www.schulranzen.com Open in urlscan Pro
85.236.49.141 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://americandxpress.com/
Effective URL:
https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&...
Submission: On April 09 via api (April 9th 2022, 7:21:35 am UTC) from NL — Scanned from NL

Summary HTTP 48 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 48 HTTP transactions. The main IP is 85.236.49.141, located in Germany and belongs to INTERNETX-AS, DE. The main domain is www.schulranzen.com.
TLS certificate: Issued by R3 on March 16th 2022. Valid for: 3 months.

This is the only time www.schulranzen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	199.59.243.200 199.59.243.200	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	66.165.243.160 66.165.243.160	29802 (HVC-AS) (HVC-AS)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2 5	95.211.116.27 95.211.116.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	143.204.98.101 143.204.98.101	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	52.58.131.14 52.58.131.14	16509 (AMAZON-02) (AMAZON-02)
2	85.236.49.141 85.236.49.141	15456 (INTERNETX-AS) (INTERNETX-AS)
15	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::ac43:4102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	12

7 199.59.243.200 (United States)

ASN16509 (AMAZON-02, US)

americandxpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.27 (Swifterbant, Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com

de-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-101.fra50.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.131.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-131-14.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.236.49.141 (Germany)

ASN15456 (INTERNETX-AS, DE)
PTR: 141-49-236-85.customer-virt.eu

www.schulranzen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::ac43:4102 (United States)

ASN13335 (CLOUDFLARENET, US)

betzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	216 KB
7	betzstatic.com betzstatic.com	342 KB
7	americandxpress.com americandxpress.com	25 KB
5	kelkoogroup.net 2 redirects de-go.kelkoogroup.net — Cisco Umbrella Rank: 671025	33 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	40 KB
4	redirekted.com r.redirekted.com — Cisco Umbrella Rank: 754895	11 KB
2	schulranzen.com www.schulranzen.com	18 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 7633 api-js.datadome.co — Cisco Umbrella Rank: 7450	46 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	42 KB
1	google.com www.google.com — Cisco Umbrella Rank: 4	51 KB
48	10

	Domain	Requested by
15	cdn.ampproject.org	www.schulranzen.com cdn.ampproject.org
7	betzstatic.com	www.schulranzen.com
7	americandxpress.com	americandxpress.com
5	de-go.kelkoogroup.net	2 redirects r.redirekted.com de-go.kelkoogroup.net
5	www.google-analytics.com	r.redirekted.com www.google-analytics.com www.googletagmanager.com
4	r.redirekted.com	americandxpress.com r.redirekted.com
2	www.schulranzen.com	de-go.kelkoogroup.net cdn.ampproject.org
1	api-js.datadome.co	js.datadome.co
1	www.googletagmanager.com	de-go.kelkoogroup.net
1	js.datadome.co	de-go.kelkoogroup.net
1	www.google.com	americandxpress.com
48	11

This site contains links to these domains. Also see Links.

Domain
www.rucksack-spezialist.de
www.koffer.net
www.schulranzen-berater.de

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2021-09-07` - `2022-10-07`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2021-10-12` - `2022-10-21`	a year	crt.sh
www.schulranzen.com R3	`2022-03-16` - `2022-06-14`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-27` - `2022-06-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
Frame ID: CF5E218DDC34BE118E15157A331D3C1C
Requests: 50 HTTP requests in this frame

Frame: http://r.redirekted.com/go?e=DwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVbZFBeZKB8fPX891XbjKL9gHA7bvC4yxsyLlK8uvVXkKW8ATsyHKBeZKC9x3C55GVbxmK1pUpygaFbymZbpvFltFs5ZwCwZTA3yKC0VTsTcFLbI0rXgvEuHPqwk3pvbHs7DUM-AaV-bFLRu2Z_pPEmV3XTEwLwbHVyLvL55QL80KX99SA78yL85QrYkaC0y0X7DQL9MKr5jUX8uxsbt3F9gQCtgFWkgwX7flBeLaWvgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Frame ID: 3B5A10CA83D67FE9A7EEFFE8565E53C9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TOPModel Beautybag Holo Pink | www.schulranzen.comWarenkorbTelefonTelefon

Page URL History Show full URLs

http://americandxpress.com/ Page URL
http://r.redirekted.com/redirect?redirect_id=dad8dec4ec677cbb19541d213811ad9e&request_id=5aa797e15b6... Page URL
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1649406003361&.sig=lqaRnC073NJLdyJbyzptVev_lKg-&aff... HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079a... Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9... HTTP 303
https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_c... Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

Page Statistics

48
Requests

71 %
HTTPS

45 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

820 kB
Transfer

1863 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rucksack-spezialist.de/?cart=e4fbf844-a95e-4a1a-8b82-e5113e4e41d7
Title: RUCKSÄCKE

Search URL Search Domain Scan URL

URL: https://www.koffer.net/?cart=e4fbf844-a95e-4a1a-8b82-e5113e4e41d7
Title: KOFFER

