urlscan.io logo urlscan.io
SecurityTrails logo

nl.clarinsbnl.com Open in urlscan Pro
82.103.135.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://echo7.bluehornet.com/ct/58812178:6LQVBq2CN:m:1:3002307913:7DCB0446613F8EC5237968E8015C45D2:r
Effective URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_...
Submission: On November 20 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 9 domains to perform 23 HTTP transactions. The main IP is 82.103.135.54, located in Denmark and belongs to ASERGO-AS, DK. The main domain is nl.clarinsbnl.com.
TLS certificate: Issued by R3 on October 2nd 2021. Valid for: 3 months.
This is the only time nl.clarinsbnl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.164.168.65 16509 (AMAZON-02)
1 1 54.72.240.173 16509 (AMAZON-02)
1 1 87.98.141.243 16276 (OVH)
1 1 95.131.136.1 47841 (OXALIDE)
15 82.103.135.54 30736 (ASERGO-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.63 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.195.11 16509 (AMAZON-02)
1 13.224.195.37 16509 (AMAZON-02)
1 99.81.27.250 16509 (AMAZON-02)
1 13.225.78.127 16509 (AMAZON-02)
23 8
1    35.164.168.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-168-65.us-west-2.compute.amazonaws.com
echo7.bluehornet.com
1    54.72.240.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-240-173.eu-west-1.compute.amazonaws.com
trk.loudedig.com
1    87.98.141.243 (France)

ASN16276 (OVH, FR)
PTR: reverse.pcsodeuz.net
t.pcsodeuz.net
1    95.131.136.1 (France)

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net
action.metaffiliation.com
15    82.103.135.54 (Denmark)

ASN30736 (ASERGO-AS, DK)
PTR: ns1.pinguix.net
nl.clarinsbnl.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.225.78.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-63.fra2.r.cloudfront.net
static.hotjar.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.224.195.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-11.fra2.r.cloudfront.net
script.hotjar.com
1    13.224.195.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-37.fra2.r.cloudfront.net
vars.hotjar.com
1    99.81.27.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-27-250.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    13.225.78.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-127.fra2.r.cloudfront.net
vc.hotjar.io
Domain Requested by
15 nl.clarinsbnl.com nl.clarinsbnl.com
2 fonts.gstatic.com fonts.googleapis.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com nl.clarinsbnl.com
1 fonts.googleapis.com nl.clarinsbnl.com
1 action.metaffiliation.com 1 redirects
1 t.pcsodeuz.net 1 redirects
1 trk.loudedig.com 1 redirects
1 echo7.bluehornet.com 1 redirects
23 12

This site contains links to these domains. Also see Links.

Domain
clarins.commander1.com
bnl.clarins.com
policies.google.com
Subject Issuer Validity Valid
*.clarinsbnl.com
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Frame ID: BE5E7B93944334029ECD962FCB55FAD0
Requests: 22 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: A9C46A61A3D80CA4EFCF71E3D71F9028
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jouw-welkomstaanbieding - Clarins

Page URL History Show full URLs

  1. https://echo7.bluehornet.com/ct/58812178:6LQVBq2CN:m:1:3002307913:7DCB0446613F8EC5237968E8015C45D2:r HTTP 302
    http://trk.loudedig.com/aff_c?offer_id=1164&aff_id=1&file_id=2529&aff_sub=KoningKortingBENL HTTP 302
    http://t.pcsodeuz.net/trk.php?mclic=P51098F57239B21311&argsite=1027717aed76ce005edd3a27e146c6&urlr... HTTP 302
    http://action.metaffiliation.com/trk.php?mclic=P51098F57239B21311&argsite=1027717aed76ce005edd3a27e146c6&urlr... HTTP 302
    https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campa... Page URL

