com/ Frame 20BC
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-37743.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/

Response headers

content-type
text/html
content-length
1044
date
Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"63e08f928469ab67d9dac30c065ed182"
last-modified
Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
LunQquL5qOCDYEDopX1LF3cNpLE1tiOBSVXPF1xgDUZOOYDgvMNyDw==
age
1619806
alt.php
www.zenaps.com/ Frame FBDC
155 B
509 B
Document
General
Full URL
https://www.zenaps.com/alt.php?mid=12476&sv=12476_1636333910_6de28618d6848bbd1c901fd8d4222216
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/12476.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c83868b4b3086ad03c631a754a9218d0376c8c92863511eab2de0370801d5152
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/

Response headers

Content-Type
text/html
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Mon, 08 Nov 2021 01:11:51 GMT
Content-Length
141
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
d9core
the.sciencebehindecommerce.com/
11 KB
4 KB
Script
General
Full URL
https://the.sciencebehindecommerce.com/d9core
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/12476.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.199.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-199-119.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
ce56f99800278d059e9b2fb2d27c9fbbb05bcc45fcb6a8d5c2f577741c503091

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 01:11:50 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
the.sciencebehindecommerce.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3611
/
dn1i8v75r669j.cloudfront.net/v/
47 B
323 B
Script
General
Full URL
https://dn1i8v75r669j.cloudfront.net/v/?w=a6876cfw
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/a6876cfw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3a00:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6442df9cd2e47f37db25d8ec460c4759709625a5eec2336ab9436c6f0d9922bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:09:10 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
age
161
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
FoEs0HUIEDgYoF1rPXBq3xVpcozRDA_5BipYhF8IM1dO_L2iZkDI1g==
jyeh8u5g21h31lqpsr9f71tdyrnojz5llcj
deploy.mopinion.com/config/
3 KB
1 KB
XHR
General
Full URL
https://deploy.mopinion.com/config/jyeh8u5g21h31lqpsr9f71tdyrnojz5llcj
Requested by
Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
cb474efb534a2e4e17542bd6dcc9ff4c21398cbb4100aadabf2667a900491a26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 00:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
887
x-powered-by
Pastea.se
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
access-control-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json
via
1.1 7bf0fe9eca07efaffe6363062053f387.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
l58HV-mXtluT5EfnNXuM6svDUiuEms2yfCOkelZje5nu9u3pMngpzQ==
collect
www.google-analytics.com/g/
0
146 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DP0B9JGB5P&gtm=2oeb31&_p=152527429&sr=1600x1200&ul=en-us&cid=1136214876.1636333912&_s=1&dl=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&dr=https%3A%2F%2Flookandfind.me%2F&dt=Kinderkleding%2C%20babykleding%20en%20schoenen%20-%20kleertjes.com&sid=1636333911&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.contentgroup=category
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DP0B9JGB5P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 01:11:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kleertjes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
313 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1802294463357935&ev=PageView&dl=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1636333911692&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636333911691.127494099&it=1636333911596&coo=false&rqm=GET
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 08 Nov 2021 01:11:51 GMT
cm
