www.fliegende-pillen.de Open in urlscan Pro
145.239.136.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capitalonesthemstch.com/
Effective URL:
https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=ke...
Submission: On March 23 via api (March 23rd 2022, 8:21:54 am UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 46 HTTP transactions. The main IP is 145.239.136.54, located in France and belongs to OVH, FR. The main domain is www.fliegende-pillen.de.
TLS certificate: Issued by R3 on February 17th 2022. Valid for: 3 months.

This is the only time www.fliegende-pillen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	173.255.194.134 173.255.194.134	63949 (LINODE-AP...) (LINODE-AP Linode)
2	54.92.150.221 54.92.150.221	14618 (AMAZON-AES) (AMAZON-AES)
1	52.218.48.244 52.218.48.244	16509 (AMAZON-02) (AMAZON-02)
4	66.165.243.160 66.165.243.160	29802 (HVC-AS) (HVC-AS)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2 5	95.211.116.27 95.211.116.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.66.122.18 18.66.122.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	52.59.8.57 52.59.8.57	16509 (AMAZON-02) (AMAZON-02)
2	78.47.12.188 78.47.12.188	24940 (HETZNER-AS) (HETZNER-AS)
1 20	145.239.136.54 145.239.136.54	16276 (OVH) (OVH)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bad2	() ()
2	2a02:26f0:6c0... 2a02:26f0:6c00:281::f09	() ()
46	14

2 173.255.194.134 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li204-134.members.linode.com

capitalonesthemstch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.92.150.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-150-221.compute-1.amazonaws.com

denise.v4.byetnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.48.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.27 (Swifterbant, Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com

de-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-18.fra60.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.8.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-8-57.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.47.12.188 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.12.47.78.clients.your-server.de

click.fliegende-pillen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 145.239.136.54 (France) 1 redirects

ASN16276 (OVH, FR)

www.fliegende-pillen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bad2 (None, )

ASN- ()

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:281::f09 (None, )

ASN- ()

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	fliegende-pillen.de 1 redirects click.fliegende-pillen.de www.fliegende-pillen.de	301 KB
5	kelkoogroup.net 2 redirects de-go.kelkoogroup.net — Cisco Umbrella Rank: 773568	34 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
4	redirekted.com r.redirekted.com — Cisco Umbrella Rank: 644323	11 KB
3	cookiebot.com consent.cookiebot.com consentcdn.cookiebot.com	28 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 7406 api-js.datadome.co — Cisco Umbrella Rank: 7231	47 KB
2	byetnc.com denise.v4.byetnc.com Failed	3 KB
2	capitalonesthemstch.com capitalonesthemstch.com	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	41 KB
1	amazonaws.com s3-eu-west-1.amazonaws.com	7 KB
0	ausgezeichnet.org Failed siegel.ausgezeichnet.org Failed
46	11

	Domain	Requested by
20	www.fliegende-pillen.de	1 redirects www.fliegende-pillen.de
5	de-go.kelkoogroup.net	2 redirects r.redirekted.com de-go.kelkoogroup.net
5	www.google-analytics.com	r.redirekted.com www.google-analytics.com www.googletagmanager.com
4	r.redirekted.com	denise.v4.byetnc.com r.redirekted.com
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	click.fliegende-pillen.de	de-go.kelkoogroup.net click.fliegende-pillen.de
2	denise.v4.byetnc.com	capitalonesthemstch.com denise.v4.byetnc.com
2	capitalonesthemstch.com	capitalonesthemstch.com
1	consent.cookiebot.com	www.fliegende-pillen.de
1	api-js.datadome.co	js.datadome.co
1	www.googletagmanager.com	de-go.kelkoogroup.net
1	js.datadome.co	de-go.kelkoogroup.net
1	s3-eu-west-1.amazonaws.com	denise.v4.byetnc.com
0	siegel.ausgezeichnet.org Failed	www.fliegende-pillen.de
46	14

This site contains no links.

Subject Issuer	Validity	Valid
byetnc.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2021-09-07` - `2022-10-07`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2021-10-12` - `2022-10-21`	a year	crt.sh
click.fliegende-pillen.de R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh
www.fliegende-pillen.de R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Frame ID: 0A00E1173790E4B20C609D2118A3977F
Requests: 41 HTTP requests in this frame

Frame: http://r.redirekted.com/go?e=DwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVyVvF8gRps13Be0wX-HKCdRTsx1KL4gHsYkUF8IFs70KW90wXyHGC9AaXWy3C55GVxfvEuHPsYk3BdtRs7tmL9AUB-bFLRu2Z_pPEmV3XTEwLwbHVyjUF55QL80KX99SA781F9AUqvkKL9cQsYywC8AKA-43p9jmX2yKCd4QsXcPX8ETsyt3L8gRpYgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Frame ID: A8AD2E61A1A9046DF3DD64C820E4EA94
Requests: 4 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: F211537BBCA1D8A42906941D843DD4B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://capitalonesthemstch.com/ Page URL
https://denise.v4.byetnc.com/api/user/0110bb589ad0c40529b085e08f69da445feccfd117.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
http://r.redirekted.com/redirect?redirect_id=4230466ebaecc97b373013c59ea7e461&request_id=91dfe6da80e... Page URL
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1647937203504&.sig=uMJJRt3wYYvUhnJRVVIgsErvyCI-&aff... HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d... Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9... HTTP 303
https://click.fliegende-pillen.de/?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelko... Page URL
https://www.fliegende-pillen.de/product/16937252?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&p... HTTP 302
https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=k... Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