Search URL Search Domain Scan URL

URL: http://www.schulranzen-berater.de/
Title: Schulranzenberater

Search URL Search Domain Scan URL

URL: https://www.rucksack-spezialist.de/?cart=
Title: RUCKSÄCKE&

Search URL Search Domain Scan URL

URL: https://www.koffer.net/?cart=
Title: KOFFER

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://americandxpress.com/ Page URL
http://r.redirekted.com/redirect?redirect_id=dad8dec4ec677cbb19541d213811ad9e&request_id=5aa797e15b6b85179c38fa2f48ac251a Page URL
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1649406003361&.sig=lqaRnC073NJLdyJbyzptVev_lKg-&affiliationId=96965856&comId=100516861&country=de&offerId=fd71f43f53637cc1c0752fbcc14bed83&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=DsYEwL8qKF5ZQXabxZb0KBm4mVwEmq51QAvkaEdRTnSqQqwH3AmkaL7gwVwg3B881r7VlL3ZUqVk3pzRzsmMPM&custom2=jKWjuHsyDKL-AaXWqwqSExZvyRCexFrUAQB HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o= Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9a851626628516062786f91f562876a4f1b84710bb75512ad9cda5118cad5fff6acf6de820eb10faa3e10c267ca02301e3e45326feab1028f1779c1faa242447f403bd2de0b8b7ce9971b5df2dd7c8f6d92c9fe46ae9992b9d45824ebca94ec6a1e67b3fb626cbbc6e7417fe035a01f66dd5daab6fc006e431adc7941ae19d88f6e20bd51dd551c02e7819b017d1b317339795d23bc2cbf13e3cfd3901a0bf5e8c42c2ccd9d6c0b5b8344006c5fe1306550e6e4ba7ff59229ca9caec4cf969a9a61e46240c6649bf686e7e04dee85c6b57b8655ab28eff50fb829adf5222f83e3af552e29f24323e7ab05f7be7617e838c00804ba45b5fd904028c45d5b5f2b8150f3c30006&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1649488892756_1680400&clickId=107698154_1649488892711_1564339&url=https%3A%2F%2Fwww.schulranzen.com%2Ftopmodel%2Fbeautybag%2Fholo-pink%3Fad%3Dkel%26utm_source%3Dkelkoode%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DTOPModel%2BBeautybag%2BHolo%2BPink&initiator=timeout HTTP 303
https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 14

http://www.google-analytics.com/collect?v=1&_v=j96&a=1615363916&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVbZFBeZKB8fPX891XbjKL9gHA7bvC4yxsyLlK8uvVXkKW8ATsyHKBeZKC9x3C55GVbxmK1pUpygaFbymZbpvFltFs5ZwCwZTA3yKC0VTsTcFLbI0rXgvEuHPqwk3pvbHs7DUM-AaV-bFLRu2Z_pPEmV3XTEwLwbHVyLvL55QL80KX99SA78yL85QrYkaC0y0X7DQL9MKr5jUX8uxsbt3F9gQCtgFWkgwX7flBeLaWvgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1176570603.1649488893&tid=UA-32454353-1&_gid=5686970.1649488893&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=746511002 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j96&a=1615363916&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVbZFBeZKB8fPX891XbjKL9gHA7bvC4yxsyLlK8uvVXkKW8ATsyHKBeZKC9x3C55GVbxmK1pUpygaFbymZbpvFltFs5ZwCwZTA3yKC0VTsTcFLbI0rXgvEuHPqwk3pvbHs7DUM-AaV-bFLRu2Z_pPEmV3XTEwLwbHVyLvL55QL80KX99SA78yL85QrYkaC0y0X7DQL9MKr5jUX8uxsbt3F9gQCtgFWkgwX7flBeLaWvgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1176570603.1649488893&tid=UA-32454353-1&_gid=5686970.1649488893&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=746511002

Request Chain 15

https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1649406003361&.sig=lqaRnC073NJLdyJbyzptVev_lKg-&affiliationId=96965856&comId=100516861&country=de&offerId=fd71f43f53637cc1c0752fbcc14bed83&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=DsYEwL8qKF5ZQXabxZb0KBm4mVwEmq51QAvkaEdRTnSqQqwH3AmkaL7gwVwg3B881r7VlL3ZUqVk3pzRzsmMPM&custom2=jKWjuHsyDKL-AaXWqwqSExZvyRCexFrUAQB HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=

48 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
americandxpress.com/ 2 KB
2 KB 288ms
176ms Document
text/html 199.59.243.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://americandxpress.com/
Protocol: HTTP/1.1
Server: 199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 932bbb80d94d062ec2e6bc0bcb7c53850fe44dafdc7878476a04fa3229e3d279

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache no-store, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 09 Apr 2022 07:21:30 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_rCQY/oRM3i8tWlS+b2BH5nJ81UOn8XX0BtpdrqKYw8t0DLkbyNBoZJT8DMor729xB4L/LAi65wqsEnlanJxXfw==

GET
H/1.1 200
OK parking.2.85.0.js Show response
americandxpress.com/js/ 60 KB
20 KB 96ms
96ms Script
application/javascript 199.59.243.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://americandxpress.com/js/parking.2.85.0.js
Requested by: Host: americandxpress.com
URL: http://americandxpress.com/
Protocol: HTTP/1.1
Server: 199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 6d40c353fc3f1efca423e08346cd4a2fc53b7066f16adbd6a05b5b80dce26db4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://americandxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Apr 2022 07:21:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Mar 2022 18:48:11 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _fd Show response
americandxpress.com/ 593 B
963 B 128ms
128ms Fetch
text/html 199.59.243.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://americandxpress.com/_fd
Requested by: Host: americandxpress.com
URL: http://americandxpress.com/js/parking.2.85.0.js
Protocol: HTTP/1.1
Server: 199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 6ae3a3f878af9740b67a3698d257c0a8b3725197921dadf7ce3ad0a35cb8c494

Request headers

Accept: application/json
Referer: http://americandxpress.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.85.0
Date: Sat, 09 Apr 2022 07:21:31 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 139 KB
51 KB 94ms
32ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: americandxpress.com
URL: http://americandxpress.com/js/parking.2.85.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85bfbbd0a21469dbcce5c5f00cb7e1ace7ec547cf17da40c1ee4bebdd830fe64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://americandxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "786870973524434539"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Sat, 09 Apr 2022 07:21:31 GMT

GET
H/1.1 200
OK px.gif
americandxpress.com/ 42 B
421 B 190ms
176ms Image
image/gif 199.59.243.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://americandxpress.com/px.gif?ch=1&rn=9.433661387369199
Requested by: Host: americandxpress.com
URL: http://americandxpress.com/
Protocol: HTTP/1.1
Server: 199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://americandxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Apr 2022 07:21:31 GMT
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK px.gif
americandxpress.com/ 42 B
421 B 190ms
176ms Image
image/gif 199.59.243.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://americandxpress.com/px.gif?ch=2&rn=9.433661387369199
Requested by: Host: americandxpress.com
URL: http://americandxpress.com/
Protocol: HTTP/1.1
Server: 199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://americandxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Apr 2022 07:21:31 GMT
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _zc Show response
americandxpress.com/ 357 B
813 B 473ms
473ms Fetch
text/html 199.59.243.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://americandxpress.com/_zc
Requested by: Host: americandxpress.com
URL: http://americandxpress.com/js/parking.2.85.0.js
Protocol: HTTP/1.1
Server: 199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: f92d04548661b8ff62d1037b56ae0bf2f778ec5e1ad8cd2b0eb303c56a72f97a