cm.creativecdn.com/adx/ Frame C85A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=MHh1UDNjaFpKV1pIWlcwR3Nqenc%3D&pi=adx&tdc=ams&chain=
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm=&google_sc=&google_ula=5153224&google_hm=MHh1UDNjaFpKV1pIWlcwR3Nqenc%3D&pi=adx&tdc=ams&chain=&google_tc=
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPMy3JyDS7Uu24vJDXwXNMA&google_cver=1&google_ula=5153224,0
42 B
243 B
Image
General
Full URL
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPMy3JyDS7Uu24vJDXwXNMA&google_cver=1&google_ula=5153224,0
Requested by
Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_hD11GeZMX5KVsq8ndRYH&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1636333911550&tc=1
Protocol
H2
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creativecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 01:11:52 GMT, Mon, 08 Nov 2021 01:11:52 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 01:11:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPMy3JyDS7Uu24vJDXwXNMA&google_cver=1&google_ula=5153224,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12476.gif
www.zenaps.com/m/ Frame FBDC
43 B
488 B
Image
General
Full URL
https://www.zenaps.com/m/12476.gif
Requested by
Host: www.zenaps.com
URL: https://www.zenaps.com/alt.php?mid=12476&sv=12476_1636333910_6de28618d6848bbd1c901fd8d4222216
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.zenaps.com/alt.php?mid=12476&sv=12476_1636333910_6de28618d6848bbd1c901fd8d4222216
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 01:11:51 GMT
Allow
GET
ETag
12476_1636333910_6de28618d6848bbd1c901fd8d4222216
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
max-age=0
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
main.6ae4a9fc.js
s.pinimg.com/ct/lib/
54 KB
18 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"9850391ff02e4a98b00efa3acfbbbb10"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
18814
access-control-expose-headers
X-CDN
visit-data
in.hotjar.com/api/v2/client/sites/37743/
146 B
323 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/37743/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.140.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-140-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
survey.min.js
collect.mopinion.com/assets/surveys/2.0/js/
176 KB
55 KB
Script
General
Full URL
https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Requested by
Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.212.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-212-192.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6fe032721ceebf14b00d2124d462876da07f63644bcaa8bb0919754f9cdeb672
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com; worker-src blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com; worker-src blob:
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 03 Nov 2021 13:01:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"61828811-2c1a0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com; worker-src blob:
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires
Mon, 15 Nov 2021 01:11:51 GMT
a6876cfw_1624638820167.js
dkpklk99llpj0.cloudfront.net/
55 KB
17 KB
Script
General
Full URL
https://dkpklk99llpj0.cloudfront.net/a6876cfw_1624638820167.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/a6876cfw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b51dd60231681a37c4fb5dd80a87e172f4d29f974f1c1b4a179a310e2ce6b19c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 16:37:41 GMT
content-encoding
br
last-modified
Fri, 25 Jun 2021 16:33:48 GMT
server
AmazonS3
age
11694851
etag
W/"82caa0552b89d90057dfa3e7120f330a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
oDXz_-FZqoptqCJmXhhS2eDzuxKBw_MQ4KpJ1ODewVlqB1vR__RrAw==
/
ct.pinterest.com/user/
509 B
595 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2613576938982&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1636333911787
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 01:11:51 GMT
content-encoding
gzip
