urlscan.io logo urlscan.io
SecurityTrails logo

www.kleertjes.com Open in urlscan Pro
104.18.27.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://netflli.com/
Effective URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_c...
Submission: On December 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 8 countries across 33 domains to perform 93 HTTP transactions. The main IP is 104.18.27.196, located in and belongs to CLOUDFLARENET, US. The main domain is www.kleertjes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 12th 2021. Valid for: a year.
This is the only time www.kleertjes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.224.212.222 133618 (TRELLIAN-...)
1 5 103.224.182.206 133618 (TRELLIAN-...)
1 1 49.12.0.235 24940 (HETZNER-AS)
1 1 78.46.197.88 24940 (HETZNER-AS)
2 157.90.169.168 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 92.123.17.141 16625 (AKAMAI-AS)
4 104.18.27.196 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
26 18.66.139.34 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.130.217 54113 (FASTLY)
2 18.159.120.134 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.68.102 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 18.66.139.70 16509 (AMAZON-02)
1 3 185.184.8.65 204995 (RTB-HOUSE...)
1 142.250.185.162 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42:62::84 54113 (FASTLY)
1 18.66.112.6 16509 (AMAZON-02)
2 52.215.144.192 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.117 16509 (AMAZON-02)
2 2 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2600:9000:223... 16509 (AMAZON-02)
2 52.17.239.185 16509 (AMAZON-02)
3 151.101.64.84 54113 (FASTLY)
1 2600:9000:225... 16509 (AMAZON-02)
2 54.229.33.75 16509 (AMAZON-02)
1 108.128.66.67 16509 (AMAZON-02)
1 5 184.51.9.28 16625 (AKAMAI-AS)
1 3 142.250.181.230 15169 (GOOGLE)
2 89.187.169.47 60068 (CDN77 ^_^)
1 18.66.112.67 16509 (AMAZON-02)
1 151.101.2.217 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
93 39
1    103.224.212.222 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-222.above.com
netflli.com
5    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redirb.com
1    49.12.0.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.0.12.49.clients.your-server.de
rtpnt.xyz
1    78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com
2    157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me
1    2606:4700:3036::ac43:872c (United States)

ASN13335 (CLOUDFLARENET, US)
utkv6nyu.de
4    92.123.17.141 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-141.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
4    104.18.27.196 (None, )

ASN13335 (CLOUDFLARENET, US)
www.kleertjes.com
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
www.google-analytics.com
26    18.66.139.34 (United States)

ASN16509 (AMAZON-02, US)
static.pkleeklrsrci.net
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
2    18.159.120.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-120-134.eu-central-1.compute.amazonaws.com
r.kleertjes.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    65.9.68.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-102.fra56.r.cloudfront.net
static.hotjar.com
1    2600:9000:223f:8600:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
1    2600:9000:223e:9e00:2:36a1:2f40:21 (United States)

ASN16509 (AMAZON-02, US)
d81mfvml8p5ml.cloudfront.net
2    18.66.139.70 (United States)

ASN16509 (AMAZON-02, US)
deploy.mopinion.com
3    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
cm.creativecdn.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
2    52.215.144.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-144-192.eu-west-1.compute.amazonaws.com
the.sciencebehindecommerce.com
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:9000:223c:6e00:7:5031:dc0:21 (United States)

ASN16509 (AMAZON-02, US)
dn1i8v75r669j.cloudfront.net
2    52.17.239.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-239-185.eu-west-1.compute.amazonaws.com
collect.mopinion.com
fonts.mopinion.com
3    151.101.64.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
1    2600:9000:225e:a400:e:98bf:5f00:21 (United States)

ASN16509 (AMAZON-02, US)
dkpklk99llpj0.cloudfront.net
2    54.229.33.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-33-75.eu-west-1.compute.amazonaws.com
cacheorcheck.mopinion.com
1    108.128.66.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-66-67.eu-west-1.compute.amazonaws.com
am.freshrelevance.com
5    184.51.9.28 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-28.deploy.static.akamaitechnologies.com
www.pinterest.com
www.pinterest.de
3    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
8590952.fls.doubleclick.net
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
a.omappapi.com
1    18.66.112.67 (United States)

ASN16509 (AMAZON-02, US)
api.omappapi.com
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
lux.speedcurve.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
Apex Domain
Subdomains		 Transfer
26 pkleeklrsrci.net
static.pkleeklrsrci.net
829 KB
6 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
8590952.fls.doubleclick.net
2 KB
6 mopinion.com
deploy.mopinion.com
collect.mopinion.com
cacheorcheck.mopinion.com
fonts.mopinion.com
102 KB
6 kleertjes.com
www.kleertjes.com
r.kleertjes.com
31 KB
5 1redirb.com
1redirb.com
8 KB
4 pinterest.de
www.pinterest.de
15 KB
4 pinterest.com
ct.pinterest.com
www.pinterest.com
2 KB
3 omappapi.com
a.omappapi.com
api.omappapi.com
70 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 creativecdn.com
creativecdn.com
cm.creativecdn.com
2 KB
3 cloudfront.net
d81mfvml8p5ml.cloudfront.net
dn1i8v75r669j.cloudfront.net
dkpklk99llpj0.cloudfront.net
23 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
64 KB
3 google.com
www.google.com
adservice.google.com
1 KB
3 zenaps.com
www.zenaps.com
2 KB
2 facebook.com
www.facebook.com
313 B
2 sciencebehindecommerce.com
the.sciencebehindecommerce.com
5 KB
2 pinimg.com
s.pinimg.com
20 KB
2 fontawesome.com
use.fontawesome.com
54 KB
2 facebook.net
connect.facebook.net
113 KB
2 googletagmanager.com
www.googletagmanager.com
148 KB
2 speedcurve.com
cdn.speedcurve.com
lux.speedcurve.com
7 KB
2 lookandfind.me
lookandfind.me
975 B
1 freshrelevance.com
am.freshrelevance.com
97 B
1 google.de
www.google.de
501 B
1 googleadservices.com
www.googleadservices.com
14 KB
1 dwin1.com
www.dwin1.com
10 KB
1 gstatic.com
www.gstatic.com
136 KB
1 googleoptimize.com
www.googleoptimize.com
42 KB
1 awin1.com
www.awin1.com
1 KB
1 utkv6nyu.de
utkv6nyu.de
835 B
1 clever-redirect.com
clever-redirect.com
232 B
1 rtpnt.xyz
rtpnt.xyz
189 B
1 netflli.com
netflli.com
1 KB
93 33
Domain Requested by
26 static.pkleeklrsrci.net www.kleertjes.com
static.pkleeklrsrci.net
5 1redirb.com 1 redirects 1redirb.com
4 www.pinterest.de s.pinimg.com
1redirb.com
4 www.kleertjes.com lookandfind.me
static.pkleeklrsrci.net
3 8590952.fls.doubleclick.net 1 redirects www.googletagmanager.com
3 ct.pinterest.com s.pinimg.com
www.kleertjes.com
3 www.google-analytics.com www.googletagmanager.com
www.kleertjes.com
3 www.zenaps.com 1 redirects www.dwin1.com
www.zenaps.com
2 a.omappapi.com www.googletagmanager.com
a.omappapi.com
2 cacheorcheck.mopinion.com collect.mopinion.com
2 www.facebook.com www.kleertjes.com
2 cm.g.doubleclick.net 2 redirects
2 the.sciencebehindecommerce.com www.dwin1.com
the.sciencebehindecommerce.com
2 s.pinimg.com 1redirb.com
s.pinimg.com
2 use.fontawesome.com static.pkleeklrsrci.net
use.fontawesome.com
2 connect.facebook.net 1redirb.com
connect.facebook.net
2 creativecdn.com 1 redirects 1redirb.com
2 deploy.mopinion.com 1redirb.com
deploy.mopinion.com
2 www.googletagmanager.com www.kleertjes.com
www.googletagmanager.com
2 r.kleertjes.com www.kleertjes.com
r.kleertjes.com
2 www.google.com www.kleertjes.com
2 lookandfind.me 1redirb.com
1 adservice.google.com 8590952.fls.doubleclick.net
1 lux.speedcurve.com cdn.speedcurve.com
1 fonts.mopinion.com collect.mopinion.com
1 api.omappapi.com a.omappapi.com
1 www.pinterest.com 1 redirects
1 am.freshrelevance.com dkpklk99llpj0.cloudfront.net
1 dkpklk99llpj0.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 collect.mopinion.com deploy.mopinion.com
1 dn1i8v75r669j.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 www.google.de www.kleertjes.com
1 cm.creativecdn.com creativecdn.com
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 www.googleadservices.com www.googletagmanager.com
1 d81mfvml8p5ml.cloudfront.net www.googletagmanager.com
1 www.dwin1.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 cdn.speedcurve.com www.kleertjes.com
1 www.googleoptimize.com www.kleertjes.com
1 www.awin1.com 1 redirects
1 utkv6nyu.de 1 redirects
1 clever-redirect.com 1 redirects
1 rtpnt.xyz 1 redirects
1 netflli.com 1 redirects
93 48
Subject Issuer Validity Valid
lookandfind.me
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
kleertjes.com
Cloudflare Inc ECC CA-3		 2021-10-12 -
2022-10-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-12 -
2022-11-13		 a year crt.sh
r.kleertjes.com
R3		 2021-11-12 -
2022-02-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.dwin1.com
Amazon		 2021-11-19 -
2022-12-17		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.mopinion.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-05 -
2022-07-31		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-11 -
2021-12-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-05		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2021-07-19 -
2022-08-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.freshrelevance.com
Amazon		 2021-06-16 -
2022-07-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
a.omappapi.com
R3		 2021-11-15 -
2022-02-13		 3 months crt.sh
api.opmnstr.com
Amazon		 2021-03-11 -
2022-04-09		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Frame ID: 56FC769026F0B06B8DE5A6C220B353D0
Requests: 84 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_uNiHZGPWzkQR6PlGnCY6&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1638493880189&tc=1
Frame ID: F1194EE4954D8627845DC5D040668EB0
Requests: 2 HTTP requests in this frame

Frame: https://www.zenaps.com/alt.php?mid=12476&sv=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0
Frame ID: CB69FDEFA7C85839FF20F61F77B24CD7
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 9E6CB45591FAEE1AE95450C302C66771
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 474406D515E10F3D3D6B8106A278EFBA
Requests: 4 HTTP requests in this frame

Frame: https://8590952.fls.doubleclick.net/activityi;dc_pre=CJuR6625xvQCFUSK3godrBcJ5Q;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248;u2=category;ps=1;~oref=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248
Frame ID: 6C0B709E2D9589BEB79BE9AE9C9AF026
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D466650B5CB119972710D8DBDC3692A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kinderkleding, babykleding en schoenen - kleertjes.com

Page URL History Show full URLs

  1. http://netflli.com/ HTTP 302
    http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1... Page URL
  2. http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1112725861%26sid%3... HTTP 302
    https://rtpnt.xyz/v6/r?s=r7d&s3=1112725861&sid=20211203121115c4a7508ed11b1fb577 HTTP 302
    https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1112725861 HTTP 302
    https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3... Page URL
  3. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
  4. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=41d1d587f5df439ec8c579604... HTTP 302
    https://www.awin1.com/cread.php?awinmid=12476&awinaffid=101248&clickref=at107999_a116809_m12_p1347... HTTP 302
    https://www.zenaps.com/rclick.php?mid=12476&c_len=1296000&c_ts=1638493879&c_cnt=101248%7C0%7C0%7C16... HTTP 302
    https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_me... Page URL