Page Statistics

23
Requests

100 %
HTTPS

17 %
IPv6

9
Domains

12
Subdomains

8
IPs

5
Countries

2073 kB
Transfer

2494 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://echo7.bluehornet.com/ct/58812178:6LQVBq2CN:m:1:3002307913:7DCB0446613F8EC5237968E8015C45D2:r HTTP 302
    http://trk.loudedig.com/aff_c?offer_id=1164&aff_id=1&file_id=2529&aff_sub=KoningKortingBENL HTTP 302
    http://t.pcsodeuz.net/trk.php?mclic=P51098F57239B21311&argsite=1027717aed76ce005edd3a27e146c6&urlrv=https%3A%2F%2Fnl.clarinsbnl.com&urlv=cd6ef34f5bbf3dbddbef62daacbe74fa&altid={EMAIL}&force_ele=1 HTTP 302
    http://action.metaffiliation.com/trk.php?mclic=P51098F57239B21311&argsite=1027717aed76ce005edd3a27e146c6&urlrv=https%3A%2F%2Fnl.clarinsbnl.com&urlv=cd6ef34f5bbf3dbddbef62daacbe74fa&altid={EMAIL}&force_ele=1&__nadom=t.pcsodeuz.net HTTP 302
    https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nl.clarinsbnl.com/
Redirect Chain
  • https://echo7.bluehornet.com/ct/58812178:6LQVBq2CN:m:1:3002307913:7DCB0446613F8EC5237968E8015C45D2:r
  • http://trk.loudedig.com/aff_c?offer_id=1164&aff_id=1&file_id=2529&aff_sub=KoningKortingBENL
  • http://t.pcsodeuz.net/trk.php?mclic=P51098F57239B21311&argsite=1027717aed76ce005edd3a27e146c6&urlrv=https%3A%2F%2Fnl.clarinsbnl.com&urlv=cd6ef34f5bbf3dbddbef62daacbe74fa&altid={EMAIL}&force_ele=1
  • http://action.metaffiliation.com/trk.php?mclic=P51098F57239B21311&argsite=1027717aed76ce005edd3a27e146c6&urlrv=https%3A%2F%2Fnl.clarinsbnl.com&urlv=cd6ef34f5bbf3dbddbef62daacbe74fa&altid={EMAIL}&fo...
  • https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
41 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
49ce04ac4ce4ad0a314ed316900141dbfb209997825a91ee76a60630903ecccc
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sat, 20 Nov 2021 13:31:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Fri, 12 Nov 2021 17:32:22 GMT
cache-control
max-age=0
expires
Sat, 20 Nov 2021 13:31:36 GMT
x-ua-compatible
IE=edge
x-frame-options
DENY
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block
x-nginx-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 20 Nov 2021 13:31:36 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV
9
X-TRK-PROC
67983
P3P
CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Sat, 20 Nov 2021 13:31:36 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
X-Robots-Tag
noindex
X-TRK-DECISION
4
X-TRK-D
0.0055639743804932
Location
https://nl.clarinsbnl.com?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
style.min.css
nl.clarinsbnl.com/assets/css/ 		92 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nl.clarinsbnl.com/assets/css/style.min.css
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
d30c1857c78aa5459972e5af97eef86af4d1f59cdc896933ee35af73a6220ebf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:17 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
expires
Mon, 20 Dec 2021 13:31:36 GMT
logo.svg
nl.clarinsbnl.com/assets/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl.clarinsbnl.com/assets/img/logo.svg
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
e3beee905644ec68bcfe5637b8c7729b48146e84c253fc298920194bc716b232
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:50 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=5184000
expires
Wed, 19 Jan 2022 13:31:36 GMT
clarins.svg
nl.clarinsbnl.com/assets/img/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl.clarinsbnl.com/assets/img/clarins.svg
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
b0520a512f92eefa6cf341f7f7b904e8ea21c202694f7382c4c8119d864ce347
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:49 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=5184000
expires
Wed, 19 Jan 2022 13:31:36 GMT
bag.svg
nl.clarinsbnl.com/assets/img/icons/ 		764 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl.clarinsbnl.com/assets/img/icons/bag.svg
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
0fd70d64c0616816412d0430970053976520f5cd12b828226853288aaccad248
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:50 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=5184000
expires
