hempamed.de Open in urlscan Pro
23.227.38.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buybrands.info/index.php/campaigns/ck001az6j963b/track-url/qa957a9v5e1ed/a855f84087eef549d112e65a24093058d6eb9a87
Effective URL:
https://hempamed.de/
Submission: On May 23 via manual (May 23rd 2022, 6:13:08 pm UTC) from IN — Scanned from FR

Summary HTTP 308 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 96 IPs in 12 countries across 74 domains to perform 308 HTTP transactions. The main IP is 23.227.38.32, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is hempamed.de.
TLS certificate: Issued by GlobalSign Domain Validation CA - SHA... on May 30th 2021. Valid for: a year.

This is the only time hempamed.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	152.228.175.12 152.228.175.12	16276 (OVH) (OVH)
1 1	54.255.0.219 54.255.0.219	16509 (AMAZON-02) (AMAZON-02)
2	23.227.38.32 23.227.38.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:a1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	104.102.29.173 104.102.29.173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.215.68 143.204.215.68	16509 (AMAZON-02) (AMAZON-02)
2	217.79.188.2 217.79.188.2	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
30	104.16.255.71 104.16.255.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.248.250 52.218.248.250	16509 (AMAZON-02) (AMAZON-02)
2	35.190.71.124 35.190.71.124	15169 (GOOGLE) (GOOGLE)
12	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:211... 2600:9000:2111:fa00:6:7d8a:4ac0:21	16509 (AMAZON-02) (AMAZON-02)
20	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e061	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a02:17f8:900... 2a02:17f8:9001:3e00::107	44700 (HAENDLEKO...) (HAENDLEKORTE-AS)
7	18.66.248.50 18.66.248.50	16509 (AMAZON-02) (AMAZON-02)
6	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	2606:4700::68... 2606:4700::6812:5a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:d7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6815:3d98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
2	18.64.115.87 18.64.115.87	16509 (AMAZON-02) (AMAZON-02)
4	195.201.164.250 195.201.164.250	24940 (HETZNER-AS) (HETZNER-AS)
4	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 6	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1 3	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
3	2a01:4f8:272:... 2a01:4f8:272:50e8::2	24940 (HETZNER-AS) (HETZNER-AS)
15	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	148.251.45.252 148.251.45.252	24940 (HETZNER-AS) (HETZNER-AS)
2 4	35.156.151.58 35.156.151.58	16509 (AMAZON-02) (AMAZON-02)
1 3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1846	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
14 22	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
5 13	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
4	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
3	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	18.66.248.10 18.66.248.10	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.16.254.71 104.16.254.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
5	104.104.52.106 104.104.52.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1 1	212.83.50.108 212.83.50.108	47447 (TTM) (TTM)
2 2	85.114.159.112 85.114.159.112	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 3	18.157.218.241 18.157.218.241	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
1 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
1 3	23.35.232.247 23.35.232.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	85.215.5.31 85.215.5.31	6724 (STRATO ST...) (STRATO STRATO AG)
1 4	104.89.29.143 104.89.29.143	16625 (AKAMAI-AS) (AKAMAI-AS)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
4	157.245.25.14 157.245.25.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	18.64.115.76 18.64.115.76	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
5	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.64.115.118 18.64.115.118	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.117.177.207 34.117.177.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.33.71.161 23.33.71.161	16625 (AKAMAI-AS) (AKAMAI-AS)
3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3 4	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	18.203.97.155 18.203.97.155	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	2600:9000:21f... 2600:9000:21f3:f800:1b:832b:ac00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.102.28.29 104.102.28.29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.195.54.68 18.195.54.68	16509 (AMAZON-02) (AMAZON-02)
1 1	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1	3.124.27.94 3.124.27.94	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	15169 (GOOGLE) (GOOGLE)
308	96

1 152.228.175.12 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: server1.buybrands.info

buybrands.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.255.0.219 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-0-219.ap-southeast-1.compute.amazonaws.com

wdsmedia.go2oh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.227.38.32 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

hempamed.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a1e (United States)

ASN13335 (CLOUDFLARENET, US)

w2s9lwr4sh.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.29.173 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-173.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-68.fra53.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.2 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com

ad1.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 104.16.255.71 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.shopifycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.248.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

shopifyorderlimits.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.71.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.71.190.35.bc.googleusercontent.com

pix.hyj.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

consent.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2111:fa00:6:7d8a:4ac0:21 (United States)

ASN16509 (AMAZON-02, US)

d1um8515vdn9kb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:26f0:f7::5c7b:e061 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:17f8:9001:3e00::107 (Germany)

ASN44700 (HAENDLEKORTE-AS, DE)

cannatrust.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.248.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-50.dus51.r.cloudfront.net

integrations.etrusted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:5a6 (United States)

ASN13335 (CLOUDFLARENET, US)

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:d7f (United States)

ASN13335 (CLOUDFLARENET, US)

widget.reviews.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.reviews.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:3d98 (United States)

ASN13335 (CLOUDFLARENET, US)

winads.eraofecom.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.64.115.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-87.txl50.r.cloudfront.net

ads-engagement.presage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.201.164.250 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu-log-parser06.kameleoon.net

eu-tlp06.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 138.201.135.164 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.91.199 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4f8:272:50e8::2 (Germany)

ASN24940 (HETZNER-AS, DE)

api.bounce-commerce.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 148.251.45.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.45.251.148.clients.your-server.de

tm.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tm709.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.151.58 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-151-58.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1846 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.102 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11868943.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.157.4.23 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-10.dus51.r.cloudfront.net

sdk.loyaltylion.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.254.71 (None, )

ASN13335 (CLOUDFLARENET, US)

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.104.52.106 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-106.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.83.50.108 (Germany) 1 redirects

ASN47447 (TTM, DE)

r.adserver01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.112 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad11.adfarm1.adition.com

ad11.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.157.218.241 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-218-241.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.170.64 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.114 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.232.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-232-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.215.5.31 (Germany) 1 redirects

ASN6724 (STRATO STRATO AG, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.89.29.143 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-29-143.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

hempamed.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.245.25.14 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.64.115.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-76.txl50.r.cloudfront.net

widgets.trustedshops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.115.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-118.txl50.r.cloudfront.net

telemetrics.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.177.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.33.71.161 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a23-33-71-161.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.37 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.249 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.97.155 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-97-155.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f800:1b:832b:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cotads.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.28.29 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-29.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.54.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-54-68.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.112 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.27.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-27-94.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2262	602 KB
26	doubleclick.net 16 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 71306 11868943.fls.doubleclick.net — Cisco Umbrella Rank: 88624 ad.doubleclick.net — Cisco Umbrella Rank: 202 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	8 KB
20	ucarecdn.com ucarecdn.com — Cisco Umbrella Rank: 19225	600 KB
18	adform.net 5 redirects track.adform.net — Cisco Umbrella Rank: 3865 s2.adform.net — Cisco Umbrella Rank: 5663 cm.adform.net — Cisco Umbrella Rank: 2172	122 KB
17	klaviyo.com a.klaviyo.com — Cisco Umbrella Rank: 4476 static.klaviyo.com — Cisco Umbrella Rank: 3845 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4290 fast.a.klaviyo.com — Cisco Umbrella Rank: 4932 static-forms.klaviyo.com — Cisco Umbrella Rank: 4892 telemetrics.klaviyo.com — Cisco Umbrella Rank: 6796	194 KB
15	ad4m.at ad4m.at — Cisco Umbrella Rank: 2091 as.ad4m.at — Cisco Umbrella Rank: 2517	30 KB
13	google.com www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 74	2 KB
12	ad-srv.net 2 redirects ad.ad-srv.net — Cisco Umbrella Rank: 34807 tm.ad-srv.net — Cisco Umbrella Rank: 73296 tm709.ad-srv.net — Cisco Umbrella Rank: 383044	14 KB
11	optimonk.com front.optimonk.com — Cisco Umbrella Rank: 24069 gs-cdn.optimonk.com — Cisco Umbrella Rank: 28800 jfapiprod.optimonk.com — Cisco Umbrella Rank: 26515	88 KB
11	cookiefirst.com consent.cookiefirst.com — Cisco Umbrella Rank: 35942	99 KB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2111 ekr.zdassets.com — Cisco Umbrella Rank: 2332	473 KB
9	adition.com 2 redirects ad1.adfarm1.adition.com — Cisco Umbrella Rank: 36409 ad13.adfarm1.adition.com — Cisco Umbrella Rank: 36475 ad11.adfarm1.adition.com — Cisco Umbrella Rank: 32561 imagesrv.adition.com — Cisco Umbrella Rank: 16227	2 KB
8	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4508 gum.criteo.com — Cisco Umbrella Rank: 393 mug.criteo.com — Cisco Umbrella Rank: 2669 sslwidget.criteo.com — Cisco Umbrella Rank: 1705 dis.criteo.com — Cisco Umbrella Rank: 725	17 KB
8	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1281	7 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 424 ib.adnxs.com — Cisco Umbrella Rank: 240	7 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1266 d.clarity.ms — Cisco Umbrella Rank: 2164 c.clarity.ms — Cisco Umbrella Rank: 668	26 KB
7	etrusted.com integrations.etrusted.com — Cisco Umbrella Rank: 144703	112 KB
7	cannatrust.eu cannatrust.eu	8 KB
6	shopifysvc.com monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 2936	3 KB
6	adcell.com t.adcell.com — Cisco Umbrella Rank: 46571	41 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1150	72 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2276 tr.outbrain.com — Cisco Umbrella Rank: 2072 sync.outbrain.com — Cisco Umbrella Rank: 782	5 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1078 trc.taboola.com — Cisco Umbrella Rank: 679 trc-events.taboola.com — Cisco Umbrella Rank: 1718 sync-t1.taboola.com — Cisco Umbrella Rank: 1259	19 KB
5	kameleoon.eu w2s9lwr4sh.kameleoon.eu eu-tlp06.kameleoon.eu — Cisco Umbrella Rank: 37602	55 KB
4	yieldlab.net 1 redirects ad.yieldlab.net — Cisco Umbrella Rank: 5143	2 KB
4	adscale.de 3 redirects ih.adscale.de — Cisco Umbrella Rank: 5643 cotads.adscale.de — Cisco Umbrella Rank: 22256	2 KB
4	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	2 KB
4	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1531 match.adsrvr.org — Cisco Umbrella Rank: 338 insight.adsrvr.org — Cisco Umbrella Rank: 625	6 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 232	13 KB
3	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 1156 ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	700 B
3	trustedshops.com widgets.trustedshops.com — Cisco Umbrella Rank: 23053	87 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557 r.casalemedia.com — Cisco Umbrella Rank: 1551	3 KB
3	pubmatic.com 1 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 606	620 B
3	bounce-commerce.de api.bounce-commerce.de — Cisco Umbrella Rank: 185791	2 KB
3	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33656	3 KB
3	shopifycdn.com fonts.shopifycdn.com — Cisco Umbrella Rank: 4909	61 KB
3	cloudfront.net d1um8515vdn9kb.cloudfront.net	19 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 675 cdn.stickyadstv.com — Cisco Umbrella Rank: 2389	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 646	852 B
2	zendesk.com hempamed.zendesk.com	1 KB
2	twiago.com 1 redirects a.twiago.com — Cisco Umbrella Rank: 20000	565 B
2	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	113 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	29 KB
2	loyaltylion.net sdk.loyaltylion.net — Cisco Umbrella Rank: 22305	32 KB
2	google.fr www.google.fr — Cisco Umbrella Rank: 13612	611 B
2	presage.io ads-engagement.presage.io — Cisco Umbrella Rank: 104862	1 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 5968	19 KB
2	reviews.io widget.reviews.io — Cisco Umbrella Rank: 33698 assets.reviews.io — Cisco Umbrella Rank: 33574 api.reviews.io Failed	98 KB
2	hyj.mobi pix.hyj.mobi — Cisco Umbrella Rank: 245615	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	83 KB
2	hempamed.de hempamed.de	35 KB
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 11480	274 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1467	40 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1650	235 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 634	262 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 526	784 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1779	172 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 414	140 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354	239 B
1	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 3513	289 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	14 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	getsitecontrol.com widgets.getsitecontrol.com — Cisco Umbrella Rank: 16302	864 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3281	419 B
1	adserver01.de 1 redirects r.adserver01.de — Cisco Umbrella Rank: 86450	321 B
1	eraofecom.org winads.eraofecom.org — Cisco Umbrella Rank: 194950	710 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	6 KB
1	amazonaws.com shopifyorderlimits.s3.amazonaws.com — Cisco Umbrella Rank: 21159
1	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19930	50 KB
1	go2oh.net 1 redirects wdsmedia.go2oh.net	409 B
1	buybrands.info 1 redirects buybrands.info	586 B
308	74

	Domain	Requested by
27	cdn.shopify.com	hempamed.de d1um8515vdn9kb.cloudfront.net
20	ucarecdn.com	hempamed.de cdn.shopify.com
13	track.adform.net	5 redirects hal9000.redintelligence.net track.adform.net
11	static.klaviyo.com	hempamed.de static.klaviyo.com
11	adservice.google.com	ad.ad-srv.net 5994599.fls.doubleclick.net 11868943.fls.doubleclick.net hempamed.de
11	consent.cookiefirst.com	hempamed.de consent.cookiefirst.com cdn.shopify.com
10	as.ad4m.at	ad4m.at cdn.shopify.com hempamed.de
8	11868943.fls.doubleclick.net	4 redirects hal9000.redintelligence.net
8	5994599.fls.doubleclick.net	4 redirects hal9000.redintelligence.net
8	pixel.mathtag.com	hal9000.redintelligence.net hempamed.de pixel.mathtag.com
8	static.zdassets.com	hempamed.de static.zdassets.com
7	integrations.etrusted.com	hempamed.de integrations.etrusted.com cdn.shopify.com
7	cannatrust.eu	hempamed.de cannatrust.eu cdn.shopify.com
6	ad.doubleclick.net	6 redirects
6	monorail-edge.shopifysvc.com	cdn.shopify.com
6	ad.ad-srv.net	2 redirects hempamed.de tm709.ad-srv.net
6	t.adcell.com	hempamed.de t.adcell.com
5	gs-cdn.optimonk.com	front.optimonk.com gs-cdn.optimonk.com
5	analytics.tiktok.com	cdn.shopify.com analytics.tiktok.com
5	ad4m.at	hempamed.de ad4m.at
4	secure.adnxs.com	3 redirects
4	front.optimonk.com	hempamed.de front.optimonk.com cdn.shopify.com
4	ad.yieldlab.net	1 redirects
4	d.clarity.ms	www.clarity.ms cdn.shopify.com
4	s2.adform.net	hal9000.redintelligence.net ad.ad-srv.net
4	tm709.ad-srv.net	tm.ad-srv.net
4	x.bidswitch.net	2 redirects
4	eu-tlp06.kameleoon.eu	w2s9lwr4sh.kameleoon.eu cdn.shopify.com
3	ib.adnxs.com	3 redirects
3	dis.criteo.com
3	widgets.trustedshops.com	cdn.shopify.com widgets.trustedshops.com
3	ih.adscale.de	3 redirects
3	ad13.adfarm1.adition.com	ad.ad-srv.net
3	simage2.pubmatic.com	1 redirects hempamed.de
3	api.bounce-commerce.de	t.adcell.com api.bounce-commerce.de cdn.shopify.com
3	hal9000.redintelligence.net	1 redirects hempamed.de
3	tr.outbrain.com	amplify.outbrain.com hempamed.de
3	fonts.shopifycdn.com	cdn.shopify.com
3	d1um8515vdn9kb.cloudfront.net	hempamed.de d1um8515vdn9kb.cloudfront.net
3	bat.bing.com	hempamed.de bat.bing.com
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	jfapiprod.optimonk.com	gs-cdn.optimonk.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static-tracking.klaviyo.com	static.klaviyo.com
2	c.clarity.ms	1 redirects
2	hempamed.zendesk.com	static.zdassets.com
2	trc-events.taboola.com	cdn.shopify.com
2	a.twiago.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects hempamed.de
2	rtb-csync.smartadserver.com	1 redirects
2	match.adsrvr.org	hempamed.de js.adsrvr.org
2	cm.g.doubleclick.net	2 redirects
2	imagesrv.adition.com	hempamed.de
2	ad11.adfarm1.adition.com	2 redirects
2	www.google-analytics.com	cdn.shopify.com hempamed.de
2	connect.facebook.net	cdn.shopify.com connect.facebook.net
2	fonts.googleapis.com	cannatrust.eu client
2	sdk.loyaltylion.net	hempamed.de
2	www.google.fr	hempamed.de
2	www.google.com	hempamed.de
2	tm.ad-srv.net	hempamed.de
2	ads-engagement.presage.io	hempamed.de
2	cdn.mouseflow.com	1 redirects hempamed.de
2	pix.hyj.mobi	hempamed.de www.googletagmanager.com
2	ad1.adfarm1.adition.com	hempamed.de
2	www.googletagmanager.com	hempamed.de
2	hempamed.de	front.optimonk.com
1	matching.ivitrack.com
1	exchange.mediavine.com
1	sync-t1.taboola.com
1	visitor.omnitagjs.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	match.sharethrough.com
1	contextual.media.net
1	cotads.adscale.de
1	cm.adform.net
1	criteo-sync.teads.tv
1	ads.yahoo.com
1	r.casalemedia.com
1	eb2.3lift.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	c.aaxads.com
1	sslwidget.criteo.com	static.criteo.net
1	telemetrics.klaviyo.com	cdn.shopify.com
1	mug.criteo.com
1	static-forms.klaviyo.com	cdn.shopify.com
1	fast.a.klaviyo.com	cdn.shopify.com
1	static.criteo.net	dynamic.criteo.com
1	c.bing.com	1 redirects
1	insight.adsrvr.org	1 redirects
1	dynamic.criteo.com	hempamed.de
1	fonts.gstatic.com	fonts.googleapis.com
1	widgets.getsitecontrol.com	hempamed.de
1	pixel.onaudience.com	1 redirects
1	r.adserver01.de	1 redirects
1	stats.g.doubleclick.net	cdn.shopify.com
1	ekr.zdassets.com	static.zdassets.com
1	assets.reviews.io	widget.reviews.io
1	www.clarity.ms	bat.bing.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	trc.taboola.com	cdn.taboola.com
1	js.adsrvr.org	www.googletagmanager.com
1	winads.eraofecom.org	hempamed.de
1	www.googleadservices.com	www.googletagmanager.com
1	widget.reviews.io	hempamed.de
1	a.klaviyo.com	hempamed.de
1	cdnjs.cloudflare.com	hempamed.de
1	shopifyorderlimits.s3.amazonaws.com	hempamed.de
1	analytics.webgains.io	hempamed.de
1	amplify.outbrain.com	hempamed.de
1	cdn.taboola.com	hempamed.de
1	w2s9lwr4sh.kameleoon.eu	hempamed.de
1	wdsmedia.go2oh.net	1 redirects
1	buybrands.info	1 redirects
0	api.reviews.io Failed	widget.reviews.io
308	118