Request headers

Accept: application/json
Referer: http://americandxpress.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.85.0
Date: Sat, 09 Apr 2022 07:21:31 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _tr
americandxpress.com/ 2 B
0 120ms
119ms Fetch
text/html 199.59.243.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://americandxpress.com/_tr
Requested by: Host: americandxpress.com
URL: http://americandxpress.com/js/parking.2.85.0.js
Protocol: HTTP/1.1
Server: 199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: application/json
Referer: http://americandxpress.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.85.0
Date: Sat, 09 Apr 2022 07:21:31 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK redirect Show response
r.redirekted.com/ 839 B
1 KB 355ms
160ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/redirect?redirect_id=dad8dec4ec677cbb19541d213811ad9e&request_id=5aa797e15b6b85179c38fa2f48ac251a
Requested by: Host: americandxpress.com
URL: http://americandxpress.com/js/parking.2.85.0.js
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: 3b5e98098d018e2f8fcb10c5ec4a00864f8a2826d4f8d90d5b5f2fc1cda39463

Request headers

Referer: http://americandxpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 09 Apr 2022 07:21:31 GMT
Server: nginx/1.21.5
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.14

GET
H/1.1 200
OK adren.css
r.redirekted.com/css/ 243 B
479 B 158ms
158ms Stylesheet
text/css 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/css/adren.css?n=1804261984
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=dad8dec4ec677cbb19541d213811ad9e&request_id=5aa797e15b6b85179c38fa2f48ac251a
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=dad8dec4ec677cbb19541d213811ad9e&request_id=5aa797e15b6b85179c38fa2f48ac251a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:21:32 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-f3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243

GET
H/1.1 200
OK adren.min.js Show response
r.redirekted.com/js/ 7 KB
8 KB 316ms
158ms Script
application/javascript 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/js/adren.min.js?n=1804261984
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=dad8dec4ec677cbb19541d213811ad9e&request_id=5aa797e15b6b85179c38fa2f48ac251a
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: 55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=dad8dec4ec677cbb19541d213811ad9e&request_id=5aa797e15b6b85179c38fa2f48ac251a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:21:32 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-1d68"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7528

GET
H/1.1 200
OK go Show response
r.redirekted.com/ Frame 3B5A 2 KB
2 KB 162ms
161ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/go?e=DwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVbZFBeZKB8fPX891XbjKL9gHA7bvC4yxsyLlK8uvVXkKW8ATsyHKBeZKC9x3C55GVbxmK1pUpygaFbymZbpvFltFs5ZwCwZTA3yKC0VTsTcFLbI0rXgvEuHPqwk3pvbHs7DUM-AaV-bFLRu2Z_pPEmV3XTEwLwbHVyLvL55QL80KX99SA78yL85QrYkaC0y0X7DQL9MKr5jUX8uxsbt3F9gQCtgFWkgwX7flBeLaWvgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/js/adren.min.js?n=1804261984
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: 08ab7c4d48d7cd907c4b1a5ec38c7a23f8eae35c78320899f5b26082a59149a9

Request headers

Referer: http://r.redirekted.com/redirect?redirect_id=dad8dec4ec677cbb19541d213811ad9e&request_id=5aa797e15b6b85179c38fa2f48ac251a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 09 Apr 2022 07:21:32 GMT
Server: nginx/1.21.5
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.14

GET
H2

200

analytics.js Show response
www.google-analytics.com/ Frame 3B5A
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

82ms
21ms

Script
text/javascript

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=DwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVbZFBeZKB8fPX891XbjKL9gHA7bvC4yxsyLlK8uvVXkKW8ATsyHKBeZKC9x3C55GVbxmK1pUpygaFbymZbpvFltFs5ZwCwZTA3yKC0VTsTcFLbI0rXgvEuHPqwk3pvbHs7DUM-AaV-bFLRu2Z_pPEmV3XTEwLwbHVyLvL55QL80KX99SA78yL85QrYkaC0y0X7DQL9MKr5jUX8uxsbt3F9gQCtgFWkgwX7flBeLaWvgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV

Protocol

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4606
date: Sat, 09 Apr 2022 06:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Apr 2022 08:04:46 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect
www.google-analytics.com/j/ Frame 3B5A 2 B
145 B 29ms
28ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1615363916&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVbZFBeZKB8fPX891XbjKL9gHA7bvC4yxsyLlK8uvVXkKW8ATsyHKBeZKC9x3C55GVbxmK1pUpygaFbymZbpvFltFs5ZwCwZTA3yKC0VTsTcFLbI0rXgvEuHPqwk3pvbHs7DUM-AaV-bFLRu2Z_pPEmV3XTEwLwbHVyLvL55QL80KX99SA78yL85QrYkaC0y0X7DQL9MKr5jUX8uxsbt3F9gQCtgFWkgwX7flBeLaWvgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1676060419&gjid=1562247357&cid=1176570603.1649488893&tid=UA-32454353-1&_gid=5686970.1649488893&_r=1&_slc=1&z=465113827

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 07:21:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://r.redirekted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/ Frame 3B5A
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j96&a=1615363916&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVbZ...
https://www.google-analytics.com/collect?v=1&_v=j96&a=1615363916&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVb...

35 B
194 B

21ms
21ms

Image
image/gif

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1615363916&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVbZFBeZKB8fPX891XbjKL9gHA7bvC4yxsyLlK8uvVXkKW8ATsyHKBeZKC9x3C55GVbxmK1pUpygaFbymZbpvFltFs5ZwCwZTA3yKC0VTsTcFLbI0rXgvEuHPqwk3pvbHs7DUM-AaV-bFLRu2Z_pPEmV3XTEwLwbHVyLvL55QL80KX99SA78yL85QrYkaC0y0X7DQL9MKr5jUX8uxsbt3F9gQCtgFWkgwX7flBeLaWvgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1176570603.1649488893&tid=UA-32454353-1&_gid=5686970.1649488893&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=746511002

Requested by

Protocol

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 19:11:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43818
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j96&a=1615363916&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVypFBdHPAx1KLzxHsbtKLdfQBtkKW0DzXYk3Le4QqXglBvZzXbjaF9IFq5x3C5kGVbZFBeZKB8fPX891XbjKL9gHA7bvC4yxsyLlK8uvVXkKW8ATsyHKBeZKC9x3C55GVbxmK1pUpygaFbymZbpvFltFs5ZwCwZTA3yKC0VTsTcFLbI0rXgvEuHPqwk3pvbHs7DUM-AaV-bFLRu2Z_pPEmV3XTEwLwbHVyLvL55QL80KX99SA78yL85QrYkaC0y0X7DQL9MKr5jUX8uxsbt3F9gQCtgFWkgwX7flBeLaWvgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1176570603.1649488893&tid=UA-32454353-1&_gid=5686970.1649488893&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=746511002
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

go Show response
de-go.kelkoogroup.net/
Redirect Chain

https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1649406003361&.sig=lqaRnC073NJLdyJbyzptVev_lKg-&affiliationId=96965856&comId=100516861&country=de&offerId=fd71f43f53637cc1c0752fbcc14bed83&ser...
https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18f...