Page Statistics

93
Requests

95 %
HTTPS

37 %
IPv6

33
Domains

48
Subdomains

39
IPs

8
Countries

1716 kB
Transfer

4229 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://netflli.com/ HTTP 302
    http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D Page URL
  2. http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1112725861%26sid%3D20211203121115c4a7508ed11b1fb577&s=j&enc=RnEzcTArMkRGNlZPc3VvbGRtWnBpSDQ5ZmpjeWJXUXJTamx3Y25wTlZqRlRNREJzWTBaeVFsY3pUa2w2TkVoTU9GWlRaRzFhWVdRcldUQXJlbmRSVFZWTWN6TnlUekZ2VjI4d2RqUnVMM0ZGVEU5WmNrMHpUWE5YZUcwMmVHOURRazE1V21aaFEwY3dPVlZwUW1wb1RuaGpjWGM0UVRsVVVIRXlNREl2TVRRM1IxQXJWMDk0V0VwUVpGTlpiMFowU0VvNWJEbGtlSE0yVEdaQlFYWmhkMjVhWkdGa1ZDOVFlVlkwT0hoRE1IZGtaM1p2VFRaaVMweENNMDlrTUdRdlZUUm1SSGRGVlcweWRGbG1RMDlpVFc5SE9YcExja1J3TlRFMVpYUkhOekZ1WVVRMVVXWnVMME5NTVhWTVRrMUdRVEV6WjAwM1R5OUJXSGhYUlVOdWRVOHpkekZpUmpKSlZrOWhSbFVyV0UxeVExZG1lVmxtY1hGVWNWRmxWVmhSWlZkUksydE9UMnhxYkZWbWFsWktXV2R3SzJ4V1RFUlNRMlZtZVZsTWREaFRURk41UTJsbVRHcElWRWM0TkdsalNsaHNia1p1UkM5S1VFeG1UbW80VlZwbE4wVnBiR3g2YzB4WVoxTlVNbkJCWlVrMFdIaDZVM1JMYW1KelNtMHpVV0ZLWlZoeVdXcFZaRzlqTXpWTU4zTkZkVk14U2pRcmVuZGtXbFJ6UnpJMlpIWnFkMGRHVlVJd1psVk5kSFZGVm1KVVVtVk9hbll3TDBsbE5ubHlTbUZ1WmpObmVrNTRXRVp4WVhsclEwNHpXVVk1T1RSQmIzTnJjemM0TkVZM1VIb3ZlVEp1ZGtWU04zaFphR1J0YkRrdmExQjJTbTVPV1dFMVZVY3djMWxSY0RWNFNYWmlSWEJLWkdWWFdqWlNXRWhLTVhsSmJEWlFibXQwWVdnelFrZEdRMHhOSzA1YVkzcDBWMnB1WmtaNmJ6ZDZjekYxWjJseGIyTlJRMk56Y2xsVFl6Y3dPQ3M0Y0c1T1NVcEVRelZhYURCS2VWSkZVMk5ZVlhWWlZreHFTRTVvTVhGQmRUaEpOMEZoSzNKc1ltdDJjeTlHWkVoUmRXdHlhMGxuWkdSU056VTVXR05XTkRRck1GRkhXbFpGT1VkYU5EZFFjRXRNVmxaR2RWa3ZOMEpHYXpGTVVHcFdiRUpVZDFweU5VTlROR0o2TjNOdVNUUTRLMGR0TVhCeGRrMVVMMVZIV0dWbk9XTlZNVFZxYVZSUFZHdDJha1pTWTFweU1scGxORUZTTUZkd1FXNVNVbmxRU0VwTGJVSk1lbmhMWkhRM1JuTkRUelpRV0VNMGRrSldTV0ZHV0cxbVNqVndhbEJtTlZZeFVuWk9OVE5SWVROc01reHZNRUY1TVRaUVZFcGpSa1pSVm5FelJIbGxNR1F6YkdSWWFFNXRObTlsVDFrOQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
    https://rtpnt.xyz/v6/r?s=r7d&s3=1112725861&sid=20211203121115c4a7508ed11b1fb577 HTTP 302
    https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1112725861 HTTP 302
    https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1112725861&s5=2 Page URL
  3. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D41d1d587f5df439ec8c5796046af9a0f%26url%3Dhttps%253A%252F%252Fwww.kleertjes.com%252F&h=9e7feafca7507d6eba2b642261151ed5 Page URL
  4. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=41d1d587f5df439ec8c5796046af9a0f&url=https%3A%2F%2Fwww.kleertjes.com%2F HTTP 302
    https://www.awin1.com/cread.php?awinmid=12476&awinaffid=101248&clickref=at107999_a116809_m12_p134708_cDE_s41d1d587f5df439ec8c5796046af9a0f HTTP 302
    https://www.zenaps.com/rclick.php?mid=12476&c_len=1296000&c_ts=1638493879&c_cnt=101248%7C0%7C0%7C1638493879%7Cat107999_a116809_m12_p134708_cDE_s41d1d587f5df439ec8c5796046af9a0f%7Caw%7C0&ir=ebcdb830-53d5-11ec-9d39-2236c0dc0c5d&pr=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&bId=HLEX_61a96eb7125041.42575734&cookie=1&c_d=zenaps.com HTTP 302
    https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://netflli.com/ HTTP 302
  • http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Request Chain 4
  • http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1112725861%26sid%3D20211203121115c4a7508ed11b1fb577&s=j&enc=RnEzcTArMkRGNlZPc3VvbGRtWnBpSDQ5ZmpjeWJXUXJTamx3Y25wTlZqRlRNREJzWTBaeVFsY3pUa2w2TkVoTU9GWlRaRzFhWVdRcldUQXJlbmRSVFZWTWN6TnlUekZ2VjI4d2RqUnVMM0ZGVEU5WmNrMHpUWE5YZUcwMmVHOURRazE1V21aaFEwY3dPVlZwUW1wb1RuaGpjWGM0UVRsVVVIRXlNREl2TVRRM1IxQXJWMDk0V0VwUVpGTlpiMFowU0VvNWJEbGtlSE0yVEdaQlFYWmhkMjVhWkdGa1ZDOVFlVlkwT0hoRE1IZGtaM1p2VFRaaVMweENNMDlrTUdRdlZUUm1SSGRGVlcweWRGbG1RMDlpVFc5SE9YcExja1J3TlRFMVpYUkhOekZ1WVVRMVVXWnVMME5NTVhWTVRrMUdRVEV6WjAwM1R5OUJXSGhYUlVOdWRVOHpkekZpUmpKSlZrOWhSbFVyV0UxeVExZG1lVmxtY1hGVWNWRmxWVmhSWlZkUksydE9UMnhxYkZWbWFsWktXV2R3SzJ4V1RFUlNRMlZtZVZsTWREaFRURk41UTJsbVRHcElWRWM0TkdsalNsaHNia1p1UkM5S1VFeG1UbW80VlZwbE4wVnBiR3g2YzB4WVoxTlVNbkJCWlVrMFdIaDZVM1JMYW1KelNtMHpVV0ZLWlZoeVdXcFZaRzlqTXpWTU4zTkZkVk14U2pRcmVuZGtXbFJ6UnpJMlpIWnFkMGRHVlVJd1psVk5kSFZGVm1KVVVtVk9hbll3TDBsbE5ubHlTbUZ1WmpObmVrNTRXRVp4WVhsclEwNHpXVVk1T1RSQmIzTnJjemM0TkVZM1VIb3ZlVEp1ZGtWU04zaFphR1J0YkRrdmExQjJTbTVPV1dFMVZVY3djMWxSY0RWNFNYWmlSWEJLWkdWWFdqWlNXRWhLTVhsSmJEWlFibXQwWVdnelFrZEdRMHhOSzA1YVkzcDBWMnB1WmtaNmJ6ZDZjekYxWjJseGIyTlJRMk56Y2xsVFl6Y3dPQ3M0Y0c1T1NVcEVRelZhYURCS2VWSkZVMk5ZVlhWWlZreHFTRTVvTVhGQmRUaEpOMEZoSzNKc1ltdDJjeTlHWkVoUmRXdHlhMGxuWkdSU056VTVXR05XTkRRck1GRkhXbFpGT1VkYU5EZFFjRXRNVmxaR2RWa3ZOMEpHYXpGTVVHcFdiRUpVZDFweU5VTlROR0o2TjNOdVNUUTRLMGR0TVhCeGRrMVVMMVZIV0dWbk9XTlZNVFZxYVZSUFZHdDJha1pTWTFweU1scGxORUZTTUZkd1FXNVNVbmxRU0VwTGJVSk1lbmhMWkhRM1JuTkRUelpRV0VNMGRrSldTV0ZHV0cxbVNqVndhbEJtTlZZeFVuWk9OVE5SWVROc01reHZNRUY1TVRaUVZFcGpSa1pSVm5FelJIbGxNR1F6YkdSWWFFNXRObTlsVDFrOQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
  • https://rtpnt.xyz/v6/r?s=r7d&s3=1112725861&sid=20211203121115c4a7508ed11b1fb577 HTTP 302
  • https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1112725861 HTTP 302
  • https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1112725861&s5=2
Request Chain 48
  • https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_uNiHZGPWzkQR6PlGnCY6&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1638493880189 HTTP 302
  • https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_uNiHZGPWzkQR6PlGnCY6&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1638493880189&tc=1
Request Chain 65
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=cjA4QWNBNkZ1bmtUVkJ3V3NaOUQ%3D&pi=adx&tdc=ams&chain= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm=&google_sc=&google_ula=5153224&google_hm=cjA4QWNBNkZ1bmtUVkJ3V3NaOUQ%3D&pi=adx&tdc=ams&chain=&google_tc= HTTP 302
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEIR8kMf4tTYLSFQ93bFFFbI&google_cver=1&google_ula=5153224,0
Request Chain 79
  • https://www.pinterest.com/ct.html HTTP 302
  • https://www.pinterest.de/ct.html
Request Chain 80
  • https://8590952.fls.doubleclick.net/activityi;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248;u2=category;ps=1;~oref=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248 HTTP 302
  • https://8590952.fls.doubleclick.net/activityi;dc_pre=CJuR6625xvQCFUSK3godrBcJ5Q;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248;u2=category;ps=1;~oref=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r2.php
1redirb.com/
Redirect Chain
  • http://netflli.com/
  • http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2F...
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8c2ea84cecd5def50ef0b39e31275e979756553b3f327eec6ac0bb69b740b740

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 03 Dec 2021 01:11:17 GMT
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2223
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 03 Dec 2021 01:11:15 GMT
Server
Apache/2.4.25 (Debian)
Location
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
jscheck.js
1redirb.com/javascript/ 		899 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirb.com/javascript/jscheck.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 03 Dec 2021 01:11:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Sep 2021 05:45:18 GMT
Server
Apache/2.4.25 (Debian)
ETag
"383-5ccf39a1986a8-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
405
swfobject.js
1redirb.com/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirb.com/javascript/swfobject.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 03 Dec 2021 01:11:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Sep 2021 05:15:56 GMT
Server
Apache/2.4.25 (Debian)
ETag
"27ef-5ccf3311813b9-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3949
jscheck.php
1redirb.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://1redirb.com/jscheck.php?enc=RnEzcTArMkRGNlZPc3VvbGRtWnBpSDQ5ZmpjeWJXUXJTamx3Y25wTlZqRlRNREJzWTBaeVFsY3pUa2w2TkVoTU9GWlRaRzFhWVdRcldUQXJlbmRSVFZWTWN6TnlUekZ2VjI4d2RqUnVMM0ZGVEU5WmNrMHpUWE5YZUcwMmVHOURRazE1V21aaFEwY3dPVlZwUW1wb1RuaGpjWGM0UVRsVVVIRXlNREl2TVRRM1IxQXJWMDk0V0VwUVpGTlpiMFowU0VvNWJEbGtlSE0yVEdaQlFYWmhkMjVhWkdGa1ZDOVFlVlkwT0hoRE1IZGtaM1p2VFRaaVMweENNMDlrTUdRdlZUUm1SSGRGVlcweWRGbG1RMDlpVFc5SE9YcExja1J3TlRFMVpYUkhOekZ1WVVRMVVXWnVMME5NTVhWTVRrMUdRVEV6WjAwM1R5OUJXSGhYUlVOdWRVOHpkekZpUmpKSlZrOWhSbFVyV0UxeVExZG1lVmxtY1hGVWNWRmxWVmhSWlZkUksydE9UMnhxYkZWbWFsWktXV2R3SzJ4V1RFUlNRMlZtZVZsTWREaFRURk41UTJsbVRHcElWRWM0TkdsalNsaHNia1p1UkM5S1VFeG1UbW80VlZwbE4wVnBiR3g2YzB4WVoxTlVNbkJCWlVrMFdIaDZVM1JMYW1KelNtMHpVV0ZLWlZoeVdXcFZaRzlqTXpWTU4zTkZkVk14U2pRcmVuZGtXbFJ6UnpJMlpIWnFkMGRHVlVJd1psVk5kSFZGVm1KVVVtVk9hbll3TDBsbE5ubHlTbUZ1WmpObmVrNTRXRVp4WVhsclEwNHpXVVk1T1RSQmIzTnJjemM0TkVZM1VIb3ZlVEp1ZGtWU04zaFphR1J0YkRrdmExQjJTbTVPV1dFMVZVY3djMWxSY0RWNFNYWmlSWEJLWkdWWFdqWlNXRWhLTVhsSmJEWlFibXQwWVdnelFrZEdRMHhOSzA1YVkzcDBWMnB1WmtaNmJ6ZDZjekYxWjJseGIyTlJRMk56Y2xsVFl6Y3dPQ3M0Y0c1T1NVcEVRelZhYURCS2VWSkZVMk5ZVlhWWlZreHFTRTVvTVhGQmRUaEpOMEZoSzNKc1ltdDJjeTlHWkVoUmRXdHlhMGxuWkdSU056VTVXR05XTkRRck1GRkhXbFpGT1VkYU5EZFFjRXRNVmxaR2RWa3ZOMEpHYXpGTVVHcFdiRUpVZDFweU5VTlROR0o2TjNOdVNUUTRLMGR0TVhCeGRrMVVMMVZIV0dWbk9XTlZNVFZxYVZSUFZHdDJha1pTWTFweU1scGxORUZTTUZkd1FXNVNVbmxRU0VwTGJVSk1lbmhMWkhRM1JuTkRUelpRV0VNMGRrSldTV0ZHV0cxbVNqVndhbEJtTlZZeFVuWk9OVE5SWVROc01reHZNRUY1TVRaUVZFcGpSa1pSVm5FelJIbGxNR1F6YkdSWWFFNXRObTlsVDFrOQ%3D%3D&rand=0.762663023115981
Requested by
Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 03 Dec 2021 01:11:17 GMT
Server
Apache/2.4.25 (Debian)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
a
lookandfind.me/s/
Redirect Chain
  • http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D1112725861%26sid%3D20211203121115c4a7508ed11b1fb577&s=j&enc=RnEzcTArMkRGNlZPc3VvbGRtWnBpSDQ5ZmpjeWJXUXJTamx3Y25wTlZqRlRN...
  • https://rtpnt.xyz/v6/r?s=r7d&s3=1112725861&sid=20211203121115c4a7508ed11b1fb577
  • https://clever-redirect.com/s/r6?s=r7d&s2=&s3=1112725861
  • https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1112725861&s5=2
431 B
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1112725861&s5=2
Requested by
Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash
74103ba9a6bc79adfc0784293bf00da2c2d266da3b7480d5cba742b6c221ec63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
431
content-type
text/html; charset=UTF-8
date
Fri, 03 Dec 2021 01:11:18 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy
no-referrer
x-powered-by
PHP/7.4.24
location
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1112725861&s5=2
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 03 Dec 2021 01:11:18 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
r
lookandfind.me/s/ 		347 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D41d1d587f5df439ec8c5796046af9a0f%26url%3Dhttps%253A%252F%252Fwww.kleertjes.com%252F&h=9e7feafca7507d6eba2b642261151ed5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash
bb22b158b79f7b9a3d4674b2d83de9153e95d9e32e9d52a23d1439e90443ef0e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kleertjes.com&s1=r7d&s2=&s3=1112725861&s5=2