referrer-policy
origin
x-cdn
fastly
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kleertjes.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
pin-unauth
dWlkPU9Ea3pNRGMzTW1FdE5Ea3lOaTAwT0RRMExUbGtaV1V0WWpRNE1HTXpPREE1TWpnNQ
x-pinterest-rid
1732514380963101
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
content-length
364
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
247 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2613576938982&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248%22%2C%22ref%22%3A%22https%3A%2F%2Flookandfind.me%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1636333911788
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 01:11:51 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
x-pinterest-rid
1590579024615354
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
lgc
the.sciencebehindecommerce.com/
0
572 B
XHR
General
Full URL
https://the.sciencebehindecommerce.com/lgc
Requested by
Host: the.sciencebehindecommerce.com
URL: https://the.sciencebehindecommerce.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.199.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-199-119.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 08 Nov 2021 01:11:51 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://www.kleertjes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
get
am.freshrelevance.com/
1 B
97 B
XHR
General
Full URL
https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%22xs1iqyyn1y%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%22%2C%22w%22%3A%22a6876cfw%22%7D%7D
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/a6876cfw_1624638820167.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.224.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-224-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 08 Nov 2021 01:11:52 GMT
content-type
text/plain; charset=utf-8
/
ct.pinterest.com/md/
0
198 B
XHR
General
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 01:11:52 GMT
referrer-policy
origin
x-cdn
fastly
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
x-pinterest-rid
1139312466822268
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/
345 KB
136 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=nl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
16b5b9b0cabeca14bc2a831660c1c388c41f2a9b041e62cf084a63dbc72485b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kleertjes.com/
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 23:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
523035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138062
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 18:13:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 01 Nov 2022 23:54:37 GMT
json-config
cacheorcheck.mopinion.com/survey/public/
182 KB
32 KB
XHR
General
Full URL
https://cacheorcheck.mopinion.com/survey/public/json-config?key=e192f9acbecb7523e660f6067b39d594f834c0e1&domain=app.mopinion.com&withBase=true
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.239.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-239-185.eu-west-1.compute.amazonaws.com
Software
nginx / Mopinion.com
Resource Hash
222714a8af9587acf90a13cdf2b2ee4b1d8250f848acd97d0f2d4d7ec06852e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
Mopinion.com
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-Api-Version, X-Request-Id, X-Response-Time
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
access-control-allow-headers
Origin, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ Frame B26C
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1636333910_6de28618d6848bbd1c901fd8d4222216&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.kleertjes.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.kleertjes.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Mon, 08 Nov 2021 01:11:52 GMT
css
fonts.mopinion.com/
3 KB
2 KB
Stylesheet
General
Full URL
https://fonts.mopinion.com/css?family=Open+Sans