27 KB
29 KB

51ms
51ms

Document
text/html

95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

2762d2d7120cf3841c8e890276e889164de224af8945cc600bdc200284c663e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://r.redirekted.com/redirect?redirect_id=dad8dec4ec677cbb19541d213811ad9e&request_id=5aa797e15b6b85179c38fa2f48ac251a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

ApacheTracking: localhost
Connection: Keep-Alive
Content-Length: 28088
Content-Type: text/html; charset=UTF-8
Date: Sat, 09 Apr 2022 07:21:32 GMT
Keep-Alive: timeout=40, max=64
P3P: CP="Anything"
Referrer-Policy: unsafe-url
Request-Time: PT0.020948S
X-Content-Type-Options: nosniff
X-DataDome: protected
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698154_1649488892711_1564339
country: de
leadId: dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1649488892756_1680400

Redirect headers

ApacheTracking: localhost
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/plain
Date: Sat, 09 Apr 2022 07:21:32 GMT
Keep-Alive: timeout=40, max=99
Location: /go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=
P3P: CP="Anything"
Referrer-Policy: unsafe-url
Request-Time: PT0.012092S
X-Content-Type-Options: nosniff
X-DataDome: protected
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698154_1649488892711_1564339
country: de

GET
H/1.1 200
OK p.png
de-go.kelkoogroup.net/assets/images/ 68 B
538 B 17ms
17ms Image
image/png 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de-go.kelkoogroup.net/assets/images/p.png?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9a851626628516062786f91f562876a4f1b84710bb75512ad9cda5118cad5fff6acf6de820eb10faa3e10c267ca02301e3e45326feab1028f1779c1faa242447f403bd2de0b8b7ce9971b5df2dd7c8f6d92c9fe46ae9992b9d45824ebca94ec6a1e67b3fb626cbbc6e7417fe035a01f66dd5daab6fc006e431adc7941ae19d88f6e20bd51dd551c02e7819b017d1b317339795d23bc2cbf13e3cfd3901a0bf5e8c42c2ccd9d6c0b5b8344006c5fe1306550e6e4ba7ff59229ca9caec4cf969a9a61e46240c6649bf686e7e04dee85c6b57b8655ab28eff50fb829adf5222f83e3af552e29f24323e7ab05f7be7617e838c00804ba45b5fd904028c45d5b5f2b8150f3c30006&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1649488892756_1680400&clickId=107698154_1649488892711_1564339

Requested by

Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

ApacheTracking: localhost
Date: Sat, 09 Apr 2022 07:21:32 GMT
Referrer-Policy: unsafe-url
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-Frame-Options: DENY
P3P: CP="Anything"
Cache-Control: private, must-revalidate
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Type: image/png
Request-Time: PT0.000359S
Content-Length: 68
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=40, max=85

GET
H2 200 tags.js Show response
js.datadome.co/ 248 KB
46 KB 90ms
24ms Script
text/javascript 143.204.98.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-101.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

4dfc2233dd1efcc0b680e56f046296b3b295bec6638a5c331ef6fc04809fab2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "3e05e-5dc1ff21aeeff-gzip"
age: 1433
x-cache: Hit from cloudfront
content-length: 46101
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 07:57:27 GMT
server: Apache
date: Sat, 09 Apr 2022 06:57:39 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: V-TAcZJMOmaK_IZtOCZOdr3eGMfPIo6s7yLo-SC_rlPFGpTn6EkYxw==
expires: Sat, 09 Apr 2022 07:57:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
42 KB 113ms
41ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3610a2118585618d5405bf16288ed2eb7435f67252590ac0c5f26f407dc7e6d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:21:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42425
x-xss-protection: 0
last-modified: Sat, 09 Apr 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Apr 2022 07:21:32 GMT

POST
H/1.1 200
OK fp
de-go.kelkoogroup.net/ 0
444 B 30ms
19ms Ping
text/plain 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/fp?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9a851626628516062786f91f562876a4f1b84710bb75512ad9cda5118cad5fff6acf6de820eb10faa3e10c267ca02301e3e45326feab1028f1779c1faa242447f403bd2de0b8b7ce9971b5df2dd7c8f6d92c9fe46ae9992b9d45824ebca94ec6a1e67b3fb626cbbc6e7417fe035a01f66dd5daab6fc006e431adc7941ae19d88f6e20bd51dd551c02e7819b017d1b317339795d23bc2cbf13e3cfd3901a0bf5e8c42c2ccd9d6c0b5b8344006c5fe1306550e6e4ba7ff59229ca9caec4cf969a9a61e46240c6649bf686e7e04dee85c6b57b8655ab28eff50fb829adf5222f83e3af552e29f24323e7ab05f7be7617e838c00804ba45b5fd904028c45d5b5f2b8150f3c30006&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1649488892756_1680400&clickId=107698154_1649488892711_1564339

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

ApacheTracking: localhost
Date: Sat, 09 Apr 2022 07:21:32 GMT
Referrer-Policy: unsafe-url
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
P3P: CP="Anything"
X-Robots-Tag: noindex,nofollow
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Request-Time: PT0.002519S
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=40, max=98

POST
H2 200 / Show response
api-js.datadome.co/js/ 235 B
413 B 89ms
24ms XHR
application/json 52.58.131.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.131.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-131-14.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 2630ee004be8fefc048742a9f46fa275284b6f0ef00644e6c50e6e0074d9ef11