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
347
content-type
text/html; charset=UTF-8
date
Fri, 03 Dec 2021 01:11:18 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
Primary Request /
www.kleertjes.com/
Redirect Chain
  • https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=41d1d587f5df439ec8c5796046af9a0f&url=https%3A%2F%2Fwww.kleertjes.com%2F
  • https://www.awin1.com/cread.php?awinmid=12476&awinaffid=101248&clickref=at107999_a116809_m12_p134708_cDE_s41d1d587f5df439ec8c5796046af9a0f
  • https://www.zenaps.com/rclick.php?mid=12476&c_len=1296000&c_ts=1638493879&c_cnt=101248%7C0%7C0%7C1638493879%7Cat107999_a116809_m12_p134708_cDE_s41d1d587f5df439ec8c5796046af9a0f%7Caw%7C0&ir=ebcdb830...
  • https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
61 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Requested by
Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D41d1d587f5df439ec8c5796046af9a0f%26url%3Dhttps%253A%252F%252Fwww.kleertjes.com%252F&h=9e7feafca7507d6eba2b642261151ed5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.27.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5647d4f5f79b84a9a1a29a74536ada94c1e99a35c700d4f4456dd253a5ef04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D41d1d587f5df439ec8c5796046af9a0f%26url%3Dhttps%253A%252F%252Fwww.kleertjes.com%252F&h=9e7feafca7507d6eba2b642261151ed5

Response headers

date
Fri, 03 Dec 2021 01:11:19 GMT
content-type
text/html; charset=UTF-8
content-length
14927
cf-ray
6b78eb993afd7028-FRA
cache-control
no-cache, no-store, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
content-encoding
gzip
expires
Wed, 28 Jan 1976 11:52:00 GMT
last-modified
Fri, 03 Dec 2021 01:11:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 4c692717a0e85914a993c3aa5c8a2ef7.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
content-security-policy-report-only
base-uri about: 'self'; form-action www.facebook.com 'self' 3dsec.cardcenter.ch aacsw.3ds.verifiedbyvisa.com acs-safekey.americanexpress.com acs.sia.eu acs1-3dsecure.cm-cic.com acs1.vkpay.com acs2-3dsecure.cm-cic.com acs5.six-payment-services.com authentication.cardinalcommerce.com bankieren.ideal.ing.nl belgium-3ds-bxl.wlp-acs.com belgium-3ds-vdm.wlp-acs.com betalen.rabobank.nl checkoutshopper-live.adyen.com connect.facebook.net ct.pinterest.com data: diensten.asnbank.nl diensten.regiobank.nl diensten.snsbank.nl foriseu-vbv.mycardplace.com ideal.ing.nl ideal.knab.nl ideal.triodos.nl ideal.vanlanschot.com live.adyen.com luxembourg-3ds-bxl.wlp-acs.com safekey-1.americanexpress.com secure5.arcot.com www.abnamro.nl www.europabank.be www.paypal.com acsm.centrum24.pl acssv.otpbank.hu; base-uri 'self' ct.pinterest.com kleertjes.com navigator-analytics.tweakwise.com vc.hotjar.io; frame-ancestors 'self' 'unsafe-eval'; manifest-src 'self'; report-uri https://wehkamp.report-uri.com/r/d/csp/wizard;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy
accelerometer=(), camera=(), encrypted-media=(self), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(self), usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-amz-cf-id
o3qP60eX8anc3KbBGokjq8vCnmECBsg2yX7fjA2oeaugz0GxqPaZbw==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
server
cloudflare

Redirect headers

Content-Length
0
Location
https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Allow
GET
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Fri, 03 Dec 2021 01:11:19 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
optimize.js
www.googleoptimize.com/ 		121 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-W8SG3HX
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b8f75fd156a061589318d0f54be99189e9302d0a01d834558471af7ee6b38d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42263
x-xss-protection
0
expires
Fri, 03 Dec 2021 01:11:19 GMT
cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
static.pkleeklrsrci.net/tl_files/cache/style/ 		419 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0b55e61708bcd211cc4af99df4ae844ad57f673cbd8b8e9de1ecfe0ff2cee99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 09:07:07 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 09:06:59 GMT
server
AmazonS3
age
4550653
etag
"12e503c0c502ac2e1b293e203ae0b61f"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
63106
x-amz-cf-id
I0jeXXA6YmRNqiDV5Bwe-Mw0j-etliLM9-a8ZVlJtxw0YCFmqQooKg==
expires
Thu, 11 Oct 6018 18:49:47 GMT
5c169e810e293e9a279f31872f2321ad.js
static.pkleeklrsrci.net/tl_files/cache/scripts/ 		272 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40fd6d7734b8421e48a48d833c96fff6c4703198cc85cb9b69684171d3a1cb6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 10:34:53 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 10:34:53 GMT
server
AmazonS3
age
3594987
etag
W/"5c169e810e293e9a279f31872f2321ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
_1oydmDvYfx0yLrINZ9FEjArpVG2D0zkqPVhyvfngwfy9-nJ2xJ_pg==
api.js
www.google.com/recaptcha/ 		850 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=nl
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0700d62e261e826f000f1c7a430d1441a379850496863aa7ec3590d70c49590c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Fri, 03 Dec 2021 01:11:20 GMT
lux.js
cdn.speedcurve.com/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=4173546566
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
81d7ffda12d52879d120761935e31fda81449e4a40954b2a2bc5c4c2d99e72b9

Request headers

Referer
https://www.kleertjes.com/
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:19 GMT
via
1.1 vegur, 1.1 varnish
age
2126
x-cache
HIT
x-cache-hits
1
content-encoding
gzip
content-length
6246
x-served-by
cache-hhn4053-HHN
last-modified
Fri, 03 Dec 2021 00:35:54 GMT
server
Apache
x-timer
S1638493880.961219,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Dec 2021 00:35:54 GMT
kleertjes-logo.svg
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/kleertjes-logo.svg
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
184ebb69fdafee46b23ce24f64530474a5de34ee61f2ead9258ef7f6fb439059

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 01:46:51 GMT
content-encoding
gzip
last-modified
Mon, 25 Jun 2018 12:17:10 GMT
server
AmazonS3
age
9588269
etag
W/"f5139cdbaeaadb8bc8c36236dea17972"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
cache-control
max-age=94608000, public
x-amz-meta-s3b-last-modified
20180625T121508Z
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
p3gkiD2YOS0VcahkoSAM7eGp_X-qPde0iZ-LFcSEOjxq7a-fs8BxPA==
expires
Wed, 10 Oct 2046 08:25:22 GMT
v2-wk48-vrij-sale40-grote-banner-1092x403.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/VRIJ/v2/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/VRIJ/v2/v2-wk48-vrij-sale40-grote-banner-1092x403.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1857dfedb702c61c8b8611b3b2295d93566dabb2b8c477ac352eed95e37e01e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:50:07 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 14:52:00 GMT
server
AmazonS3
age
33673
etag
"702665dea476a0508c1bffcf1f4c7941"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
93149
x-amz-cf-id
-g_ZNRsgCplJyt-MsEguplGv3-R0nNDXY9ZvVbC0Ev_VUUF5b7Ntvw==
ingang-40-sweaterss-143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/VRIJ/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/VRIJ/ingang-40-sweaterss-143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a454c62f99ee6a7cefd350bd9c079a7fb8c7698725dbe55f3ea219887d4bd1cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 00:03:16 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 25 Nov 2021 14:23:11 GMT
server
AmazonS3
age
4084
etag
"851d0806c42b25cb68e85f8aebb7bc66"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
11177
x-amz-cf-id
CDYUXpFp7Q7K7i3acTAfu4M9rxVah3tq6BbvIda1w50hHdotFWI_kw==
ingang-40-broeken143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/VRIJ/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/VRIJ/ingang-40-broeken143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
021588104c3e74d6c82717e94d2318278bfa995a554bf370e4dd5199e0ddb0e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 00:03:16 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 25 Nov 2021 14:23:09 GMT
server
AmazonS3
age
4084
etag
"dff7e1e3700f1a14834c1f4665274d96"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
5815
x-amz-cf-id
m5nyxq8kiRC4y5qf8EBgBAQH2qGGseaVDF6bIq5bEkPMceEvMQqrOg==
ingang-40-schoenen143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/VRIJ/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/VRIJ/ingang-40-schoenen143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99a28aaf370b542e60237a14c08ada6c09bc01d375b3bd8cd6e3890568b813db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 00:03:16 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 25 Nov 2021 14:23:10 GMT
server
AmazonS3
age
4084
etag
"4b4632dbcd5214e671f14242a2e2941d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
6402
x-amz-cf-id
GIpB7-UKK6nVlCcQ7sJ9GEyT9b0gFWMKT1Mld2UwHMDkL7Q8mASzXw==
ingang-40-jassen143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/VRIJ/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/VRIJ/ingang-40-jassen143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab98a8537b6eacc7704a4f7116562ebc051daa050b6fb2e941ffbc8443cc3989

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 00:03:16 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 25 Nov 2021 14:23:10 GMT
server
AmazonS3
age
4084
etag
"45adf3f951fd3b3638b496f1bdf2313c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
11946
x-amz-cf-id
qB9RMjRQA0qezGw-YTQcAQoQhQtUnHmE3hgnf-Cgua6WIQWLO6IlHQ==
wk48-di-ingang-30-speelgoed-143x160.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/DI/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Categorieen/2021/Week48/DI/wk48-di-ingang-30-speelgoed-143x160.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61af473a77d2f2674d6127729b2c9350ed07b1b36e7ed7ce7b483da1827f7753