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.de
www.instagram.com
www.youtube.com
www.leafly.de
www.trustedshops.de
groupthought.com
cookiefirst.com

Subject Issuer	Validity	Valid
hempamed.de GlobalSign Domain Validation CA - SHA256 - G3	`2021-05-30` - `2022-07-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-01` - `2022-06-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
cdn.shopify.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
pix.hyj.mobi GTS CA 1D4	`2022-04-12` - `2022-07-11`	3 months	crt.sh
consent.cookiefirst.com R3	`2022-05-18` - `2022-08-16`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
ucarecdn.com R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
cannatrust.eu R3	`2022-05-13` - `2022-08-11`	3 months	crt.sh
integrations.etrusted.com Amazon	`2022-04-06` - `2023-05-05`	a year	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2021-09-20` - `2022-09-20`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
fonts.shopifycdn.com R3	`2022-04-01` - `2022-06-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ogury.co Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
kameleoon.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-05-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
ad-srv.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
api.bounce-commerce.de R3	`2022-04-06` - `2022-07-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
loyaltylion.net Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
monorail-edge.shopifysvc.com R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-02` - `2022-05-31`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2022-03-05` - `2023-04-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
hempamed.zendesk.com Cloudflare Inc ECC CA-3	`2022-02-21` - `2023-02-21`	a year	crt.sh
static.klaviyo.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2022-05-16` - `2023-06-17`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
widgets.trustedshops.com Amazon	`2021-08-24` - `2022-09-22`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2022-04-01` - `2022-06-30`	3 months	crt.sh
fast.a.klaviyo.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
static-forms.klaviyo.com R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
gs-cdn.optimonk.com R3	`2022-05-11` - `2022-08-09`	3 months	crt.sh
telemetrics.klaviyo.com Amazon	`2021-10-15` - `2022-11-12`	a year	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2022-04-13` - `2022-07-12`	3 months	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
itm.ivitrack.com R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://hempamed.de/
Frame ID: FFAF92B7B87704DA42D868757FAD494E
Requests: 214 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=50822&version=1&redirected=1
Frame ID: A2882C37B45673800D83A7C952C7A6CB
Requests: 6 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1
Frame ID: E563FF24B05850DC59C11F987F160C01
Requests: 7 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLHQ1dGc9vcCFV5GHQkd4qYGUQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5084014034387.855
Frame ID: FD94D89B498353638854527C88E97E98
Requests: 2 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CM3R1dGc9vcCFdJCHQkdf5MFRQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3265416293479.613
Frame ID: 17B504A071E5EE38EF988C2FB6CC4688
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDz1dGc9vcCFWdCHQkdnmUF2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6343938651724.09
Frame ID: 3A55E90AD512E6DBC1C18BFC17A31DC2
Requests: 2 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CNTU1dGc9vcCFVFCHQkdQPUNKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7537296046713.005
Frame ID: 1F3647C8F42F59191295E14C835E1A35
Requests: 2 HTTP requests in this frame

Frame: https://tm709.ad-srv.net/tm/a/container/tags/iframe/1aa279a414.html?sid=1fie2jtv6okv99e3it6mfiic80
Frame ID: C2C8B2A626082ABF5CCA35B3AC9A0B45
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=63935&version=1&redirected=1
Frame ID: E90B773DAA072323AEB9FF1EFC795D2C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 39BD2C305AC110E2E6182605E98A30BA
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=50822&version=1
Frame ID: 20DEBF586AFE19118A1481AB4ABF1B60
Requests: 9 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=53913&version=1
Frame ID: 7AD530CD4866AB414D0D1F0185864BC8
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BBC2C5006E1E754DE30AB28DA2031A00
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDG_tGc9vcCFaxCHQkdmgIFPg;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2557177488698.237
Frame ID: 093DBBE3FA02A432C0A23EEFDB77ED6E
Requests: 2 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ-H_9Gc9vcCFRNIHQkd95kKbg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6858989584078.41
Frame ID: 326AD51814CED35DDAF5F2A2635DF503
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-K_9Gc9vcCFdGYhQod4WoILg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5529826150479.275
Frame ID: BEA03DDF7711D75E1426EFAE13AD0B05
Requests: 2 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ6W_9Gc9vcCFS1DHQkd59oIhg;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6422300964740.52
Frame ID: 5391AB74FC2D7FD49687940A5EA5DA71
Requests: 2 HTTP requests in this frame

Frame: https://tm709.ad-srv.net/tm/a/container/tags/iframe/1aa279a414.html?sid=l3dtrnrns3rt71av7qg00bdcm6
Frame ID: DE6804C288B271E354CF920488956968
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js
Frame ID: 8D4BC4178B485672A878611E1F00FCAD
Requests: 9 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=63935&version=1
Frame ID: 9E3DB2814D444B34CF5B94722A027FBB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=2bkuptt&ref=https%3A%2F%2Fhempamed.de%2F&upid=b9suilz&upv=1.1.0
Frame ID: 33CA44A081768519E2623225218347B2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=hempamed.de&origin=onetag
Frame ID: 2A4855B880BFA7083EE6162D489D854E
Requests: 2 HTTP requests in this frame

Frame: https://hempamed.de/cart.json
Frame ID: C9DACFBA8177DDB9245182898A6EF98F
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxc.php?fv=3&wbsh=crx&ryvlg=k-r2FNkpSTsmkLxBE7WUr8XG6mJ3NbZ3q-ZYiCkg
Frame ID: 4E532FE10B2864BE3580B78E12E6110E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CBD Öle von Hempamed: Premium CBD Öl jetzt hier kaufen MastercardPayPalSOFORTVisa

Page URL History Show full URLs

http://buybrands.info/index.php/campaigns/ck001az6j963b/track-url/qa957a9v5e1ed/a855f84087eef549d1... HTTP 301
https://wdsmedia.go2oh.net/click?aff_id=2&offer_id=122&url=https://hempamed.de HTTP 302
https://hempamed.de/ Page URL

Detected technologies

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

308
Requests

90 %
HTTPS

27 %
IPv6

74
Domains

118
Subdomains

96
IPs

12
Countries

3330 kB
Transfer

8283 kB
Size

87
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hempamed
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/d157efcbd9082ca514dc549e4e2439/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hempamed/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCIUrsknMSRwTF-ytDoSQoPg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.leafly.de/guetesiegel/
Title: Leafly Gütesiegel

Search URL Search Domain Scan URL

URL: https://www.trustedshops.de/bewertung/info_X4F5D1F8D08CDAC1FC5E156B35CCD3BBF.html
Title: T

Search URL Search Domain Scan URL

URL: https://groupthought.com/
Title: Story

Search URL Search Domain Scan URL

URL: https://cookiefirst.com/?utm_medium=banner&utm_campaign=cookiebanner&utm_source=LOCATION_HREF

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buybrands.info/index.php/campaigns/ck001az6j963b/track-url/qa957a9v5e1ed/a855f84087eef549d112e65a24093058d6eb9a87 HTTP 301
https://wdsmedia.go2oh.net/click?aff_id=2&offer_id=122&url=https://hempamed.de HTTP 302
https://hempamed.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cdn.mouseflow.com/projects/ee8de7d6-18d8-4733-8170-1f0fa507d1f6.js HTTP 301
https://cdn.mouseflow.com/projects/ee8de7d6-18d8-4733-8170-1f0fa507d1f6_eu.js

Request Chain 61

https://ad.ad-srv.net/retarget?a=50822&version=1 HTTP 302
https://ad.ad-srv.net/retarget?a=50822&version=1&redirected=1

Request Chain 62

https://hal9000.redintelligence.net/retarget?a=53913&version=1 HTTP 302
https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1

Request Chain 66

https://x.bidswitch.net/sync?dsp_id=95&user_id=b9087d3b-c3df-4056-a7f8-815f73c30d19&expires=30&user_group=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=95&user_id=b9087d3b-c3df-4056-a7f8-815f73c30d19&expires=30&user_group=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2081ad7c-951e-4ad6-93a1-2d71e5b8edc0&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 77

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5084014034387.855 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLHQ1dGc9vcCFV5GHQkd4qYGUQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5084014034387.855

Request Chain 78

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3265416293479.613 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CM3R1dGc9vcCFdJCHQkdf5MFRQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3265416293479.613

Request Chain 79

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 80

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6343938651724.09 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDz1dGc9vcCFWdCHQkdnmUF2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6343938651724.09

Request Chain 81

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7537296046713.005 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CNTU1dGc9vcCFVFCHQkdQPUNKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7537296046713.005

Request Chain 118

https://ad.doubleclick.net/ddm/activity/src=9858635;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1660059082040.195 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9858635;dc_pre=CLPA4tGc9vcCFQRpGQodfSsHjw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1660059082040.195 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CLPA4tGc9vcCFQRpGQodfSsHjw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1660059082040.195

Request Chain 119

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 143

https://ad.ad-srv.net/retarget?a=63935&version=1 HTTP 302
https://ad.ad-srv.net/retarget?a=63935&version=1&redirected=1

Request Chain 145

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=990648820546&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D53913%26version%3D1%26redirected%3D1 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=990648820546&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D53913%26version%3D1%26redirected%3D1

Request Chain 167

https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10716248;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10716248;dc_pre=CNuT_9Gc9vcCFRBKHgId_vQAeQ;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CNuT_9Gc9vcCFRBKHgId_vQAeQ;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 168

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 169

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=1 HTTP 302
https://as.ad4m.at/ad/dpe?b=CAESEC2FOX1U-wxzbohQRXxGPL0&a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=1&google_cver=1

Request Chain 172

https://ih.adscale.de/tpui?tpid=25&tpuid=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26b%3D__ADSCALE_USER_ID__%26c%3D6 HTTP 302
https://ih.adscale.de/tpui?tpid=25&tpuid=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&uu=fc9a0d63d0fd4cbebbaf407aef7bc99c HTTP 307
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=37973df607fbb0b7f323a116b93e320e8ba1d60f09f822dbe7f277a29d69a054&c=6

Request Chain 173

https://pixel.onaudience.com/?partner=234&mapped=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 174

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26c%3D9%26b%3DSMART_USER_ID HTTP 302
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=9&b=5236655656407327916&gdpr=0&gdpr_consent=

Request Chain 175

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26b%3D%24%7BPUBMATIC%5FUID%7D%26c%3D5 HTTP 302
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=${PUBMATIC_UID}&c=5

Request Chain 176

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&C=1

Request Chain 177

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26b%3D%25userid%25%26c%3D7 HTTP 302
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=e8d7934af39b54195192a82b82d30578150e295da1ba1f1305b9fa88f9604&c=7

Request Chain 178

https://ad.yieldlab.net/mr?t=2&pid=9140838&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26b%3D%25%25YL%5FUID%25%25%26c%3D4 HTTP 302
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=4865b806-4db4-4dcd-8df7-ee71886fdb90&c=4

Request Chain 191

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2557177488698.237 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDG_tGc9vcCFaxCHQkdmgIFPg;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2557177488698.237

Request Chain 192

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6858989584078.41 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ-H_9Gc9vcCFRNIHQkd95kKbg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6858989584078.41

Request Chain 193

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 194

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5529826150479.275 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-K_9Gc9vcCFdGYhQod4WoILg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5529826150479.275

Request Chain 195

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6422300964740.52 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ6W_9Gc9vcCFS1DHQkd59oIhg;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6422300964740.52

Request Chain 196

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 199

https://ad.doubleclick.net/ddm/activity/src=9858635;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9019676682562.818 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9858635;dc_pre=CPW6hNKc9vcCFWBIHgIdsnwGKw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9019676682562.818 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CPW6hNKc9vcCFWBIHgIdsnwGKw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9019676682562.818

Request Chain 235

https://insight.adsrvr.org/track/up?adv=2bkuptt&ref=https%3A%2F%2Fhempamed.de%2F&upid=b9suilz&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=2bkuptt&ref=https%3A%2F%2Fhempamed.de%2F&upid=b9suilz&upv=1.1.0

Request Chain 236

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=CF1ED03A2560439D843DF8312A181153&RedC=c.clarity.ms&MXFR=27E59631013169F72F18879C053167CD HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=CF1ED03A2560439D843DF8312A181153&MUID=1840C1A603DD62A30C20D00B021D633B

Request Chain 265

https://gum.criteo.com/sid/json?origin=onetag&domain=hempamed.de&sn=ChromeSyncframe&so=0&topUrl=hempamed.de&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AHgSK3xWUVU4TkV1SjM5YUtrWGxlNHhRNmhqeG5DWkRWaUg5N2dwOWNBK2ZMMUZBYkhXRDMzM3FqVDEvdzNvNktjcSs5cDJ0N3hoczM5Rjl1RStkTWhCM3ZXb0NURFQxcStldXBvVmo2YkJCamQxLzBQcUhHQ1JxZkg1WFd2MzMraStIWjRzd3V0aDVtNHFyNU9SZGhYdGRORFdZOHcxTEdsN1hvc0VNRkpVNmtWOTd5ck55Y3Z2ZWR6VWYvMllyblB5cDZCWmk3Z3RWUGFiNDlhWlVwZnpIYVlyN1cxdjlKbTFVUWFiZFBUQUtKblVqaFVpMTZDZW1WUmhnZFcvZUprT2ZhRHZ4YnFmNGp3WGJSa3RtT1dXZFVCdz09fA&cppv=2

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-r2FNkpSTsmkLxBE7WUr8XG6mJ3NbZ3q-ZYiCkg&google_cm&google_hm=ay1yMkZOa3BTVHNta0x4QkU3V1VyOFhHNm1KM05iWjNxLVpZaUNrZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-r2FNkpSTsmkLxBE7WUr8XG6mJ3NbZ3q-ZYiCkg&google_gid=CAESENiWsei9bD0XqU214E14528&google_cver=1&google_ula=913071,0

Request Chain 281

https://secure.adnxs.com/setuid?entity=52&code=k-FtEwGZSTsmkLxBE7WUr8XG6mJ3NciIWG18VH-g&seg=130915 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-FtEwGZSTsmkLxBE7WUr8XG6mJ3NciIWG18VH-g%26seg%3D130915

Request Chain 282

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=806949325725164914

Request Chain 283

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-8P2mkpSTsmkLxBE7WUr8XG6mJ3Oh8T2BcqBKcA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8P2mkpSTsmkLxBE7WUr8XG6mJ3Oh8T2BcqBKcA

Request Chain 287

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-e1CgaZSTsmkLxBE7WUr8XG6mJ3Mb7AYuu8oUaw HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-e1CgaZSTsmkLxBE7WUr8XG6mJ3Mb7AYuu8oUaw&verify=true

Request Chain 290

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-BJDF5pSTsmkLxBE7WUr8XG6mJ3MA9vPWk8P0Nw&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 307
https://cotads.adscale.de/ads/pixel/1by1.png?uid=82d818379e5f5c39ed06543275ab0e0101185f574bc744149e04ad8c2daee221

Request Chain 296

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-gvzzhZSTsmkLxBE7WUr8XG6mJ3NkHqs7yHaCAg&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 301

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=240294409137550247

308 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hempamed.de/
Redirect Chain

http://buybrands.info/index.php/campaigns/ck001az6j963b/track-url/qa957a9v5e1ed/a855f84087eef549d112e65a24093058d6eb9a87
https://wdsmedia.go2oh.net/click?aff_id=2&offer_id=122&url=https://hempamed.de
https://hempamed.de/

151 KB
34 KB

242ms
176ms

Document
text/html

23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

aad71eeadb53db291f1ac518035af344bb7acaf6c59fdb4b93cd1345a27616e1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70ffc3417bd53a8d-CDG
content-encoding: br
content-language: de
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Mon, 23 May 2022 18:12:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
server: cloudflare
server-timing-public: processing;dur=18, db;dur=7
strict-transport-security: max-age=7889238
vary: Accept
x-alternate-cache-key: cacheable:4cc425a7e78c094deb9b2627b1802e3e
x-cache: hit, server
x-content-type-options: nosniff
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 80f40bd0-0dc0-4d76-89a8-46de53aa97b7
x-shardid: 265
x-shopid: 29599804
x-shopify-stage: production
x-sorting-hat-podid: 265
x-sorting-hat-shopid: 29599804
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 18:12:56 GMT
location: https://hempamed.de
server: nginx/1.10.3 (Ubuntu)

GET
H2 200 kameleoon.js Show response
w2s9lwr4sh.kameleoon.eu/ 230 KB
54 KB 258ms
204ms Script
application/javascript 2606:4700:20::681a:a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w2s9lwr4sh.kameleoon.eu/kameleoon.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c85d74f98be6a0fc142cdbdc564b9bfa7951b40854e29c6febfaada6e0a5be4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Apr 2022 08:21:14 GMT
server: cloudflare
etag: W/"625fc27a-3977a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkOM%2BMZQrgkh9wCDmt92qXLgRinfiTaOJSEpDVOtBu%2FfMXkMJmsKNd4zDcqzoP6StM2%2B9uIuHnY7dq0VKFBMyktiaeL1LFn1BkLnxkLGl9G4PTsj8UXmlIJAOyHiX7DbhfzTQ4aXFpad6bz2kJsZaeWXlj8z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=5400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ffc3430fdb9993-CDG
expires: Mon, 23 May 2022 19:42:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 99ms
39ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-439035500

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92af92c8456d3d902afd8b15fed3ec50f98a9416ec176866ed38c6ac5773e288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42834
x-xss-protection: 0
expires: Mon, 23 May 2022 18:12:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
40 KB 47ms
43ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T92PJQ3