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 07:21:33 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 235
expires: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4606
date: Sat, 09 Apr 2022 06:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Apr 2022 08:04:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
28ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1091134326&t=pageview&_s=1&dl=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Ded4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585%26o%3D&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965856%7C100516861%7C&ul=en-us&de=UTF-8&dt=Weiterleitung%20zu%20schulranzen.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1949999653&gjid=599209773&cid=1382145436.1649488893&tid=UA-168544891-7&_gid=679156270.1649488893&_r=1&gtm=2wg3u05ZS487&cd1=96965856&cd2=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1649488892756_1680400&cd3=100516861&cd4=a4c626f-1800d331346-b5c36&cd5=&cd6=96965856%7C100516861%7C&z=880906339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 07:21:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Primary Request holo-pink Show response
www.schulranzen.com/topmodel/beautybag/
Redirect Chain

https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9a851626628516062786f91f562876a4f1b84710bb75512ad9cda5118cad5fff6acf6de820eb10faa3e10c267ca0...
https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink

62 KB
17 KB

463ms
361ms

Document
text/html

85.236.49.141
INTERNETX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.236.49.141 , Germany, ASN15456 (INTERNETX-AS, DE),

Reverse DNS

141-49-236-85.customer-virt.eu

Software

Apache/2.4.52 (codeit) OpenSSL/1.1.1m /

Resource Hash

3f0ba4b35d2618963c7113e87c298e4b6e5f7eee7adf54d15c0d9d6bba37ae09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=ed4bad1171363a420f96eb23f30b00d3cea658c95f8b730caae95943079ab4b36af1802b9c306d276b41f6b1025650bb162db7072768b6e1327ff26211b3c6e07a5a181f1904a00e8a1b18fa21cc13ffff68282f9083d16cbbbc59e394e8ae16dac4351ef73d586250e00fccb70b8ff48b53a34c41dfcd750f08d298381e67af228c722e669972950bd47d24a22cbd9d8b53fb5b88d8abf674939608f0c8afb0dc2345fbda570a0f3b2c16a4b22a36fe07859ecb1cea3e4371b172de567a4f6ab77ebe5b4525720afd5670cfb81565ec3358f407a546dbb15d1a0feda65f769693b80931b65af171c0624f411995ed2c9e34e0c20f692c01d09b85ac0d8e02c054fd92767d11303c4bb9e8b0dd74abf42389fabbea4378e7e4bbcb2f4b137879a904f00e59af949bad659f4a36c2a73063cbfb373b3a9ade7f6b76d2aec4435ead70c7e0bca9e2224a38981f985bf9f6de6d493dc740ea739163ca84d94107424a18ecda428d71d46fb38592b537a23ee96c259d605ba135b6ad311f084554d2723d3d0774b9e96b7930520fa9f024050e78f24da8c43e405d320aee0e1b76ca165bbbee559f0514a2ba400fc42ffff08067140c2a74663bc049374c38868735ceb78b394052559932135a30efa849d39fb6b850bf2c2e680a912ec71f00ad8c0110449219543feec5e449897df3ae165a2fc8e8dba7a3101cef4f57826f4643627ab45f61688585&o=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true true
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD, OPTIONS GET, PUT, POST, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin: * *
Access-Control-Max-Age: 1000 1000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 15838
Content-Security-Policy: upgrade-insecure-requests;
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Apr 2022 07:21:33 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m
Vary: Accept-Encoding

Redirect headers

ApacheTracking: localhost
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/plain
Date: Sat, 09 Apr 2022 07:21:33 GMT
Keep-Alive: timeout=40, max=70
Location: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
P3P: CP="Anything"
Referrer-Policy: unsafe-url
Request-Time: PT0.011794S
X-Content-Type-Options: nosniff
X-DataDome: protected
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698154_1649488892711_1564339
country: de
leadId: dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1649488892756_1680400

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 275 KB
72 KB 128ms
36ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.schulranzen.com
URL: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16adfd064401bcf61aba320c08da703112404b6a7338129018d0d799217f46bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72403
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "87c1a5ea8a261f23"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H2 200 schulranzen.svg
betzstatic.com/images/logos/ 4 KB
2 KB 86ms
31ms Image
image/svg+xml 2606:4700:20::ac43:4102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betzstatic.com/images/logos/schulranzen.svg
Requested by: Host: www.schulranzen.com
URL: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f94cf1076617499f6720eb28408213aa55f30b8be5a13433cfe339ec7655771

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:21:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6427
access-control-allow-methods: GET
last-modified: Sun, 25 Mar 2018 11:32:40 GMT
server: cloudflare
etag: W/"f8b-5683b03d439b5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpCAtKOKsUSBB2rPt2NO8ans0%2FU9AW6JH5iWbgycAc734I54ZBrumJt4Dd3tE%2BHOX5jxadpVd27JCRKbw2IaG1A%2FQ14Et0rRuqN6DfbowLKBv83fbDqczL72h%2BbectmuHkFUwyZYrPR5EDxn"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 6f917c91687c9bb0-FRA
access-control-allow-headers: x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token

GET
H2 200 topmodel.png
betzstatic.com/i/logos_new/ 4 KB
4 KB 71ms
32ms Image
image/webp 2606:4700:20::ac43:4102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betzstatic.com/i/logos_new/topmodel.png
Requested by: Host: www.schulranzen.com
URL: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b06b04ebaa4b6219c538cfdbb2efa634eb32da4e60960ba2c2bfa23c3a8d397

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:21:33 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2633535
cf-polished: origFmt=png, origSize=7986
access-control-max-age: 1000
content-disposition: inline; filename="topmodel.webp"
content-length: 3628
last-modified: Thu, 23 Sep 2021 07:10:02 GMT
server: cloudflare
etag: "1f32-5cca451c68ff8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xmxKCz25UdresHzZEmLJoa%2B59pvL3%2FObsJEkWKXg7pObJspVrUE%2BR48T5raqDcGyleWmdkqa0P4Vod9UcO5Ps%2B4oW7%2FjLm1LyPINZZtM8tfzm9%2BInRudRwkB3rF6l%2FGR%2Fz6ReWUSpXN9PH7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 19:49:18 GMT
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6f917c9168809bb0-FRA
access-control-allow-headers: x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token
cf-bgj: imgq:100,h2pri