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 00:00:31 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 25 Nov 2021 14:22:26 GMT
server
AmazonS3
age
263449
etag
"0ac4df0a4d1cb45132baa84fae30d854"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
6560
x-amz-cf-id
hVn-d15lMNYRkDPvMbBKMZBL9kVHYr0H-pSixfxpsFvOaOKqsJrtUQ==
wk48-vrij-jassen-470x470.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/VRIJ/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/VRIJ/wk48-vrij-jassen-470x470.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d991379794d6583da21e944e761305903178d94764dc31cfab57530cecadfaff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 10:28:55 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 10:14:06 GMT
server
AmazonS3
age
52944
etag
"96c9c2ce2193ade856c38d7b81abe7e4"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
85445
x-amz-cf-id
FkSGtL-8_pYP3z5rvSjRdS2E-FAFOliXGnyDQBJgbb3OuTdkYN6OPw==
wk48-vrij-sale-schoenen-kleine-platte-banner.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/VRIJ/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/VRIJ/wk48-vrij-sale-schoenen-kleine-platte-banner.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24c158b78412660458eba6bf9e272cfa8a782f8e205ff5dbc7945b7a15797497

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 10:30:26 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 10:10:41 GMT
server
AmazonS3
age
52854
etag
"bbd021741b3dac94f3eb2c5537462ddc"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
25820
x-amz-cf-id
vvNjcuJ1214ADtOKce-pfLjlmaheCHsVTemJb8WrbYGnfL-H7yHqXg==
wk48-ma-470x470-baby%27s-only-v2.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/DI/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/DI/wk48-ma-470x470-baby%27s-only-v2.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1361af46e321db9281de07f034d653a0a2420d4509e947a04e1ae0b139c4b9eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 14:37:43 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Mon, 29 Nov 2021 14:36:20 GMT
server
AmazonS3
age
297217
etag
"1aa55ca5027ae98d906382ba69e28a86"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
98439
x-amz-cf-id
owytaTyLpUOHLKrYX4oLcLdKn3Xmme6E_otk7_3AalOgQIMiXeMBSA==
wk48-vrij-speelgoed-kleine-platte-banner.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/VRIJ/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week48/VRIJ/wk48-vrij-speelgoed-kleine-platte-banner.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bdc590ef254ae914700134b34b007e55eacf5c3877b778fa7c7255e65b0bda0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 10:32:19 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 10:14:01 GMT
server
AmazonS3
age
52741
etag
"566ec978222f685e4f990680607ee1e5"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
20175
x-amz-cf-id
hclDPnxoaP5KmMwSFlqhIodDM9_RQ5rKhik0SycnYrTMa0ckIsNtcA==
wk45-woe-470x470-adidas.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week45/WO/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week45/WO/wk45-woe-470x470-adidas.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2aeb109fa54ba716bdc64f4a560e22571fae47360825066aabd41e9484851e82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:00:12 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 16:29:33 GMT
server
AmazonS3
age
1991468
etag
"763c2152df1410eefd5a57110230f580"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
58858
x-amz-cf-id
KEXDYPwz3F-O3MU4slY4mFxfQjHSFlU-D5zionAl7hfcaENj786UCQ==
wk4-onlinemagazine.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week4/DI/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week4/DI/wk4-onlinemagazine.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64cda99e454271f765db186db573f8a41af2024d4e8ea559d45c16a9ecb553a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 05:30:02 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 26 Aug 2021 13:24:28 GMT
server
AmazonS3
age
8451678
etag
"38be1caf3810d86e2e64e60828c4ade7"
x-amz-meta-sha256
64cda99e454271f765db186db573f8a41af2024d4e8ea559d45c16a9ecb553a5
content-type
image/png
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2623
x-amz-cf-id
MVhxuCkbzkweA7eSmr7pDP6y5YB0GuNqZ-drRiUHFOdhgRkTDtbNdA==
x-amz-meta-s3b-last-modified
20210125T083655Z
kleine-platte-banner-pampers.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week28/MA/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Marketingblokken/Homepagebanners/2021/Week28/MA/kleine-platte-banner-pampers.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d291f894bfc4febf529d8019165b6dcf6622b18c4cd26fb9880ddd083a27195a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 06:30:01 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 26 Aug 2021 13:24:26 GMT
server
AmazonS3
age
8102479
etag
"275b7948e856f2e8c15aa07d2eaf6afd"
x-amz-meta-sha256
d291f894bfc4febf529d8019165b6dcf6622b18c4cd26fb9880ddd083a27195a
content-type
image/png
cache-control
public, max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
16248
x-amz-cf-id
aUZZct00Iju0JetmUH-AVniZYvGI3MBRrro8pq1f5Ui_ZA_OfnC-qg==
x-amz-meta-s3b-last-modified
20200630T101021Z
logo-magazine.png
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/logo-magazine.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
176ad8d6d1385c134350eec79860d189e049ba482f485db6a7c548b81f9118d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 05:11:36 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 26 Aug 2021 13:26:10 GMT
server
AmazonS3
age
8366384
etag
"7da8065846fc2767e810e28354fe038a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-meta-s3b-last-modified
20181015T072846Z
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
990
x-amz-cf-id
STbA7u6zASQvIchzu_sGxdhYR8tnbByO48sgslUQ_e4v8390GhzspQ==
expires
Wed, 26 Sep 2046 04:58:10 GMT
AW21-Email-1090x190.png
static.pkleeklrsrci.net/tl_files/content_resources/images/Footer-Banners/2021/AW21/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/content_resources/images/Footer-Banners/2021/AW21/AW21-Email-1090x190.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
024eebe32b057a32537813f1a74e10f95d564db95b3fa2c4b59c987f46e77b92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 05:38:11 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Fri, 03 Sep 2021 07:13:15 GMT
server
AmazonS3
age
4131189
etag
"e2778a17d723b262394aae6c93170b93"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
68799
x-amz-cf-id
EwGEVxd93JpVdSEBS_ND_TRHFFO_zzQx72uA1YHYVYZwtUgKIa6iiQ==
Logo_Thuiswinkel_Waarborg_10jaar.png
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/Logo_Thuiswinkel_Waarborg_10jaar.png
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc1e359c31671b24c7eb0ae954bf7841321d27b514e659c536840326343efdb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 05:36:02 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
age
11388918
x-amz-meta-sha256
cc1e359c31671b24c7eb0ae954bf7841321d27b514e659c536840326343efdb8
x-cache
Hit from cloudfront
content-length
2973
last-modified
Thu, 24 Oct 2019 13:22:11 GMT
server
AmazonS3
etag
"63acb7f19baf41d6d007e141bdc8217e"
content-type
image/png
expires
Wed, 26 Sep 2046 04:58:10 GMT
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
PD95BTlx2qzLiJN4yIaAkYz2897nMiw5aloU8SyBeBxyPsy3D6vgWw==
x-amz-meta-s3b-last-modified
20191024T132116Z
202632b102f062d13805828b12c62571.js
static.pkleeklrsrci.net/tl_files/cache/scripts/ 		218 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.pkleeklrsrci.net/tl_files/cache/scripts/202632b102f062d13805828b12c62571.js
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08077323db510f7c73784640799b8721d530767fe4c2a5a9b6f26f356a839d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:16:54 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:04:23 GMT
server
AmazonS3
age
4362865
etag
W/"202632b102f062d13805828b12c62571"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
4sEzrcECxrO_wXXL_TZNjcDDjdhUFd0KiNI0DikR_MFTxFwAQ-iJYA==
giin.js
r.kleertjes.com/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.kleertjes.com/giin.js
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.120.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-120-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
033c727a0d1f3cb475db3f22e6cbef3547318fc52da87511e0c9d619e5139ea2
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 03 Dec 2021 01:11:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Connection
keep-alive
Referrer-Policy
no-referrer
Last-Modified
Fri, 29 Oct 2021 21:33:35 GMT
Server
nginx
X-Frame-Options
DENY
ETag
W/"617c68af-94a6"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src 'self';
gtm.js
www.googletagmanager.com/ 		301 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5817fbc0e8310977f4dfd0912114066f724d683113dda86452f293264e85f25f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89808
x-xss-protection
0
expires
Fri, 03 Dec 2021 01:11:20 GMT
usp-check-2-min.png
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/usp-check-2-min.png
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
101965af73a97aabfec5a6e49db47fdf4de2dca44fc859d8d8b6444ea807f563

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 06:08:25 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 26 Aug 2021 13:26:10 GMT
server
AmazonS3
age
8449375
etag
"676067561793549540157957076e39e9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
1080
x-amz-cf-id
g30JbmZoFY3lWMw1H9Ox_lwzs-3Aud9HZd1J7I5TOD_j4wfOfrMO8Q==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81a5dafd9389dafc97ab80fa6a031db8babac927392b73a2d6ed764e8443838f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541eb42d376e446209a865b53cd04c23afd397691db40433c61898d670e89acf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
nettoot-bold-webfont.woff
static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/nettoot-bold-webfont.woff
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a1bf1cad38252b6e62edeb31cd5c9769577404b22a97cdb95b45997f11302a8

Request headers

Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:48:44 GMT
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
age
15085356
x-cache
Hit from cloudfront
content-length
30208
last-modified
Fri, 11 Jun 2021 09:39:05 GMT
server
AmazonS3
etag
"2d8622b4123ae6922dc22b6a6890e0d0"
vary
Origin
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
Q4qNAkmqtmJo87ULt0VNhwkrO9Xp3yfY9BTIqCpyjwF5rHMvzFb56Q==
expires
Wed, 11 Jun 2031 09:39:04 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
745d74f097901d4047ce8959ac2fb429268d6c9a665cc9212e08dea7dc2577e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
sprite-winkelen-03.png
static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/images/sprite-winkelen-03.png
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c00b5d026c6bdcdac2b31ecdfc77eb486dba6a92bb6282c99c6e36facb30745

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 06:05:46 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jan 2021 05:30:53 GMT
server
AmazonS3
age
26679934
etag
"7f78d75cbb2640eb926b85200fa6b307"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
8351
x-amz-cf-id
oY8iCGTUbq5M5vqC5JqFljpL1utCK0zbq1oUYFDy544S2p7uFZXJbw==
expires
Tue, 28 Jan 2031 05:30:52 GMT
kleertjes.6.woff
static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/kleertjes.6.woff
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb42c637f5f49872c175d1b2d5686bd1b370fc8f1fc4510c2c5a2faed4b02857

Request headers

Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 23:36:56 GMT
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
age
14520864
x-cache
Hit from cloudfront
content-length
10392
last-modified
Thu, 17 Jun 2021 23:29:28 GMT
server
AmazonS3
etag
"51fc6b2efa0c499f6ccc00a63e4a101c"
vary
Origin
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
d5wVpLW8UzRW5Mkn9QVqhfbT22sNe7ReGAsuW3nO5DxYl2OpU6e1Hg==
expires
Tue, 17 Jun 2031 23:29:27 GMT
museo-500.ttf
static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/ 		54 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/museo-500.ttf
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f89b91ffe4f86e4d185ca280cf41b8a860657e5d2205ad9b079f65fcdc8ca6e4

Request headers

Referer
https://static.pkleeklrsrci.net/tl_files/cache/style/cache_https_kleertjes_vd9c9694c98a902a6d537e978c1994faa.gz.css
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 07:33:46 GMT
content-encoding
gzip
age
7839454
x-amz-meta-sha256
f89b91ffe4f86e4d185ca280cf41b8a860657e5d2205ad9b079f65fcdc8ca6e4
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 26 Aug 2021 13:26:09 GMT
server
AmazonS3
etag
W/"4ecbcdf4e36ac92baa9965af3eeb128d"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD
content-type
application/x-font-ttf
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
expires
Thu, 11 Oct 2040 09:14:22 GMT
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
I9q47p-8vlxd2Ha67rr-41UOD--lgA7MzNSuHYGRHBfqO0IW2GLFYw==
x-amz-meta-s3b-last-modified
20191004T085728Z
load.php
www.kleertjes.com/system/modules/ajax/lib/webservice/ 		501 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kleertjes.com/system/modules/ajax/lib/webservice/load.php
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.27.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f76c49258d2cc28e728880c9b2dbc5c0904114830f9fa7ad2335e2d2a77f4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-length
301
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/json;charset=UTF-8
via
1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront)
cache-control
no-store, no-cache, must-revalidate
cf-ray
6b78eb9dfa837028-FRA
x-amz-cf-id
NP8ILwOrD3LKp0vMSAc9fMl20S7v_1rQo4VZSvM2cKcltWa63M174Q==
expires
Thu, 19 Nov 1981 08:52:00 GMT
load.php
www.kleertjes.com/system/modules/ajax/lib/webservice/ 		391 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kleertjes.com/system/modules/ajax/lib/webservice/load.php
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.27.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94171e3ce6d1d94252f60562de60b576b33c83adbed10dd1347ac1f228bd0b5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-length
272
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/json;charset=UTF-8
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
cache-control
no-store, no-cache, must-revalidate
cf-ray
6b78eb9dfa847028-FRA
x-amz-cf-id
x6r6GRtM0HXBaXylAY_YtFGX58F1zL_YTrg1_JEE5l23svO67M5zMA==
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
www.kleertjes.com/api/user-preference/has-newsletter-subscription/ 		17 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kleertjes.com/api/user-preference/has-newsletter-subscription/?t=1638493879
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.27.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
via
1.1 9e1b24b39ac8b669f996f1e7907eb697.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-length
17
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
cf-ray
6b78eb9e0a867028-FRA
x-amz-cf-id
cKXthXjO8D63gHEUrjuB8ko-Q6sgfYEJMoTblMcrQHDTvxPVDltMDQ==
expires
Thu, 19 Nov 1981 08:52:00 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 		345 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=nl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b624b7b7455953d2e3243101ec2c75217a5401bb29e2d815e20fa8144763936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kleertjes.com/
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 09:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138042
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 01 Dec 2022 09:32:27 GMT
js
www.googletagmanager.com/gtag/ 		160 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DP0B9JGB5P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc77c060d51f7b26e46516b17c0a73d26f3bd630b5a33c1ad52268bc6c693b3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60831
x-xss-protection
0
expires
Fri, 03 Dec 2021 01:11:20 GMT
hotjar-37743.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-37743.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-102.fra56.r.cloudfront.net
Software
/
Resource Hash
1731f418eb981922000f84d6601ec31a84a81617c69003af1a557d683b523107
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:10:50 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
30
etag
W/3e3d1bf7939cceaf3e133fa5f36db00f
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
TYOE-3uEXBPYXjlAJn6iXoNSaghZ1AsvJoCghymjmPr6yu-uBNfRRQ==
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
12476.js
www.dwin1.com/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/12476.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8600:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
975a7b3f0cd4ceb3a548b95011adc8626344a3577ea2878295c5efc26941b556