46
Requests

78 %
HTTPS

31 %
IPv6

11
Domains

14
Subdomains

14
IPs

5
Countries

516 kB
Transfer

1447 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capitalonesthemstch.com/ Page URL
https://denise.v4.byetnc.com/api/user/0110bb589ad0c40529b085e08f69da445feccfd117.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjMwODIxIiwiZCI6ImNhcGl0YWxvbmVzdGhlbXN0Y2guY29tIn0.MZsHMPV0H1GsO9se92ql4r6OUTGAXbugnhWZQrtbtQg Page URL
http://r.redirekted.com/redirect?redirect_id=4230466ebaecc97b373013c59ea7e461&request_id=91dfe6da80ec2ce06e48993688f251c6 Page URL
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1647937203504&.sig=uMJJRt3wYYvUhnJRVVIgsErvyCI-&affiliationId=96965856&comId=100533369&country=de&offerId=fee57311cda4a880b3f7d5f10a1ad922&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=9IvVY5KXWgwXcRKD1LKqRAGLx1QAvAPDetPLYIwq9O0r-03EmxFF0AFXVyxsmMvE8gQqYg3B0OJsxZJF9gGsakKWjuHsyLvL9gRB&custom2=jKWjuHsyj3F8gxXxqwqSExZvyRCexFrUAQB HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o= Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9a851626628190e74b893744fef3cb00d4c44a2fbd992653a6a370796f9645a6e7735bce13688523f3bb5b945364b0439c8be6c77a0f3c2021c41e7b6b43fb90e8c2c62ba37df38ee1ab74097e8bdecc1ecdf9c2d6b9b043b03523726cdc416baae41b557020210b9346e131f1fc629b16573a652463a301dc87661597ad90e215613a1e468615836fd89d8bd9fcb024c7113f546993516a7ce84117137af60d8c538cfc57c7ddb8e54ce7b9ba93dce327052a2a5dafcd1342ab8c7feae4eb6ea990a15a0e436dd5720e43013ddd54313032f56445c1935728e3b623d13d422f15a8b0d3c7c8cb70fec527b3a513bcfa61945d193576acde1fd1dfa4529033f6e536b3bc23e919bbf2f520c5edf&leadId=dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648023712679_724392&clickId=107699127_1648023712634_1146021&url=https%3A%2F%2Fclick.fliegende-pillen.de%2F%3Fkk%3Da4c6365-17fb5de3399-5fdfb%26pzn%3D16937252%26campaign%3Dkelkoo%26pk_campaign%3Dkelkoo%26p%3D535566%26utm_source%3Dkelkoode%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DProdeco%2BPharma%2BDeutschland%2BGmbH%2Bc%252Fo%2BClau&initiator=timeout HTTP 303
https://click.fliegende-pillen.de/?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco+Pharma+Deutschland+GmbH+c%2Fo+Clau Page URL
https://www.fliegende-pillen.de/product/16937252?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco+Pharma+Deutschland+GmbH+c%2Fo+Clau HTTP 302
https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 12

http://www.google-analytics.com/collect?v=1&_v=j96&a=1352797725&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVyVvF8gRps13Be0wX-HKCdRTsx1KL4gHsYkUF8IFs70KW90wXyHGC9AaXWy3C55GVxfvEuHPsYk3BdtRs7tmL9AUB-bFLRu2Z_pPEmV3XTEwLwbHVyjUF55QL80KX99SA781F9AUqvkKL9cQsYywC8AKA-43p9jmX2yKCd4QsXcPX8ETsyt3L8gRpYgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=11134658.1648023713&tid=UA-32454353-1&_gid=1594445813.1648023713&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1109403807 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j96&a=1352797725&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVyVvF8gRps13Be0wX-HKCdRTsx1KL4gHsYkUF8IFs70KW90wXyHGC9AaXWy3C55GVxfvEuHPsYk3BdtRs7tmL9AUB-bFLRu2Z_pPEmV3XTEwLwbHVyjUF55QL80KX99SA781F9AUqvkKL9cQsYywC8AKA-43p9jmX2yKCd4QsXcPX8ETsyt3L8gRpYgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=11134658.1648023713&tid=UA-32454353-1&_gid=1594445813.1648023713&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1109403807

Request Chain 13

https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1647937203504&.sig=uMJJRt3wYYvUhnJRVVIgsErvyCI-&affiliationId=96965856&comId=100533369&country=de&offerId=fee57311cda4a880b3f7d5f10a1ad922&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=9IvVY5KXWgwXcRKD1LKqRAGLx1QAvAPDetPLYIwq9O0r-03EmxFF0AFXVyxsmMvE8gQqYg3B0OJsxZJF9gGsakKWjuHsyLvL9gRB&custom2=jKWjuHsyj3F8gxXxqwqSExZvyRCexFrUAQB HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=

Request Chain 21

https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9a851626628190e74b893744fef3cb00d4c44a2fbd992653a6a370796f9645a6e7735bce13688523f3bb5b945364b0439c8be6c77a0f3c2021c41e7b6b43fb90e8c2c62ba37df38ee1ab74097e8bdecc1ecdf9c2d6b9b043b03523726cdc416baae41b557020210b9346e131f1fc629b16573a652463a301dc87661597ad90e215613a1e468615836fd89d8bd9fcb024c7113f546993516a7ce84117137af60d8c538cfc57c7ddb8e54ce7b9ba93dce327052a2a5dafcd1342ab8c7feae4eb6ea990a15a0e436dd5720e43013ddd54313032f56445c1935728e3b623d13d422f15a8b0d3c7c8cb70fec527b3a513bcfa61945d193576acde1fd1dfa4529033f6e536b3bc23e919bbf2f520c5edf&leadId=dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648023712679_724392&clickId=107699127_1648023712634_1146021&url=https%3A%2F%2Fclick.fliegende-pillen.de%2F%3Fkk%3Da4c6365-17fb5de3399-5fdfb%26pzn%3D16937252%26campaign%3Dkelkoo%26pk_campaign%3Dkelkoo%26p%3D535566%26utm_source%3Dkelkoode%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DProdeco%2BPharma%2BDeutschland%2BGmbH%2Bc%252Fo%2BClau&initiator=timeout HTTP 303
https://click.fliegende-pillen.de/?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco+Pharma+Deutschland+GmbH+c%2Fo+Clau

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
capitalonesthemstch.com/ 7 KB
7 KB 261ms
133ms Document
text/html 173.255.194.134
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://capitalonesthemstch.com/
Protocol: HTTP/1.1
Server: 173.255.194.134 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li204-134.members.linode.com
Software: openresty/1.13.6.1 /
Resource Hash: 90a5ff27f852b1f95e2d420c0dc73236964730865538ba18465383d9707ed624

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: openresty/1.13.6.1
date: Wed, 23 Mar 2022 08:21:49 GMT
content-type: text/html; charset=utf-8
content-length: 7217
vary: Accept-Language
content-language: de
connection: close