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.212.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-212-192.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ce03cf922147a565a37be31f08f8e9b54375897cfc54cb66b5209183842b8e8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding, Accept-Encoding
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 08 Nov 2021 01:11:52 GMT
emoji
cacheorcheck.mopinion.com/survey/public/
7 KB
2 KB
XHR
General
Full URL
https://cacheorcheck.mopinion.com/survey/public/emoji?blockId=85765&domain=app.mopinion.com
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.239.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-239-185.eu-west-1.compute.amazonaws.com
Software
nginx / Mopinion.com
Resource Hash
c201e9425b3de3f349fe1e5dea1895ec6411785299a8b729e04e600a9a32a50c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
Mopinion.com
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-Api-Version, X-Request-Id, X-Response-Time
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
access-control-allow-headers
Origin, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-9234733-1&cid=1136214876.1636333912&jid=860465416&gjid=1711715460&_gid=499255704.1636333913&_u=YCDAgAABAAAAAE~&z=710695166
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Nov 2021 01:11:52 GMT
content-type
text/plain
access-control-allow-origin
https://www.kleertjes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
0
0

ga-audiences
www.google.com/ads/
0
0

ga-audiences
www.google.de/ads/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=152527429&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1636333910_6de28618d6848bbd1c901fd8d4222216%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&dr=https%3A%2F%2Flookandfind.me%2F&ul=en-us&de=UTF-8&dt=Kinderkleding%2C%20babykleding%20en%20schoenen%20-%20kleertjes.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAAB~&jid=860465416&gjid=1711715460&cid=1136214876.1636333912&tid=UA-9234733-1&_gid=499255704.1636333913&gtm=2wgb315H4GP8&cg1=category&cd4=Desktop%20%26%20Tablet&cd5=criteo_abtst.group&z=1775289
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-9234733-1&cid=1136214876.1636333912&jid=860465416&_u=YCDAgAABAAAAAE~&z=825926394
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-9234733-1&cid=1136214876.1636333912&jid=860465416&_u=YCDAgAABAAAAAE~&z=825926394

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| Frontend function| setCookie function| getCookie function| deleteCookie object| Ajax function| AjaxServiceRequest object| AjaxFilter object| AjaxLister object| FormBuilder object| TinyCallback object| MessagingFrontend object| DateTimeSelect object| Rating function| RatingField boolean| menuForMobile boolean| leftmenuForMobile object| $html function| setResponsiveClasses function| setOutletLabel object| AjaxPdp object| AjaxBasket object| AjaxLoginStatus object| AjaxOrderHistory object| DataLayer object| PDPHelper object| Tweakwise number| hoi object| EvaluationApi object| EvaluationHelper function| submitForm function| $ function| jQuery object| picturefillCFG function| picturefill object| jQuery112008732942889115334 function| Vue object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| landerCatNav object| known string| lang function| tmpRemoveFilter object| openFilters boolean| filterSizeSelected boolean| filterLoaded boolean| cntrlIsPressed object| $document object| $window function| onResize function| saveOpenFilters function| setOpenFilters function| hideSizes function| resetFilterLoaded function| setSizeFilter function| hideNotAvailableColors function| setListerPagination function| scanColorBox function| setBackButtonPdp function| setOgImageTag function| preventPopupSubmit function| changeListerVariant function| colorSelectedBasket function| colorSelectedCheckoutBargains function| changeBigImage function| decreaseHistoryPdp function| addProductClicks function| colorSelected function| sizeSelected function| anySizeSelected function| parseGetParam