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecc5bd64f2874b3a150e05f9fda591c805c4a63ae33d243e3b3959c28bdacdb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41381
x-xss-protection: 0
expires: Mon, 23 May 2022 18:12:57 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1384381/ 55 KB
17 KB 242ms
189ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1384381/tfa.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d375daca4fe7985462915845f17acaf8ee04290e1b00e4b3eb713cc2d63d761e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: IqZL8KWGRRQWuSsPM6bli3qnX2mMgmn0
content-encoding: gzip
etag: "8dae408800bf9afeef50149890794b56"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17390
x-amz-id-2: I7EOK/kFXPxmVpHbYYOhhmNP+724mwq/GbPB+fOeNS5G8OzXswnQQwc7/R+wA4E0zpKWrG/fm+0=
x-served-by: cache-cdg20761-CDG
last-modified: Sun, 22 May 2022 11:21:36 GMT
server: AmazonS3
x-timer: S1653329578.614028,VS0,VE170
date: Mon, 23 May 2022 18:12:57 GMT
vary: Accept-Encoding
x-amz-request-id: MAC071TC7PXN6CCS
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 21
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 201ms
63ms Script
application/x-javascript 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Mon, 23 May 2022 18:32:57 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 107ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E43D3C32A2B4FB7A17E9BC78D2722AC Ref B: DUS30EDGE0310 Ref C: 2022-05-23T18:12:57Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 23 May 2022 18:12:57 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 clk.min.js Show response
analytics.webgains.io/ 50 KB
50 KB 126ms
27ms Script
application/javascript 143.204.215.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/clk.min.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-68.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2666a2f678a8564527f79c02b49ef33d0e84c154b80fa3bfb763e7e5f55814f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: _qWy7jSlABDVwiqEq3_9IYFeis5MzLuf
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 69217
etag: "71290d77b2c1ab57ec6fa02e2ac89892"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 22 May 2022 22:59:22 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 50779
x-amz-cf-id: R18wFXdBR7auu0shTga76VttVfU1ZD9In61qYXBUb9eSjB2l3DYUNA==

GET
H2 200 track Show response
ad1.adfarm1.adition.com/ 19 B
376 B 94ms
27ms Script
application/javascript 217.79.188.2
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad1.adfarm1.adition.com/track?tid=26905&sid=57428&type=js&orderid=&itemno=&descr=&quantity=&price=&total=10.00
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 20:12:57 +0200
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: application/javascript
content-length: 19
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tagging Show response
ad1.adfarm1.adition.com/ 7 B
312 B 93ms
27ms Script
application/javascript 217.79.188.2
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad1.adfarm1.adition.com/tagging?type=js&network=3533&tag[Solidmind_Retargeting.Solidmind_Retargeting]
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 20:12:57 +0200
server: ADITIONSERVER v1.0
content-type: application/javascript
content-length: 7
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 theme.scss.css
cdn.shopify.com/s/files/1/2959/9804/t/20/assets/ 183 KB
32 KB 88ms
37ms Stylesheet
text/css 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/theme.scss.css?v=92597987981826678421647416154

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

714029a0c7fc3451e71e981f2bb5640c04e7de55b160c571842cbc25da754f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 1117212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwDDESyqM8wV9tSc047hq9Kp6buqvioRgerM41jGDWZq7Rp2BKFfsyywyHm3wRtI08Y3b%2BGE22cImzgU%2BXhC3kc%2FqAwWbEuVWkmksmHclEpcj5uVOV8uhE8XmyJpfdmDFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=2626.104, imageryFetch;dur=182.916, imageryProcess;dur=2412.198;desc="scss"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2e43d5f4-d031-48d1-98dd-4cb776d4cb20
timing-allow-origin: *
surrogate-key: segment4-58550 shop-29599804 mime-text/css-58550 time-bucket-20220510-58550 3a37d416cc3dc7513b7c0f7d6b9e93b88b9b181ca00c2ded36aa9cce7c274bae
last-modified: Tue, 10 May 2022 12:52:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70ffc34379a199dc-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/theme.scss.css>; rel="canonical"

GET
H2 200 theme.js Show response
cdn.shopify.com/s/files/1/2959/9804/t/20/assets/ 318 KB
100 KB 56ms
52ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/theme.js?v=23278196408854335841640073335

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

343b9e1f52342349ea7bd351c7093e9be0a234997e9b8b597bbb9576e2502d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 989822
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fd9bL7lo80PHyN%2F5lbNN5RfiQ9SihQeCwQR%2FNYpGBayidbFzknOD9%2FBJWwDBZn%2Fb0lMl7ZxMWjfPYEe%2BluT3dMKKNpQLRXliff0nebEHgHR33OActnXUuDuka4U%2Fx9Q3aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=183.121, imageryFetch;dur=104.015
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b25cd194-3ac6-49bb-aa86-a7d562393a15
timing-allow-origin: *
surrogate-key: segment4-47180 shop-29599804 mime-text/javascript-47180 time-bucket-20220512-47180 7663c004f688ef455913e65676a9160b9d03d3f7c82389874af389d50056aee1
last-modified: Thu, 12 May 2022 02:23:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70ffc343ca2999dc-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/theme.js>; rel="canonical"

GET
H3 200 load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 10 KB
4 KB 103ms
58ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 997774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NPzqst4jw2Gq072KVzhIyjnO4qfmYgAyvAPBwJLHOIpnXdWgClXfAXE5tUlBtBTRvVwoOBljszehQwACK%2F%2FynyVFB3lIA7jnsnKt%2FKoNFpetOjas43yriCN7Zg7m6Cogw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=16.302, imageryFetch;dur=16.082
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 97f453c8-ae29-49c0-9237-c92f812a6663
timing-allow-origin: *
surrogate-key: segment4-23263 mime-text/javascript-23263 time-bucket-20220511-23263 89bbf77d1cad2c0bea2a7f1f72da169b70c2bf265907466160d0427d43316b03
last-modified: Wed, 11 May 2022 23:19:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 70ffc3440bd3cdab-CDG
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js>; rel="canonical"

GET
H3 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
14 KB 82ms
37ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 997774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApkN7ZhZd3REZRG6iGxxxU9kurE7ULDO66qUPtXS198HR6D545mCCung9VFfi90grRwynkBn2lJVv44%2F7sm09QkXxjV%2B5mEdHZ%2Btnq5gyoO16LZ0%2Bcr22MmNZhwJmFgk%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=19.139, imageryFetch;dur=18.810
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2810dcc1-696b-4896-a6b5-5a269adb564f
timing-allow-origin: *
surrogate-key: segment4-42351 mime-text/javascript-42351 time-bucket-20220512-42351 3cd7a93697726990d34cdb0483f82490a2ebf6a0cee838bd6b8381caf8ef28bf
last-modified: Thu, 12 May 2022 01:45:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 70ffc3440bd5cdab-CDG
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"

GET
H2 200 custom-css-shopify.css
cdn.shopify.com/s/files/1/2959/9804/t/20/assets/ 9 KB
3 KB 89ms
37ms Stylesheet
text/css 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/custom-css-shopify.css?v=163858347589965057351651747522

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

035f81ad01c592578ae1808bbe164eca53a4c00a0198622fd1d638155db00391

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 284173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZRjw6OCSz1Xn%2Bj%2FtSgv6qKOfTca%2BlQhZO9VqEn0Sqt4JyGmzd3ucjFKmaEjkVBRPy8DCVIaBoquqfdXYCc0omZAezqNXkLt3nw%2BRY5IpLCx5YVIK2PYLHKk4yJq5JF3Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=80.530, imageryFetch;dur=79.101
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ac02bf84-212b-4423-b781-e724c139aa08
timing-allow-origin: *
last-modified: Fri, 20 May 2022 00:27:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70ffc34379a399dc-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/custom-css-shopify.css>; rel="canonical"

GET
H/1.1 403
Forbidden hempamed-cbd.myshopify.com
shopifyorderlimits.s3.amazonaws.com/limits/ 0
0 727ms
188ms Script
application/xml 52.218.248.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shopifyorderlimits.s3.amazonaws.com/limits/hempamed-cbd.myshopify.com?v=65&r=20200630145049&shop=hempamed-cbd.myshopify.com
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.248.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 rt Show response
pix.hyj.mobi/ 558 B
993 B 80ms
28ms Script
application/javascript 35.190.71.124
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.hyj.mobi/rt?t=d&action=s&cid=9204
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 124.71.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 635436613a59dcad198a566f08a03bbce349628391ebb99e6b32caf6b39caeb0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:57 GMT
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 banner.js Show response
consent.cookiefirst.com/ 67 KB
24 KB 138ms
61ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: e21a8b48f9312941028c5512887f7ec2da422ccb88b4d5f7d30f302b4a984769

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:57
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Thu, 19 May 2022 15:14:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62865ed9-10a35"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=300
cdn-requestid: c08954c5a865ce15633c32693db5098a
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hempamed-logo-neu_150x.png
cdn.shopify.com/s/files/1/2959/9804/files/ 3 KB
3 KB 33ms
30ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/files/hempamed-logo-neu_150x.png?v=1583992291

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5585e8dd1b3e1006ff2303d8d9650711ea84ac2046524983901f5d4d40504c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 374682
server-timing: imagery;dur=69.748, imageryFetch;dur=19.483, imageryProcess;dur=49.442;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2862
x-xss-protection: 1; mode=block
x-request-id: 5f0b0fbf-05e2-47bb-8727-a6f7bc47b295
timing-allow-origin: *
surrogate-key: segment4-20897 shop-29599804 mime-image/webp-20897 time-bucket-20220513-20897 d171b76e3ae75018a6b47eb6a3ea59d5d18624d8af89cb029f95acd432ad2884
last-modified: Fri, 13 May 2022 06:57:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaHnvd2%2B6tkDKlD9F9Qt5cwK3TRT736egkodnYTFsJEH54qGewDwOsCJuCaQQ66ntKWhzQALq%2BP4EpHTzVIZ3%2BAuxleGlYYDRJIrCy7%2FqDpE5D0qfi3flOid52jygXqClg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc343ca2c99dc-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/files/hempamed-logo-neu_150x.png>; rel="canonical"

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ 28 KB
6 KB 72ms
29ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3059618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5324
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkUlfN3XOU3OC%2Brr4xXUTQd4%2B49swf6gqm6TQ3iIerQz6AtZkhFoiKOz6w0DXnhWEY0RIQmji77aa91Tl4YUIVNu%2Bjy0bOy60nrHGKJyu61Kh2xMdOWcu6bQAm%2FhZRnIRI%2F6ACF7spilQdPNedi%2BHRQp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70ffc34409c9ee07-CDG
expires: Sat, 13 May 2023 18:12:57 GMT

GET
H2 200 vendor.css
d1um8515vdn9kb.cloudfront.net/files/ 81 KB
10 KB 89ms
21ms Stylesheet
text/css 2600:9000:2111:fa00:6:7d8a:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1um8515vdn9kb.cloudfront.net/files/vendor.css?refresh=1
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2111:fa00:6:7d8a:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03600c8364d6306282dfdf3663390a20504815e082ef7e3e4da6023266c77c2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:09 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 02:20:59 GMT
server: AmazonS3
age: 61
etag: W/"d31737fc813b26fbe17d462c4a6361e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
via: 1.1 0fe4e9874d2e0d61c17aa980fd6da8ee.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: LHR61-C1
x-amz-cf-id: XnPOjbASHBi8Tw-jUKWeD3e-C_KlkS7x3ppGK6nnD1pIbqGZDoLesQ==

GET
H2 200 gem-page-index-1653289824.css
cdn.shopify.com/s/files/1/2959/9804/t/20/assets/ 126 KB
8 KB 145ms
140ms Stylesheet
text/css 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a85c5c7cda7906787a061021c46323f9a12e8f4d914c1615577f26f2528db937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNZv%2Bhz4s6V17t9gofaeG1Ih54QEnAT8iO54GlGV%2BFI4MhDUN31K13H1z01%2B%2BZ%2BglNTyBP1llZzeX4GWP0F1f4S6G16DUuUco1ksLvhC4mK16EiuUACn7S8%2FuAybSWQ1RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=72.567, imageryFetch;dur=58.691
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c346354d-98f0-4f5c-b941-e07c8be2c97a
timing-allow-origin: *
last-modified: Mon, 23 May 2022 13:24:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70ffc343ca2899dc-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css>; rel="canonical"

GET
H2 200 Leafly-Guetesiegel_final_RGB.png
ucarecdn.com/7c041824-55be-4651-ae72-d69883e018a4/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 8 KB
9 KB 240ms
142ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/7c041824-55be-4651-ae72-d69883e018a4/-/format/auto/-/preview/3000x3000/-/quality/lighter/Leafly-Guetesiegel_final_RGB.png
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 59e6ffff8b12b46fba8ee79526338a327481660bada9eb459c654c30b4ef0832

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 199
server: nginx
content-disposition: inline; filename=Leafly-Guetesiegel_final_RGB.png
etag: "ba1c4bad1c6526075a1eae4f61954d74"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=24551539
x-image-height: 209
content-length: 8422

GET
H2 200 eTrustedshops.png
ucarecdn.com/d73f945f-a47c-4643-be49-133fb93c0f19/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 24 KB
24 KB 228ms
138ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/d73f945f-a47c-4643-be49-133fb93c0f19/-/format/auto/-/preview/3000x3000/-/quality/lighter/eTrustedshops.png
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fd284131bd431df68ad1a75bb7bc1cc446bba8cc1698b22bd5d4293db3cd90cb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 380
server: nginx
content-disposition: inline; filename=eTrustedshops.png
etag: "9c46ae2b1f7c650905c832d655ce316c"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31095189
x-image-height: 380
content-length: 24120

GET
H2 200 RackMultipart20200619-4-1mx39ts.png
ucarecdn.com/ef1b1f07-33b0-4203-83c8-48eafdfd5e51/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 81 KB
82 KB 110ms
40ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/ef1b1f07-33b0-4203-83c8-48eafdfd5e51/-/format/auto/-/preview/3000x3000/-/quality/lighter/RackMultipart20200619-4-1mx39ts.png
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d6ce79238a663584deb9c3792e8fa23dea01d528e241e52e833af027508a879f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 1244
server: nginx
content-disposition: inline; filename=RackMultipart20200619-4-1mx39ts.png
etag: "9fee0a68bdebfb617a2039a93f31c6d1"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=22342873
x-image-height: 1356
content-length: 83438

GET
H2 200 390_Solidmind_RGB_f_Web.jpg
ucarecdn.com/cb5c626c-861d-4f3e-a035-d965c9cffd52/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 42 KB
42 KB 127ms
69ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/cb5c626c-861d-4f3e-a035-d965c9cffd52/-/format/auto/-/preview/3000x3000/-/quality/lighter/390_Solidmind_RGB_f_Web.jpg
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 585530301e16591696a6fbae6f92ed624c0eb27f911e1838e53f5b0df2f85e56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 902
server: nginx
content-disposition: inline; filename=390_Solidmind_RGB_f_Web.jpg
etag: "87f138a13b625346afc67e7a7bca701c"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=23710574
x-image-height: 902
content-length: 42954

GET
H2 200 rating.js Show response
cannatrust.eu/wp-content/themes/cannatrust/inc/widget/ 3 KB
1 KB 126ms
30ms Script
application/javascript 2a02:17f8:9001:3e00::107
HAENDLEKORTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cannatrust.eu/wp-content/themes/cannatrust/inc/widget/rating.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:17f8:9001:3e00::107 , Germany, ASN44700 (HAENDLEKORTE-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 86c39fd7f5dd6cfe3a6ee7bae0e18fb3cd5a0a4cbc9e8d32320289e893f15533

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 14:06:34 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61dee06a-aa6"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 /
ucarecdn.com/080e93a0-8727-4a47-9689-acc130bf73b6/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 2 KB
3 KB 113ms
69ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/080e93a0-8727-4a47-9689-acc130bf73b6/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7e2d172db253cc60b59c126f829c1ccf101512e31c6fdb76ddcf6b30b5258f78

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 512
server: nginx
content-disposition: inline
etag: "ebf21bedf1a6c45fe9a9c68269ae9302"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=22343023
x-image-height: 512
content-length: 2428

GET
H2 200 /
ucarecdn.com/80cffa12-c47a-4a7d-b7fe-8da8206760f8/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 3 KB
4 KB 73ms
35ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/80cffa12-c47a-4a7d-b7fe-8da8206760f8/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 68d18be3ba92856a2311b5247fa8efb89b8167a0ba8d7260596704e9f08f55b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 512
server: nginx
content-disposition: inline
etag: "979733dc63eb05fe9a6882c8391f4044"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=22479132
x-image-height: 512
content-length: 3464

GET
H2 200 /
ucarecdn.com/0a71b10b-0c51-4860-adc3-34ebc9b68fd9/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 4 KB
4 KB 56ms
55ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/0a71b10b-0c51-4860-adc3-34ebc9b68fd9/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 834ef365505a980fd031502c176b097ff5a86a1682f339c102c8081a7040b830

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 512
server: nginx
content-disposition: inline
etag: "fd6109a2cb603ee1dde3d1e7c136e8b6"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=23774664
x-image-height: 512
content-length: 3650

GET
H2 200 v2 Show response
integrations.etrusted.com/applications/widget.js/ 4 KB
2 KB 110ms
29ms Script
application/javascript 18.66.248.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://integrations.etrusted.com/applications/widget.js/v2

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-50.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c954b743b05de886d5161aa96bc8795974cf3214c7d815c53c1e97d32ef8b71a

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: VAh6PscvJoSjl9LuZ0P4JK8XPbSDFYfs
content-encoding: gzip
vary: Accept-Encoding
age: 735
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Mon, 23 May 2022 18:00:43 GMT
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 24 Mar 2022 14:30:05 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"3b8262ee1aec35b0a2d03f13b551d106"
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: KHlzlqYBiSTfPQOE5riNgA7FhVAZ2a-SZ2LI6OlSGAM94AKxkYX95Q==

GET
H2 200 /
ucarecdn.com/99c987e6-bd90-424f-a094-6fb591df07e6/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 34 KB
34 KB 56ms
55ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/99c987e6-bd90-424f-a094-6fb591df07e6/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bed614616a162fc53d756bfa5e0f80ac5f00110c16c9c8d67bcae707f3ef2b7f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 1200
server: nginx
content-disposition: inline
etag: "19a9fe00e27a63e48b15902a0cd52ce8"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=22343092
x-image-height: 722
content-length: 34380

GET
H2 200 eTrustedshops.png
ucarecdn.com/4845bb54-fb3c-46fc-8292-837b4e9c7f82/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 24 KB
24 KB 56ms
55ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/4845bb54-fb3c-46fc-8292-837b4e9c7f82/-/format/auto/-/preview/3000x3000/-/quality/lighter/eTrustedshops.png
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fd284131bd431df68ad1a75bb7bc1cc446bba8cc1698b22bd5d4293db3cd90cb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 380
server: nginx
content-disposition: inline; filename=eTrustedshops.png
etag: "1a0876f4b4805e33c4822b559dbc6b39"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31095091
x-image-height: 380
content-length: 24120