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
qAixLY8PRNVxQRAdLtkPI3krcQQ8GcN_
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 14:23:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"7c690f6edda44465755896a18f6d1bb1"
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
date
Fri, 03 Dec 2021 01:11:20 GMT
x-amz-replication-status
COMPLETED
x-cache
Hit from cloudfront
x-amz-cf-id
PwDrt2iNVv2E5yWZPfv1WFLh5oZ2xR3RZ3LhzePTPKeswPDH3gMaMQ==
via
1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront)
a6876cfw.js
d81mfvml8p5ml.cloudfront.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d81mfvml8p5ml.cloudfront.net/a6876cfw.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9e00:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d93d46611f9d76728684f9bc8e6a75b19cd6004e49e3bfadbb37ea7175ade9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:03:43 GMT
content-encoding
gzip
last-modified
Fri, 25 Jun 2021 16:33:40 GMT
server
AmazonS3
age
794
etag
W/"c51c3c2b8a2a762368140eae949afd5a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 e59bea79ab5f15feda92136bc7b74159.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
7qoge4Ae0OVt7vg8SsDeqOD9LduWC5P1-FVmj0G3BCzwjtHDF6tvMw==
pastease.js
deploy.mopinion.com/js/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deploy.mopinion.com/js/pastease.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
404e553148c76b0949a09f99394fde3eb9a7aa402e96ed13806e226766acca69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
24530
x-powered-by
Pastea.se
x-cache
Hit from cloudfront
date
Thu, 02 Dec 2021 18:22:30 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2021 12:10:07 GMT
server
nginx
etag
W/"6afe-17b9c1ddbc9"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
CLZ8cGdqaCemADwL7BIEVyLcFdNLJUPNwU8maveQr_TQfUueyVUl3w==
tags
creativecdn.com/ Frame F119
Redirect Chain
  • https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_uNiHZGPWzkQR6PlGnCY6&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a...
  • https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_uNiHZGPWzkQR6PlGnCY6&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a...
244 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_uNiHZGPWzkQR6PlGnCY6&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1638493880189&tc=1
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
02d7112af6d49bfe2dfc1ff2b004b8de6b8f64dbed26afc3b165bbd402a269c1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT Fri, 03 Dec 2021 01:11:20 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-max-age
3600
vary
Origin, Accept-Encoding
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-encoding
gzip
content-length
195

Redirect headers

date
Fri, 03 Dec 2021 01:11:20 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-max-age
3600
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_uNiHZGPWzkQR6PlGnCY6&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1638493880189&tc=1
content-length
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5777
date
Thu, 02 Dec 2021 23:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 03 Dec 2021 01:35:03 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 01:11:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
Acx0fvgDzNhq0Pw8CdaNsAOW0snsGFKU/elOCu7CBU49f9pFvoj3/bO1eYRBT6CdvbENLpJ8bY35HJjvERW73Q==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 03 Dec 2021 01:11:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
all.css
use.fontawesome.com/releases/v5.0.12/css/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.12/css/all.css
Requested by
Host: static.pkleeklrsrci.net
URL: https://static.pkleeklrsrci.net/tl_files/cache/scripts/5c169e810e293e9a279f31872f2321ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12891826
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
EBVYAX31CPN695AG
x-amz-id-2
NO0Q1ssxCYKZHzzW3oJKYBlmzlIzcfaufVTVftEmyXnNlo3WeGqsWSDN96wIi628nbgIpmus/bU=
last-modified
Wed, 30 Jun 2021 15:27:17 GMT
server
cloudflare
etag
W/"d896a88b71aa2ba5d6bd670429bf1bad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hm8WJiMvi63bDTGSvwFGQ%2B9fXZ6I85zO02TRz4WC63jeVXtAQzXhak%2FuHPF%2BKcJcYdhBopxOTSVseohapmb2gz7yQ0xCCk55TLmH0g9H3V2ff3XEqSK10%2BuE7rt7pd410XqFuOOs4pxMF5K7%2FNx6t0wu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6b78eb9f680ed6f1-FRA
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
fastly-restarts
1
x-cdn
fastly
etag
"95580b4fad0d5513b92f05a5be0d5a38"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
modules.909c20fd8721306b1fa9.js
script.hotjar.com/ 		226 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.909c20fd8721306b1fa9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-37743.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1ac32752b35d7d19ab735f0e9aa200625f0cda0d3a59f5a067e51116c2a43707
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
33494
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
60677
access-control-allow-origin
*
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
etag
"10fcc57bdff3ad7a3c23c5903b8e57c8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
G_zAP7191YEo5kPltaKWyszD4EQfcXJ0WojotHmbtRuEBZn0csniwg==
alt.php
www.zenaps.com/ Frame CB69 		155 B
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zenaps.com/alt.php?mid=12476&sv=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/12476.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c83868b4b3086ad03c631a754a9218d0376c8c92863511eab2de0370801d5152
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/

Response headers

Content-Type
text/html
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 03 Dec 2021 01:11:20 GMT
Content-Length
141
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
d9core
the.sciencebehindecommerce.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.sciencebehindecommerce.com/d9core
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/12476.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.144.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-144-192.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
07f45d11106c7ea4d489aca64fa531ff70c7e34bf07818e8b46be88bdb01fdc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 03 Dec 2021 01:11:19 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
the.sciencebehindecommerce.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3606
1802294463357935
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1802294463357935?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a7c552e8ec38740e9708195f6d84002b197ff35904d64e47eeb2d5c1f042ad2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88828
x-xss-protection
0
pragma
public
x-fb-debug
MyAS+WEru5id+MhMPQNv+MaMNp+wfNIh/5WR6SZg2+cvzMICS/TcTENNrp7aM0osC6Eo8Avs+v7L3wXRtd6jbw==
x-frame-options
DENY
date
Fri, 03 Dec 2021 01:11:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.12/webfonts/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.12/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.12/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.12/css/all.css
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11472369
cf-ray
6b78eb9fbb66701f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45132
x-amz-id-2
97IzafoIBXaI3+QGZ0ZLkXOCN/2eGsZdeyobOxyAaxbJEhdDS8D4T/EU/g2G/L+bsPOu6C8hyI4=
last-modified
Wed, 30 Jun 2021 15:27:31 GMT
server
cloudflare
etag
"62e224193aeed0b428e83d1cccfd6d91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IhMTBuh%2BbVBTX8MQNh3IBDnYQyQ7JkzXtHHbbz2XHRzmsgS3Dz8AjM6rRZnAlQXtaMaNrHRGjtESztTIpaCVJEHyEQ6EJvmHN48cODEpVp%2BeimcVP%2FZmcg2gqPRnwbIaUDrc8cYz6o%2BMcIEYh92ydcc"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
V88SB4J1RY0SZD75
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-9234733-1&cid=1313084067.1638493880&jid=300586048&gjid=776286163&_gid=1730466076.1638493880&_u=YGBAgAABAAAAAE~&z=739559975
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 03 Dec 2021 01:11:20 GMT
content-type
text/plain
access-control-allow-origin
https://www.kleertjes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1446406398&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&dr=https%3A%2F%2Flookandfind.me%2F&ul=en-us&de=UTF-8&dt=Kinderkleding%2C%20babykleding%20en%20schoenen%20-%20kleertjes.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=300586048&gjid=776286163&cid=1313084067.1638493880&tid=UA-9234733-1&_gid=1730466076.1638493880&gtm=2wgc105H4GP8&cg1=category&cd4=Desktop%20%26%20Tablet&cd5=criteo_abtst.group&z=538881593
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 07:54:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62222
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DP0B9JGB5P&gtm=2oec10&_p=1446406398&sr=1600x1200&ul=en-us&cid=1313084067.1638493880&_s=1&dl=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&dr=https%3A%2F%2Flookandfind.me%2F&dt=Kinderkleding%2C%20babykleding%20en%20schoenen%20-%20kleertjes.com&sid=1638493880&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.contentgroup=category
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DP0B9JGB5P&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 01:11:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kleertjes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-a1ae2079824d1c48aa9ce06efb256f18.html
vars.hotjar.com/ Frame 9E6C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-37743.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/