function| itemLoaded function| checkoutTweaks function| checkoutPaymentMethods function| limitQuantity function| limitInputQuantity function| initAjax function| unveilImagesBasket function| toggleBasketCurrent number| basketRefresh function| refreshMiniBasket function| validateToBasket function| editOrder function| cancelEditOrder function| calculatePopupSize function| productClicked function| productAddToCart function| productQuantityChange function| onCheckout function| onCheckoutOption function| onLoadRelatedItems function| setMainImage boolean| finishedFilter boolean| finishedProduct function| onFinishedFilterAndProduct function| addListImpressions function| addCriteoListingTracker function| hashToObj function| setFilterSizePDP function| unveilImages function| getCategoryFromBreadcrumb function| getCategoryArrayFromBreadcrumb function| savePageInCookie boolean| keydownSearchInitialized function| search_onResponse object| search_keyword object| search_timeout function| search_onChange function| search_show function| search_keyboardEvents object| navState function| setNavState function| getNavState function| addCsrfTokenToForms function| setTopNavigationState function| hideElementsOnFilter function| openColorbox function| closeColorbox function| resetScrollLocation function| urlParam function| gtmErrorMessage function| gtmValidationMessage function| validateForm function| addValidationChecks function| addToggleMenu function| collapseCoupon function| Basket function| onItemAdded function| PreBasket boolean| submitAlternativeAddress function| bindOpeningHoursEvent function| bindDeliveryEvents function| disablePostNlPickUpOption function| enablePostNlPickUpOption function| fillAddressIfEmpty function| executeApi function| getPostNlLocations function| getDHLLocations function| submitCheckoutForm function| bindEncryptForm object| DeliveryDate object| AjaxValidateEmail object| TweakwiseFilterSearch object| TweakwiseCommunication object| TweakwiseDataLayer object| SelectedFilters object| UrlHelper object| IndexedFilters object| DHLPickUpLocations object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry number| ri object| elColor object| elSize object| fieldset number| LUX_t_start number| LUX_t_end object| __core-js_shared__ object| td object| _db1 object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| hj object| _hjSettings function| getVar string| tduid string| get_string string| return_value number| name_index number| space string| GoogleAnalyticsObject function| ga number| d number| h number| m function| getCookie_VisitorType function| fbq function| _fbq function| setCookie_OptInLevel string| cookie_text string| cookie_balk string| styles undefined| eventpinterest undefined| line_items_pinterest undefined| line_item function| pintrk object| outletMenuItem object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| Pastease object| $FR_LAB object| AWIN object| Sha256 object| Utf8 object| D9v object| gaGlobal function| onYouTubeIframeAPIReady number| count function| GooglemKTybQhCsO function| google_trackConversion function| $TM_VR object| $TB function| nrlskOnEvent string| send object| d9PendingXDR object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| srv object| google_optimize

37 Cookies

Domain/Path Name / Value
ww1.shop.pcapitalone.com/ Name: __tad
Value: 1636333905.7416326
.1redirb.com/ Name: __dsnsid
Value: 20211108121145848657965120e071eb
utkv6nyu.de/ Name: PHPSESSID
Value: 42oj88bajnfnj80g0ido4t55a7
.awin1.com/ Name: aw12476
Value: 101248|0|0|1636333910|at107999_a116809_m12_p134708_cDE_sa3065479e5c1492a62f7bdf68ed41872|aw|0
.awin1.com/ Name: bId
Value: HLEX_61887956912766.13071668
.zenaps.com/ Name: aw12476
Value: 101248|0|0|1636333910|at107999_a116809_m12_p134708_cDE_sa3065479e5c1492a62f7bdf68ed41872|aw|0
.zenaps.com/ Name: bId
Value: HLEX_61887956912766.13071668
www.kleertjes.com/ Name: last_product_loaded
Value:
www.kleertjes.com/ Name: last_page
Value: 0
www.kleertjes.com/ Name: lux_uid