GET
H2 200 3063_698.jpg
betzstatic.com/i/prod/xl/TO/ 99 KB
100 KB 117ms
79ms Image
image/jpeg 2606:4700:20::ac43:4102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betzstatic.com/i/prod/xl/TO/3063_698.jpg
Requested by: Host: www.schulranzen.com
URL: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17673b606c6672acad197a69f1b562f59c1ed49fc4acf97bcd8b1031ea26f586

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:21:33 GMT
access-control-allow-methods: GET
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 23 Sep 2021 07:02:58 GMT
server: cloudflare
etag: W/"18de6-5cca43887c2dd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csyF74hC1iLt0JL7JNZkvom0B75%2FB3%2BDDDvJEiTV1cRSTBVF3bhYOkRcErP8zeH2o5akHFzKOzGgwwcquAVseOjqIMMPop1r6Sd%2Baa0WflvlRMAoeQRbFMzctJg%2BGYQYRN0QZgyGw9socUpj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f917c91687e9bb0-FRA
access-control-allow-headers: x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token
expires: Sun, 09 Apr 2023 07:21:33 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 51 KB
15 KB 222ms
148ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b293fa653e6f6129e63533d815e3a9a1de0bf11a5ae0bffeb155f3e3d40366e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15374
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "ed7daae26a884797"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 198ms
123ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e9ef66f3e31e617eab0923cc3b3067f65302790a9e7f85421ee9075a9db9f41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32365
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "fc53b7c2d50de298"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H2 200 amp-install-serviceworker-0.1.js Show response
cdn.ampproject.org/v0/ 10 KB
4 KB 636ms
562ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8db65ef8c30828eee2a973c432a9d238d9e875ccc57cc465637eb44f27a71f9e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3663
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "4616fce1ec02fed9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:34 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 15 KB
5 KB 236ms
162ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428a254c65a490450088ef9174cb074b2d011a1c2dae67e0842714e48694b9b5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5045
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "6f350023fd99ad89"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H2 200 amp-accordion-0.1.js Show response
cdn.ampproject.org/v0/ 18 KB
6 KB 139ms
65ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a6de14239931c6cae3ba32529a9b0defbfe557ce74a42af2eb9c6c00cf5b4e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6105
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "64de4cf4d1a20ae1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H3 200 amp-fx-collection-0.1.js Show response
cdn.ampproject.org/v0/ 18 KB
6 KB 81ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-fx-collection-0.1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

084e1eea85fb7b598ea4807b557398d75eb7860a28e89b52f218d738cffe1409

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6086
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "f6ca58e527a24327"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H3 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
9 KB 492ms
449ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

811cc2ff79995a65d15f144e10306e96333f86385decef2d2d1f8a1eafee9940

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8706
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "5b5252ad9c961b7e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:34 GMT

GET
H3 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 39 KB
11 KB 84ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4ea1829c7b6be92081f0b06c7d712ef14c11fc906d4094720c0502904c77451

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11743
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "f5159c39f2f7c2a1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H3 200 amp-list-0.1.js Show response
cdn.ampproject.org/v0/ 43 KB
13 KB 100ms
56ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-list-0.1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14db6d928079fe98fad0e53cb0b3c7a8ec7bfb36827463bc5e4661378597da74

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13295
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "b98f9938424abb02"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H3 200 amp-date-countdown-0.1.js Show response
cdn.ampproject.org/v0/ 7 KB
3 KB 73ms
30ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-date-countdown-0.1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbbea55264aa3cd2f5462dadad62d9646f82f4f56a66cc96910b988c7ef8d77c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2853
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "c688f70c50ace5e1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H3 200 amp-mustache-latest.js Show response
cdn.ampproject.org/v0/ 42 KB
14 KB 75ms
32ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-latest.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af59bac3061c4beb3088e49e0ebc0795ce88b3acbd773bbc2068c15dcfb086fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14722
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "fd926967a0ae05a5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H3 200 amp-animation-0.1.js Show response
cdn.ampproject.org/v0/ 83 KB
19 KB 92ms
49ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-animation-0.1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

623807430008160f1e9beeb3b21fdef8fd5e0a68e2a23239f372c781d8e2a899

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19177
x-xss-protection: 0
server: sffe
date: Sat, 09 Apr 2022 07:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "7ebf391876fd69a3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Apr 2022 07:21:33 GMT

GET
H2 200 AKTION20Best.jpg
betzstatic.com/images/banner/ 21 KB
21 KB 26ms
26ms Image
image/jpeg 2606:4700:20::ac43:4102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betzstatic.com/images/banner/AKTION20Best.jpg
Requested by: Host: www.schulranzen.com
URL: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 895231f55e551812b80e77206780fff8767a15bd5903dcafb07c6dbeec465d0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:21:33 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1266444
cf-polished: origSize=27343, status=webp_bigger
access-control-max-age: 1000
content-length: 21527
last-modified: Fri, 25 Mar 2022 11:59:41 GMT
server: cloudflare
etag: "6acf-5db09b29cf62f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5baXjLw5cCx1N7Xo8vJX5IzNZvTsDr46vBAJaNb%2FbLwoOXlVlweP4TKScsMlfXLowlF3XCzMr5PahGwmqqHo%2BI3dK3nw1uiMCSr5Ch4%2FFpQSECMKXbpbFr2REHnDwSDbS8keF4pS%2F0szxb9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 25 Mar 2023 15:34:09 GMT
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6f917c9259f09bb0-FRA
access-control-allow-headers: x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token
cf-bgj: imgq:100,h2pri

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012203172113000/v0/ 8 KB
3 KB 98ms
32ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203172113000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2223bc4f3431b732a8a0fd79a536fa873a9c3d0095ee964a3fe48497d29d83d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.schulranzen.com/
Origin: https://www.schulranzen.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3155
x-xss-protection: 0
server: sffe
date: Wed, 06 Apr 2022 17:14:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9f030c84dcc5a6d0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 06 Apr 2023 17:14:13 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012203172113000/v0/ 13 KB
4 KB 99ms
34ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203172113000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce69c445e159f9b6a82dd74da98316aeff28850ff1c405cc81d8d38a0c1af5ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.schulranzen.com/
Origin: https://www.schulranzen.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 312648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4104
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 16:30:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "93d6b9c70aaa2b68"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 16:30:45 GMT