GET
H2 200 /
ucarecdn.com/447ce582-2d90-45fb-8e36-bd8cc337ac17/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 32 KB
32 KB 56ms
55ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/447ce582-2d90-45fb-8e36-bd8cc337ac17/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b41860f4dadff1e2d430820b7dc2b839ec708e61036f6767c3cf2702af050729

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 1047
server: nginx
content-disposition: inline
etag: "f995a8efa68c067ab6a97c3cc71685ff"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=24855533
x-image-height: 927
content-length: 32446

GET
H2 200 /
ucarecdn.com/94014a23-918c-4100-bab2-95b06add6b07/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 60 KB
60 KB 57ms
56ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/94014a23-918c-4100-bab2-95b06add6b07/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 958df42ef1d8bb54fd60181bee980ea37b012c71a2c40e599b21d3e8f7402f2c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-image-width: 791
server: nginx
content-disposition: inline
etag: "2852c6158bd5ab5e364e483965987e6f"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31454165
x-image-height: 958
content-length: 61068

GET
H2 200 Nougatpralinen_Header_aa6e8da0-62e1-4b3a-b5c9-29e84a2ee3b7_1024x1024.png
cdn.shopify.com/s/files/1/2959/9804/articles/ 54 KB
55 KB 74ms
73ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/articles/Nougatpralinen_Header_aa6e8da0-62e1-4b3a-b5c9-29e84a2ee3b7_1024x1024.png?v=1626783434

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c6b7ed86dd141acbf230cc72c91131cb77761100fc063527cc12377d5d989c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 276805
server-timing: imagery;dur=172.690, imageryFetch;dur=54.061, imageryProcess;dur=117.948;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55478
x-xss-protection: 1; mode=block
x-request-id: c8f1b641-3a5c-4e22-9766-8d5bb4e111c7
timing-allow-origin: *
last-modified: Wed, 18 May 2022 09:56:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAhp2AxnDVLot6wdvWDsXXZENyEcs%2BLF00EikjO8iwobFDe0LmiV9M1h1Lci623eJMFIRi2AZssu9CCOhOWtQPusDpjXjv6tM7rUUlOL%2FCv4ID1VC9Xy4Qhe2rJYeIhUJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc343ca2d99dc-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/articles/Nougatpralinen_Header_aa6e8da0-62e1-4b3a-b5c9-29e84a2ee3b7_1024x1024.png>; rel="canonical"

GET
H2 200 lippenbalsam_header_1024x1024.png
cdn.shopify.com/s/files/1/2959/9804/articles/ 97 KB
98 KB 33ms
32ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/articles/lippenbalsam_header_1024x1024.png?v=1573728896

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7f4bbda1f148f2639667ea4e0f5d024c633001cc8562de805abc614cc29c569

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 637601
server-timing: imagery;dur=254.356, imageryFetch;dur=100.752, imageryProcess;dur=152.713;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99706
x-xss-protection: 1; mode=block
x-request-id: 9b832d81-b935-4109-9e98-94eba632199c
timing-allow-origin: *
surrogate-key: segment4-16999 shop-29599804 mime-image/webp-16999 time-bucket-20220510-16999 0108510904d9459f41b017d5ab8fde9750ade56bddd090990f7c2435a5ecbed9
last-modified: Tue, 10 May 2022 12:52:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13yB6k2asqKeO7AXb%2FVJKzBm8ILoRjb4q4LseCDOO6ZM3%2BTOclkzvRDU%2FMAyd9JCkZzGSbpWMSgi4Q5va3x5LqKfgecnpJyrgNKAYZDJTf3BsI371FAJVXDWzJS7vJcKwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc343ca2e99dc-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/articles/lippenbalsam_header_1024x1024.png>; rel="canonical"

GET
H2 200 Heisse_schoki_CBD_1024x1024.png
cdn.shopify.com/s/files/1/2959/9804/articles/ 130 KB
131 KB 53ms
52ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/articles/Heisse_schoki_CBD_1024x1024.png?v=1573727314

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddcb4c572e37c2ccb76213c572c22aa95f4032981bc9baac963f06711de0385b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 637601
server-timing: imagery;dur=209.904, imageryFetch;dur=97.402, imageryProcess;dur=111.722;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133444
x-xss-protection: 1; mode=block
x-request-id: 0997870d-6e1d-4156-b402-87a33866e461
timing-allow-origin: *
surrogate-key: segment4-1571 shop-29599804 mime-image/webp-1571 time-bucket-20220513-1571 2d1801d0aa2ff4f59a9064d4fe426c142c51a6280c522b5a9ad565a6e24ca303
last-modified: Fri, 13 May 2022 08:40:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVDuDloQ2%2FxXliOOZwDkFMrMb6JIGphMk4TfXKKG1QKHZ%2FXzlbw4UwdcE%2FA6HN7SvYkQTFpb%2B0qMfkkcdFMiRnlyn8XmG%2B%2Fw11e4Z%2FUMJK5lUgAN0j9UMECK7oIRPedjbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc343ca2f99dc-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/articles/Heisse_schoki_CBD_1024x1024.png>; rel="canonical"

GET
H2 200 trad.js Show response
t.adcell.com/js/ 56 KB
21 KB 159ms
50ms Script
text/javascript 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/js/trad.js?s=shopify&v=1.0.10

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

77e3bdfb73066e1c7ce07b8e91e81b63380a761919fa65049925a0238fbbdd1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
server: myracloud
etag: "myra-71aefafb"
vary: accept-encoding
content-type: text/javascript
cache-control: max-age=900
date: Mon, 23 May 2022 18:12:57 GMT
x-cdn: 1
expires: Mon, 23 May 2022 18:19:04 GMT

GET
H2 200 gempagev2.js Show response
d1um8515vdn9kb.cloudfront.net/files/ 5 KB
2 KB 21ms
20ms Script
application/javascript 2600:9000:2111:fa00:6:7d8a:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1um8515vdn9kb.cloudfront.net/files/gempagev2.js?v=1.0
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2111:fa00:6:7d8a:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a0ae1a0d066f40e19341b9abfd7b10cab72be1c1ad646b80f2f78d7242d2777

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:26 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 06:54:58 GMT
server: AmazonS3
age: 33
etag: W/"edfc6c6cb12b12788cd03f2d8530190e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 0fe4e9874d2e0d61c17aa980fd6da8ee.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: LHR61-C1
x-amz-cf-id: zNr9hyTMjyNP1oTUTdfU6SFkMEV9z7N0Xu0DyGeLlaF3R4p1bS65uw==

GET
H2 200 inlineretarget.js Show response
t.adcell.com/js/ 44 KB
17 KB 30ms
29ms Script
text/javascript 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/js/inlineretarget.js?method=track&pid=6619&type=startpage

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

9379a4678a9d21e8245f1aea21e02d4e73a9186296d7bde276606a4e03d8c00a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
server: myracloud
etag: "myra-28d19fd3"
vary: accept-encoding
content-type: text/javascript
cache-control: max-age=900
date: Mon, 23 May 2022 18:12:57 GMT
x-cdn: 1
expires: Mon, 23 May 2022 18:17:13 GMT

GET
H2 200 onsite.js Show response
a.klaviyo.com/media/js/onsite/ 94 KB
31 KB 211ms
132ms Script
application/javascript 2606:4700::6812:5a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.klaviyo.com/media/js/onsite/onsite.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc6a07524e88b23ff3141a801d7f5e9d1566dd312a8b64dca06cbfdb8fa6f328

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 23 May 2022 17:39:13 GMT
server: cloudflare
etag: W/"628bc6c1-176d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
cf-ray: 70ffc3444cc9ede3-CDG
content-length: 30731
expires: Tue, 24 May 2022 18:12:57 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 118ms
50ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=87dec002-4ce2-4e0f-9a4c-b8a0a6b8295b

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cbfe1c077ba0169a3fb52f9173b184da791852587d1d4f5aac9b6e09e76894e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 33VQQVM4YWYW984N
x-amz-id-2: 0J3Vi+7Hie2xQ40jsq5jB9cOOgdeLajgxH1Xx9agZAk4O+h+WmwSFmQMLXiCoAGTYEJ/exaB02k=
last-modified: Sun, 22 May 2022 23:46:14 GMT
server: cloudflare
etag: W/"dbe08d968cf68b63a92fabf97b86a1d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Io7aptZKWcKmW0Z2mbXus%2F4EQjkiUXspCVahp0dH1m7XraTGfM38fi8YNUgK9PNv1GniW2dlGdZoJavFb2DoFmYVdFAt0Hnicb%2FdeZeSbAH7G07mD%2FxNH6Xbhwj4m3PjCUkFBpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: HArG.fc9KVhi0qJ1ccdxCoc0fJmPdk8d
cf-ray: 70ffc344298d32c4-CDG

GET
H2 200 floating.js Show response
widget.reviews.io/modern-widgets/ 325 KB
97 KB 124ms
62ms Script
application/javascript 2606:4700:10::6816:d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.reviews.io/modern-widgets/floating.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d9f0834fce52e81f578870b52fe97065a2a4a9f1380ae22baa13df5d4ded13bc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
etag: W/"513d7-4977387000"
cf-cache-status: HIT
age: 635
x-amzn-requestid: 77f54a23-961f-4e3b-bd6a-185ff6b32102
x-amz-apigw-id: SSBZhH33IAMFzpw=
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: cloudflare
x-powered-by: Express
x-amzn-trace-id: Root=1-6283e2a3-77c1e34b3dab6ae730a3c350;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-polished: origSize=332759
cf-ray: 70ffc3442e57ee3b-CDG
cf-bgj: minify

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 103ms
43ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-439035500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 May 2022 18:12:57 GMT

GET
H2 200 hook.js Show response
winads.eraofecom.org/pull/hempamed-cbd.myshopify.com/ 28 B
710 B 100ms
39ms Script
text/javascript 2606:4700:3034::6815:3d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winads.eraofecom.org/pull/hempamed-cbd.myshopify.com/hook.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b1350ef5fb569adab388b472d0a86cd10ee58b5a40c97151db08780334434d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2529149
access-control-allow-methods: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Sun, 24 Apr 2022 11:40:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FnLYJ0aXEqTzqKr5jFjFfbVJ93SO4jNPVIrcUFMgHAxgT2xr4ruoMx8QX4bAAZG713kGqnGkQ9yqaQbNW5zVZWiEOIccnRSogQzdI7ck60aPk2MCw0s%2FTppkfPT2Vo9N1KnyRJ5aVKBhHHcHrl68p0YGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1800, must-revalidate
cf-ray: 70ffc345a9443329-CDG
expires: -1

GET
H2 200 dinnextslab_n4.027287909a8f4f6d4302318072554f8423e9b408.woff2
fonts.shopifycdn.com/din_next_slab/ 19 KB
20 KB 105ms
49ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.shopifycdn.com/din_next_slab/dinnextslab_n4.027287909a8f4f6d4302318072554f8423e9b408.woff2?h1=aGVtcGFtZWQuZGU&hmac=d1012cc4443db6d1c4b444d846ec30b325294ce31f7172e2ac449b85d2817878

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/theme.scss.css?v=92597987981826678421647416154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e399100651f926dc2fb9eed56c1b961e883947eda1dbbc9f763eee939146fc2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 276806
server-timing: imagery;dur=19.472, imageryFetch;dur=19.065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19932
x-xss-protection: 1; mode=block
x-request-id: ef8365eb-16f4-4068-9a23-744fb7c7caf9
timing-allow-origin: *
last-modified: Tue, 03 May 2022 13:28:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5bT6%2BRCzp%2FbyCt3hBhmZrdiG6BnVywVMfq%2BfrovZix6GuYkFetdBLmZ3NPXd4S8Y%2FIUrt6Hq3DNuqwcTeTEn3tC%2BN6GXmDy2ciMsPXkkv0NDGb29iGGOo8i%2FHOOHzFdzFX8vbjC"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2629800, immutable
accept-ranges: bytes
cf-ray: 70ffc3442f69ee33-CDG
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/din_next_slab/dinnextslab_n4.027287909a8f4f6d4302318072554f8423e9b408.woff2>; rel="canonical"

GET
H2

301

ee8de7d6-18d8-4733-8170-1f0fa507d1f6_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/ee8de7d6-18d8-4733-8170-1f0fa507d1f6.js
https://cdn.mouseflow.com/projects/ee8de7d6-18d8-4733-8170-1f0fa507d1f6_eu.js

58 KB
19 KB

23ms
22ms

Script
application/javascript

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/ee8de7d6-18d8-4733-8170-1f0fa507d1f6_eu.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1239462b40c481a4acc4299efdec2c9269b6180d6f2c4ba348f7e0ef7fe5be74

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 08:47:12 GMT
server: NetDNA-cache/2.2
etag: W/"159ab61ca5ed81:0"
x-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 19217
x-hw: 1653329577.cds225.pa1.hn,1653329577.cds034.pa1.c

Redirect headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 08:47:10 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"a79a260ca5ed81:0"
x-cache: MISS
content-type: application/javascript; charset=utf-8
location: https://cdn.mouseflow.com/projects/ee8de7d6-18d8-4733-8170-1f0fa507d1f6_eu.js
cache-control: max-age=86400
accept-ranges: bytes
content-length: 19217
x-hw: 1653329577.cds225.pa1.hn,1653329577.cds215.pa1.c

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 84ms
24ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T92PJQ3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 03:47:09 GMT
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 51949
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: WDzA1wMF9uKHx78XsuUs071vmJiEbkq6omSgsP8kEupOd_xHBVvwzg==

GET
H3 200 rt Show response
pix.hyj.mobi/ 558 B
575 B 69ms
27ms Script
application/javascript 35.190.71.124
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.hyj.mobi/rt?t=d&action=s&cid=9552
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T92PJQ3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.71.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 124.71.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 635436613a59dcad198a566f08a03bbce349628391ebb99e6b32caf6b39caeb0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:57 GMT
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK pixel
ads-engagement.presage.io/ 35 B
531 B 208ms
82ms Image
image/gif 18.64.115.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-engagement.presage.io/pixel?site=hempamed.de&e=pv&id=ogury_view&full_url=https%3A%2F%2Fhempamed.de%2F&gtmcb=2040152046
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-87.txl50.r.cloudfront.net
Software: / Express
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Via: 1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
ETag: W/"23-17f07eeb9c0"
Last-Modified: Thu, 17 Feb 2022 13:46:00 GMT
X-Amz-Cf-Pop: TXL50-P4
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
X-Amz-Cf-Id: n51v-Bx2agyyV_PEeWWk7qZOVsxQXkEcSOhPsSLtc5A7q-8Zw8CdIQ==

GET
H/1.1 200
OK pixel
ads-engagement.presage.io/ 35 B
531 B 186ms
79ms Image
image/gif 18.64.115.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-engagement.presage.io/pixel?site=hempamed.de&e=pv&id=ogury_cart&full_url=https%3A%2F%2Fhempamed.de%2F&gtmcb=254378500
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-87.txl50.r.cloudfront.net
Software: / Express
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Via: 1.1 6d74947505437c57fd215b170c6b3d90.cloudfront.net (CloudFront)
ETag: W/"23-17f07eeb9c0"
Last-Modified: Thu, 17 Feb 2022 13:46:00 GMT
X-Amz-Cf-Pop: TXL50-P4
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
X-Amz-Cf-Id: 15AjylJdWT1SB51p5n5qdJZyqQMr_QqILLWbTws4GvK7EzsRKvL8eg==

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp06.kameleoon.eu/ 0
142 B 101ms
28ms XHR
text/plain 195.201.164.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp06.kameleoon.eu/visit.gif?lp=3&spt=1650442874434&p=c2l0ZUNvZGU9dzJzOWx3cjRzaCZ2aXNpdG9yQ29kZT00aWxuZXVzZWkyN3Q3dXViJnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9QTcwNkU2QzgyNEM1NzIxRCZldmVudFR5cGU9cGFnZSZ0aW1lPTE2NTMzMjk1Nzc2NzkmaHJlZj1odHRwcyUzQSUyRiUyRmhlbXBhbWVkLmRlJTJGJnRpdGxlPUNCRCUyMCVDMyU5NmxlJTIwdm9uJTIwSGVtcGFtZWQlM0ElMjBQcmVtaXVtJTIwQ0JEJTIwJUMzJTk2bCUyMGpldHp0JTIwaGllciUyMGthdWZlbiZrZXlQYWdlcz0lNUJudWxsJTVEJnJlZmVycmVycz0lNUJudWxsJTVE
Requested by: Host: w2s9lwr4sh.kameleoon.eu
URL: https://w2s9lwr4sh.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 195.201.164.250 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser06.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 23 May 2022 18:12:57 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp06.kameleoon.eu/ 0
142 B 100ms
28ms XHR
text/plain 195.201.164.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp06.kameleoon.eu/visit.gif?lp=3&spt=1650442874434&p=c2l0ZUNvZGU9dzJzOWx3cjRzaCZ2aXNpdG9yQ29kZT00aWxuZXVzZWkyN3Q3dXViJnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9NDQxQUJEQjdFOENGNUIwMSZldmVudFR5cGU9c3RhdGljRGF0YSZ0aW1lPTE2NTMzMjk1Nzc2ODEmdGltZVNpbmNlUHJldmlvdXNWaXNpdD0wJmxhbmRpbmdQYWdlSHJlZj1odHRwcyUzQSUyRiUyRmhlbXBhbWVkLmRlJTJGJmxhbmRpbmdQYWdlVGl0bGU9Q0JEJTIwJUMzJTk2bGUlMjB2b24lMjBIZW1wYW1lZCUzQSUyMFByZW1pdW0lMjBDQkQlMjAlQzMlOTZsJTIwamV0enQlMjBoaWVyJTIwa2F1ZmVuJmxhbmRpbmdQYWdlcz0lNUJudWxsJTVEJmZpcnN0UmVmZXJyZXJIcmVmPW51bGwmZmlyc3RSZWZlcnJlcnM9JTVCbnVsbCU1RCZsYW5ndWFnZT1udWxsJmJyb3dzZXI9MCZicm93c2VyVmVyc2lvbj0xMDEmbW9iaWxlQnJvd3Nlcj1mYWxzZSZvcz0wJndpbmRvd1dpZHRoPTE2MDAmd2luZG93SGVpZ2h0PTEyMDAmc2NyZWVuV2lkdGg9MTYwMCZzY3JlZW5IZWlnaHQ9MTIwMCZqYXZhRW5hYmxlZD1mYWxzZSZ0aW1lWm9uZUlkPUV0YyUyRlVua25vd24mbG9jYWxlTGFuZ3VhZ2VUYWc9ZW4tVVMmZGV2aWNlVHlwZT1ERVNLVE9QJmJyb3dzZXJOYW1lPUNocm9tZSZvc05hbWU9V2luZG93cyZ0aW1lWm9uZUdyb3Vwcz0lNUJudWxsJTVEJnZpc2l0TnVtYmVyPTA%3D
Requested by: Host: w2s9lwr4sh.kameleoon.eu
URL: https://w2s9lwr4sh.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 195.201.164.250 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser06.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 23 May 2022 18:12:57 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp06.kameleoon.eu/ 0
142 B 99ms
27ms XHR
text/plain 195.201.164.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp06.kameleoon.eu/visit.gif?lp=3&spt=1650442874434&p=c2l0ZUNvZGU9dzJzOWx3cjRzaCZ2aXNpdG9yQ29kZT00aWxuZXVzZWkyN3Q3dXViJnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9RjQ1NjQ3ODdDNkU1QzM5NSZldmVudFR5cGU9YWN0aXZpdHkmdGltZT0xNjUzMzI5NTc3NjgyJm51bWJlckNsaWNrcz0w
Requested by: Host: w2s9lwr4sh.kameleoon.eu
URL: https://w2s9lwr4sh.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 195.201.164.250 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser06.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 23 May 2022 18:12:57 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H2 200 56377369.js Show response
bat.bing.com/p/action/ 219 B
477 B 380ms
380ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56377369.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