Value: 163633391114109652
.kleertjes.com/ Name: _tdid
Value: td-kvpyymi2-daytglcy-5ksryyzs22y_1
.kleertjes.com/ Name: basket_amount
Value: 0
www.kleertjes.com/ Name: fe
Value: ccf84c846c450b9ef51b9e1167fa94eb
.kleertjes.com/ Name: _gcl_au
Value: 1.1.1493581880.1636333912
www.kleertjes.com/ Name: visit22
Value: new
.creativecdn.com/ Name: u
Value: 0xuP3chZJWZHZW0Gsjzw
.creativecdn.com/ Name: ts
Value: 1636333911
.kleertjes.com/ Name: _aw_m_12476
Value: 12476_1636333910_6de28618d6848bbd1c901fd8d4222216
.kleertjes.com/ Name: _ga_DP0B9JGB5P
Value: GS1.1.1636333911.1.0.1636333911.0
.kleertjes.com/ Name: _ga
Value: GA1.1.1136214876.1636333912
.kleertjes.com/ Name: _fbp
Value: fb.1.1636333911691.127494099
.kleertjes.com/ Name: _hjid
Value: d65ca557-0dbb-479e-becc-0f0646101b38
.kleertjes.com/ Name: _hjFirstSeen
Value: 1
www.kleertjes.com/ Name: _hjIncludedInPageviewSample
Value: 1
.kleertjes.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
www.kleertjes.com/ Name: _hjIncludedInSessionSample
Value: 1
www.kleertjes.com/ Name: Pastease.passive.chance.05ygzgqmupdr0tjms2njnxxuoi1gdco1
Value: chance33.9
www.kleertjes.com/ Name: Pastease.passive.activated.05ygzgqmupdr0tjms2njnxxuoi1gdco1
Value: 0
www.kleertjes.com/ Name: last_page.g0fjqcjin94hd8rp1fkq0m9vf6sftozkrule_0
Value: /
www.kleertjes.com/ Name: page_count.g0fjqcjin94hd8rp1fkq0m9vf6sftozkrule_0
Value: 1
www.kleertjes.com/ Name: tms_VisitorID
Value: xs1iqyyn1y
collect.mopinion.com/ Name: AWSALBCORS
Value: KzTD1xJCvDfqs7MudWpoRaZENeqSfFZJCrnPQMUe7QBNoN+63FzNL/hZRm6dKauWUY2Ee9+h5xXV0zgBbDz8+Mh4W7OrgH5PD1LtOuL1Wo4/uPA2p3XiBkat8RSR
.sciencebehindecommerce.com/ Name: _D9J
Value: 4086e674e7704c6895f2a1cf1a96e00d
www.kleertjes.com/ Name: tms_wsip
Value: 1
.kleertjes.com/ Name: _pin_unauth
Value: dWlkPU9Ea3pNRGMzTW1FdE5Ea3lOaTAwT0RRMExUbGtaV1V0WWpRNE1HTXpPREE1TWpnNQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnR5oNviPe19M9LSLF7ciO7CFHCOXTMKhySgAfl-bIn2o_YEheCZhMR-WR6aq4
fonts.mopinion.com/ Name: AWSALBCORS
Value: jSXo4a7ynt7pTjIdm4Umr8kUvdNc95gpcwzU5uA9u40hd6x+IsEalctglUDH0FITde87kaB+f/XEZfbgzK0ZjsFwQf4z240e8iVoBQ4eu/7sWY8yYdCgJCwV7HOG

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirb.com
am.freshrelevance.com
cacheorcheck.mopinion.com
cdn.speedcurve.com
clever-redirect.com
cm.creativecdn.com
cm.g.doubleclick.net
collect.mopinion.com
connect.facebook.net
creativecdn.com
ct.pinterest.com
d81mfvml8p5ml.cloudfront.net
deploy.mopinion.com
dkpklk99llpj0.cloudfront.net
dn1i8v75r669j.cloudfront.net
fonts.mopinion.com
in.hotjar.com
lookandfind.me
r.kleertjes.com
rtpnt.xyz
s.pinimg.com
script.hotjar.com
static.hotjar.com
static.pkleeklrsrci.net
stats.g.doubleclick.net
the.sciencebehindecommerce.com
use.fontawesome.com
utkv6nyu.de
vars.hotjar.com
ww1.shop.pcapitalone.com
www.awin1.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.kleertjes.com
www.zenaps.com
www.google-analytics.com
www.google.com
www.google.de
103.224.182.206
104.111.239.217
142.250.184.195
142.250.186.136
142.250.186.162
151.101.192.84
151.101.194.217
157.90.169.168
18.159.120.134
18.66.112.111
18.66.139.108
18.66.139.28
18.66.139.58
18.66.97.53
185.184.8.65
216.58.212.130
2600:9000:223c:3a00:7:5031:dc0:21
2600:9000:223e:dc00:2:36a1:2f40:21
2600:9000:223f:400:f:8ce2:fb80:93a1
2600:9000:225e:d600:e:98bf:5f00:21
2606:4700:3036::6815:1a18
2606:4700:3037::6815:4e07
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1f::84
49.12.0.235
52.17.239.185
52.209.224.12
52.222.214.42
52.49.199.119
52.51.140.204
70.32.1.32
78.46.197.88
99.81.212.192
024eebe32b057a32537813f1a74e10f95d564db95b3fa2c4b59c987f46e77b92
033c727a0d1f3cb475db3f22e6cbef3547318fc52da87511e0c9d619e5139ea2
03dafe40bb63eb769a454ea6492a4683cfcf9ca7890ff6f61f9086cd78925874
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c
08077323db510f7c73784640799b8721d530767fe4c2a5a9b6f26f356a839d04
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63
101965af73a97aabfec5a6e49db47fdf4de2dca44fc859d8d8b6444ea807f563