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 3063_detail1_698.jpg
betzstatic.com/i/detail/TO/xl/ 101 KB
101 KB 70ms
69ms Image
image/jpeg 2606:4700:20::ac43:4102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betzstatic.com/i/detail/TO/xl/3063_detail1_698.jpg
Requested by: Host: www.schulranzen.com
URL: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6edf0b59f72ba2c43ae4e037d200af2e519729fe542ecba542881bee85603b74

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:21:33 GMT
access-control-allow-methods: GET
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 23 Sep 2021 07:39:49 GMT
server: cloudflare
etag: W/"193c7-5cca4bc544e2e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xYfner6mtlNAy0c0C4qYDSGzhA0UadsZCMA0qmHEsMhuYz0M43OwD8q%2B3D8f4%2BWkfYDCt5nRSVzcgWohhZTpDESFgG1gjInnD%2Fhx0J6SPG7uNATCnlAYU4Hqb5455gM5F72tF9lJVc5TDpL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f917c92eac19bb0-FRA
access-control-allow-headers: x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token
expires: Sun, 09 Apr 2023 07:21:33 GMT

GET
H/1.1 200
OK NDI1MDc4NTQxNTI3OA== Show response
www.schulranzen.com/api/offer/ 1 KB
1 KB 31ms
31ms Fetch
application/json 85.236.49.141
INTERNETX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.schulranzen.com/api/offer/NDI1MDc4NTQxNTI3OA==?__amp_source_origin=https%3A%2F%2Fwww.schulranzen.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.236.49.141 , Germany, ASN15456 (INTERNETX-AS, DE),

Reverse DNS

141-49-236-85.customer-virt.eu

Software

Apache/2.4.52 (codeit) OpenSSL/1.1.1m /

Resource Hash

a08c9a0e74e5dbe39f4b989497912443223f10828ab4789b757e76f850df2d30

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Accept: application/json
Referer: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
AMP-Same-Origin: true

Response headers

Date: Sat, 09 Apr 2022 07:21:33 GMT
Content-Encoding: gzip
Server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, GET, PUT, POST, DELETE, HEAD, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *, *
Access-Control-Max-Age: 1000, 1000
Access-Control-Allow-Credentials: true, true
Content-Security-Policy: upgrade-insecure-requests;
Connection: Keep-Alive
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token, x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token
Content-Length: 580
Keep-Alive: timeout=5, max=99

GET
H2 200 698.jpg
betzstatic.com/i/must/m/TO/ 5 KB
5 KB 31ms
30ms Image
image/webp 2606:4700:20::ac43:4102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betzstatic.com/i/must/m/TO/698.jpg
Requested by: Host: www.schulranzen.com
URL: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e0e7082e9aed175ad0b92d60560fbba51cb2f000985dde6744c8ca3c06f7fe6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:21:33 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56699
cf-polished: origFmt=jpeg, origSize=11187
access-control-max-age: 1000
content-disposition: inline; filename="698.webp"
content-length: 5112
last-modified: Thu, 23 Sep 2021 06:40:28 GMT
server: cloudflare
etag: "2bb3-5cca3e8104332-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWq6K1s8zLLY3FvOF1Pxi7xg17Sc8dT6RF8S9FbCCNvDQ%2Bxw04aDKeuql%2FfJdBXoqiMKpt5cp%2F%2Flp18MvhEoJv%2Frkzc0eCJ6iqpSSousohvl1aTZHnzpiZLCNcnY4dV6ya%2BlUD3SJ9U%2F1dsc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 08 Apr 2023 15:36:34 GMT
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6f917c936b929bb0-FRA
access-control-allow-headers: x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token
cf-bgj: imgq:100,h2pri

GET
H2 200 freie_zugabe.png
betzstatic.com/images/util/ 107 KB
108 KB 28ms
28ms Image
image/webp 2606:4700:20::ac43:4102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betzstatic.com/images/util/freie_zugabe.png
Requested by: Host: www.schulranzen.com
URL: https://www.schulranzen.com/topmodel/beautybag/holo-pink?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=TOPModel+Beautybag+Holo+Pink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86712afa8e23f507711f20d14d5350c6912232d3cdf1aed2a06f5b502ba35355

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.schulranzen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:21:33 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173550
cf-polished: origFmt=png, origSize=169477
access-control-max-age: 1000
content-disposition: inline; filename="freie_zugabe.webp"
last-modified: Thu, 03 Feb 2022 10:59:13 GMT
server: cloudflare
etag: "29605-5d71b0653b8ce-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRHhcrcg5%2Fal2gtyJSTD%2FUIE4MZxIOdKyetKtqMnDO5DrwvMY34fEcWPMxtLN6BaiI70erDQROoPNecPE8npIfAkI%2FJeDyOOXjbRWT8KVYUv7%2BXxPv5mILha%2FAfj%2FDPHl1pvcA5OrNjoX6oH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 07 Apr 2023 07:09:03 GMT
cache-control: max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f917c936b939bb0-FRA
access-control-allow-headers: x-requested-with, Content-Type, origin, Authorization, Accept, client-security-token
cf-bgj: imgq:100,h2pri

GET sw.js
www.schulranzen.com/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.schulranzen.com
URL: https://www.schulranzen.com/sw.js