39ae6b832f7fae6d6e5db10a55020c09884ef05138ff1ed069ad1d5eb198c17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D75699600DA94D00B83EC003E4D4539F Ref B: DUS30EDGE0310 Ref C: 2022-05-23T18:12:57Z
date: Mon, 23 May 2022 18:12:57 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 301

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 416ms
91ms Script
application/javascript 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00463f904a6c93afa2884e26a60d598bac
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
X-TraceId: 5e08c53341ae20f2ba1483b180920703
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 401ms
96ms Image
image/gif 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00463f904a6c93afa2884e26a60d598bac&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fhempamed.de%2F&optOut=false&bust=0716811959901335
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Cache-Control: no-cache
X-TraceId: ca38a6609d5bbd98b11b70209ac45875
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 json Show response
trc.taboola.com/1384381/trc/3/ 2 KB
1 KB 50ms
41ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1384381/trc/3/json?tim=1653329577803&data=%7B%22id%22%3A807%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1653329577799%2C%22cv%22%3A%2220220522-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhempamed.de%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-infosiegerprojektde%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1653329577802%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fhempamed.de%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1384381/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 62bbf84279a285d0dfefcb487233d6352fe2dc78ee527dcf012604cefcaf0a7a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms: 22
date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
server: nginx
x-timer: S1653329578.917557,VS0,VE22
x-served-by: cache-cdg20761-CDG
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 tcf Show response
t.adcell.com/i/ 21 B
323 B 59ms
59ms Fetch
application/json 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/i/tcf?programId=6619&location=hempamed.de

Requested by

Host: t.adcell.com
URL: https://t.adcell.com/js/inlineretarget.js?method=track&pid=6619&type=startpage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

9061c6ae3e66cd5d55c1790dee3dbdab18981e2f3f029d9f6145b0b2473507e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
server: myracloud
etag: "myra-ef228519"
vary: accept-encoding
content-language: de
access-control-allow-origin: https://hempamed.de
cache-control: max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=15768000
content-type: application/json
expires: Mon, 23 May 2022 18:27:57 GMT

GET
H2 200 track Show response
t.adcell.com/retargeting/ 4 KB
1 KB 57ms
57ms Script
text/javascript 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/retargeting/track?pid=6619&type=startpage

Requested by

Host: t.adcell.com
URL: https://t.adcell.com/js/inlineretarget.js?method=track&pid=6619&type=startpage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

017b98b9a240b99d8519f252cc10cf7900305fa4e607a04bdc24b07dc64ce5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
server: myracloud
vary: accept-encoding
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=15768000
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/439035500/ 2 KB
2 KB 107ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/439035500/?random=1653329577901&cv=9&fst=1653329577901&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhempamed.de%2F&tiba=CBD%20%C3%96le%20von%20Hempamed%3A%20Premium%20CBD%20%C3%96l%20jetzt%20hier%20kaufen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c30308ef47c56b82818c377efc73047639ce7dffd13f7da93344cccef55f682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

retarget Show response
ad.ad-srv.net/ Frame A288
Redirect Chain

https://ad.ad-srv.net/retarget?a=50822&version=1
https://ad.ad-srv.net/retarget?a=50822&version=1&redirected=1

3 KB
1 KB

100ms
45ms

Document
text/html

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=50822&version=1&redirected=1
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3caac5c3cc4052eedfc72becf6b03803eaac0c5d8514314ea1fa7ec2b7ce9ac2

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 797
Content-Type: text/html; charset=UTF-8
Date: Mon, 23 May 2022 18:12:58 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 23 May 2022 18:12:58 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=50822&version=1&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

retarget Show response
hal9000.redintelligence.net/ Frame E563
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=53913&version=1
https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1

3 KB
1 KB

96ms
41ms

Document
text/html

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 9c4d8488c7a4aa05d23234bf9faf32308fdf246a919691766dcaf4b8efb11235

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 875
Content-Type: text/html; charset=UTF-8
Date: Mon, 23 May 2022 18:12:58 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 23 May 2022 18:12:58 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=53913&version=1&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H2 200 bounce.min.js Show response
api.bounce-commerce.de/ 2 KB
893 B 100ms
27ms Script
application/javascript 2a01:4f8:272:50e8::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounce-commerce.de/bounce.min.js
Requested by: Host: t.adcell.com
URL: https://t.adcell.com/retargeting/track?pid=6619&type=startpage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:272:50e8::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 42096233be12ea904aaf3cdd708e311576beada3fa022425d140ce2efa8b1a79

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
content-encoding: gzip
last-modified: Sun, 23 Jan 2022 23:03:09 GMT
server: nginx/1.20.2
etag: W/"61eddead-692"
content-type: application/javascript; charset=utf-8

GET
H2 200 network-tag.js Show response
ad4m.at/ 8 KB
4 KB 90ms
36ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/network-tag.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f4c15957477f0013ab17d7e6078d97473e7036f5ed899a1c19c23c8221b2bd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=JlZxqQ==, md5=8gyDTYbVK6dOJOT699/PXA==
date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26962
x-guploader-uploadid: ADPycdt4ZcKsxBd7W91eoAsqwYCSriRGG_75H1-rdz_PPATGRnyqthk87KpaVK4XoDAYQBp7rws2JN8mqttqYQ5vbpoQ8YLobjFo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Apr 2022 10:41:59 GMT
server: cloudflare
etag: W/"f20c834d86d52ba74e24e4faf7dfcf5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8ROrhnqF2VJY05UlgJDL3aU6U2pYqfsR3gKRnuePvENm3%2BPYmc3StO8vt6NGv4F%2Fnc8F1FfNDISesbgNf5hR0b%2BK8fhQzDuQs4KMCB4C9gu6YlKaB%2BlZOG4ano7VOnU1AQ0xHo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1651056119654747
content-type: application/javascript
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
x-goog-stored-content-length: 8592
cf-ray: 70ffc3469a14ee2b-CDG
expires: Mon, 23 May 2022 11:43:36 GMT

GET
H/1.1 200
OK 1aa279a414.js Show response
tm.ad-srv.net/tm/a/container/init/ 12 KB
3 KB 117ms
32ms Script
application/javascript 148.251.45.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/init/1aa279a414.js?&ntmData=ntmData3319837083267&rnd=66717081
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.45.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.45.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 5df82f84b139415c25027afbab9e8d104bdd51d35d92f366acdaa4728ef4caed

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:12:58 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: application/javascript; charset=utf-8
Expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=95&user_id=b9087d3b-c3df-4056-a7f8-815f73c30d19&expires=30&user_group=1
https://x.bidswitch.net/ul_cb/sync?dsp_id=95&user_id=b9087d3b-c3df-4056-a7f8-815f73c30d19&expires=30&user_group=1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2081ad7c-951e-4ad6-93a1-2d71e5b8edc0&gdpr=&gdpr_consent=&gdpr_pd=

1 B
395 B

379ms
25ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2081ad7c-951e-4ad6-93a1-2d71e5b8edc0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2081ad7c-951e-4ad6-93a1-2d71e5b8edc0&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 23 May 2022 18:12:58 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/439035500/ 42 B
548 B 100ms
39ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/439035500/?random=1653329577901&cv=9&fst=1653328800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhempamed.de%2F&tiba=CBD%20%C3%96le%20von%20Hempamed%3A%20Premium%20CBD%20%C3%96l%20jetzt%20hier%20kaufen&async=1&fmt=3&is_vtc=1&random=318498212&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/439035500/ 42 B
548 B 109ms
48ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/439035500/?random=1653329577901&cv=9&fst=1653328800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhempamed.de%2F&tiba=CBD%20%C3%96le%20von%20Hempamed%3A%20Premium%20CBD%20%C3%96l%20jetzt%20hier%20kaufen&async=1&fmt=3&is_vtc=1&random=318498212&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ant Show response
as.ad4m.at/ad/ 8 B
803 B 95ms
45ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/ant?a=4&b=6619

Requested by

Host: ad4m.at
URL: https://ad4m.at/network-tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2db945e28875424676c5a66051ad597321e39937a418e0a04b673f3d9f66ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cf-ray: 70ffc3472c4e085b-CDG
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-download-options: noopen
access-control-allow-origin: *
vary: accept-encoding
cache-control: public, max-age=3600, must-revalidate
content-type: text/plain; charset=utf-8
expires: 0

POST
H2 200 request Show response
api.bounce-commerce.de// 85 B
374 B 87ms
31ms XHR
application/json 2a01:4f8:272:50e8::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounce-commerce.de//request
Requested by: Host: api.bounce-commerce.de
URL: https://api.bounce-commerce.de/bounce.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:272:50e8::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.2 / PHP/8.0.18
Resource Hash: 3ba47121e95cf0e046c6eb1559e7cb2cbd733b528cf7cf3656c2abce75866b8c

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryY9S8AW7xAUhY82Sz

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
server: nginx/1.20.2
x-powered-by: PHP/8.0.18
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK 1aa279a414.js Show response
tm709.ad-srv.net/tm/a/container/eval/ 153 B
467 B 199ms
131ms Script
application/javascript 148.251.45.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm709.ad-srv.net/tm/a/container/eval/1aa279a414.js?sid=1fie2jtv6okv99e3it6mfiic80&rnd=33548065&macroData[urlTrafficCheck]=https%3A%2F%2Fhempamed.de%2F&macroData[transactionId]=&macroData[searchTerm]=&macroData[products]=%5B%5D&macroData[productsAdcell]=&macroData[productName]=&macroData[productId]=empty&macroData[pageType]=homepage&macroData[orderValue]=&macroData[orderProductCount]=&macroData[categoryName]=&macroData[categoryId]=&macroData[basketValue]=&macroData[basketProductCount]=
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/init/1aa279a414.js?&ntmData=ntmData3319837083267&rnd=66717081
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.45.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.45.251.148.clients.your-server.de
Software: nginx /
Resource Hash: f4ae3ebd56e6205c70cc0bf837e63efda63e9e847dd19a11f9fd57603480a483

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:12:58 GMT
Server: nginx
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: application/javascript; charset=utf-8
Content-Length: 153
Expires: 0

GET
H2 200 56377369 Show response
www.clarity.ms/tag/uet/ 2 KB
3 KB 203ms
133ms Script
application/x-javascript 2620:1ec:27::cafe:1846
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56377369
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56377369.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1846 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: d898973bc6738b24a4fd47177850ab3598319c1a8383c5d111876c1599d6aa03

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:57 GMT
x-powered-by: ASP.NET
x-azure-ref: 0qs6LYgAAAADQbZwPOz6VQLApZj61O313TVVDMzBFREdFMDMxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 226ms
90ms Image
image/gif 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00463f904a6c93afa2884e26a60d598bac&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fhempamed.de%2F&optOut=false&bust=00330225189062352
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Cache-Control: no-cache
X-TraceId: aa8ca918019657aad69e7786476ff46e
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame E563 597 B
1 KB 693ms
39ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1480634&mt_adid=238097&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4409 ba5503e master cdg-pixel-x34 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Server: MT3 4409 ba5503e master cdg-pixel-x34 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 23 May 2022 18:12:57 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame E563 597 B
1 KB 696ms
41ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406081&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4409 ba5503e master cdg-pixel-x14 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Server: MT3 4409 ba5503e master cdg-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 23 May 2022 18:12:57 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame E563 597 B
1 KB 691ms
37ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4409 ba5503e master cdg-pixel-x28 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Server: MT3 4409 ba5503e master cdg-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 23 May 2022 18:12:57 GMT

GET
H3

200

activityi;dc_pre=CLHQ1dGc9vcCFV5GHQkd4qYGUQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;... Show response
5994599.fls.doubleclick.net/ Frame FD94
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLHQ1dGc9vcCFV5GHQkd4qYGUQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

454 B
388 B

130ms
76ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLHQ1dGc9vcCFV5GHQkd4qYGUQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5084014034387.855?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

345413c98f82aefb16c1b15a0d3b1b0167185ab437ef5a5bd025200a7abb1dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 363
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Mon, 23 May 2022 18:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLHQ1dGc9vcCFV5GHQkd4qYGUQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5084014034387.855?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CM3R1dGc9vcCFdJCHQkdf5MFRQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%... Show response
11868943.fls.doubleclick.net/ Frame 17B5
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CM3R1dGc9vcCFdJCHQkdf5MFRQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%...

457 B
391 B

134ms
87ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CM3R1dGc9vcCFdJCHQkdf5MFRQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3265416293479.613?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

a40950eb5ad54604185f23d2989461a5c89a17d4ab384a674960bc370ddc5524

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Mon, 23 May 2022 18:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CM3R1dGc9vcCFdJCHQkdf5MFRQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3265416293479.613?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame E563
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
29 KB

183ms
65ms

Script
application/x-javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1
Protocol: H2
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 23 May 2022 18:12:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3

200

activityi;dc_pre=CMDz1dGc9vcCFWdCHQkdnmUF2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7... Show response
5994599.fls.doubleclick.net/ Frame 3A55
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDz1dGc9vcCFWdCHQkdnmUF2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

455 B
389 B

133ms
83ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDz1dGc9vcCFWdCHQkdnmUF2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6343938651724.09?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

33f74a6ff5be97e44088d6301836aa1af451649be5c7046f0e1f53b66a680afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Mon, 23 May 2022 18:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDz1dGc9vcCFWdCHQkdnmUF2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6343938651724.09?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNTU1dGc9vcCFVFCHQkdQPUNKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D... Show response
11868943.fls.doubleclick.net/ Frame 1F36
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CNTU1dGc9vcCFVFCHQkdQPUNKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

455 B
392 B

139ms
85ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CNTU1dGc9vcCFVFCHQkdQPUNKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7537296046713.005?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

f75afc208415563bd2c84c68db2577b5edf789dda3e714b2fc3ce520a4ae66da

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Mon, 23 May 2022 18:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CNTU1dGc9vcCFVFCHQkdQPUNKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7537296046713.005?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tagging Show response
ad13.adfarm1.adition.com/ Frame A288 7 B
303 B 95ms
27ms Script
application/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/tagging?type=js&network=3232&tag[Tags_20Days.Hempamed_CBD_DE_20Days]&gdpr=&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=50822&version=1&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 20:12:58 +0200
server: ADITIONSERVER v1.0
content-type: application/javascript
content-length: 7
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 loader.js Show response
sdk.loyaltylion.net/static/2/20220523/ 108 KB
31 KB 111ms
38ms Script
application/javascript 18.66.248.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.loyaltylion.net/static/2/20220523/loader.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-10.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef355597c4adf94781873c1161c2fa44c6e302b1e6f841704dc3bc084a2ddf25

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:08:24 GMT
content-encoding: br
vary: Access-Control-Request-Headers,Access-Control-Request-Method
age: 286
x-cache: Hit from cloudfront
content-length: 31156
access-control-allow-origin: *
last-modified: Mon, 23 May 2022 08:26:25 GMT
server: AmazonS3
etag: "87426393ab019a0f2eecef743b69d55b"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=1200, s-maxage=300, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 7RE3HVPhRIZzfCQb5LTlfcDiYReNXcEgMSjAwNFQUSmRKVksu-gdQw==

GET
H2 200 1ad81d57363572629b18322aeb1ea334.js Show response
sdk.loyaltylion.net/sdk/start/20220523T18/ 264 B
671 B 136ms
63ms Script
text/javascript 18.66.248.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.loyaltylion.net/sdk/start/20220523T18/1ad81d57363572629b18322aeb1ea334.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-10.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5d6281d8b29f81e221f79d932ddd95b97b6aa36e98647f3ba24000acb4c09922

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-site-inactive: 1
date: Mon, 23 May 2022 18:12:58 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
etag: W/"108-mTwUOZU+pCIV+TDisnNEzGVh18U"
x-cache-status: MISS
x-dns-prefetch-control: off
x-cache: RefreshHit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=120, must-revalidate
content-length: 264
x-amz-cf-id: 7ZHNz_ADbWjWczZVpITkn_TKPTkTgiT-AJ3j4y_K2ejSw2bz1rEIHg==

GET
H3 200 trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js Show response
cdn.shopify.com/s/ 79 KB
18 KB 48ms
48ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e499be587638f717b60b6b76181b9a5609da8fb9940c12a05fd77280e1707f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 1002896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEy78HoHYYbg9pof9F13CQHgpcVajYf7c7K9ffj9caUnmTMo77I9iW9Pen11hlgREmXZ1OhwK6VMawItT07fUOc5vbXP7Vsm1g2cWOQ4D6l%2BVLnSaC9L39Puv%2B5Lzfgxng%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=48.260, imageryFetch;dur=48.046
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1250b296-ce7f-4038-9515-1402f85f4db4
timing-allow-origin: *
surrogate-key: segment4-56992 mime-text/javascript-56992 time-bucket-20220512-56992 00ef8c45b6b4a7c5929ad883fb867dae504b70d30bf9d75d3120431ceb462f1e
last-modified: Thu, 12 May 2022 03:38:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 70ffc347bca60897-CDG
link: <https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js>; rel="canonical"