GET
H/1.1 200
OK 0 Show response
capitalonesthemstch.com/mtm/async/.eJxdjMEOwiAQRP-FY8Vi4kVt-i1mu26BBCjCWkmM_y61etDbm5eZeYhbsuIklJACks4VKyUaKVFag5kynwN4qhEhWgY3BcpsyGdG0-LklzEiRa4VpsLKsHcSYnQWge0UVFnMpvxb77prv2uP0nrQpGC24wfvNMSvjU... 274 B
574 B 1134ms
1011ms Fetch
text/html 173.255.194.134
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://capitalonesthemstch.com/mtm/async/.eJxdjMEOwiAQRP-FY8Vi4kVt-i1mu26BBCjCWkmM_y61etDbm5eZeYhbsuIklJACks4VKyUaKVFag5kynwN4qhEhWgY3BcpsyGdG0-LklzEiRa4VpsLKsHcSYnQWge0UVFnMpvxb77prv2uP0nrQpGC24wfvNMSvjUHLRjXv6uHnIFsd6LKlggaCpm7uh_36KJ4v4r5LNw:1nWwFZ:CJVEwSOKKUIyLc6YvkI4dgGF03g/1/0
Requested by: Host: capitalonesthemstch.com
URL: http://capitalonesthemstch.com/
Protocol: HTTP/1.1
Server: 173.255.194.134 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li204-134.members.linode.com
Software: openresty/1.13.6.1 /
Resource Hash: bc10b232f83d39773cbdeb747a64b4bfdafc6fd79f1e2641b27d0d3445b60c4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://capitalonesthemstch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:51 GMT
server: openresty/1.13.6.1
connection: close
content-type: text/html; charset=utf-8
content-length: 274
vary: Accept-Language
content-language: de

GET 0110bb589ad0c40529b085e08f69da445feccfd117.r
denise.v4.byetnc.com/api/user/ 0
0

GET
H2 200 0110bb589ad0c40529b085e08f69da445feccfd117.r
denise.v4.byetnc.com/api/user/ 3 KB
3 KB 319ms
104ms Document
text/html 54.92.150.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://denise.v4.byetnc.com/api/user/0110bb589ad0c40529b085e08f69da445feccfd117.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjMwODIxIiwiZCI6ImNhcGl0YWxvbmVzdGhlbXN0Y2guY29tIn0.MZsHMPV0H1GsO9se92ql4r6OUTGAXbugnhWZQrtbtQg
Requested by: Host: capitalonesthemstch.com
URL: http://capitalonesthemstch.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.150.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-150-221.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://capitalonesthemstch.com/

Response headers

date: Wed, 23 Mar 2022 08:21:51 GMT
content-type: text/html; charset=utf-8
content-length: 2854
p3p: CP="CUR NOI NID STA STP"
x-robots-tag: noindex, nofollow
accept-ch: UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data

GET
H/1.1 200
OK ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 7 KB
7 KB 144ms
50ms Image
image/gif 52.218.48.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by: Host: denise.v4.byetnc.com
URL: https://denise.v4.byetnc.com/api/user/0110bb589ad0c40529b085e08f69da445feccfd117.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjMwODIxIiwiZCI6ImNhcGl0YWxvbmVzdGhlbXN0Y2guY29tIn0.MZsHMPV0H1GsO9se92ql4r6OUTGAXbugnhWZQrtbtQg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.48.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 08:21:52 GMT
Last-Modified: Fri, 12 Aug 2016 15:23:54 GMT
Server: AmazonS3
x-amz-request-id: VGA6Z67ERMKBMDAR
ETag: "dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 6820
x-amz-id-2: E+4k2tiv7JFib7sIS4Jyp++nMf8ww/uyTqLGz9zINoJhlHnwgAkBuTtNkI9LuI8N7Hm1O720XUE=

GET
H2 200 0110bb589ad0c40529b085e08f69da445feccfd117.r
denise.v4.byetnc.com/api/product/ 121 B
272 B 142ms
142ms XHR
text/html 54.92.150.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://denise.v4.byetnc.com/api/product/0110bb589ad0c40529b085e08f69da445feccfd117.r?confirm=b11f2ed93da8946b86be625f183dc319&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Fcapitalonesthemstch.com%2F&reftaken=feed&refEqual=true&jsa=false&hastouch=false
Requested by: Host: denise.v4.byetnc.com
URL: https://denise.v4.byetnc.com/api/user/0110bb589ad0c40529b085e08f69da445feccfd117.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjMwODIxIiwiZCI6ImNhcGl0YWxvbmVzdGhlbXN0Y2guY29tIn0.MZsHMPV0H1GsO9se92ql4r6OUTGAXbugnhWZQrtbtQg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.150.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-150-221.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:51 GMT
referrer-policy: no-referrer
p3p: CP="CUR NOI NID STA STP"
x-robots-tag: noindex, nofollow
content-length: 121
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK redirect Show response
r.redirekted.com/ 815 B
1023 B 332ms
152ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/redirect?redirect_id=4230466ebaecc97b373013c59ea7e461&request_id=91dfe6da80ec2ce06e48993688f251c6
Requested by: Host: denise.v4.byetnc.com
URL: https://denise.v4.byetnc.com/api/user/0110bb589ad0c40529b085e08f69da445feccfd117.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjMwODIxIiwiZCI6ImNhcGl0YWxvbmVzdGhlbXN0Y2guY29tIn0.MZsHMPV0H1GsO9se92ql4r6OUTGAXbugnhWZQrtbtQg
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: 250b48264822efc2b1d3dc4492dd4475ca78a4537ae5e4745356317a5e03ba84

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.21.5
Date: Wed, 23 Mar 2022 08:21:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14

GET
H/1.1 200
OK adren.css
r.redirekted.com/css/ 243 B
479 B 153ms
153ms Stylesheet
text/css 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/css/adren.css?n=3326028848
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=4230466ebaecc97b373013c59ea7e461&request_id=91dfe6da80ec2ce06e48993688f251c6
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=4230466ebaecc97b373013c59ea7e461&request_id=91dfe6da80ec2ce06e48993688f251c6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 08:21:51 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-f3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243

GET
H/1.1 200
OK adren.min.js Show response
r.redirekted.com/js/ 7 KB
8 KB 305ms
151ms Script
application/javascript 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/js/adren.min.js?n=3326028848
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=4230466ebaecc97b373013c59ea7e461&request_id=91dfe6da80ec2ce06e48993688f251c6
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: 55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=4230466ebaecc97b373013c59ea7e461&request_id=91dfe6da80ec2ce06e48993688f251c6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 08:21:52 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-1d68"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7528

GET
H/1.1 200
OK go Show response
r.redirekted.com/ Frame A8AD 2 KB
2 KB 155ms
154ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/go?e=DwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVyVvF8gRps13Be0wX-HKCdRTsx1KL4gHsYkUF8IFs70KW90wXyHGC9AaXWy3C55GVxfvEuHPsYk3BdtRs7tmL9AUB-bFLRu2Z_pPEmV3XTEwLwbHVyjUF55QL80KX99SA781F9AUqvkKL9cQsYywC8AKA-43p9jmX2yKCd4QsXcPX8ETsyt3L8gRpYgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/js/adren.min.js?n=3326028848
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: 55f4e22240f8d05eca1cac8071db80d36b13824aad0b9fa3caf230c9fb5acdf7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=4230466ebaecc97b373013c59ea7e461&request_id=91dfe6da80ec2ce06e48993688f251c6