Response headers

content-type
text/html
content-length
1044
date
Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6215abf691a11c2f451680e635d30daa"
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
Wgk3dtfHdYHpc1W0qyDn1q5l_T3pDRMV_l0GWOjOKEWuRZUwMmmJrQ==
age
33494
jyeh8u5g21h31lqpsr9f71tdyrnojz5llcj
deploy.mopinion.com/config/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://deploy.mopinion.com/config/jyeh8u5g21h31lqpsr9f71tdyrnojz5llcj
Requested by
Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Pastea.se
Resource Hash
8c19a0da895720acece007642d09d00ee20e4b64561af4b79e555050c1d614ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 00:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1554
x-powered-by
Pastea.se
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
access-control-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id
SPs7zNvdJC_N6SAeAcIDqObrOWOK89Qfbg7nCA-v3WPl-fgaWnOsww==
main.6ae4a9fc.js
s.pinimg.com/ct/lib/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"9850391ff02e4a98b00efa3acfbbbb10"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
18814
access-control-expose-headers
X-CDN
cm
cm.creativecdn.com/adx/ Frame F119
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=cjA4QWNBNkZ1bmtUVkJ3V3NaOUQ%3D&pi=adx&tdc=ams&chain=
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm=&google_sc=&google_ula=5153224&google_hm=cjA4QWNBNkZ1bmtUVkJ3V3NaOUQ%3D&pi=adx&tdc=ams&chain=&google_tc=
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEIR8kMf4tTYLSFQ93bFFFbI&google_cver=1&google_ula=5153224,0
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEIR8kMf4tTYLSFQ93bFFFbI&google_cver=1&google_ula=5153224,0
Requested by
Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_WeUnXhr3TGr6JnJsbz3D&id=pr_WeUnXhr3TGr6JnJsbz3D_lid_uNiHZGPWzkQR6PlGnCY6&su=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&sr=https%3A%2F%2Flookandfind.me%2F&ts=1638493880189&tc=1
Protocol
H2
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creativecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 01:11:20 GMT, Fri, 03 Dec 2021 01:11:20 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Dec 2021 01:11:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEIR8kMf4tTYLSFQ93bFFFbI&google_cver=1&google_ula=5153224,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-9234733-1&cid=1313084067.1638493880&jid=300586048&_u=YGBAgAABAAAAAE~&z=1249236624
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 01:11:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-9234733-1&cid=1313084067.1638493880&jid=300586048&_u=YGBAgAABAAAAAE~&z=1249236624
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 01:11:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1802294463357935&ev=PageView&dl=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1638493880367&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638493880366.1372769305&it=1638493880253&coo=false&exp=p0&rqm=GET
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 03 Dec 2021 01:11:20 GMT
12476.gif
www.zenaps.com/m/ Frame CB69 		43 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zenaps.com/m/12476.gif
Requested by
Host: www.zenaps.com
URL: https://www.zenaps.com/alt.php?mid=12476&sv=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.zenaps.com/alt.php?mid=12476&sv=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Dec 2021 01:11:20 GMT
Allow
GET
ETag
12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
max-age=0
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
/
dn1i8v75r669j.cloudfront.net/v/ 		47 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dn1i8v75r669j.cloudfront.net/v/?w=a6876cfw
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/a6876cfw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6e00:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6442df9cd2e47f37db25d8ec460c4759709625a5eec2336ab9436c6f0d9922bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:09:01 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
age
139
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
pnmtUO1MQOSHsrc643lnqsRSAV4Tk65Swt1uLGeRBK1NhQolpKGC0A==
survey.min.js
collect.mopinion.com/assets/surveys/2.0/js/ 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Requested by
Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.239.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-239-185.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fb3641b42f41f2413a1ce0a9b31ce9b85b17398351f25859fae484f13fb34ed9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com; worker-src blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com; worker-src blob:
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 15 Nov 2021 12:15:48 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"61924f74-2c448"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com; worker-src blob:
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires
Fri, 10 Dec 2021 01:11:20 GMT
/
ct.pinterest.com/user/ 		486 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613576938982&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1638493880400
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de7c2706afa5e0452969fcdeeab16ed2941c958625e3b5d0c1be279fc42683e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
referrer-policy
origin
x-cdn
fastly
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kleertjes.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
pin-unauth
dWlkPU56ZzRNelJtTkdNdE9UUmtNQzAwTXpZeExUZ3daV0l0WWpBeE56RXhZVGMzWlRNMw
x-pinterest-rid
1153719173173363
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
content-length
361
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613576938982&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248%22%2C%22ref%22%3A%22https%3A%2F%2Flookandfind.me%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1638493880401
Requested by
Host: www.kleertjes.com
URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 01:11:20 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
x-pinterest-rid
1510424101647666
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
lgc
the.sciencebehindecommerce.com/ 		0
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the.sciencebehindecommerce.com/lgc
Requested by
Host: the.sciencebehindecommerce.com
URL: https://the.sciencebehindecommerce.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.144.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-144-192.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 03 Dec 2021 01:11:19 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://www.kleertjes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
a6876cfw_1624638820167.js
dkpklk99llpj0.cloudfront.net/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dkpklk99llpj0.cloudfront.net/a6876cfw_1624638820167.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/a6876cfw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a400:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b51dd60231681a37c4fb5dd80a87e172f4d29f974f1c1b4a179a310e2ce6b19c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 16:37:41 GMT
content-encoding
br
last-modified
Fri, 25 Jun 2021 16:33:48 GMT
server
AmazonS3
age
13854820
etag
W/"82caa0552b89d90057dfa3e7120f330a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 760a29e891ec10bba1274911260e1fc9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
Zgck0RTCKwBKGwXThscPWfHzf7u2ZawN9A9lpfKDJk18gPpwXcJNgw==
/
ct.pinterest.com/md/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 01:11:20 GMT
referrer-policy
origin
x-cdn
fastly
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
0
x-pinterest-rid
1412713124433813
expires
Sat, 01 Jan 2000 00:00:00 GMT
json-config
cacheorcheck.mopinion.com/survey/public/ 		182 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cacheorcheck.mopinion.com/survey/public/json-config?key=e192f9acbecb7523e660f6067b39d594f834c0e1&domain=app.mopinion.com&withBase=true
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.33.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-33-75.eu-west-1.compute.amazonaws.com
Software
nginx / Mopinion.com
Resource Hash
e978e71c9b3260234c79bb05e3e5a3a80e8a0dd9607504f6ff9242348a6548c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
Mopinion.com
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-Api-Version, X-Request-Id, X-Response-Time
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
access-control-allow-headers
Origin, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization
x-xss-protection
1; mode=block
get
am.freshrelevance.com/ 		1 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%22utuuxoy9hs%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%22%2C%22w%22%3A%22a6876cfw%22%7D%7D
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/a6876cfw_1624638820167.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.66.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-66-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Dec 2021 01:11:20 GMT
content-type
text/plain; charset=utf-8
ct.html
www.pinterest.de/ Frame 4744
Redirect Chain
  • https://www.pinterest.com/ct.html
  • https://www.pinterest.de/ct.html
413 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20e068fdac2a85e0cf77d550376f87cad78c18d984b3d591f84feb5880aa69e9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-8a7cbbe2f44ead0ed0cfd508e0b0559f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=5788460422235984; frame-ancestors *
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p
CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-8a7cbbe2f44ead0ed0cfd508e0b0559f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=5788460422235984; frame-ancestors *
content-security-policy-report-only
script-src 'nonce-8a7cbbe2f44ead0ed0cfd508e0b0559f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
link
<https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
94
pinterest-generated-by
coreapp-webapp-prod-0a0115cb
content-encoding
gzip
pinterest-version
36da7a9
referrer-policy
origin
x-pinterest-rid
5788460422235984
date
Fri, 03 Dec 2021 01:11:21 GMT
content-length
277
akamai-grn
0.26a13554.1638493880.789fd83
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location
https://www.pinterest.de/ct.html
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
87
pinterest-generated-by
coreapp-webapp-prod-0a011118
content-encoding
gzip
pinterest-version
a17cfe4
referrer-policy
origin
x-pinterest-rid
1445334988329351
date
Fri, 03 Dec 2021 01:11:20 GMT
akamai-grn
0.26a13554.1638493880.789fc82
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
activityi;dc_pre=CJuR6625xvQCFUSK3godrBcJ5Q;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493...
8590952.fls.doubleclick.net/ Frame 6C0B
Redirect Chain
  • https://8590952.fls.doubleclick.net/activityi;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_16384...
  • https://8590952.fls.doubleclick.net/activityi;dc_pre=CJuR6625xvQCFUSK3godrBcJ5Q;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kl...
702 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8590952.fls.doubleclick.net/activityi;dc_pre=CJuR6625xvQCFUSK3godrBcJ5Q;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248;u2=category;ps=1;~oref=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
fcaf9900a9ce894d5255a9f3d0518499c19796ef6328627cdc4c1d727a120464
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 03 Dec 2021 01:11:20 GMT
expires
Fri, 03 Dec 2021 01:11:20 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
434
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 03 Dec 2021 01:11:20 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8590952.fls.doubleclick.net/activityi;dc_pre=CJuR6625xvQCFUSK3godrBcJ5Q;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248;u2=category;ps=1;~oref=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
api.min.js
a.omappapi.com/app/js/ 		208 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
e1554c669def5488a5e09848cc5c32d10ad6e83eb228b8c56253a4b3c20e1ec7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-197
cdn-cachedat
11/19/2021 15:32:09
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Fri, 19 Nov 2021 14:31:39 GMT
cdn-proxyver
1.0
cdn-fileserver
256
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
73a36cd01a4aa2c30b443fc768abd1ff
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
activityi;register_conversion=1;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d...
8590952.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8590952.fls.doubleclick.net/activityi;register_conversion=1;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248;u2=category;ps=1;~oref=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
20557
api.omappapi.com/v2/embed/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/20557?d=kleertjes.com
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pagely Gateway/1.5.1 /
Resource Hash
7b7217a685cfa07f7746ba127f607b35da7fdc3feeb986e7694554bb0dfefb1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
x-cache-config
0 0
x-amz-cf-pop
FRA56-P5
x-cache-status
HIT
x-cache
Miss from cloudfront
access-control-allow-headers
X-CSRF-Token
x-optinmonster-account
1082
x-user-agent
standard--
last-modified
Tue, 30 Nov 2021 07:07:04 GMT
server
Pagely Gateway/1.5.1
etag
W/"34e0af2f62b1690c662cef4b9df2973a"
vary
Accept-Encoding, User-Agent
content-type
application/json
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin
*
x-amz-cf-id
zJO06lFrJoo8L_xjkMm_RhML40dfj8Rl-tksGyrsC-JYrbZKQP2kXg==
expires
Fri, 03 Dec 2021 00:45:28 GMT
nettoot-bold-webfont.woff
static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.pkleeklrsrci.net/tl_files/themes/kleertjes/fonts/nettoot-bold-webfont.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a1bf1cad38252b6e62edeb31cd5c9769577404b22a97cdb95b45997f11302a8

Request headers

Referer
https://www.kleertjes.com/
Origin
https://www.kleertjes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:48:44 GMT
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
age
15085357
x-cache
Hit from cloudfront
content-length
30208
last-modified
Fri, 11 Jun 2021 09:39:05 GMT
server
AmazonS3
etag
"2d8622b4123ae6922dc22b6a6890e0d0"
vary
Origin
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=94608000, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
HNJeeIp9J87Wfkz5znHIqCX2BXQl5dXMz19YlncIYgl1TduLzxs02w==
expires
Wed, 11 Jun 2031 09:39:04 GMT
css
fonts.mopinion.com/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.mopinion.com/css?family=Open+Sans
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.239.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-239-185.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ce03cf922147a565a37be31f08f8e9b54375897cfc54cb66b5209183842b8e8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding, Accept-Encoding
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Dec 2021 01:11:20 GMT
emoji
cacheorcheck.mopinion.com/survey/public/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cacheorcheck.mopinion.com/survey/public/emoji?blockId=85765&domain=app.mopinion.com
Requested by
Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.33.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-33-75.eu-west-1.compute.amazonaws.com
Software
nginx / Mopinion.com
Resource Hash
c201e9425b3de3f349fe1e5dea1895ec6411785299a8b729e04e600a9a32a50c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
Mopinion.com
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-Api-Version, X-Request-Id, X-Response-Time
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
access-control-allow-headers
Origin, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Response-Time, X-PINGOTHER, X-CSRF-Token,Authorization
x-xss-protection
1; mode=block
/
lux.speedcurve.com/lux/ 		44 B
217 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lux.speedcurve.com/lux/?v=216&id=4173546566&sid=163849388004993487&uid=163849388004993487&l=Kinderkleding%2C%20babykleding%20en%20schoenen%20-%20kleertjes.com&NT=1638493878853fs351ds351de363cs363sc370ce382qs383bs928be930ol931oi1130os1130oe1174oc1750ls1750le1759sr1069fc1227lc1177&LJS=d24t41f7c1n73e0r100x6246l1037s1196&PS=ns25bs5is17059ss3bc3ic192878ia10it18dd9nd796vh1200vw1600dh3887dw1600ds14927ct4G_er0nt0dm8&CPU=s|60,n|1,d|60,x|60,i|1227,1115|60&HN=www.kleertjes.com&CLS=0.001054&UT=LUX_end|1956
Requested by
Host: cdn.speedcurve.com
URL: https://cdn.speedcurve.com/js/lux.js?id=4173546566
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
6879e69034d20945d958b5a2b6a4cfcf107c165c3a94fa1a1b068c4a62acb668