Wed, 19 Jan 2022 13:31:36 GMT
samples.svg
nl.clarinsbnl.com/assets/img/icons/ 		1 KB
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl.clarinsbnl.com/assets/img/icons/samples.svg
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
17f662a7054f1db73c206df0794d48224cbb90a2959c1fde6130916a9914bd4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:50 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=5184000
expires
Wed, 19 Jan 2022 13:31:36 GMT
gift.svg
nl.clarinsbnl.com/assets/img/icons/ 		2 KB
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl.clarinsbnl.com/assets/img/icons/gift.svg
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
d2c4f2a3246bf50ea287886ac788318cb752b6f624ac3a05f89ee1f6045a77cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:50 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=5184000
expires
Wed, 19 Jan 2022 13:31:36 GMT
libs.min.js
nl.clarinsbnl.com/assets/js/ 		204 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nl.clarinsbnl.com/assets/js/libs.min.js
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
d2f46aace7d610c9d67a47b806079c7ad1d23bc538e7be973491a16e8f668dc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Feb 2020 12:28:18 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Mon, 20 Dec 2021 13:31:36 GMT
script.min.js
nl.clarinsbnl.com/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nl.clarinsbnl.com/assets/js/script.min.js
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
a2ceaae88246eaebe02310c9ce5d8e213e06e95feeadb19529a463db6c497657
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Mar 2020 15:24:27 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Mon, 20 Dec 2021 13:31:36 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:500,700&display=swap
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/assets/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a534c6633a517988df65df17d7910ebfdf1e1a5dc98ac960d61cef9604b961a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 20 Nov 2021 13:31:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 20 Nov 2021 13:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Nov 2021 13:31:36 GMT
hotjar-1707755.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1707755.js?sv=6
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-63.fra2.r.cloudfront.net
Software
/
Resource Hash
887fc8b3c68e41aa743f3b2eba99652b07502812bf6acaaa3bcd2de45c6768e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 13:31:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
24
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1892
access-control-allow-origin
*
cache-control
max-age=60
etag
W/028fd3ec67544c5de3f393039727768a
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-cache-hit
1
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Aq9DsGr_51ku8kXhJrk1IU9-l_aDx7lV-vQnefxrfaXqjavlsVg4Gw==
hero_image_bf.png
nl.clarinsbnl.com/assets/img/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl.clarinsbnl.com/assets/img/hero_image_bf.png
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/assets/css/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
5a927a14bf7afe739e751b766ddb86142d200edc5ecd7a084bedf7d3355f98a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/assets/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:49 GMT
server
nginx
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
1878542
expires
Wed, 19 Jan 2022 13:31:36 GMT
name.svg
nl.clarinsbnl.com/assets/img/icons/ 		896 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl.clarinsbnl.com/assets/img/icons/name.svg
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/assets/css/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
6c4ca699e2bb318d7af4ceb29612e990df67249263c32b9232e874a6e1105335
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/assets/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:50 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=5184000
expires
Wed, 19 Jan 2022 13:31:36 GMT
email.svg
nl.clarinsbnl.com/assets/img/icons/ 		1001 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl.clarinsbnl.com/assets/img/icons/email.svg