Response headers

Server: nginx/1.21.5
Date: Wed, 23 Mar 2022 08:21:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14

GET
H2

200

analytics.js Show response
www.google-analytics.com/ Frame A8AD
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

121ms
36ms

Script
text/javascript

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=DwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVyVvF8gRps13Be0wX-HKCdRTsx1KL4gHsYkUF8IFs70KW90wXyHGC9AaXWy3C55GVxfvEuHPsYk3BdtRs7tmL9AUB-bFLRu2Z_pPEmV3XTEwLwbHVyjUF55QL80KX99SA781F9AUqvkKL9cQsYywC8AKA-43p9jmX2yKCd4QsXcPX8ETsyt3L8gRpYgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1026
date: Wed, 23 Mar 2022 08:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 23 Mar 2022 10:04:46 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect
www.google-analytics.com/j/ Frame A8AD 2 B
145 B 44ms
44ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1352797725&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVyVvF8gRps13Be0wX-HKCdRTsx1KL4gHsYkUF8IFs70KW90wXyHGC9AaXWy3C55GVxfvEuHPsYk3BdtRs7tmL9AUB-bFLRu2Z_pPEmV3XTEwLwbHVyjUF55QL80KX99SA781F9AUqvkKL9cQsYywC8AKA-43p9jmX2yKCd4QsXcPX8ETsyt3L8gRpYgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=397061421&gjid=1356753711&cid=11134658.1648023713&tid=UA-32454353-1&_gid=1594445813.1648023713&_r=1&_slc=1&z=471710233

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 08:21:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://r.redirekted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/ Frame A8AD
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j96&a=1352797725&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVyV...
https://www.google-analytics.com/collect?v=1&_v=j96&a=1352797725&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVy...

35 B
194 B

36ms
36ms

Image
image/gif

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1352797725&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVyVvF8gRps13Be0wX-HKCdRTsx1KL4gHsYkUF8IFs70KW90wXyHGC9AaXWy3C55GVxfvEuHPsYk3BdtRs7tmL9AUB-bFLRu2Z_pPEmV3XTEwLwbHVyjUF55QL80KX99SA781F9AUqvkKL9cQsYywC8AKA-43p9jmX2yKCd4QsXcPX8ETsyt3L8gRpYgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=11134658.1648023713&tid=UA-32454353-1&_gid=1594445813.1648023713&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1109403807

Requested by

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 10:37:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78246
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j96&a=1352797725&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyjGFeL3X90aCwxwsmSKCdfHr7fFWjS2XyVlL-IPCY13B4Z2X7tUL8uPsuy3C5kGVyVvF8gRps13Be0wX-HKCdRTsx1KL4gHsYkUF8IFs70KW90wXyHGC9AaXWy3C55GVxfvEuHPsYk3BdtRs7tmL9AUB-bFLRu2Z_pPEmV3XTEwLwbHVyjUF55QL80KX99SA781F9AUqvkKL9cQsYywC8AKA-43p9jmX2yKCd4QsXcPX8ETsyt3L8gRpYgvBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=11134658.1648023713&tid=UA-32454353-1&_gid=1594445813.1648023713&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1109403807
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

go Show response
de-go.kelkoogroup.net/
Redirect Chain

https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1647937203504&.sig=uMJJRt3wYYvUhnJRVVIgsErvyCI-&affiliationId=96965856&comId=100533369&country=de&offerId=fee57311cda4a880b3f7d5f10a1ad922&ser...
https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4...

28 KB
30 KB

37ms
37ms

Document
text/html

95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

c079c8ecae3d00009ba6560949e290dac3c7d8d5f71b950faebfd83ad77096c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=4230466ebaecc97b373013c59ea7e461&request_id=91dfe6da80ec2ce06e48993688f251c6

Response headers

Date: Wed, 23 Mar 2022 08:21:52 GMT
leadId: dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648023712679_724392
Pragma: no-cache
Charset: utf-8
clickId: 107699127_1648023712634_1146021
country: de
X-DataDome: protected
Request-Time: PT0.019S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAMHTK_TZ3EO8AudWbow==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 29183
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=52
Connection: Keep-Alive

Redirect headers

Date: Wed, 23 Mar 2022 08:21:52 GMT
Pragma: no-cache
Charset: utf-8
clickId: 107699127_1648023712634_1146021
country: de
Location: /go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=
X-DataDome: protected
Request-Time: PT0.011S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAMHTK_TZ3EO8AudWbow==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=49
Connection: Keep-Alive
Content-Type: text/plain

GET
H/1.1 200
OK p.png
de-go.kelkoogroup.net/assets/images/ 68 B
621 B 18ms
18ms Image
image/png 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de-go.kelkoogroup.net/assets/images/p.png?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9a851626628190e74b893744fef3cb00d4c44a2fbd992653a6a370796f9645a6e7735bce13688523f3bb5b945364b0439c8be6c77a0f3c2021c41e7b6b43fb90e8c2c62ba37df38ee1ab74097e8bdecc1ecdf9c2d6b9b043b03523726cdc416baae41b557020210b9346e131f1fc629b16573a652463a301dc87661597ad90e215613a1e468615836fd89d8bd9fcb024c7113f546993516a7ce84117137af60d8c538cfc57c7ddb8e54ce7b9ba93dce327052a2a5dafcd1342ab8c7feae4eb6ea990a15a0e436dd5720e43013ddd54313032f56445c1935728e3b623d13d422f15a8b0d3c7c8cb70fec527b3a513bcfa61945d193576acde1fd1dfa4529033f6e536b3bc23e919bbf2f520c5edf&leadId=dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648023712679_724392&clickId=107699127_1648023712634_1146021

Requested by

Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ApacheTracking: localhost
Date: Wed, 23 Mar 2022 08:21:52 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0S
P3P: CP="Anything"
Connection: Keep-Alive
Content-Length: 68
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
ETag: "bb40303226dc99299aae94971730bafd1723ffde"
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private, must-revalidate
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=40, max=48
Expires: Tue, 21 Mar 2023 07:22:53 GMT