GET
H3 200 shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
4 KB 43ms
43ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 1005388
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLonSrtzRBx27mYBdaGUSjOpy%2Bw%2FobZJV%2BiQ%2F%2Fmfd0JrujSLr8Y4Wh6lpIvcoebllksJg0vayej4C0efDamTNnqwec%2FWPuUxtxzNGoR%2FoBA1WdkP8SbR0gHXe%2ForjS432w%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=36.084, imageryFetch;dur=35.724
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7a2b6cb7-9ed6-44cd-8d65-c4709b6f994e
timing-allow-origin: *
surrogate-key: segment4-51602 mime-text/javascript-51602 time-bucket-20220512-51602 bbd463f25b75b26047a0dffad90b99212754dba28cb05b4a40bedcb5eb6c6955
last-modified: Thu, 12 May 2022 02:56:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 70ffc347bcaa0897-CDG
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js>; rel="canonical"

GET
H3 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
19 KB 47ms
47ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a081ed513735ffb15626985d663652a2879e96f0b6695e7ceda16d519372555c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 1017842
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deep%2BkOLwxwQmjxoSmPVasEnSjySidHvCFWt5lCoM2qQwFzEOBAp3dkEtE3itZ4bsFiOK23eqRLpV8D1zXPSrbB567PhH87FpPQGl5jsaDOz%2FvzojpzTZQCKhf2Dv0Jjsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=31.248, imageryFetch;dur=30.958
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 43206d85-71df-43cf-bc36-5bcb0eefac07
timing-allow-origin: *
surrogate-key: segment4-24675 mime-text/javascript-24675 time-bucket-20220511-24675 4cd9f4566786174a1ad1c22d25981943266f2b3b804ae07172669b9092a72bdd
last-modified: Wed, 11 May 2022 23:28:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray: 70ffc347bcad0897-CDG
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"

GET
H2 200 version.json Show response
consent.cookiefirst.com/sites/hempamed.de-39301550-d48f-4a69-a8a8-dcbbe3a7899f/ 44 B
775 B 121ms
62ms XHR
application/json 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/hempamed.de-39301550-d48f-4a69-a8a8-dcbbe3a7899f/version.json?v=1653329578194
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: 2dd577e244074b74bcf2e1a59c90089ac7b9f693c9e91a8e5bff6a378dd34f10

Request headers

Accept: application/json
Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
cdn-edgestorageid: 766
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:58
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 44
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Mon, 11 Apr 2022 20:54:18 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "6254957a-2c"
content-type: application/json
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=30
cdn-requestid: 0eac9a1023e909542b914544811db84e
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 dinnextslab_n5.5c4120962523c100d1e757c987d2f8ca82b7cd2a.woff2
fonts.shopifycdn.com/din_next_slab/ 19 KB
20 KB 128ms
85ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.shopifycdn.com/din_next_slab/dinnextslab_n5.5c4120962523c100d1e757c987d2f8ca82b7cd2a.woff2?h1=aGVtcGFtZWQuZGU&hmac=61f3ac36fc3f83bea8fa4300cba8c717633aa92660915e1d8411f6719a53aa24

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/theme.scss.css?v=92597987981826678421647416154

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f9befef7c8374ab5e15f84ac2feb93982586bc13875f9e9648016446fc19ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 276806
server-timing: imagery;dur=39.296, imageryFetch;dur=38.879
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19768
x-xss-protection: 1; mode=block
x-request-id: d480e670-da51-49b0-98fc-b40c739d60b7
timing-allow-origin: *
last-modified: Tue, 03 May 2022 13:28:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2L%2BqeTcRj4tpCaTlWQ%2BgPok8Cwe2H9o1GLDJLMHqtdPdR2lkPVns0LLWe1u3F9GgvNytaA%2BdOuL%2B985kB4J7CZrpejL1BEYr%2BXiK1QanZPKq64CymI13ucO%2BkXyDb2s3XJNUrcq"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2629800, immutable
accept-ranges: bytes
cf-ray: 70ffc3481cbb3322-CDG
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/din_next_slab/dinnextslab_n5.5c4120962523c100d1e757c987d2f8ca82b7cd2a.woff2>; rel="canonical"

GET
H2 200 220523_Hempamed_Banner_1400x500px.png
ucarecdn.com/9ee31a5f-23a7-4e8a-890b-3f5029ddede6/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 18 KB
18 KB 200ms
198ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/9ee31a5f-23a7-4e8a-890b-3f5029ddede6/-/format/auto/-/preview/3000x3000/-/quality/lighter/220523_Hempamed_Banner_1400x500px.png
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 880e1a8a65ab9c3c9f9569c7e99a1cb50a64e2c5ed17911380d77e57539ea607

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
x-image-width: 1800
server: nginx
content-disposition: inline; filename=220523_Hempamed_Banner_1400x500px.png
etag: "fa240f59f90b25d756c3c27a86b27132"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31519905
x-image-height: 600
content-length: 18124

GET
H3 200 20211108_Hempamed_Einschlaftropfen_Box_Bot_4000px_1x1.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 690 B
2 KB 36ms
35ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/20211108_Hempamed_Einschlaftropfen_Box_Bot_4000px_1x1.jpg?v=1637141494

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a68d4e821745ea72a80679fde315348a0e0c3570ef02eb5898827fef82cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 732257
server-timing: imagery;dur=440.539, imageryFetch;dur=88.160, imageryProcess;dur=351.214;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 690
x-xss-protection: 1; mode=block
x-request-id: 2122c41f-3c89-4a84-b45b-fecb0fef2543
timing-allow-origin: *
surrogate-key: segment4-16729 shop-29599804 mime-image/webp-16729 time-bucket-20220513-16729 71ffddee4b62a8a2b646dc2037da2748e7df6ec2401a7fcb7bd4bbf127d1bb7f
last-modified: Fri, 13 May 2022 06:30:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaOXSrX5rixydOyuBUzppUyBSTcvDkh36LAkQdotf05vch%2FIpuEptcGdIL1OtNmYV6j8%2FEjxlSR573EpJhrKBWHmkO5dGoYmV8dZpfhWweDWZd2DEuvRK5T9xPqev9bSvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc3480d400897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/20211108_Hempamed_Einschlaftropfen_Box_Bot_4000px_1x1.jpg>; rel="canonical"

GET
H3 200 210706_DE_Aromaol_PremiumKapseln_20mg_Box-Jar_4000px_1x1.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 692 B
2 KB 36ms
35ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/210706_DE_Aromaol_PremiumKapseln_20mg_Box-Jar_4000px_1x1.jpg?v=1628590307

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad12c547c9ffecd1be09d7d4e3ee88982e79560d72b8a85745198c6dea8500b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 276805
server-timing: imagery;dur=304.632, imageryFetch;dur=97.439, imageryProcess;dur=206.026;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 692
x-xss-protection: 1; mode=block
x-request-id: f21c6d39-f557-4cf1-8ca6-d1ce54b5fe51
timing-allow-origin: *
last-modified: Fri, 20 May 2022 03:11:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AW%2FQuekE7aLw4yvpwAfr2qywsMAOI7gmrwoxf%2Boq0MZJCEpUoTw5co1koWB63k1ixBtDNgPP%2BVjQP0gnOR7DKJB1en2bKnKAstoYc3nRYcp7loJXITWKEs%2F1mYP7pIh8%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc3480d430897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/210706_DE_Aromaol_PremiumKapseln_20mg_Box-Jar_4000px_1x1.jpg>; rel="canonical"

GET
H3 200 20220413_Hempamed_DE_CBD_HundeOel_10ml_6__Box_Bottle_1500px_d1b14d51-efdd-4060-85bd-68118c1aa485_1x1.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 694 B
2 KB 37ms
36ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/20220413_Hempamed_DE_CBD_HundeOel_10ml_6__Box_Bottle_1500px_d1b14d51-efdd-4060-85bd-68118c1aa485_1x1.jpg?v=1651676486

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c05191e83946b8c1e14f6c493a004d0afaea7dc63d12f21f3c3d0bb2b75bd86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 596987
server-timing: imagery;dur=134.530, imageryFetch;dur=81.408, imageryProcess;dur=51.976;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 694
x-xss-protection: 1; mode=block
x-request-id: 758028ef-c3a8-4a21-b49c-e3f0727f7720
timing-allow-origin: *
surrogate-key: segment4-41191 shop-29599804 mime-image/webp-41191 time-bucket-20220513-41191 9bc694bea1ab451332f924e663c09353fe18103e92b881987408f2debe8ccc96
last-modified: Fri, 13 May 2022 00:50:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5D5WJkKj5Xmzko%2FK%2BvGyBq3BNFskPBOkskPWK2JwuAWnLGq13rugeeqyB0%2BdiOR07wOV6wH5DopKhqHhIPdVsVR8x2p23hqOPPbXTEd4I6qjCQSNvW0Gknh81gmQYrk4UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc3480d450897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/20220413_Hempamed_DE_CBD_HundeOel_10ml_6__Box_Bottle_1500px_d1b14d51-efdd-4060-85bd-68118c1aa485_1x1.jpg>; rel="canonical"

GET
H3 200 Hempamed_DE_CBD_GoldMundspray_natur_10ml_5__boxandbot_1500px_1x1.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 694 B
2 KB 47ms
46ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/Hempamed_DE_CBD_GoldMundspray_natur_10ml_5__boxandbot_1500px_1x1.jpg?v=1619689776

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6024e76e8e6ae3f8836c3d145605357144b5b9229ec59ad8e180ce653ed66799

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 566188
server-timing: imagery;dur=159.781, imageryFetch;dur=78.468, imageryProcess;dur=73.727;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 694
x-xss-protection: 1; mode=block
x-request-id: 2f4a0abd-9622-4361-ad04-04d56c430241
timing-allow-origin: *
surrogate-key: segment4-14951 shop-29599804 mime-image/webp-14951 time-bucket-20220517-14951 71403017601f8013154262cb6391649b34235dfebbc55ed07506b27a419fbcd0
last-modified: Tue, 17 May 2022 04:56:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuau6AMrPuN9Oijs3Xn3ohozAS1YMwwmjoRFUCdKH%2FREHvuwoKwq%2BO4mv9vd%2BJVDnq%2BJuu6W4%2B94xHNwPE279cXr7olM4zl7OTWzwLmhYCk7kmT1djXtwEQ2GHdWo9mI9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc3480d470897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/Hempamed_DE_CBD_GoldMundspray_natur_10ml_5__boxandbot_1500px_1x1.jpg>; rel="canonical"

GET
H3 200 Hempamed_Activ-CBD-Gel_Box-and-Tube0000_low_1x1.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 692 B
2 KB 48ms
47ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/Hempamed_Activ-CBD-Gel_Box-and-Tube0000_low_1x1.jpg?v=1611675309

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7182f192ea86e80e031a0d3c58b48c565bc1bf9afca6f8fedb01e28ed7f6c4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 732257
server-timing: imagery;dur=135.070, imageryFetch;dur=77.984, imageryProcess;dur=55.942;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 692
x-xss-protection: 1; mode=block
x-request-id: 8c6c301a-4836-4644-b44b-87852b4961b7
timing-allow-origin: *
surrogate-key: segment4-53831 shop-29599804 mime-image/webp-53831 time-bucket-20220513-53831 d98c332cecd993b0800940b554db7398340b8c3cfce6e049a355b555f89cf53a
last-modified: Fri, 13 May 2022 00:50:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFLS3JZ8uMmFJ51TA60pFwDkIVWsj5qrgC4XDW2uYdGO2s3VIf3h3FTYLEXhoLbLLD7EgizKiFjsuJSGQ7djwAN6MxFyWQD7V4t7ebXxzCpJaqdktLij85EgoNNsyFjHHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc3480d4a0897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/Hempamed_Activ-CBD-Gel_Box-and-Tube0000_low_1x1.jpg>; rel="canonical"

GET
H3 200 20220321_Hempamed_DE_CBD_PremiumOel_10ml_RZ_10__Box-Bottle_1500px_1x1.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 694 B
2 KB 42ms
42ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/20220321_Hempamed_DE_CBD_PremiumOel_10ml_RZ_10__Box-Bottle_1500px_1x1.jpg?v=1651737028

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1d05a64a5fb2b440f3bd76d82f164073f184cad51f6a8676e06a798b61e084

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 601073
server-timing: imagery;dur=189.262, imageryFetch;dur=109.850, imageryProcess;dur=78.024;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 694
x-xss-protection: 1; mode=block
x-request-id: 52449617-6cd2-4ddd-b023-c122ef7628b2
timing-allow-origin: *
surrogate-key: segment4-9857 shop-29599804 mime-image/webp-9857 time-bucket-20220510-9857 868dd02b36018ecb5ed1c8960ba9d4aa250fb37b911e49e85e17b21012bc52f7
last-modified: Tue, 10 May 2022 11:28:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLvSzKSlL12onuL1U5JaMiK8GmGZT63DVwsKa2QEBmRDlD%2BFyuGwAZtLJqFSaDEJH1lE%2FnN8skjWB27r%2FdOEY%2FWmM1A5MIR6rwQY4LS1SKsC9%2BRBNasK1ZFllYHjBtc9kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc3480d4e0897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/20220321_Hempamed_DE_CBD_PremiumOel_10ml_RZ_10__Box-Bottle_1500px_1x1.jpg>; rel="canonical"

GET
H2 200 20220321_Hempamed_DE_CBD_Premium%C3%96l_10ml_RZ_10%25_Box-Bottle_1500px.jpg
ucarecdn.com/e6612054-ae85-4577-b4c2-5530a219d322/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 38 KB
39 KB 34ms
34ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/e6612054-ae85-4577-b4c2-5530a219d322/-/format/auto/-/preview/3000x3000/-/quality/lighter/20220321_Hempamed_DE_CBD_Premium%C3%96l_10ml_RZ_10%25_Box-Bottle_1500px.jpg
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 363a8f34508b3139adb7ce7ee35f49ef1b0f35f569c4c4bb8ee1ba636ba81d60

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
x-image-width: 1500
server: nginx
content-disposition: inline; filename*=utf-8''20220321_Hempamed_DE_CBD_Premium%C3%96l_10ml_RZ_10%25_Box-Bottle_1500px.jpg
etag: "861838b60c109a970d09f1745a205853"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=30391782
x-image-height: 1500
content-length: 39148

GET
H2 200 210706_DE_Aroma%C3%B6l_PremiumKapseln_10mg_Box-Jar_4000px__.jpg
ucarecdn.com/c3277aee-0775-41b7-9b67-8056b7762834/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 39 KB
40 KB 71ms
71ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/c3277aee-0775-41b7-9b67-8056b7762834/-/format/auto/-/preview/3000x3000/-/quality/lighter/210706_DE_Aroma%C3%B6l_PremiumKapseln_10mg_Box-Jar_4000px__.jpg
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cf01a67e2591e708dd01183a6ea0258d4870d2de19a990b8018227605ae2a39b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
x-image-width: 1500
server: nginx
content-disposition: inline; filename*=utf-8''210706_DE_Aroma%C3%B6l_PremiumKapseln_10mg_Box-Jar_4000px__.jpg
etag: "3016d0687a86d5f39617a4cc8bd1cbfe"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=30392822
x-image-height: 1500
content-length: 40124

GET
H2 200 /
ucarecdn.com/79e59d02-1b05-4ab9-bae1-b2f5c23b6b05/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 42 KB
42 KB 38ms
38ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/79e59d02-1b05-4ab9-bae1-b2f5c23b6b05/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: da707a6b31314817176ac37a88db4b145f94890f3a6e5c7b6d71b0e9b1a01430

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
x-image-width: 1500
server: nginx
content-disposition: inline
etag: "017056d26e6ec72f05b1738d597dd348"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=25115318
x-image-height: 1500
content-length: 42534

GET
H2 200 210702_DE_Aroma%C3%B6l_Lipo%C3%96l_10ml_4%25_Box-Bot_4000px_.jpg
ucarecdn.com/691b8b97-9176-4497-ad7a-1e03e9cb9951/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 43 KB
44 KB 182ms
182ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/691b8b97-9176-4497-ad7a-1e03e9cb9951/-/format/auto/-/preview/3000x3000/-/quality/lighter/210702_DE_Aroma%C3%B6l_Lipo%C3%96l_10ml_4%25_Box-Bot_4000px_.jpg
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8d30da3045d9ddff05746b578e80204fc1e013a37968e78f9f05ef977d8ee2df

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
x-image-width: 1500
server: nginx
content-disposition: inline; filename*=utf-8''210702_DE_Aroma%C3%B6l_Lipo%C3%96l_10ml_4%25_Box-Bot_4000px_.jpg
etag: "1988b76e056232b57f12a30774a68ad9"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=30391946
x-image-height: 1500
content-length: 44402

GET
H2 200 /
ucarecdn.com/a69a166e-b296-47ba-9cb3-4905db7011ac/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 18 KB
19 KB 207ms
206ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/a69a166e-b296-47ba-9cb3-4905db7011ac/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 143f82b5cb816b44e88b3ea887f797b2c293ffa442d622e6d8eb6c9550426ec1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
x-image-width: 800
server: nginx
content-disposition: inline
etag: "5e5a801e3a8be4e1ebc71a0fc75beb04"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=25074178
x-image-height: 800
content-length: 18730

GET
H2 200 /
ucarecdn.com/f99d42a2-72bb-4aca-826a-7d5fc66a6c01/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 21 KB
22 KB 175ms
175ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/f99d42a2-72bb-4aca-826a-7d5fc66a6c01/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 071ab97966fe335ee0021cd23dc0f84cdf3ab67613e56b33511968ec989d16f6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
x-image-width: 1500
server: nginx
content-disposition: inline
etag: "1ef97e33299ebddd7efca027d184e637"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=24422977
x-image-height: 1500
content-length: 21954

GET
H2 200 Hempamed_Activ-CBD-Gel_Box-and-Tube.jpg
ucarecdn.com/cedeea06-2413-4f94-a819-08133d3a85b7/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 38 KB
39 KB 35ms
35ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/cedeea06-2413-4f94-a819-08133d3a85b7/-/format/auto/-/preview/3000x3000/-/quality/lighter/Hempamed_Activ-CBD-Gel_Box-and-Tube.jpg
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 662187a964f65dac27c7ce45d93cf1b8fce7c1a36d837846361b23b962ad0841

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
x-image-width: 1500
server: nginx
content-disposition: inline; filename=Hempamed_Activ-CBD-Gel_Box-and-Tube.jpg
etag: "2dfb39048b0db5b45e14154f6e5b5787"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=18688053
x-image-height: 1500
content-length: 39310