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/assets/css/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
3808949a80ca9bebbe26939cafd32349f7ce15c9a9b4556ec4093c434fa1ac63
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/assets/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:50 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=5184000
expires
Wed, 19 Jan 2022 13:31:36 GMT
birthdate.svg
nl.clarinsbnl.com/assets/img/icons/ 		2 KB
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl.clarinsbnl.com/assets/img/icons/birthdate.svg
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/assets/css/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
efc88a9fb6076abe9203833f9700548c9568e99ecb5b8b4da084e9a52a109c7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/assets/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 17:03:50 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=5184000
expires
Wed, 19 Jan 2022 13:31:36 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nl.clarinsbnl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:18:02 GMT
x-content-type-options
nosniff
age
87214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 13:18:02 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nl.clarinsbnl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 21:15:27 GMT
x-content-type-options
nosniff
age
404169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 15 Nov 2022 21:15:27 GMT
ClarinsRegular.woff2
nl.clarinsbnl.com/assets/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nl.clarinsbnl.com/assets/fonts/ClarinsRegular.woff2
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/assets/css/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
3bf957219dcb25f7c509fc0027672bbdf6773c215616e71a6fa9ca0956d21d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nl.clarinsbnl.com/assets/css/style.min.css
Origin
https://nl.clarinsbnl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Nov 2021 13:31:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Feb 2020 12:28:04 GMT
server
nginx
x-frame-options
DENY
content-type
font/woff2
cache-control
max-age=5184000
x-ua-compatible
IE=edge
accept-ranges
bytes
content-length
28228
expires
Wed, 19 Jan 2022 13:31:36 GMT
track.php
nl.clarinsbnl.com/ 		2 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nl.clarinsbnl.com/track.php
Requested by
Host: nl.clarinsbnl.com
URL: https://nl.clarinsbnl.com/assets/js/libs.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.103.135.54 , Denmark, ASN30736 (ASERGO-AS, DK),
Reverse DNS
ns1.pinguix.net
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nl.clarinsbnl.com/?kwkuniv=P51098F57239B100-v91ddf3ktn059n4or01edu9j5f4xw-w9f9pimhrf&utm_campaign=affiliation&utm_content=banners&utm_source=kwanko&utm_medium=affiliate&utm_term=467867
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 20 Nov 2021 13:31:37 GMT
x-content-type-options
nosniff, nosniff
server
nginx
x-frame-options
DENY
content-type
text/plain;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-server-powered-by
Engintron
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
modules.1810afb089b838b62ed8.js
script.hotjar.com/ 		226 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1810afb089b838b62ed8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1707755.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-11.fra2.r.cloudfront.net
Software
/
Resource Hash
2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 13:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
259590
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
60615
access-control-allow-origin
*
last-modified
Wed, 17 Nov 2021 13:25:01 GMT
etag
"1f23634605f98b007e0df34e60106bb8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
iXvOzzsS3SIrNc3emFoZQIEt3cQwljPqzmAL0sm4UO0HSTjpkmqsdQ==
box-ad575b5823df97fc9725e14a57070642.html
vars.hotjar.com/ Frame A9C4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1707755.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-37.fra2.r.cloudfront.net
Software
/
Resource Hash
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/