GET
H2 200 tags.js Show response
js.datadome.co/ 252 KB
46 KB 33ms
7ms Script
text/javascript 18.66.122.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-18.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

e5a0e5f3964b353349b6bf955724af6a7397d24dd356dd036bea076f06d6a047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:02:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1163
x-cache: Hit from cloudfront
content-length: 47081
access-control-allow-origin: *
last-modified: Mon, 21 Mar 2022 14:02:00 GMT
server: Apache
etag: "3ee87-5dabaf0ad25dc-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: kyb0XJuDwNOiOmleQ6fzAijizkM2vb_N3VB12qdla8e6mCHAJigAsA==
expires: Wed, 23 Mar 2022 09:02:29 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 109 KB
41 KB 134ms
47ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41403
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 08:21:52 GMT

POST
H/1.1 200
OK fp
de-go.kelkoogroup.net/ 0
441 B 32ms
20ms Ping
text/plain 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/fp?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9a851626628190e74b893744fef3cb00d4c44a2fbd992653a6a370796f9645a6e7735bce13688523f3bb5b945364b0439c8be6c77a0f3c2021c41e7b6b43fb90e8c2c62ba37df38ee1ab74097e8bdecc1ecdf9c2d6b9b043b03523726cdc416baae41b557020210b9346e131f1fc629b16573a652463a301dc87661597ad90e215613a1e468615836fd89d8bd9fcb024c7113f546993516a7ce84117137af60d8c538cfc57c7ddb8e54ce7b9ba93dce327052a2a5dafcd1342ab8c7feae4eb6ea990a15a0e436dd5720e43013ddd54313032f56445c1935728e3b623d13d422f15a8b0d3c7c8cb70fec527b3a513bcfa61945d193576acde1fd1dfa4529033f6e536b3bc23e919bbf2f520c5edf&leadId=dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648023712679_724392&clickId=107699127_1648023712634_1146021

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

ApacheTracking: localhost
Date: Wed, 23 Mar 2022 08:21:52 GMT
Referrer-Policy: unsafe-url
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
P3P: CP="Anything"
X-Robots-Tag: noindex,nofollow
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Request-Time: PT0.002S
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=40, max=77

POST
H2 200 / Show response
api-js.datadome.co/js/ 235 B
413 B 51ms
13ms XHR
application/json 52.59.8.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.8.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-8-57.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 3a8c5077a070533491fb298ecb4d1fc38a8e6c32523f85221dc815f2e93565c6

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 08:21:52 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 235
expires: 0

GET
H3 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1026
date: Wed, 23 Mar 2022 08:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 23 Mar 2022 10:04:46 GMT

POST
H3 200 collect
www.google-analytics.com/j/ 1 B
21 B 44ms
44ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=758587384&t=pageview&_s=1&dl=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Dc6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0%26o%3D&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965856%7C100533369%7C&ul=en-us&de=UTF-8&dt=Weiterleitung%20zu%20fliegende-pillen.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1037115184&gjid=1251611572&cid=1461757321.1648023713&tid=UA-168544891-7&_gid=104212219.1648023713&_r=1&gtm=2wg3e05ZS487&cd1=96965856&cd2=dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648023712679_724392&cd3=100533369&cd4=a4c6365-17fb5de3399-5fdfb&cd5=&cd6=96965856%7C100533369%7C&z=1449936720

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 08:21:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/ Show response
click.fliegende-pillen.de/
Redirect Chain

https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e5f1ca9a851626628190e74b893744fef3cb00d4c44a2fbd992653a6a370796f9645a6e7735bce13688523f3bb5b945364...
https://click.fliegende-pillen.de/?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco...

1 KB
2 KB

61ms
13ms

Document
text/html

78.47.12.188
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://click.fliegende-pillen.de/?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco+Pharma+Deutschland+GmbH+c%2Fo+Clau
Requested by: Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.47.12.188 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.188.12.47.78.clients.your-server.de
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash: 32a61322d7928047c2cc02ab988555f9367db107f5e8ed6aea19861533949907

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=c6967366f32bdb1c4d18a436735aaf7a583e799878ae1bae062d5c20725d8aaf15b949b47250ce2162186f2836a4921d074b1e126df17c333da21c7489ff0c348e9e64c995efaf1c9c1fdd4110364ceffac89b82a40706c1eb1101404f0f10776ba458eeaa9e15c1ef8774300bcd8ecb2e4521fe1ad7ceb8ed861d0d5a3672755ee77ef3b32e0fea0dc6635ea7385fff150afc6044ac8f9453efe29bf93466660a8411c5cd31a2891973e244f74ad1a52dbe0db62126e59707ac1362cea03eb2aa843731acbe822531f0236ff35ec0bf29d5f97410fa068f89864a26ab635aef9be59a17584291eba90ac1b1510022e5829e3e73c41e2859cdcf220bac15d8963a6a4e98841a007f9826f6f686ae2474cd141534a10a9901b0baab86f944111df1b24869d10154cc4780d3e3aad390df7414d9a6bc4be820120a145e981eb47edd2a7003174eedf60556583f862d825a4dc7819849bf545553e032f2c1e6c6b50afe090b23f5b3bf5633eca347003339af56453626390b319883fef22df93face60525db3512c980a3f6c3612fc346fcb1dbd0381edb070115132247c6ebc892c5d42c3d8f7f3a2281dc8e97f42f3a0bc1494c6d0c231ff5436b1d1f8cf18f046ac9b16d7e68ee430c0005c6eb4f686583281c110a31a07a2338efae4a15aad6bbefc2b58157427d2805bc4010f322839857aa05e889a2d6de14285e80c9d07721f005ca0d0850605e4203b258bf57be20762d26046b62c0&o=

Response headers

Date: Wed, 23 Mar 2022 08:21:53 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/7.2.24
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 23 Mar 2022 08:21:53 GMT
leadId: dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648023712679_724392
Pragma: no-cache
Charset: utf-8
clickId: 107699127_1648023712634_1146021
country: de
Location: https://click.fliegende-pillen.de/?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco+Pharma+Deutschland+GmbH+c%2Fo+Clau
X-DataDome: protected
Request-Time: PT0.013S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAMHTK_TZ3EO8AudWbow==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=46
Connection: Keep-Alive
Content-Type: text/plain

GET
H/1.1 200
OK fp-logo.png
click.fliegende-pillen.de/ 5 KB
6 KB 10ms
10ms Image
image/png 78.47.12.188
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.fliegende-pillen.de/fp-logo.png
Requested by: Host: click.fliegende-pillen.de
URL: https://click.fliegende-pillen.de/?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco+Pharma+Deutschland+GmbH+c%2Fo+Clau
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.47.12.188 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.188.12.47.78.clients.your-server.de
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://click.fliegende-pillen.de/?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco+Pharma+Deutschland+GmbH+c%2Fo+Clau
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 08:21:53 GMT
Last-Modified: Tue, 28 Jul 2015 11:11:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "1594-51bed89f09dc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5524

GET
H2

200

Primary Request 16937252 Show response
www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/
Redirect Chain

https://www.fliegende-pillen.de/product/16937252?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&ut...
https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooc...