GET
H2 200 /
ucarecdn.com/df0b3d2f-3377-44de-8b34-f7601c9ab3ae/-/format/auto/-/preview/3000x3000/-/quality/lighter/ 21 KB
21 KB 274ms
274ms Image
image/webp 2a02:26f0:f7::5c7b:e061
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/df0b3d2f-3377-44de-8b34-f7601c9ab3ae/-/format/auto/-/preview/3000x3000/-/quality/lighter/
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.css?v=79197434335950321921653312294
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e061 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2c41862d5cdefda32dd0c6adcaca25ec3baa208538638bdb264306ed98f6578d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
x-image-width: 1024
server: nginx
content-disposition: inline
etag: "9c06f9044f2f1bfab94da9a7549079eb"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=29080769
x-image-height: 1024
content-length: 21022

GET
H3 200 dinnextslab_n7.833d28f1ec67758528913dec38b14892b37976cb.woff2
fonts.shopifycdn.com/din_next_slab/ 20 KB
21 KB 62ms
62ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.shopifycdn.com/din_next_slab/dinnextslab_n7.833d28f1ec67758528913dec38b14892b37976cb.woff2?h1=aGVtcGFtZWQuZGU&hmac=3b03ecbe67358aaeb89a877d20fe1378ca1957a6d0f8ad0998c88c49330db185

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/theme.scss.css?v=92597987981826678421647416154

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

496c75c49f0cd0d943581150e7a8fbf1a55a2d8498a3b2d8d1900a919e884d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 1738544
server-timing: imagery;dur=20.701, imageryFetch;dur=20.153
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20180
x-xss-protection: 1; mode=block
x-request-id: c3a0987b-4884-4218-9c4c-c8948402ab08
timing-allow-origin: *
last-modified: Tue, 03 May 2022 13:28:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3qq3hXR1KzfFRAXt6gIH%2BEowyWdUz3yi5C5aRknw0E0PjUorPf2E73ORmnaQgaMZc86Qv7n4y%2F9kBEnbzQ%2FmeFIa%2FuR2AW572EaebhGEG32hy0AHbEtLB33WKXUWeQUwADF9LcO"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2629800, immutable
accept-ranges: bytes
cf-ray: 70ffc3481cb43322-CDG
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/din_next_slab/dinnextslab_n7.833d28f1ec67758528913dec38b14892b37976cb.woff2>; rel="canonical"

GET
H2 200 wdg-896181bc-6b61-4f29-a69b-c2e63b43abc3.json Show response
integrations.etrusted.com/manifests/v1/ 910 B
1 KB 91ms
30ms Fetch
application/json 18.66.248.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integrations.etrusted.com/manifests/v1/wdg-896181bc-6b61-4f29-a69b-c2e63b43abc3.json
Requested by: Host: integrations.etrusted.com
URL: https://integrations.etrusted.com/applications/widget.js/v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-50.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9fc67b5de62e6003fd10d5ffba892d54f066bc7e82463340911dcc5855494acd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:07:34 GMT
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 325
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 910
last-modified: Mon, 28 Feb 2022 09:50:57 GMT
server: AmazonS3
etag: "1cc5ecef32b4388e070cbbc2d415cdaf"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: dSCe6xoI9HOHaDY6sPz5lC9FN0Kbgti7
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: G2yTbVU5K_UnpLrmR8mjkfk3k8_GiK3QCrmZokcjQV77rX1FNTDkhA==

GET
H2 200 config.json Show response
consent.cookiefirst.com/sites/hempamed.de-39301550-d48f-4a69-a8a8-dcbbe3a7899f/ 2 KB
2 KB 93ms
93ms XHR
application/json 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/hempamed.de-39301550-d48f-4a69-a8a8-dcbbe3a7899f/config.json?v=0bcc9647-7c4f-4243-915a-dce130ef8cca
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: 853a03664587e8ce2dc0809730e089774a45cc4e67b6328d948b56af62985a9d

Request headers

Accept: application/json
Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:58
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Mon, 11 Apr 2022 20:54:17 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62549579-798"
vary: Accept-Encoding
content-type: application/json
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=31919000
cdn-requestid: 260ab032155e9ed8d493e445aa1dfa45
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tcf Show response
t.adcell.com/i/ 21 B
323 B 50ms
49ms Fetch
application/json 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/i/tcf?programId=6619&location=hempamed.de

Requested by

Host: t.adcell.com
URL: https://t.adcell.com/js/inlineretarget.js?method=track&pid=6619&type=startpage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

9061c6ae3e66cd5d55c1790dee3dbdab18981e2f3f029d9f6145b0b2473507e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
server: myracloud
etag: "myra-ef22851a"
vary: accept-encoding
content-language: de
access-control-allow-origin: https://hempamed.de
cache-control: max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=15768000
content-type: application/json
expires: Mon, 23 May 2022 18:27:58 GMT

GET
H2 200 style.css
assets.reviews.io/iconfont/reviewsio-icons/ 5 KB
1 KB 43ms
42ms Stylesheet
text/css 2606:4700:10::6816:d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.reviews.io/iconfont/reviewsio-icons/style.css

Requested by

Host: widget.reviews.io
URL: https://widget.reviews.io/modern-widgets/floating.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:d7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

225f46d646199123e9dbcebe4ffe7b97dff347e6e5dc31692b2dc4be91f16986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 519175
cf-polished: origSize=6760
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Apr 2022 11:42:06 GMT
server: cloudflare
etag: W/"624d7c8e-1a68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 70ffc348fc9eee3b-CDG
cf-bgj: minify

GET options
api.reviews.io/widget/ 0
0

GET
H2 200 vendor.js Show response
d1um8515vdn9kb.cloudfront.net/files/ 20 KB
7 KB 20ms
20ms Script
application/javascript 2600:9000:2111:fa00:6:7d8a:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1um8515vdn9kb.cloudfront.net/files/vendor.js?v=3.0&gemv=1652856860633
Requested by: Host: d1um8515vdn9kb.cloudfront.net
URL: https://d1um8515vdn9kb.cloudfront.net/files/gempagev2.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2111:fa00:6:7d8a:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0023e1b2122cd7bfb6abc83567b43d77e7896b3ce72bb2a4b789b0c87b9721b8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 06:55:38 GMT
content-encoding: gzip
last-modified: Fri, 06 Aug 2021 04:41:52 GMT
server: AmazonS3
age: 472641
etag: W/"49b71ecd2ed9ab1db00be48afe650b79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 0fe4e9874d2e0d61c17aa980fd6da8ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: LHR61-C1
x-amz-cf-id: vNQ2vKpqb4_Sj8zzvTZAuECq9mOs2XSOOjoNn4J6eLiQUu4L5LyMhQ==

GET
H3 200 gem-page-index-1653289824.js Show response
cdn.shopify.com/s/files/1/2959/9804/t/20/assets/ 19 KB
2 KB 40ms
39ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.js?v=88602237111502680221653289827&gemv=1652856860633

Requested by

Host: d1um8515vdn9kb.cloudfront.net
URL: https://d1um8515vdn9kb.cloudfront.net/files/gempagev2.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1cad5542973259296b1d2caf9baa56aa0da5c71f3ac5f351fdb510c11310b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 31574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BgDrNaIlK3Ur%2B5sOjMm8MJHKxY6omQp2li0nf%2FSJ80tId%2FMqPtAhOYmq4YlYshCjSo67XZKvK1jw4bLA9PWgo8aDMY%2FvTh0i%2FC3FSn4Gn4j6QWBCHYXffp9%2Bm933eb%2BkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=59.791, imageryFetch;dur=55.903
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7d30ff3f-1ebf-4589-832c-e7158daa0b91
timing-allow-origin: *
last-modified: Mon, 23 May 2022 07:10:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70ffc3492f280897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/gem-page-index-1653289824.js>; rel="canonical"

GET
H2 200 css2
fonts.googleapis.com/ 106 KB
29 KB 105ms
43ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Train+One&display=swap

Requested by

Host: cannatrust.eu
URL: https://cannatrust.eu/wp-content/themes/cannatrust/inc/widget/rating.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d0293870d3d4cd1d60621be8a38fcf3c49d8df2832cf1c4df3aad528ec16822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 May 2022 18:12:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 23 May 2022 18:12:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 May 2022 18:12:58 GMT

GET
H2 200 ct-stars.js Show response
cannatrust.eu/wp-content/themes/cannatrust/inc/widget/ 10 KB
3 KB 31ms
30ms Script
application/javascript 2a02:17f8:9001:3e00::107
HAENDLEKORTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cannatrust.eu/wp-content/themes/cannatrust/inc/widget/ct-stars.js
Requested by: Host: cannatrust.eu
URL: https://cannatrust.eu/wp-content/themes/cannatrust/inc/widget/rating.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:17f8:9001:3e00::107 , Germany, ASN44700 (HAENDLEKORTE-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 558b1ca48c32a7f523df2ae72c9bb801084b86140907f9d37ded3a2116337d53

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 14:06:34 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61dee06a-272b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 87dec002-4ce2-4e0f-9a4c-b8a0a6b8295b Show response
ekr.zdassets.com/compose/ 319 B
1 KB 506ms
443ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/87dec002-4ce2-4e0f-9a4c-b8a0a6b8295b

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=87dec002-4ce2-4e0f-9a4c-b8a0a6b8295b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

022ce8c81f162fd15bf94d556094735ae437cc33a37b50298358b9e173fb4598

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 70ffc3499ef93a53-CDG
status: 200 OK
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-xss-protection: 1; mode=block
x-request-id: 7bfd758f-7bf4-46f6-8c34-cb3d11818709
x-runtime: 0.003236
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"022ce8c81f162fd15bf94d556094735a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSJQ1YL5ufb%2BvjBWd76sJUBNLs8ciBVt7LTTW6hKKmrgiVeapjlwTU7mXM%2Fy8dmmt12%2BS0Hr1qNsP3ichc%2FUmMFD%2FxegEHb2BBonUS3W0nUuTpkU0cDGllHrcCjLdBdxuuY%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
918 B 185ms
127ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: ecf519ae-c6c6-4501-8ec2-c911007d4882
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdOJSOfiiMCt8i92sOLsGP%2BiHYUJbyivvkBgjPFpVA%2BaqOg7skJHc1UL%2BznirQWbuhaSIEkBpOL7oSCrznASIxeQcQ0QmpJEjXpU5j2FUHuKkVk1Ig1yJaqpwcBLWgaramgj06kRoebXnXBLvsI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hempamed.de
access-control-allow-credentials: true
cf-ray: 70ffc3499cabedb7-CDG
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H/1.1 200
OK 1aa279a414.html Show response
tm709.ad-srv.net/tm/a/container/tags/iframe/ Frame C2C8 1 KB
876 B 88ms
29ms Document
text/html 148.251.45.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm709.ad-srv.net/tm/a/container/tags/iframe/1aa279a414.html?sid=1fie2jtv6okv99e3it6mfiic80
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/init/1aa279a414.js?&ntmData=ntmData3319837083267&rnd=66717081
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.45.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.45.251.148.clients.your-server.de
Software: nginx /
Resource Hash: d9ad6bf92228389fb31e16ab141f38a49ab06c234d402f71a095937c70e8da11

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 23 May 2022 18:12:58 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H3

200

src=9858635;dc_pre=CLPA4tGc9vcCFQRpGQodfSsHjw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1660059082040.195
adservice.google.com/ddm/fls/z/ Frame A288
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9858635;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1660059082040.195?
https://ad.doubleclick.net/ddm/activity/src=9858635;dc_pre=CLPA4tGc9vcCFQRpGQodfSsHjw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=...
https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CLPA4tGc9vcCFQRpGQodfSsHjw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1...

42 B
63 B

118ms
63ms

Image
image/gif

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CLPA4tGc9vcCFQRpGQodfSsHjw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1660059082040.195

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=50822&version=1&redirected=1

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CLPA4tGc9vcCFQRpGQodfSsHjw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1660059082040.195
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame A288
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
29 KB

44ms
43ms

Script
application/x-javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=50822&version=1&redirected=1
Protocol: H2
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 23 May 2022 18:12:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 204 0
bat.bing.com/action/ 0
176 B 44ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56377369&Ver=2&mid=79eef439-8312-4159-af46-888d0403ca61&sid=f9b31d20dac311ecb53503db628daf24&vid=f9b33840dac311ecb5e9efa09fb49b58&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=CBD%20%C3%96le%20von%20Hempamed%3A%20Premium%20CBD%20%C3%96l%20jetzt%20hier%20kaufen&p=https%3A%2F%2Fhempamed.de%2F&r=&lt=3168&evt=pageLoad&msclkid=N&sv=1&rn=205787

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 62BBBC56DE0A42C083830382D0375505 Ref B: DUS30EDGE0310 Ref C: 2022-05-23T18:12:58Z
date: Mon, 23 May 2022 18:12:57 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gkky8atb.js Show response
ad4m.at/ 33 KB
12 KB 92ms
69ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/gkky8atb.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/network-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fd9848450b8139c5daad01573a8dc8b57a60cf9d723f612d8b2b887dec8cd9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=em/F0g==, md5=4Cj2Qc9zCwHIUmihtBmGVw==
date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsct9RLqhL9EzQn1pbGePk-QgyOCOZROP96CsAXh_xD-mRLAtDe_ZoVqDjKmplvS9e3GaYlRH8Bb2am_8y9A83G7Bx3f29m
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 14 May 2022 05:21:52 GMT
server: cloudflare
etag: W/"e028f641cf730b01c85268a1b4198657"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAe8zJtm6HSeHxgkScEPJUm0A0VhmPBT7NLna25cUZ%2FO4bGHSYeng0UEdavT97tSaQGHa1gbNEdUrO8zfFqW05HovS%2FKSrlbX4YosUlmm%2Bd1%2Fy4h6D4ZTuVBj%2Fyp5ysT4fD7f4U%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1652505712832284
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11577
cf-ray: 70ffc349af6a32b8-CDG
expires: Mon, 23 May 2022 18:12:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 77ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: fBfVWNY6mJl2OIo/8GcuFm8vIySx7RUiCCwMOTM3MkfeGoxojxwvYUm4ZjQ9t8CzjUYSVs6jn7kN5sHJLdWhUQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
26ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2292
date: Mon, 23 May 2022 17:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 23 May 2022 19:34:46 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 402ms
232ms Script
application/javascript 104.104.52.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C549A79QQNL8BODFM9DG&lib=ttq
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.106 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 11a3de76.254f107
date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-59-251-71.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-102.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 186,104.104.52.102
server-timing: cdn-cache; desc=MISS, edge; dur=117, origin; dur=69, inner; dur=3
content-length: 37274
pragma: no-cache
server: nginx
x-tt-logid: 20220523181258010004003005006003020120722DB
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 69,23.59.251.71
x-tt-trace-host: 01b4a27882c045ade5217ed421843f5de958042647133ab9078e5e7c90e789236e1ddf6c7bb34183142c644320c9936f3ee485057022821757a4569cee4002eff043b924b667c761f4d0e4b0ad7bd63aedca6fa16fab6c414277446bca063b9a10f5f184b2b2c5c3daaa9ce6281d246df7
expires: Mon, 23 May 2022 18:12:58 GMT

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.35/ 53 KB
23 KB 317ms
98ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.35/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56377369
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
etag: "1d86e81880f1265"
last-modified: Mon, 23 May 2022 08:46:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 dc_pre=CLHQ1dGc9vcCFV5GHQkd4qYGUQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=508401...
adservice.google.com/ddm/fls/z/ Frame FD94 42 B
107 B 129ms
63ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLHQ1dGc9vcCFV5GHQkd4qYGUQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5084014034387.855

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLHQ1dGc9vcCFV5GHQkd4qYGUQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5084014034387.855?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3.0bd3.c.js Show response
consent.cookiefirst.com/banner/v2.0.13/static-main/ 21 KB
9 KB 62ms
61ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/v2.0.13/static-main/3.0bd3.c.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: 3c825fdab5bc22347c031621ca03879a32d3e64d995c7986349aabd713ee1351

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cdn-edgestorageid: 549
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:58
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Thu, 19 May 2022 15:14:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62865ed9-521e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=31919000
cdn-requestid: cca49a30349c24695db6e71f295b8b93
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 app.0bd3.c.css
consent.cookiefirst.com/banner/v2.0.13/static-main/ 42 KB
12 KB 67ms
67ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/v2.0.13/static-main/app.0bd3.c.css
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: c196ba332033b4a2c4d5dd75a7181a14fc95b3f110633a8fdd108f1b0d65ee47

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:58
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Thu, 19 May 2022 15:14:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62865ed9-a728"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=31919000
cdn-requestid: 974de13bffbbbf450d8ad5204d8f1de9
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 app.0bd3.c.js Show response
consent.cookiefirst.com/banner/v2.0.13/static-main/ 52 KB
17 KB 71ms
71ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/v2.0.13/static-main/app.0bd3.c.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: 4548350a365a5a63e88a00d84f2faeb3c319bfdd354720cef561c52bf48a2dc5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cdn-edgestorageid: 549
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:58
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Thu, 19 May 2022 15:14:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62865ed8-d06d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=31919000
cdn-requestid: e97f693f3abaaad2d0f1ca6c017e5790
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dc_pre=CNTU1dGc9vcCFVFCHQkdQPUNKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=75372...
adservice.google.com/ddm/fls/z/ Frame 1F36 42 B
494 B 121ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNTU1dGc9vcCFVFCHQkdQPUNKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7537296046713.005

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CNTU1dGc9vcCFVFCHQkdQPUNKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7537296046713.005?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://11868943.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CM3R1dGc9vcCFdJCHQkdf5MFRQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=326...
adservice.google.com/ddm/fls/z/ Frame 17B5 42 B
107 B 122ms
64ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM3R1dGc9vcCFdJCHQkdf5MFRQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3265416293479.613

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CM3R1dGc9vcCFdJCHQkdf5MFRQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3265416293479.613?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://11868943.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMDz1dGc9vcCFWdCHQkdnmUF2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6343...
adservice.google.com/ddm/fls/z/ Frame 3A55 42 B
107 B 120ms
63ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMDz1dGc9vcCFWdCHQkdnmUF2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6343938651724.09