Response headers

content-type
text/html
content-length
1050
date
Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified
Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
nGfain6RdP6MriGeKFlOLJk7UwaisatHyOpv81UTCW7RVJeBFtJfQA==
age
353730
visit-data
in.hotjar.com/api/v2/client/sites/1707755/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1707755/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1810afb089b838b62ed8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.27.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-27-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer
https://nl.clarinsbnl.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sat, 20 Nov 2021 13:31:36 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1707755
vc.hotjar.io/sessions/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1707755?s=0.25&r=0.20847174534013058
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1810afb089b838b62ed8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-127.fra2.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nl.clarinsbnl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 13:31:36 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
dnUGCg_AcM2ZzC6aLd9PGMt7a93ZhftMG9j3Q2T_XXniyNHwcEZ7Ig==

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| hj object| _hjSettings function| randomstring object| $_GET function| $ function| jQuery function| Awesomplete function| Inputmask object| video object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| kuid

13 Cookies

Domain/Path Name / Value
echo7.bluehornet.com/ Name: AWSALB
Value: cQ5nQnWiKzziH0RWhzDuI+G9urG6oeHw2G6SCspdiaXyDKV6kejYf4V7hnVEHSK72qvOG1iD24wmsHaYemQLImAQM4Cy4M/zLv1JuovJLTwZ2sRpoHWFdRfNM6h2
echo7.bluehornet.com/ Name: AWSALBCORS
Value: cQ5nQnWiKzziH0RWhzDuI+G9urG6oeHw2G6SCspdiaXyDKV6kejYf4V7hnVEHSK72qvOG1iD24wmsHaYemQLImAQM4Cy4M/zLv1JuovJLTwZ2sRpoHWFdRfNM6h2
.metaffiliation.com/ Name: neta
Value: 7825f3ktn059n4or01edu9j5f4xw
.metaffiliation.com/ Name: netases
Value: 7825f3ktn059n4or01edu9j5f4xw
.metaffiliation.com/ Name: kwknc
Value: cp51098f57239b21311-MTAyNzcxN2FlZDc2Y2UwMDVlZGQzYTI3ZTE0NmM2
.metaffiliation.com/ Name: kwkncses
Value: cp51098f57239b21311-MTAyNzcxN2FlZDc2Y2UwMDVlZGQzYTI3ZTE0NmM2
.clarinsbnl.com/ Name: _hjSessionUser_1707755
Value: eyJpZCI6IjBlNTc4YjM4LWYxNTgtNTg1YS1hYWViLWVhY2IyMzVhMjI4MSIsImNyZWF0ZWQiOjE2Mzc0MTUwOTY1NjEsImV4aXN0aW5nIjpmYWxzZX0=
.clarinsbnl.com/ Name: _hjFirstSeen
Value: 1
.clarinsbnl.com/ Name: _hjSession_1707755
Value: eyJpZCI6IjRlODlhNzU3LTNiNzItNDQyMy05YWI0LWM3NzE4YjUwYzg2ZSIsImNyZWF0ZWQiOjE2Mzc0MTUwOTY2NzF9
nl.clarinsbnl.com/ Name: _hjIncludedInPageviewSample
Value: 1
.clarinsbnl.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
nl.clarinsbnl.com/ Name: lp_nl_clarinsbnl_com
Value: c32vfr68qfhn3ujah2qj6t9br2
nl.clarinsbnl.com/ Name: lp_kwookie
Value: 5dde5843607e91c227cddf2e5b3372eaf63e1961

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
echo7.bluehornet.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
nl.clarinsbnl.com
script.hotjar.com
static.hotjar.com
t.pcsodeuz.net
trk.loudedig.com
vars.hotjar.com
vc.hotjar.io
13.224.195.11
13.224.195.37
13.225.78.127
13.225.78.63
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200a
35.164.168.65
54.72.240.173
82.103.135.54
87.98.141.243
95.131.136.1
99.81.27.250
0fd70d64c0616816412d0430970053976520f5cd12b828226853288aaccad248
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
17f662a7054f1db73c206df0794d48224cbb90a2959c1fde6130916a9914bd4c
2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3808949a80ca9bebbe26939cafd32349f7ce15c9a9b4556ec4093c434fa1ac63
3bf957219dcb25f7c509fc0027672bbdf6773c215616e71a6fa9ca0956d21d87
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
49ce04ac4ce4ad0a314ed316900141dbfb209997825a91ee76a60630903ecccc
5a927a14bf7afe739e751b766ddb86142d200edc5ecd7a084bedf7d3355f98a6
6c4ca699e2bb318d7af4ceb29612e990df67249263c32b9232e874a6e1105335
887fc8b3c68e41aa743f3b2eba99652b07502812bf6acaaa3bcd2de45c6768e2
9a534c6633a517988df65df17d7910ebfdf1e1a5dc98ac960d61cef9604b961a
a2ceaae88246eaebe02310c9ce5d8e213e06e95feeadb19529a463db6c497657
b0520a512f92eefa6cf341f7f7b904e8ea21c202694f7382c4c8119d864ce347
d2c4f2a3246bf50ea287886ac788318cb752b6f624ac3a05f89ee1f6045a77cd
d2f46aace7d610c9d67a47b806079c7ad1d23bc538e7be973491a16e8f668dc6
d30c1857c78aa5459972e5af97eef86af4d1f59cdc896933ee35af73a6220ebf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3beee905644ec68bcfe5637b8c7729b48146e84c253fc298920194bc716b232
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
efc88a9fb6076abe9203833f9700548c9568e99ecb5b8b4da084e9a52a109c7a
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383