137 KB
31 KB

633ms
633ms

Document
text/html

145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.136.54 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

4b406dc7e98ccd60f0de4b15aedf6ac465942822cc118f48dd679ecbd75ebd45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://click.fliegende-pillen.de/?kk=a4c6365-17fb5de3399-5fdfb&pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco+Pharma+Deutschland+GmbH+c%2Fo+Clau

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Cookie Authorization
expires: Sun, 01 Jan 2014 00:00:00 GMT Wed, 23 Mar 2022 08:21:54 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0 max-age=0, must-revalidate, public, s-maxage=604800
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip

Redirect headers

date: Wed, 23 Mar 2022 08:21:53 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
location: /product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco Pharma Deutschland GmbH c/o Clau&kk=a4c6365-17fb5de3399-5fdfb
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 main.min.4bc5b06b.css
www.fliegende-pillen.de/assets/master/tmp/css/ 215 KB
40 KB 29ms
28ms Stylesheet
text/css 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fliegende-pillen.de/assets/master/tmp/css/main.min.4bc5b06b.css

Requested by

Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.136.54 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

4d1e85e6e2fd54e15b5fc001272e590ba3c1ffd6822c6d16743158a7b9bed299

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 18 Mar 2022 15:21:24 GMT
etag: W/"6234a374-35b1f"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: public, max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 custom.css
www.fliegende-pillen.de/ 8 KB
3 KB 76ms
75ms Stylesheet
text/css 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fliegende-pillen.de/custom.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.136.54 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

0dac99f166b4d354373272237ad73f2cec313f9525fa3eb1bfe6d7ab32076d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 08:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=86400, public, s-maxage=86400
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 91 KB
28 KB 64ms
10ms Script
application/javascript 2a02:26f0:6c00::210:bad2

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bad2 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc5ca9718cb3f43eb653e6176b3e8dce55b792e06f7bdd80388f0889dc447b15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
content-encoding: gzip
last-modified: Tue, 22 Mar 2022 10:28:02 GMT
etag: "0254182d73dd81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=786
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 27964
expires: Wed, 23 Mar 2022 08:35:00 GMT

GET
H2 200 available.a51194a6.js Show response
www.fliegende-pillen.de/assets/master/tmp/js/ 341 B
502 B 30ms
30ms Script
application/javascript 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fliegende-pillen.de/assets/master/tmp/js/available.a51194a6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.136.54 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

096f18f6c75fce8faaae51721f6c5a6b40a456b14688c8d0ba13027d4af2560a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 18 Mar 2022 15:21:24 GMT
etag: W/"6234a374-155"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 emos3.js Show response
www.fliegende-pillen.de/assets/master/js/ 22 KB
9 KB 30ms
28ms Script
application/javascript 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fliegende-pillen.de/assets/master/js/emos3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.136.54 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a4d66f2b49c9e68f41bb8ba67d8133ed33d3677092bf7b3406ac54f097dfecb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 18 Mar 2022 15:21:24 GMT
etag: W/"6234a374-5935"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 Logo.png
www.fliegende-pillen.de/documents/logo/ 8 KB
8 KB 12ms
10ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/documents/logo/Logo.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e479d40b38d66494ef64f611671e477492de23f8837f2db9345fdbd226df8a20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
etag: "f0801cd95fe0dc266ab9662be8cf345d168abf6b"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 8342
expires: Fri, 22 Apr 2022 08:21:54 GMT

GET
H2 200 Zoom.1.default.png
www.fliegende-pillen.de/documents/products/Zoom/ 5 KB
5 KB 13ms
11ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/documents/products/Zoom/Zoom.1.default.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 146527a752ea55c3020c02f59bf29119847dbbeb28a12b57618373e426ec8479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
etag: "8c06813cba23276a7ccd320144fd531e4a723fa9"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 5210
expires: Fri, 22 Apr 2022 08:21:54 GMT

GET
H2 200 paypal_express_logo_orange.png
www.fliegende-pillen.de/assets/master/img/design/ 1 KB
1 KB 32ms
30ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/assets/master/img/design/paypal_express_logo_orange.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: f2ac754f9b71cc885dfe9adce12148066638dde163c620e75aab93aa9342b533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
x-mauve-image-optimization: 1
etag: "5b8366893ac1c998ba76c09b28c6b0541471fcb2"
content-length: 1358
vary: Accept
content-type: image/webp

GET
H2 200 notepad_add.png
www.fliegende-pillen.de/assets/master/img/design/icons/ 324 B
453 B 31ms
30ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/assets/master/img/design/icons/notepad_add.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e8fcd0e0ffc742a02315794fc6d70ad10a469598dc19e375d7c46fcd5bac8fc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
x-mauve-image-optimization: 1
etag: "a3d917f32f9b428ab5d12c6bd62063afb9810bd7"
content-length: 324
vary: Accept
content-type: image/webp

GET
H2 200 product_rating.png
www.fliegende-pillen.de/assets/master/img/design/icons/ 324 B
453 B 31ms
29ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/assets/master/img/design/icons/product_rating.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9d0dee96f0e3ccd6882b471505f23d13f1c726fdf79ce7f51166433dcd4ddd9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
x-mauve-image-optimization: 1
etag: "0ade1b456c7aff4b8bd636d021b0610cb8fb6f69"
content-length: 324
vary: Accept
content-type: image/webp

GET
H2 200 fb3.png
www.fliegende-pillen.de/documents/products/Statisch/Footer/ 6 KB
7 KB 13ms
12ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/documents/products/Statisch/Footer/fb3.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 49daa3e3de73bb3ba17af7b9d713af01b57f51d5a8e3f67b914adfa49388fe00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
etag: "cad042863459b9f7b30d7895773d92dcb49dbd7d"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 6476
expires: Fri, 22 Apr 2022 08:21:54 GMT