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638493881.848378,VS0,VE0
x-served-by
cache-hhn4031-HHN
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
44
retry-after
0
x-cache-hits
0
webfont.js
a.omappapi.com/app/js/webfont/1.5.18/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:11:20 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-51
cdn-cachedat
08/11/2021 05:08:04
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Thu, 27 May 2021 17:38:16 GMT
cdn-proxyver
1.0
cdn-fileserver
162
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
a1a2d5e28299e954dffa7945d65168a9
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
/
www.facebook.com/tr/ Frame D466 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.kleertjes.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kleertjes.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.kleertjes.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Fri, 03 Dec 2021 01:11:20 GMT
dc_pre=CJuR6625xvQCFUSK3godrBcJ5Q;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=*;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5e...
adservice.google.com/ddm/fls/z/ Frame 6C0B 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJuR6625xvQCFUSK3godrBcJ5Q;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=*;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248;u2=category;ps=1;~oref=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248
Requested by
Host: 8590952.fls.doubleclick.net
URL: https://8590952.fls.doubleclick.net/activityi;dc_pre=CJuR6625xvQCFUSK3godrBcJ5Q;src=8590952;type=remarket;cat=kleer0;ord=8284767420508;gtm=2wgc10;auiddc=733164693.1638493880;u1=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248;u2=category;ps=1;~oref=https%3A%2F%2Fwww.kleertjes.com%2F%3Fawc%3D12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0%26utm_source%3Da4y%26utm_medium%3Daffiliate%26utm_campaign%3D101248?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8590952.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 01:11:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.pinterest.de/_/_/csp_report/ Frame 4744 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?rid=5788460422235984
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-5818c9c0cedb3e5df5a4a1d44a38ea85' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1153237596837492; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-5818c9c0cedb3e5df5a4a1d44a38ea85' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1153237596837492; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.26a13554.1638493881.789fe61
content-security-policy-report-only
script-src 'nonce-5818c9c0cedb3e5df5a4a1d44a38ea85' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
34
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1153237596837492
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
a17cfe4
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Fri, 03 Dec 2021 01:11:21 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a011421
/
www.pinterest.de/_/_/csp_report/ Frame 4744 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?reportonly
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-18055a9396e2b35bdac0d06287e53768' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1125576364116583; frame-ancestors 'self' , script-src 'nonce-18055a9396e2b35bdac0d06287e53768''report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1125576364116583
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-18055a9396e2b35bdac0d06287e53768' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1125576364116583; frame-ancestors 'self' , script-src 'nonce-18055a9396e2b35bdac0d06287e53768''report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1125576364116583
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.26a13554.1638493881.789fe63
content-security-policy-report-only
script-src 'nonce-18055a9396e2b35bdac0d06287e53768' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
71
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1125576364116583
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
36da7a9
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Fri, 03 Dec 2021 01:11:21 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a011f85
/
www.pinterest.de/_/_/csp_report/ Frame 4744 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?reportonly
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLhbxVuDbiDLas2pNDcYT9VlI1Df4Ty0%2BafqzJET5wTA1PCkq%2Fjy6d5Getvp33bmFrfdRH8lqe2NaXmdm2Y3EKRo5VRre3Ta29ZPfjn9jJOEzML2NTIhTIuccWVcbJ%2BB37bGADDwUECA%2FBD7vYGixPyyx8LaIwsh00j5JB0a9yyR8CN8vcZAcsuFtmNt6zaMbcif3hOoCyyqhfCX4V9Vvc66u14vsiJUnhG0jxBLgVXPBG34Y6nSy9bQUm63Y7hZrLVAy4eJFObwnKirP%2FmoM3CwQR5H79VL%2BrOdjFYWNDdlNRGlaW%2B%2B6K5KmtrxosVdAeeKSlBQ%2FpExlpCXwBgOdf8PgUYPgRtpLtgGcBP9Y%2B78hlqZheho9IcUKBkABDcOimNlXXxTfIVXpHRPKEdYgpADkEZJdtm6KbOS6iLvx2VoB4DwwB5X8EDDIQgKMa6xPhOqHD%2BWN48Yp6P6FUeu5T93SBSiorTih9jzi%2BobHwaw02IWy9p1xmb%2BYy9T1GaMKJOJ0m2oQKjDUDRRh%2FBxA4hCRwRVqiVw0k%2FNA8wwNMOhduXvZOLqU%2F9KbEdTxcN5sTz0BdZCZtR9Z24Uxlq8EwUcQZLSerAnjoZaaHcNlXvBXHeVzR%2FrLsVWHhWGr%2B0Q0KQg8FfMbPhKtC3GiqKQU7YkRz00NngtUvEQAxuiBJjOu4kArC553ttAXnw4VWUNZonsMfkBzQwlXDiJRXoeKIU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-148b308a187ccef56d04d30197fa0a82' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4509627803051571; frame-ancestors 'self' , script-src 'nonce-148b308a187ccef56d04d30197fa0a82''report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4509627803051571
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-148b308a187ccef56d04d30197fa0a82' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4509627803051571; frame-ancestors 'self' , script-src 'nonce-148b308a187ccef56d04d30197fa0a82''report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4509627803051571
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.26a13554.1638493881.789fe64
content-security-policy-report-only
script-src 'nonce-148b308a187ccef56d04d30197fa0a82' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
39
vary
User-Agent, Accept-Encoding
x-pinterest-rid
4509627803051571
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
36da7a9
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Fri, 03 Dec 2021 01:11:21 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a011a21
ix
r.kleertjes.com/ 		0
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://r.kleertjes.com/ix
Requested by
Host: r.kleertjes.com
URL: https://r.kleertjes.com/giin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.120.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-120-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.kleertjes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 03 Dec 2021 01:11:21 GMT
Referrer-Policy
no-referrer
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src 'self';
Connection
keep-alive
Content-Length
0
X-Content-Type-Options
nosniff

Verdicts & Comments Add Verdict or Comment

256 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| Frontend function| setCookie function| getCookie function| deleteCookie object| Ajax function| AjaxServiceRequest object| AjaxFilter object| AjaxLister object| FormBuilder object| TinyCallback object| MessagingFrontend object| DateTimeSelect object| Rating function| RatingField boolean| menuForMobile boolean| leftmenuForMobile object| $html function| setResponsiveClasses function| setOutletLabel object| AjaxPdp object| AjaxBasket object| AjaxLoginStatus object| AjaxOrderHistory object| DataLayer object| PDPHelper object| Tweakwise number| hoi object| EvaluationApi object| EvaluationHelper function| submitForm function| $ function| jQuery object| picturefillCFG function| picturefill object| jQuery112006484429922219395 function| Vue object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| landerCatNav object| known string| lang function| tmpRemoveFilter object| openFilters boolean| filterSizeSelected boolean| filterLoaded boolean| cntrlIsPressed object| $document object| $window function| onResize function| saveOpenFilters function| setOpenFilters function| hideSizes function| resetFilterLoaded function| setSizeFilter function| hideNotAvailableColors function| setListerPagination function| scanColorBox function| setBackButtonPdp function| setOgImageTag function| preventPopupSubmit function| changeListerVariant function| colorSelectedBasket function| colorSelectedCheckoutBargains function| changeBigImage function| decreaseHistoryPdp function| addProductClicks function| colorSelected function| sizeSelected function| anySizeSelected function| parseGetParam function| itemLoaded function| checkoutTweaks function| checkoutPaymentMethods function| limitQuantity function| limitInputQuantity function| initAjax function| unveilImagesBasket function| toggleBasketCurrent number| basketRefresh function| refreshMiniBasket function| validateToBasket function| editOrder function| cancelEditOrder function| calculatePopupSize function| productClicked function| productAddToCart function| productQuantityChange function| onCheckout function| onCheckoutOption function| onLoadRelatedItems function| setMainImage boolean| finishedFilter boolean| finishedProduct function| onFinishedFilterAndProduct function| addListImpressions function| addCriteoListingTracker function| hashToObj function| setFilterSizePDP function| unveilImages function| getCategoryFromBreadcrumb function| getCategoryArrayFromBreadcrumb function| savePageInCookie boolean| keydownSearchInitialized function| search_onResponse object| search_keyword object| search_timeout function| search_onChange function| search_show function| search_keyboardEvents object| navState function| setNavState function| getNavState function| addCsrfTokenToForms function| setTopNavigationState function| hideElementsOnFilter function| openColorbox function| closeColorbox function| resetScrollLocation function| urlParam function| gtmErrorMessage function| gtmValidationMessage function| validateForm function| addValidationChecks function| addToggleMenu function| collapseCoupon function| Basket function| onItemAdded function| PreBasket boolean| submitAlternativeAddress function| bindOpeningHoursEvent function| bindDeliveryEvents function| disablePostNlPickUpOption function| enablePostNlPickUpOption function| fillAddressIfEmpty function| executeApi function| getPostNlLocations function| getDHLLocations function| submitCheckoutForm function| bindEncryptForm object| DeliveryDate object| AjaxValidateEmail object| TweakwiseFilterSearch object| TweakwiseCommunication object| TweakwiseDataLayer object| SelectedFilters object| UrlHelper object| IndexedFilters object| DHLPickUpLocations object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry number| ri object| elColor object| elSize object| fieldset object| google_tag_manager object| google_optimize number| LUX_t_start number| LUX_t_end object| __core-js_shared__ object| td object| _db1 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| postscribe object| google_tag_manager_external object| google_tag_data function| hj object| _hjSettings function| getVar string| tduid string| get_string string| return_value number| name_index number| space string| GoogleAnalyticsObject function| ga number| d number| h number| m function| getCookie_VisitorType function| fbq function| _fbq function| setCookie_OptInLevel string| cookie_text string| cookie_balk string| styles undefined| eventpinterest undefined| line_items_pinterest undefined| line_item function| pintrk object| outletMenuItem object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| AWIN object| Sha256 object| Utf8 object| D9v object| Pastease object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| $FR_LAB object| recaptcha number| count function| GooglemKTybQhCsO function| google_trackConversion string| send object| d9PendingXDR function| $TM_VR object| $TB function| nrlskOnEvent object| srv object| date string| expires string| value string| url string| keyToFind string| valueFound string| cookie function| setImmediate function| clearImmediate function| OptinMonsterApp boolean| om_loaded object| om1082_20557 boolean| _omvisitsadded function| omq object| _omapp object| omqurvowezqb4u32ng5hz6 object| omamuctnjdvvwzym6xftt8 object| WebFont

50 Cookies

Domain/Path Name / Value
netflli.com/ Name: __tad
Value: 1638493875.8314339
.1redirb.com/ Name: __dsnsid
Value: 20211203121115c4a7508ed11b1fb577
utkv6nyu.de/ Name: PHPSESSID
Value: 2dtea10kuu4jgaed5sb67m8d37
.awin1.com/ Name: aw12476
Value: 101248|0|0|1638493879|at107999_a116809_m12_p134708_cDE_s41d1d587f5df439ec8c5796046af9a0f|aw|0
.awin1.com/ Name: bId
Value: HLEX_61a96eb7125041.42575734
.zenaps.com/ Name: aw12476
Value: 101248|0|0|1638493879|at107999_a116809_m12_p134708_cDE_s41d1d587f5df439ec8c5796046af9a0f|aw|0
.zenaps.com/ Name: bId
Value: HLEX_61a96eb7125041.42575734
.kleertjes.com/ Name: __cf_bm
Value: z02pHu9wySsQb2kIL_s7R1W1WRwZw1fZBSUYtZWoJBY-1638493879-0-AbKN4kHBeIG3PNZscBvgjv0wv8V+eSfa1OVdCYRNVUoLsRpt1L2NEjPfmDkPN6ACm5wYciRvxi0R78HcqjMBhgs=
www.kleertjes.com/ Name: last_product_loaded
Value:
www.kleertjes.com/ Name: last_page
Value: 0
.kleertjes.com/ Name: _gaexp
Value: GAX1.2.sMMDsWuSQjWqpIfkwZwe1Q.19053.x667
www.kleertjes.com/ Name: lux_uid
Value: 163849388004993487
.kleertjes.com/ Name: _gcl_au
Value: 1.1.733164693.1638493880
.kleertjes.com/ Name: basket_amount
Value: 0
www.kleertjes.com/ Name: fe
Value: 648f0f54d11e4a22db77de6eaf20ac01
www.kleertjes.com/ Name: visit22
Value: new
.kleertjes.com/ Name: _aw_m_12476
Value: 12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0
.creativecdn.com/ Name: u
Value: r08AcA6FunkTVBwWsZ9D
.creativecdn.com/ Name: ts
Value: 1638493880
.kleertjes.com/ Name: _gid
Value: GA1.2.1730466076.1638493880
.kleertjes.com/ Name: _dc_gtm_UA-9234733-1
Value: 1
.kleertjes.com/ Name: _ga_DP0B9JGB5P
Value: GS1.1.1638493880.1.0.1638493880.0
.kleertjes.com/ Name: _ga
Value: GA1.1.1313084067.1638493880
.kleertjes.com/ Name: _tdid
Value: 1313084067.1638493880_1_1
.kleertjes.com/ Name: _fbp
Value: fb.1.1638493880366.1372769305
www.kleertjes.com/ Name: Pastease.passive.chance.05ygzgqmupdr0tjms2njnxxuoi1gdco1
Value: chance42.7
www.kleertjes.com/ Name: Pastease.passive.activated.05ygzgqmupdr0tjms2njnxxuoi1gdco1
Value: 0
www.kleertjes.com/ Name: last_page.g0fjqcjin94hd8rp1fkq0m9vf6sftozkrule_0
Value: /
www.kleertjes.com/ Name: page_count.g0fjqcjin94hd8rp1fkq0m9vf6sftozkrule_0
Value: 1
.kleertjes.com/ Name: _hjSessionUser_37743
Value: eyJpZCI6IjM5ZDJkMDY3LTVjMjgtNTZkMC04NDc1LWU0Yzg0ZjE0YjAzYiIsImNyZWF0ZWQiOjE2Mzg0OTM4ODAzMzQsImV4aXN0aW5nIjpmYWxzZX0=
.kleertjes.com/ Name: _hjFirstSeen
Value: 1
.kleertjes.com/ Name: _hjSession_37743
Value: eyJpZCI6IjQzZjdhZDlkLTNmN2EtNGNiMi1iNmI0LTExNjk0ZGYwMTEwZSIsImNyZWF0ZWQiOjE2Mzg0OTM4ODA0MDZ9
www.kleertjes.com/ Name: _hjIncludedInSessionSample
Value: 0
.kleertjes.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.kleertjes.com/ Name: _pin_unauth
Value: dWlkPU56ZzRNelJtTkdNdE9UUmtNQzAwTXpZeExUZ3daV0l0WWpBeE56RXhZVGMzWlRNMw
www.kleertjes.com/ Name: tms_VisitorID
Value: utuuxoy9hs
.sciencebehindecommerce.com/ Name: _D9J
Value: 3a9428e58cd84efe90236f8f036a388b
collect.mopinion.com/ Name: AWSALBCORS
Value: polqjRYmJKqr8MyinQol6CMmtbhP8IN0h9iNpTU40ghtX81/Hlj1Nq1Tu19N6tbwUA40iQBhJEmb4whcYK39nx0iMhfAkAunSvlByEL++gJkPiGYGbtHLSxXFAmP
www.kleertjes.com/ Name: tms_wsip
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkGa0jeFgVNIqY_hZvRGBX4QEoZAt-Ehv3nDNaD9712x51cKZElpzB9gGQN7VU
www.kleertjes.com/ Name: __utmz
Value: other
www.kleertjes.com/ Name: utm_campaign
Value: 101248
www.kleertjes.com/ Name: _omappvp
Value: 78keYHf7AcxoN7PhQR8h4oZt15UrwDMBPu3NqVuZPOhesGWxKBYfHegANqRqVRHxnKe8eDSYAcKnJTBOxzeJptneLJ9xw3BK
www.kleertjes.com/ Name: _omappvs
Value: 1638493880722
.kleertjes.com/ Name: mop_ga
Value: GA1.2.1313084067.1638493880
.kleertjes.com/ Name: mop_ga_gid
Value: GA1.2.2056678211.1638493881
fonts.mopinion.com/ Name: AWSALBCORS
Value: 2dDCs8yaJ4jF40q1bil53uNGlZnEBuENNx28ZcIZflAVgAWMlZvd+Q1CCSJSzdt7AW6qWPWvzPZ3ffAWg9xdLaBAKwRV6SO5vAmtGaZJ+2Hp+cz7999gRzR8CDq6
www.pinterest.de/ Name: _pinterest_sess
Value: TWc9PSZJOFdXRlBUcE5QdCswdkdGYUJpS3NWUC8yL3Z0WmVteEthaE01WTE1Zmh5bnlqOUJVUFExQ1lhVFFYRkgrNlBkVnpSVTR6L0hUN0ZIZjk2bm5LSlRnNE4vVTVEcStialE2dWJBdnlyaTZJWDJKbHZHTVpyeDRzTUs5dWFTNXFKZiZYNExZQnRmNmlPOHJBcEl2NTRmOGFWbFdaQk09
.kleertjes.com/ Name: tms_VisitorID
Value: utuuxoy9hs
.kleertjes.com/ Name: _tdbu
Value: t1638493881313||_ga~~GA1.1.1313084067.1638493880||_fbp~~fb.1.1638493880366.1372769305||_gcl_au~~1.1.733164693.1638493880||tms_VisitorID~~utuuxoy9hs||_gaexp~~GAX1.2.sMMDsWuSQjWqpIfkwZwe1Q.19053.x667