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
americandxpress.com/	1970-01-20 02:11:29	Name: parking_session Value: 819d311a-e89a-ece9-3885-8763a62645eb
r.redirekted.com/	1970-01-20 02:12:55	Name: uuid Value: 3713329582037732864
.redirekted.com/	1970-01-20 19:42:40	Name: _ga Value: GA1.2.1176570603.1649488893
.redirekted.com/	1970-01-20 02:12:55	Name: _gid Value: GA1.2.5686970.1649488893
.redirekted.com/	1970-01-20 02:11:28	Name: _gat Value: 1
.kelkoogroup.net/	1970-01-20 10:57:04	Name: referer Value: http%3A%2F%2Fr.redirekted.com%2F
.kelkoogroup.net/	1970-01-20 10:57:04	Name: kelkooID Value: a4c626f-1800d331346-b5c36
.kelkoogroup.net/	1970-01-20 10:57:04	Name: lastSearchedKeyword Value: a3dkPVRPUE1vZGVsIEJlYXV0eWJhZyBIb2xvIFBpbmt8dHM9MTY0OTQ4ODg5Mjc2MnxjYXRJZD0xNzAxMDF8Y29tSWQ9MTAwNTE2ODYx
.de-go.kelkoogroup.net/	1970-01-20 19:42:40	Name: _ga Value: GA1.3.1382145436.1649488893
.de-go.kelkoogroup.net/	1970-01-20 02:12:55	Name: _gid Value: GA1.3.679156270.1649488893
.de-go.kelkoogroup.net/	1970-01-20 02:11:28	Name: _gat_UA-168544891-7 Value: 1
.kelkoogroup.net/	1970-01-20 10:57:04	Name: datadome Value: t6b8PioRvfgXoTCde2jjh~ITczUti0PnFIiZ0PiR-7Rwk9~YRqa_~-mdHchI0786ELWwL3IYxCcNyV9XclnuNEsMOGHKOem7BXpM9nz0GI4AZIYteA46rFC5C2DimLx
www.schulranzen.com/	1970-01-20 02:25:52	Name: session1 Value: MTY0OTQ4ODg5M3xYZGlYMF9TeGY0Sm52RW1HZGZ4SThYWHR5dGZyUlA4dTEzOWxXTmJFZk9scmZyU3duRlNsdEdCSkJQbEJCZElXR2JRTUpxNEJJd29qY2xUeS0xckN2Q1NhXzZvOEtfZkpDYmFLamtDY2ZDN1BZTjQ9fAAuzG_3kkEw5JbA6zbTw03eenQ_7aI84gjW_TcIBCRW

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

americandxpress.com
api-js.datadome.co
betzstatic.com
cdn.ampproject.org
de-go.kelkoogroup.net
js.datadome.co
r.redirekted.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.schulranzen.com
www.schulranzen.com
143.204.98.101
199.59.243.200
2606:4700:20::ac43:4102
2a00:1450:4001:801::2008
2a00:1450:4001:808::2001
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
52.58.131.14
66.165.243.160
85.236.49.141
95.211.116.27
084e1eea85fb7b598ea4807b557398d75eb7860a28e89b52f218d738cffe1409
08ab7c4d48d7cd907c4b1a5ec38c7a23f8eae35c78320899f5b26082a59149a9
14db6d928079fe98fad0e53cb0b3c7a8ec7bfb36827463bc5e4661378597da74
16adfd064401bcf61aba320c08da703112404b6a7338129018d0d799217f46bc
17673b606c6672acad197a69f1b562f59c1ed49fc4acf97bcd8b1031ea26f586
2223bc4f3431b732a8a0fd79a536fa873a9c3d0095ee964a3fe48497d29d83d1
2630ee004be8fefc048742a9f46fa275284b6f0ef00644e6c50e6e0074d9ef11
2762d2d7120cf3841c8e890276e889164de224af8945cc600bdc200284c663e3
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02
3610a2118585618d5405bf16288ed2eb7435f67252590ac0c5f26f407dc7e6d9
3b5e98098d018e2f8fcb10c5ec4a00864f8a2826d4f8d90d5b5f2fc1cda39463
3f0ba4b35d2618963c7113e87c298e4b6e5f7eee7adf54d15c0d9d6bba37ae09
3f94cf1076617499f6720eb28408213aa55f30b8be5a13433cfe339ec7655771
428a254c65a490450088ef9174cb074b2d011a1c2dae67e0842714e48694b9b5
4dfc2233dd1efcc0b680e56f046296b3b295bec6638a5c331ef6fc04809fab2c
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
5e9ef66f3e31e617eab0923cc3b3067f65302790a9e7f85421ee9075a9db9f41
623807430008160f1e9beeb3b21fdef8fd5e0a68e2a23239f372c781d8e2a899
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6ae3a3f878af9740b67a3698d257c0a8b3725197921dadf7ce3ad0a35cb8c494
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d40c353fc3f1efca423e08346cd4a2fc53b7066f16adbd6a05b5b80dce26db4
6edf0b59f72ba2c43ae4e037d200af2e519729fe542ecba542881bee85603b74
811cc2ff79995a65d15f144e10306e96333f86385decef2d2d1f8a1eafee9940
85bfbbd0a21469dbcce5c5f00cb7e1ace7ec547cf17da40c1ee4bebdd830fe64
86712afa8e23f507711f20d14d5350c6912232d3cdf1aed2a06f5b502ba35355
895231f55e551812b80e77206780fff8767a15bd5903dcafb07c6dbeec465d0e
8b06b04ebaa4b6219c538cfdbb2efa634eb32da4e60960ba2c2bfa23c3a8d397
8db65ef8c30828eee2a973c432a9d238d9e875ccc57cc465637eb44f27a71f9e
8e0e7082e9aed175ad0b92d60560fbba51cb2f000985dde6744c8ca3c06f7fe6
92a6de14239931c6cae3ba32529a9b0defbfe557ce74a42af2eb9c6c00cf5b4e
932bbb80d94d062ec2e6bc0bcb7c53850fe44dafdc7878476a04fa3229e3d279
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9b293fa653e6f6129e63533d815e3a9a1de0bf11a5ae0bffeb155f3e3d40366e
a08c9a0e74e5dbe39f4b989497912443223f10828ab4789b757e76f850df2d30
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
af59bac3061c4beb3088e49e0ebc0795ce88b3acbd773bbc2068c15dcfb086fe
b4ea1829c7b6be92081f0b06c7d712ef14c11fc906d4094720c0502904c77451
bbbea55264aa3cd2f5462dadad62d9646f82f4f56a66cc96910b988c7ef8d77c
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
ce69c445e159f9b6a82dd74da98316aeff28850ff1c405cc81d8d38a0c1af5ce
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f92d04548661b8ff62d1037b56ae0bf2f778ec5e1ad8cd2b0eb303c56a72f97a

www.schulranzen.com Open in urlscan Pro 85.236.49.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

71 %HTTPS

45 %IPv6

10 Domains

11 Subdomains

12 IPs

3 Countries

820 kBTransfer

1863 kBSize

13 Cookies

5 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.schulranzen.com Open in urlscan Pro
85.236.49.141 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

71 %
HTTPS

45 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

820 kB
Transfer

1863 kB
Size

13
Cookies

48 HTTP transactions
7 data transactions