GET widget.js
siegel.ausgezeichnet.org/widgets/js/506ae9910cf224500773e527/ 0
0

GET
H2 200 logo-bvdva.png
www.fliegende-pillen.de/documents/products/Statisch/Footer/ 2 KB
3 KB 17ms
16ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/documents/products/Statisch/Footer/logo-bvdva.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: dd0b3c33950383edd2a1b5f4a71d2c033051edce1c46e7cdbab6f8a1f0fd4a33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
etag: "9bbc4def1c32ff2c1ab526e7f60e6a9a4e01851b"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 2548
expires: Fri, 22 Apr 2022 08:21:54 GMT

GET
H2 200 dimdi.png
www.fliegende-pillen.de/documents/products/Statisch/Logos/ 11 KB
11 KB 16ms
15ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/documents/products/Statisch/Logos/dimdi.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 60ca4ea5bdc55ff89cb96cb43bfadc824fc38f66438d077ab3c1e5856c54f23b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
etag: "fd0dc94eb48a97fcd8b23a389b9821d20303faee"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 11470
expires: Fri, 22 Apr 2022 08:21:54 GMT

GET
H2 200 LogoVET-DE_B_RGB-336.png
www.fliegende-pillen.de/documents/products/Statisch/Logos/ 8 KB
9 KB 19ms
18ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/documents/products/Statisch/Logos/LogoVET-DE_B_RGB-336.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 470542092a88f14b3457e41abd6d52229a77a7a8bd342313cc9a3ccc322c4bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
etag: "96e363c8bb66e6476467fa25ecf0dfa2efc4c0e3"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 8502
expires: Fri, 22 Apr 2022 08:21:54 GMT

GET
H2 200 main.min.0df4eea6.js Show response
www.fliegende-pillen.de/assets/master/tmp/js/ 232 KB
71 KB 30ms
30ms Script
application/javascript 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fliegende-pillen.de/assets/master/tmp/js/main.min.0df4eea6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.136.54 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

ec115971f31573f42c0d1f4e6d7f5172ec2e92863b4c32d509cacdc1a7bd2277

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 18 Mar 2022 15:21:24 GMT
etag: W/"6234a374-3a100"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 search.min.90ac2cd1.js Show response
www.fliegende-pillen.de/assets/master/tmp/js/ 138 KB
53 KB 35ms
33ms Script
application/javascript 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fliegende-pillen.de/assets/master/tmp/js/search.min.90ac2cd1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.136.54 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

811c8f13f3b0ef28809802b45a572734efc293852c18753e64e898febf25af01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 18 Mar 2022 15:21:24 GMT
etag: W/"6234a374-228d3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 custom.js Show response
www.fliegende-pillen.de/ 193 B
425 B 39ms
37ms Script
application/javascript 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fliegende-pillen.de/custom.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.136.54 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

2d80735dca9acfd91a6a0a00b2e018e1516e08892ce7a0001be86336cd597078

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/product/gse-intimo-symgine-reinigungsschaum/16937252?pzn=16937252&campaign=kelkoo&pk_campaign=kelkoo&p=535566&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Prodeco%20Pharma%20Deutschland%20GmbH%20c/o%20Clau&kk=a4c6365-17fb5de3399-5fdfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 18 Mar 2022 15:21:24 GMT
etag: W/"6234a374-c1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/2201cc44-9c30-41af-b018-092d3e36120e/fliegende-pillen.de/ 0
246 B 47ms
23ms Script
application/x-javascript 2a02:26f0:6c00:281::f09

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/2201cc44-9c30-41af-b018-092d3e36120e/fliegende-pillen.de/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:281::f09 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
last-modified: Tue, 08 Mar 2022 12:12:23 GMT
server: AkamaiNetStorage
etag: "d41d8cd98f00b204e9800998ecf8427e:1646741543.528256"
content-type: application/x-javascript
cache-control: max-age=49463
server-timing: cdn-cache; desc=HIT, edge; dur=16
accept-ranges: bytes
content-length: 0
expires: Wed, 23 Mar 2022 22:06:17 GMT

GET
H2 200 fa-solid-900.woff2
www.fliegende-pillen.de/assets/master/bower_components/font-awesome/web-fonts-with-css/webfonts/ 38 KB
38 KB 41ms
41ms Font
font/woff2 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fliegende-pillen.de/assets/master/bower_components/font-awesome/web-fonts-with-css/webfonts/fa-solid-900.woff2

Requested by

Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/assets/master/tmp/css/main.min.4bc5b06b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.136.54 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

27172f370570a134b3f59079630d35bd51b4237412e30a94b87eafb4724b9919

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fliegende-pillen.de/assets/master/tmp/css/main.min.4bc5b06b.css
Origin: https://www.fliegende-pillen.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
referrer-policy: same-origin
last-modified: Fri, 18 Mar 2022 15:21:24 GMT
etag: "6234a374-9768"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: public, max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 38760
x-content-type-options: nosniff

GET
H2 200 cart_white.png
www.fliegende-pillen.de/assets/master/img/ 532 B
661 B 31ms
31ms Image
image/webp 145.239.136.54
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fliegende-pillen.de/assets/master/img/cart_white.png
Requested by: Host: www.fliegende-pillen.de
URL: https://www.fliegende-pillen.de/assets/master/tmp/css/main.min.4bc5b06b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.136.54 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fliegende-pillen.de/assets/master/tmp/css/main.min.4bc5b06b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:21:54 GMT
x-mauve-image-optimization: 1
etag: "3db9ce114b5376de4c5748fc00b2a9de1f431f64"
content-length: 532
vary: Accept
content-type: image/webp

GET
H2 200 bc-v3.min.html
consentcdn.cookiebot.com/sdk/ Frame F211 0
0 8ms
7ms Document
text/html 2a02:26f0:6c00:281::f09

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:281::f09 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-type: text/html
etag: "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified: Tue, 09 Mar 2021 09:55:06 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=21316133
expires: Fri, 25 Nov 2022 01:30:47 GMT
date: Wed, 23 Mar 2022 08:21:54 GMT
content-length: 895
server-timing: cdn-cache; desc=HIT edge; dur=1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: denise.v4.byetnc.com
URL: https://denise.v4.byetnc.com/api/user/0110bb589ad0c40529b085e08f69da445feccfd117.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjMwODIxIiwiZCI6ImNhcGl0YWxvbmVzdGhlbXN0Y2guY29tIn0.MZsHMPV0H1GsO9se92ql4r6OUTGAXbugnhWZQrtbtQg