28 Console Messages

Source Level URL
Text
security error URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://www.kleertjes.com/?awc=12476_1638493879_f06e2a3d0d887a1d3e9fe2c5edb809e0&utm_source=a4y&utm_medium=affiliate&utm_campaign=101248
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error (Line 1)
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error (Line 1)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://www.dwin1.com/12476.js
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://www.dwin1.com/12476.js
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://www.dwin1.com/12476.js
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://www.dwin1.com/12476.js
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://www.dwin1.com/12476.js
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://www.dwin1.com/12476.js
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://static.hotjar.com/c/hotjar-37743.js?sv=7(Line 2)
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://static.hotjar.com/c/hotjar-37743.js?sv=7(Line 2)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8(Line 69)
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8(Line 69)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8(Line 69)
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H4GP8(Line 69)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
Ignoring duplicate Content-Security-Policy directive 'base-uri'.
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-eval''
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-8a7cbbe2f44ead0ed0cfd508e0b0559f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirb.com
8590952.fls.doubleclick.net
a.omappapi.com
adservice.google.com
am.freshrelevance.com
api.omappapi.com
cacheorcheck.mopinion.com
cdn.speedcurve.com
clever-redirect.com
cm.creativecdn.com
cm.g.doubleclick.net
collect.mopinion.com
connect.facebook.net
creativecdn.com
ct.pinterest.com
d81mfvml8p5ml.cloudfront.net
deploy.mopinion.com
dkpklk99llpj0.cloudfront.net
dn1i8v75r669j.cloudfront.net
fonts.mopinion.com
lookandfind.me
lux.speedcurve.com
netflli.com
r.kleertjes.com
rtpnt.xyz
s.pinimg.com
script.hotjar.com
static.hotjar.com
static.pkleeklrsrci.net
stats.g.doubleclick.net
the.sciencebehindecommerce.com
use.fontawesome.com
utkv6nyu.de
vars.hotjar.com
www.awin1.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.kleertjes.com
www.pinterest.com
www.pinterest.de
www.zenaps.com
103.224.182.206
103.224.212.222
104.18.27.196
108.128.66.67
142.250.181.230
142.250.185.162
142.250.185.98
151.101.130.217
151.101.2.217
151.101.64.84
157.90.169.168
18.159.120.134
18.66.112.6
18.66.112.67
18.66.139.117
18.66.139.34
18.66.139.70
184.51.9.28
185.184.8.65
2600:9000:223c:6e00:7:5031:dc0:21
2600:9000:223e:9e00:2:36a1:2f40:21
2600:9000:223f:8600:f:8ce2:fb80:93a1
2600:9000:225e:a400:e:98bf:5f00:21
2606:4700:3031::ac43:d645
2606:4700:3036::ac43:872c
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c1b::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:62::84
49.12.0.235
52.17.239.185
52.215.144.192
54.229.33.75
65.9.68.102
78.46.197.88
89.187.169.47
92.123.17.141
021588104c3e74d6c82717e94d2318278bfa995a554bf370e4dd5199e0ddb0e3
024eebe32b057a32537813f1a74e10f95d564db95b3fa2c4b59c987f46e77b92
02d7112af6d49bfe2dfc1ff2b004b8de6b8f64dbed26afc3b165bbd402a269c1
033c727a0d1f3cb475db3f22e6cbef3547318fc52da87511e0c9d619e5139ea2
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
0700d62e261e826f000f1c7a430d1441a379850496863aa7ec3590d70c49590c
07f45d11106c7ea4d489aca64fa531ff70c7e34bf07818e8b46be88bdb01fdc7
08077323db510f7c73784640799b8721d530767fe4c2a5a9b6f26f356a839d04
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63
101965af73a97aabfec5a6e49db47fdf4de2dca44fc859d8d8b6444ea807f563
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1361af46e321db9281de07f034d653a0a2420d4509e947a04e1ae0b139c4b9eb
1731f418eb981922000f84d6601ec31a84a81617c69003af1a557d683b523107
176ad8d6d1385c134350eec79860d189e049ba482f485db6a7c548b81f9118d7
184ebb69fdafee46b23ce24f64530474a5de34ee61f2ead9258ef7f6fb439059
1a1bf1cad38252b6e62edeb31cd5c9769577404b22a97cdb95b45997f11302a8
1ac32752b35d7d19ab735f0e9aa200625f0cda0d3a59f5a067e51116c2a43707
1b624b7b7455953d2e3243101ec2c75217a5401bb29e2d815e20fa8144763936
1b8f75fd156a061589318d0f54be99189e9302d0a01d834558471af7ee6b38d0
1f5647d4f5f79b84a9a1a29a74536ada94c1e99a35c700d4f4456dd253a5ef04
20e068fdac2a85e0cf77d550376f87cad78c18d984b3d591f84feb5880aa69e9
24c158b78412660458eba6bf9e272cfa8a782f8e205ff5dbc7945b7a15797497
2a7c552e8ec38740e9708195f6d84002b197ff35904d64e47eeb2d5c1f042ad2
2aeb109fa54ba716bdc64f4a560e22571fae47360825066aabd41e9484851e82
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
404e553148c76b0949a09f99394fde3eb9a7aa402e96ed13806e226766acca69
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
40fd6d7734b8421e48a48d833c96fff6c4703198cc85cb9b69684171d3a1cb6b
541eb42d376e446209a865b53cd04c23afd397691db40433c61898d670e89acf
5817fbc0e8310977f4dfd0912114066f724d683113dda86452f293264e85f25f
61af473a77d2f2674d6127729b2c9350ed07b1b36e7ed7ce7b483da1827f7753
6442df9cd2e47f37db25d8ec460c4759709625a5eec2336ab9436c6f0d9922bf
64cda99e454271f765db186db573f8a41af2024d4e8ea559d45c16a9ecb553a5
6879e69034d20945d958b5a2b6a4cfcf107c165c3a94fa1a1b068c4a62acb668
6c00b5d026c6bdcdac2b31ecdfc77eb486dba6a92bb6282c99c6e36facb30745
6f76c49258d2cc28e728880c9b2dbc5c0904114830f9fa7ad2335e2d2a77f4a0
74103ba9a6bc79adfc0784293bf00da2c2d266da3b7480d5cba742b6c221ec63
745d74f097901d4047ce8959ac2fb429268d6c9a665cc9212e08dea7dc2577e6
7b7217a685cfa07f7746ba127f607b35da7fdc3feeb986e7694554bb0dfefb1a
7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10
81a5dafd9389dafc97ab80fa6a031db8babac927392b73a2d6ed764e8443838f
81d7ffda12d52879d120761935e31fda81449e4a40954b2a2bc5c4c2d99e72b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bdc590ef254ae914700134b34b007e55eacf5c3877b778fa7c7255e65b0bda0
8c19a0da895720acece007642d09d00ee20e4b64561af4b79e555050c1d614ab
8c2ea84cecd5def50ef0b39e31275e979756553b3f327eec6ac0bb69b740b740
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
94171e3ce6d1d94252f60562de60b576b33c83adbed10dd1347ac1f228bd0b5e
975a7b3f0cd4ceb3a548b95011adc8626344a3577ea2878295c5efc26941b556
99a28aaf370b542e60237a14c08ada6c09bc01d375b3bd8cd6e3890568b813db
9d93d46611f9d76728684f9bc8e6a75b19cd6004e49e3bfadbb37ea7175ade9e
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a0b55e61708bcd211cc4af99df4ae844ad57f673cbd8b8e9de1ecfe0ff2cee99
a1857dfedb702c61c8b8611b3b2295d93566dabb2b8c477ac352eed95e37e01e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a454c62f99ee6a7cefd350bd9c079a7fb8c7698725dbe55f3ea219887d4bd1cc
ab98a8537b6eacc7704a4f7116562ebc051daa050b6fb2e941ffbc8443cc3989
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b51dd60231681a37c4fb5dd80a87e172f4d29f974f1c1b4a179a310e2ce6b19c
bb22b158b79f7b9a3d4674b2d83de9153e95d9e32e9d52a23d1439e90443ef0e
bc77c060d51f7b26e46516b17c0a73d26f3bd630b5a33c1ad52268bc6c693b3d
c201e9425b3de3f349fe1e5dea1895ec6411785299a8b729e04e600a9a32a50c
c83868b4b3086ad03c631a754a9218d0376c8c92863511eab2de0370801d5152
cc1e359c31671b24c7eb0ae954bf7841321d27b514e659c536840326343efdb8
ce03cf922147a565a37be31f08f8e9b54375897cfc54cb66b5209183842b8e8d
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d291f894bfc4febf529d8019165b6dcf6622b18c4cd26fb9880ddd083a27195a
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d991379794d6583da21e944e761305903178d94764dc31cfab57530cecadfaff
de7c2706afa5e0452969fcdeeab16ed2941c958625e3b5d0c1be279fc42683e5
e1554c669def5488a5e09848cc5c32d10ad6e83eb228b8c56253a4b3c20e1ec7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e978e71c9b3260234c79bb05e3e5a3a80e8a0dd9607504f6ff9242348a6548c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f89b91ffe4f86e4d185ca280cf41b8a860657e5d2205ad9b079f65fcdc8ca6e4
fb3641b42f41f2413a1ce0a9b31ce9b85b17398351f25859fae484f13fb34ed9
fb42c637f5f49872c175d1b2d5686bd1b370fc8f1fc4510c2c5a2faed4b02857
fcaf9900a9ce894d5255a9f3d0518499c19796ef6328627cdc4c1d727a120464