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b6b76823f3aeda95b8a5afcb57096971a8e6a57204b32675ffea761d9da756
16b5b9b0cabeca14bc2a831660c1c388c41f2a9b041e62cf084a63dbc72485b6
176ad8d6d1385c134350eec79860d189e049ba482f485db6a7c548b81f9118d7
184ebb69fdafee46b23ce24f64530474a5de34ee61f2ead9258ef7f6fb439059
19ca5f86feab27208db9f946f00ff843551cb6bb2f7332661e12356909aeb97a
1a1bf1cad38252b6e62edeb31cd5c9769577404b22a97cdb95b45997f11302a8
1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243
21c48d40ecb6ef30229910310807163b38fd274753935098976b4533de217b55
222714a8af9587acf90a13cdf2b2ee4b1d8250f848acd97d0f2d4d7ec06852e7
2a7c552e8ec38740e9708195f6d84002b197ff35904d64e47eeb2d5c1f042ad2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
316939c7deb4517cb503120b53588f0daffae905178cf40109ba08368db188ae
3194c0b885119587edb7b6d0db66578dff3af5f8a0abed8c6b2f2243ee9920c8
31e30685fd2aa77bcd80cc49d58c4769fdfca38a37da9dc8cb6d4444e87c48ec
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3d9de1a109afc4ccd7f7ff43fc89465887b228ea4fc110f62a29c72c5bffa975
404e553148c76b0949a09f99394fde3eb9a7aa402e96ed13806e226766acca69
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
40fd6d7734b8421e48a48d833c96fff6c4703198cc85cb9b69684171d3a1cb6b
4c60e09af0cdaefbdede9d7022dc0f2d153f7cf32a614f211e9d7073a658c0c6
541eb42d376e446209a865b53cd04c23afd397691db40433c61898d670e89acf
55aa0299a6b880ddee3b6e438a6e155730fca9eaf992e5e4ac105ca1de5f3312
614c1f440909784c75aee606f9aeb2b6813b4aaa635d57eae29cfc73c405966e
6442df9cd2e47f37db25d8ec460c4759709625a5eec2336ab9436c6f0d9922bf
64cda99e454271f765db186db573f8a41af2024d4e8ea559d45c16a9ecb553a5
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6a028eca1f7ced16f39b56ae5b595d64f692aa4f07aa2175c32a26d1b7db0015
6c00b5d026c6bdcdac2b31ecdfc77eb486dba6a92bb6282c99c6e36facb30745
6fe032721ceebf14b00d2124d462876da07f63644bcaa8bb0919754f9cdeb672
710c51c12d28a5dfe737ed96eab42d4052be3e20076eac9dfcfcaa2794494cd5
745d74f097901d4047ce8959ac2fb429268d6c9a665cc9212e08dea7dc2577e6
7b6276adbd95eb541d75084f24cfea1b4e295ffc1f1d458a30454fa3ecda0833
7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10
81a5dafd9389dafc97ab80fa6a031db8babac927392b73a2d6ed764e8443838f
839f7f43539d7c85d0b74bd2aa59cd25922bc38d84b33929c3ee6b900f0a0d6a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bdf435372972a250688fe0dd9c12300e63ba36465a6c104fe6b805deab76b9a
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
91add3d87b978fc054347ce2edd7140ae863855fd3222037a67a5ca02f4e39af
97511adf492630e7f7a10da3be4ede35eb1a18f1e41a088cc427f5e1a5467789
9d93d46611f9d76728684f9bc8e6a75b19cd6004e49e3bfadbb37ea7175ade9e
a0b55e61708bcd211cc4af99df4ae844ad57f673cbd8b8e9de1ecfe0ff2cee99
a2583bae14eee6282c8a9286c5ac994b344a995a108c45dbe761baf5814a633d
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4bd391467986e3fe78943144f1ba192c46379306ae41afd0a58a2fcc51250e8
b51dd60231681a37c4fb5dd80a87e172f4d29f974f1c1b4a179a310e2ce6b19c
b8810c8090bd26cb484abd4f115a19552ec4142f4e29d63b774c977b17177ac9
c201e9425b3de3f349fe1e5dea1895ec6411785299a8b729e04e600a9a32a50c
c83868b4b3086ad03c631a754a9218d0376c8c92863511eab2de0370801d5152
cb474efb534a2e4e17542bd6dcc9ff4c21398cbb4100aadabf2667a900491a26
cbee3db6d27c60ab4ca2143a7f0c5da0abaccf674037d49440ffce9938614d65
cc1e359c31671b24c7eb0ae954bf7841321d27b514e659c536840326343efdb8
ce03cf922147a565a37be31f08f8e9b54375897cfc54cb66b5209183842b8e8d
ce56f99800278d059e9b2fb2d27c9fbbb05bcc45fcb6a8d5c2f577741c503091
d291f894bfc4febf529d8019165b6dcf6622b18c4cd26fb9880ddd083a27195a
d3d1845adf11c6e6a508420c121db9a34f6ededba52b618b08660a1bfe333e1b
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
e1f7e605fdd6ab75a908555fd5170e5125ca1529649ae875c5591b8bcc2158b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f748b2c0abc62732d7db4daf733b0a010aee70735b9106c352ad15e8f3480be4
f89b91ffe4f86e4d185ca280cf41b8a860657e5d2205ad9b079f65fcdc8ca6e4
fb42c637f5f49872c175d1b2d5686bd1b370fc8f1fc4510c2c5a2faed4b02857
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62