Domain: siegel.ausgezeichnet.org
URL: https://siegel.ausgezeichnet.org/widgets/js/506ae9910cf224500773e527/widget.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
capitalonesthemstch.com/	1970-01-20 01:47:07	Name: mtm_delivered Value: ""
denise.v4.byetnc.com/	1969-12-31 23:59:59	Name: checkme Value: b11f2ed93da8946b86be625f183dc319b789
r.redirekted.com/	1970-01-20 01:48:30	Name: uuid Value: 3127645457697454592
.redirekted.com/	1970-01-20 19:18:15	Name: _ga Value: GA1.2.11134658.1648023713
.redirekted.com/	1970-01-20 01:48:30	Name: _gid Value: GA1.2.1594445813.1648023713
.redirekted.com/	1970-01-20 01:47:03	Name: _gat Value: 1
.kelkoogroup.net/	1970-01-20 10:32:39	Name: referer Value: http%3A%2F%2Fr.redirekted.com%2F
.kelkoogroup.net/	1970-01-20 10:32:39	Name: kelkooID Value: a4c6365-17fb5de3399-5fdfb
.kelkoogroup.net/	1970-01-20 10:32:39	Name: lastSearchedKeyword Value: a3dkPVByb2RlY28gUGhhcm1hIERldXRzY2hsYW5kIEdtYkggYy9vfHRzPTE2NDgwMjM3MTI2ODN8Y2F0SWQ9MTAwMjkxNjIzfGNvbUlkPTEwMDUzMzM2OQ==
.de-go.kelkoogroup.net/	1970-01-20 19:18:15	Name: _ga Value: GA1.3.1461757321.1648023713
.de-go.kelkoogroup.net/	1970-01-20 01:48:30	Name: _gid Value: GA1.3.104212219.1648023713
.de-go.kelkoogroup.net/	1970-01-20 01:47:03	Name: _gat_UA-168544891-7 Value: 1
.kelkoogroup.net/	1970-01-20 10:32:39	Name: datadome Value: tEw~6DF3jW3l~DS7zF7xbtyYo4_MMmUb9ck6AbuxqDHUZI17FAuevVBU2ZU1aXChJ1dPkBiKeR9mkbIyg4~9SxO5REtz.nif7Oj6eDP9JqIB35_NWMFtLX4NbO8kb4G
www.fliegende-pillen.de/	1969-12-31 23:59:59	Name: route Value: 1648023714.235.44300.178265
www.fliegende-pillen.de/	1970-01-20 01:47:10	Name: meshop_sid Value: 6acjeaki5a9bhtcv05bs1g8kp0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
capitalonesthemstch.com
click.fliegende-pillen.de
consent.cookiebot.com
consentcdn.cookiebot.com
de-go.kelkoogroup.net
denise.v4.byetnc.com
js.datadome.co
r.redirekted.com
s3-eu-west-1.amazonaws.com
siegel.ausgezeichnet.org
www.fliegende-pillen.de
www.google-analytics.com
www.googletagmanager.com
denise.v4.byetnc.com
siegel.ausgezeichnet.org
145.239.136.54
173.255.194.134
18.66.122.18
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2008
2a02:26f0:6c00:281::f09
2a02:26f0:6c00::210:bad2
52.218.48.244
52.59.8.57
54.92.150.221
66.165.243.160
78.47.12.188
95.211.116.27
096f18f6c75fce8faaae51721f6c5a6b40a456b14688c8d0ba13027d4af2560a
0dac99f166b4d354373272237ad73f2cec313f9525fa3eb1bfe6d7ab32076d8f
146527a752ea55c3020c02f59bf29119847dbbeb28a12b57618373e426ec8479
250b48264822efc2b1d3dc4492dd4475ca78a4537ae5e4745356317a5e03ba84
27172f370570a134b3f59079630d35bd51b4237412e30a94b87eafb4724b9919
2d80735dca9acfd91a6a0a00b2e018e1516e08892ce7a0001be86336cd597078
32a61322d7928047c2cc02ab988555f9367db107f5e8ed6aea19861533949907
3a8c5077a070533491fb298ecb4d1fc38a8e6c32523f85221dc815f2e93565c6
470542092a88f14b3457e41abd6d52229a77a7a8bd342313cc9a3ccc322c4bcd
49daa3e3de73bb3ba17af7b9d713af01b57f51d5a8e3f67b914adfa49388fe00
4b406dc7e98ccd60f0de4b15aedf6ac465942822cc118f48dd679ecbd75ebd45
4d1e85e6e2fd54e15b5fc001272e590ba3c1ffd6822c6d16743158a7b9bed299
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
55f4e22240f8d05eca1cac8071db80d36b13824aad0b9fa3caf230c9fb5acdf7
60ca4ea5bdc55ff89cb96cb43bfadc824fc38f66438d077ab3c1e5856c54f23b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
811c8f13f3b0ef28809802b45a572734efc293852c18753e64e898febf25af01
90a5ff27f852b1f95e2d420c0dc73236964730865538ba18465383d9707ed624
9d0dee96f0e3ccd6882b471505f23d13f1c726fdf79ce7f51166433dcd4ddd9b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4d66f2b49c9e68f41bb8ba67d8133ed33d3677092bf7b3406ac54f097dfecb7
bc10b232f83d39773cbdeb747a64b4bfdafc6fd79f1e2641b27d0d3445b60c4b
bc5ca9718cb3f43eb653e6176b3e8dce55b792e06f7bdd80388f0889dc447b15
c079c8ecae3d00009ba6560949e290dac3c7d8d5f71b950faebfd83ad77096c7
dd0b3c33950383edd2a1b5f4a71d2c033051edce1c46e7cdbab6f8a1f0fd4a33
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e479d40b38d66494ef64f611671e477492de23f8837f2db9345fdbd226df8a20
e5a0e5f3964b353349b6bf955724af6a7397d24dd356dd036bea076f06d6a047
e8fcd0e0ffc742a02315794fc6d70ad10a469598dc19e375d7c46fcd5bac8fc8
ec115971f31573f42c0d1f4e6d7f5172ec2e92863b4c32d509cacdc1a7bd2277
f2ac754f9b71cc885dfe9adce12148066638dde163c620e75aab93aa9342b533

www.fliegende-pillen.de Open in urlscan Pro 145.239.136.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

78 %HTTPS

31 %IPv6

11 Domains

14 Subdomains

14 IPs

5 Countries

516 kBTransfer

1447 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fliegende-pillen.de Open in urlscan Pro
145.239.136.54 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

78 %
HTTPS

31 %
IPv6

11
Domains

14
Subdomains

14
IPs

5
Countries

516 kB
Transfer

1447 kB
Size

15
Cookies

46 HTTP transactions
0 data transactions