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDz1dGc9vcCFWdCHQkdnmUF2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6343938651724.09?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
301 B 140ms
139ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: ea347c78-41d8-4785-b3b6-d2a6c26c0e0b
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sz1KyBIShK1um9t1nBkrIP6bIqXHnmBt5kCruPPi4NVW6yTw8m1NdkjGA5Xg0k7OzBfQv%2FPPx9gL1qhiadQE9PE%2Fl3yndFy0rjcxfXFi%2FZXRVgsn9wfV5f8%2BCNQ5Di7wgcO%2BW%2FXHQbWJyxfYFe0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hempamed.de
access-control-allow-credentials: true
cf-ray: 70ffc34a1d58edb7-CDG
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
307 B 134ms
133ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 36e56d77-6894-4dc7-99d5-265bf6914584
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13xw8BCEjfFmTlzKjkR0%2ByLtJtA%2BXBFgVrseSbY%2BFwO4Zh71IpCxFAvFCYcOf%2FDMfbbtfyoOdqQ6cFNZ8oix7slmi2kY5E%2FUTbnhokvJeumaujFY%2F%2F7%2BtCjt%2BEOjGPT1%2F5NpwEEYeDX0TdykV48%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hempamed.de
access-control-allow-credentials: true
cf-ray: 70ffc34a1d63edb7-CDG
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
316 B 173ms
172ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: a657468c-ef29-4315-b859-48155b5c6c10
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkHL97hVvP6f%2FpRPkckUk5eHDwsNJSD9Um7pbsLDgd4RACSfBzfpMXVVN8twixK1CPTfJPptgxoNxtpPQnUWHVZMqCr%2FnMsuzzYyz7aqeW%2Fm6xDASLl2ooAZPpvUY3xLpIyweS78iolJeXoBIVU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hempamed.de
access-control-allow-credentials: true
cf-ray: 70ffc34a1d64edb7-CDG
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 v1 Show response
integrations.etrusted.com/applications/review-carousel-service-widget/ 353 KB
103 KB 35ms
35ms Script
application/javascript 18.66.248.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://integrations.etrusted.com/applications/review-carousel-service-widget/v1

Requested by

Host: integrations.etrusted.com
URL: https://integrations.etrusted.com/applications/widget.js/v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-50.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dd9b8aa44d780db3aefdefb0a68fc5a2bc2b1409abe3abeb3bc99b8954360501

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: B22F30SJEbsRphU3iiFSQ2P6.ALybUCf
content-encoding: gzip
vary: Accept-Encoding
age: 488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Mon, 23 May 2022 18:04:51 GMT
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 May 2022 11:39:06 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"ab2c02dbb3f5d75faa95257883bbc9ed"
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: hgA6Aa8uXfOD7doLaUPLgoCGPkWkR9V5BxUZXsrsDKmA8jvd60Ehaw==

POST
H3 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
852 B 221ms
178ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: dcfa076b-f30b-4595-a913-56e44b8fc530
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOp859uWGMtZL4NA90mJym6wnRz%2B7tEcswF2P9RI7UYPM5as%2BCU66VMuGDvjmqbhooJBfpEUtIjrWXhIxUE3EkmLSi4GFgsBLPJ9Zv1TQZNyFQWcu8fD83sv4MCwjU5rTZKUsPYfWh6L6pzhSWk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hempamed.de
access-control-allow-credentials: true
cf-ray: 70ffc34aab20ee07-CDG
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 2199 Show response
cannatrust.eu/wp-json/skript/produkt/ 234 B
707 B 460ms
397ms Fetch
application/json 2a02:17f8:9001:3e00::107
HAENDLEKORTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cannatrust.eu/wp-json/skript/produkt/2199

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:17f8:9001:3e00::107 , Germany, ASN44700 (HAENDLEKORTE-AS, DE),

Reverse DNS

Software

nginx / PHP/8.0.19, PleskLin

Resource Hash

f6b34699092cdb4b51d0460d09661b53b652dbb563784f348fd429f9a5e0d0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: nginx
link: <https://cannatrust.eu/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/8.0.19, PleskLin
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hempamed.de
allow: GET
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H2 200 2832 Show response
cannatrust.eu/wp-json/skript/produkt/ 276 B
749 B 461ms
399ms Fetch
application/json 2a02:17f8:9001:3e00::107
HAENDLEKORTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cannatrust.eu/wp-json/skript/produkt/2832

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:17f8:9001:3e00::107 , Germany, ASN44700 (HAENDLEKORTE-AS, DE),

Reverse DNS

Software

nginx / PHP/8.0.19, PleskLin

Resource Hash

b254af9e43209f827929ae94c85cca468d0c92b080287947467768ecfbcab1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: nginx
link: <https://cannatrust.eu/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/8.0.19, PleskLin
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hempamed.de
allow: GET
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H2 200 3941 Show response
cannatrust.eu/wp-json/skript/produkt/ 228 B
701 B 460ms
398ms Fetch
application/json 2a02:17f8:9001:3e00::107
HAENDLEKORTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cannatrust.eu/wp-json/skript/produkt/3941

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:17f8:9001:3e00::107 , Germany, ASN44700 (HAENDLEKORTE-AS, DE),

Reverse DNS

Software

nginx / PHP/8.0.19, PleskLin

Resource Hash

2c27ff0caa70a51f9cc07c0b0b715c640b6213b9120695e277316fd475cab794

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: nginx
link: <https://cannatrust.eu/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/8.0.19, PleskLin
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hempamed.de
allow: GET
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H2 200 3488 Show response
cannatrust.eu/wp-json/skript/produkt/ 240 B
714 B 459ms
396ms Fetch
application/json 2a02:17f8:9001:3e00::107
HAENDLEKORTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cannatrust.eu/wp-json/skript/produkt/3488

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:17f8:9001:3e00::107 , Germany, ASN44700 (HAENDLEKORTE-AS, DE),

Reverse DNS

Software

nginx / PHP/8.0.19, PleskLin

Resource Hash

d3ccee6ce84c625fa684189c0a4742f68e3e16b61e3d37694e5012365b10a985

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: nginx
link: <https://cannatrust.eu/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/8.0.19, PleskLin
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hempamed.de
allow: GET
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H2 200 121 Show response
cannatrust.eu/wp-json/skript/produkt/ 222 B
695 B 461ms
398ms Fetch
application/json 2a02:17f8:9001:3e00::107
HAENDLEKORTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cannatrust.eu/wp-json/skript/produkt/121

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:17f8:9001:3e00::107 , Germany, ASN44700 (HAENDLEKORTE-AS, DE),

Reverse DNS

Software

nginx / PHP/8.0.19, PleskLin

Resource Hash

b142433e6721e29e69906c3a4700735ba2fd9c50785e05e81864f91df41c3ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: nginx
link: <https://cannatrust.eu/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/8.0.19, PleskLin
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hempamed.de
allow: GET
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1

200
OK

retarget Show response
ad.ad-srv.net/ Frame E90B
Redirect Chain

https://ad.ad-srv.net/retarget?a=63935&version=1
https://ad.ad-srv.net/retarget?a=63935&version=1&redirected=1

0
471 B

93ms
37ms

Document
text/html

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=63935&version=1&redirected=1
Requested by: Host: tm709.ad-srv.net
URL: https://tm709.ad-srv.net/tm/a/container/tags/iframe/1aa279a414.html?sid=1fie2jtv6okv99e3it6mfiic80
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tm709.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 23 May 2022 18:12:58 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 23 May 2022 18:12:58 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=63935&version=1&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H2 200 track Show response
t.adcell.com/retargeting/ 4 KB
1 KB 50ms
50ms Script
text/javascript 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/retargeting/track?pid=6619&type=startpage

Requested by

Host: t.adcell.com
URL: https://t.adcell.com/js/inlineretarget.js?method=track&pid=6619&type=startpage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

017b98b9a240b99d8519f252cc10cf7900305fa4e607a04bdc24b07dc64ce5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
server: myracloud
vary: accept-encoding
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=15768000
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame E563
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=990648820546&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=990648820546&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpm...

111 B
592 B

38ms
38ms

Script
text/javascript

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=990648820546&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D53913%26version%3D1%26redirected%3D1

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1&redirected=1

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=990648820546&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D53913%26version%3D1%26redirected%3D1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 1963462347257273 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 364ms
339ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1963462347257273?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72770d2adbe7c198b256b9c55fc5c3d39a6bb6fffe7c21f981ba74b7322c0b5f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ZCWKrmzwmflWZlfsiVM7hzmLmzkiUG9azmVmHchdFCci9mkrZkgMwl4oAeCLn2dEo8lDISvjOoq8OXHzQNg3FA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 23 May 2022 18:12:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653329579023
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 71ms
23ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-131807373-1&cid=1979549604.1653329579&jid=982688926&gjid=1512185129&_gid=180074458.1653329579&_u=YGBAgEABBAAAAE~&z=113712845

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 23 May 2022 18:12:58 GMT
content-type: text/plain
access-control-allow-origin: https://hempamed.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 82ms
26ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1973958421&t=pageview&_s=1&dl=https%3A%2F%2Fhempamed.de%2F&dp=%2F&ul=en-us&de=UTF-8&dt=CBD%20%C3%96le%20von%20Hempamed%3A%20Premium%20CBD%20%C3%96l%20jetzt%20hier%20kaufen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABB~&jid=982688926&gjid=1512185129&cid=1979549604.1653329579&tid=UA-131807373-1&_gid=180074458.1653329579&did=BwiEti&z=741085578

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:13:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75560
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A288 130 B
606 B 38ms
38ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2051254&ADFPageName=Hempamed%20CBD%20DE%20Adform%2020%20Days&ADFdivider=%7C&ord=915655057538&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D50822%26version%3D1%26redirected%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a452e981484d0db32a9aa66c65fa84dd8c88ee45b4eed0ebe69dd9837c65da15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 199
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A288 131 B
605 B 38ms
38ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2108128&ADFPageName=Hempamed%20CBD%20DE%20Adform2%2020%20Days&ADFdivider=%7C&ord=704228932211&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D50822%26version%3D1%26redirected%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aed4469e21f8e133a2063f718d1f3588520cf0716f8ded6b91fd2b9ef0fe6b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 199
expires: -1

GET
H3 200 frame.html Show response
ad4m.at/ Frame 39BD 2 KB
2 KB 42ms
41ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/gkky8atb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2225697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 70ffc34afa0832b8-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 23 May 2022 18:12:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 23 May 2022 19:12:58 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng0AYLkcu36liwOV3v5l4GdCs4db2ftL9HQ2tDK7akoPS%2BWtWNVUTNDXwOTZHgGIa9PeImorCD2ekNWjr8gkCVTWB5sgKh79qCgcLdXeElhHw%2FPr1uzDq7djB5qK2iK%2FeSuc03c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdvvtSIAwsCmiM-QNfjU4V1IkNqaQClE4RrhA81LOeMfWEq6Es7rtcmMgv5r6VPQvchA57U4Y0qySTbEmuxJwzI

GET
H/1.1 204
No Content visit.gif Show response
eu-tlp06.kameleoon.eu/ 0
142 B 29ms
28ms XHR
text/plain 195.201.164.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-tlp06.kameleoon.eu/visit.gif?lp=3&spt=1650442874434&p=c2l0ZUNvZGU9dzJzOWx3cjRzaCZ2aXNpdG9yQ29kZT00aWxuZXVzZWkyN3Q3dXViJnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9RDdBNUU0NzY2OTA1MTRCNiZldmVudFR5cGU9Y29udmVyc2lvbnMmdGltZT0xNjUzMzI5NTc4NDExJmdvYWxJZDA9MjQxODg5Jm5lZ2F0aXZlMD1mYWxzZSZyZXZlbnVlMD0wJmdvYWxJZDE9MjM5OTg0Jm5lZ2F0aXZlMT1mYWxzZSZyZXZlbnVlMT0wJm51bWJlcj0y
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 195.201.164.250 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser06.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 23 May 2022 18:12:58 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H2 200 feed.json Show response
integrations.etrusted.com/feeds/channels/v1/chl-80f5b2b7-7dfd-4a4f-b8f1-4f4e3018dce4/ 482 B
1 KB 32ms
32ms Fetch
application/json 18.66.248.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integrations.etrusted.com/feeds/channels/v1/chl-80f5b2b7-7dfd-4a4f-b8f1-4f4e3018dce4/feed.json
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-50.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10b7f371fb7191b9ad8c64a81a734b1ea5f5c260437172f0904d83a3c8c6394a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: y5Ajq57wgl_9.JcG_V9Bh8orG62spR2G
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
etag: "99f7fc5f1c4f027b50b072eea1f52474"
age: 324
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 482
last-modified: Fri, 25 Feb 2022 13:40:30 GMT
server: AmazonS3
date: Mon, 23 May 2022 18:07:35 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: KVFt31hHxmIzWjQZ26dXM4prBFDj3OJeSmKBqb8LdkQR3hjcB4zyyQ==

GET
H/1.1 200
OK retarget Show response
ad.ad-srv.net/ Frame 20DE 5 KB
1 KB 105ms
44ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=50822&version=1
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: edd2458ae14bc0b280c921d4876074daa61ac24a9a3201fa0e242bc3b73b9bfa

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 833
Content-Type: text/html; charset=UTF-8
Date: Mon, 23 May 2022 18:12:58 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK retarget Show response
hal9000.redintelligence.net/ Frame 7AD5 3 KB
1 KB 102ms
42ms Document
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: daa70dc9f6846ce066684966c3a917254ba886137d3e5223dbc0611ba9417fa4

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 866
Content-Type: text/html; charset=UTF-8
Date: Mon, 23 May 2022 18:12:58 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK 1aa279a414.js Show response
tm.ad-srv.net/tm/a/container/init/ 12 KB
3 KB 92ms
31ms Script
application/javascript 148.251.45.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/init/1aa279a414.js?&ntmData=ntmData4075105155746&rnd=74225902
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.45.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.45.251.148.clients.your-server.de
Software: nginx /
Resource Hash: a6b81aa7f33b141f664af931510adb6a75f7953c4fa1bb6d6a4d7ba26d2e179a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:12:58 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: application/javascript; charset=utf-8
Expires: 0

GET
H2 200 lang-widget-de.json Show response
consent.cookiefirst.com/sites/hempamed.de-39301550-d48f-4a69-a8a8-dcbbe3a7899f/ 9 KB
4 KB 61ms
61ms XHR
application/json 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/hempamed.de-39301550-d48f-4a69-a8a8-dcbbe3a7899f/lang-widget-de.json?v=0bcc9647-7c4f-4243-915a-dce130ef8cca
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: 65ac6cc05d7933437081474bbbc2b72e0a1a340281837480bbc6bdef0b997267

Request headers

Accept: application/json
Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:58
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Mon, 11 Apr 2022 20:54:18 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6254957a-25f5"
vary: Accept-Encoding
content-type: application/json
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=31919000
cdn-requestid: 97d553d111426ffe03348e2910a84ca3
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 request Show response
api.bounce-commerce.de// 85 B
373 B 33ms
32ms XHR
application/json 2a01:4f8:272:50e8::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounce-commerce.de//request
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:272:50e8::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.2 / PHP/8.0.18
Resource Hash: 4243b93dfd253dabb3466e42a4a14f53401de470683281daeea61126513b4531

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryOwJUcBI1tvgIKAn6

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
server: nginx/1.20.2
x-powered-by: PHP/8.0.18
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 network-tag.js
ad4m.at/ 8 KB
4 KB 31ms
31ms Other
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/network-tag.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f4c15957477f0013ab17d7e6078d97473e7036f5ed899a1c19c23c8221b2bd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=JlZxqQ==, md5=8gyDTYbVK6dOJOT699/PXA==
date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26962
x-guploader-uploadid: ADPycdt4ZcKsxBd7W91eoAsqwYCSriRGG_75H1-rdz_PPATGRnyqthk87KpaVK4XoDAYQBp7rws2JN8mqttqYQ5vbpoQ8YLobjFo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Apr 2022 10:41:59 GMT
server: cloudflare
etag: W/"f20c834d86d52ba74e24e4faf7dfcf5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rl2sDKtKiQUHHM6Jl0Vi5t26K3OaJnWgVJ0IAjiwQNV9x%2F3zyYRyOF1%2FBaETWsyL4nKoe6ouBS5ihfSAHZ%2FhhGx1e0cyPfBXR4pa01M5zVDpXq0O7eF9FkgUOcEC0Bzn5WM7lIk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1651056119654747
content-type: application/javascript
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
x-goog-stored-content-length: 8592
cf-ray: 70ffc34b4a7832b8-CDG
expires: Mon, 23 May 2022 11:43:36 GMT

GET
H3 200 ant Show response
as.ad4m.at/ad/ 8 B
733 B 70ms
46ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/ant?a=4&b=6619

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2db945e28875424676c5a66051ad597321e39937a418e0a04b673f3d9f66ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cf-ray: 70ffc34b695a40e1-CDG
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
vary: accept-encoding
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
x-download-options: noopen
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate
via: 1.1 google
content-type: text/plain; charset=utf-8
expires: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 122ms
65ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-131807373-1&cid=1979549604.1653329579&jid=982688926&_u=YGBAgEABBAAAAE~&z=1207538998

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.fr/ads/ 42 B
63 B 115ms
62ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-131807373-1&cid=1979549604.1653329579&jid=982688926&_u=YGBAgEABBAAAAE~&z=1207538998

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feed.json Show response
integrations.etrusted.com/feeds/grades/v1/channels/chl-80f5b2b7-7dfd-4a4f-b8f1-4f4e3018dce4/touchpoints/all/ 2 KB
2 KB 30ms
30ms Fetch
application/octet-stream 18.66.248.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integrations.etrusted.com/feeds/grades/v1/channels/chl-80f5b2b7-7dfd-4a4f-b8f1-4f4e3018dce4/touchpoints/all/feed.json
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-50.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 229860842b915839781a7d3c7bd790170c5072d726d583ea6c1abee4e7cacad4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:07:36 GMT
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 323
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1955
last-modified: Mon, 23 May 2022 12:55:41 GMT
server: AmazonS3
etag: "079f0a68a69fde1274c92c16178b9b61"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: C17hZRTSUNXJ2cNdFzDaMbq_PzX8_e5W
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: VAgYVduC_Rb-RtPO88UELalGVbMAr7WeO022iwmsMuvgI3zfQCpNxQ==

GET
H3 200 20211108_Hempamed_Einschlaftropfen_Box_Bot_4000px_540x.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 19 KB
20 KB 37ms
36ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/20211108_Hempamed_Einschlaftropfen_Box_Bot_4000px_540x.jpg?v=1637141494

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d4bbd49c5a2ea21305e4589d60ebcd1918ff17033ccdb09f48f418c9d43a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 556696
server-timing: imagery;dur=807.623, imageryFetch;dur=72.491, imageryProcess;dur=720.237;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19620
x-xss-protection: 1; mode=block
x-request-id: b2a7dece-22e9-452f-be50-0649595b57d2
timing-allow-origin: *
surrogate-key: segment4-19854 shop-29599804 mime-image/webp-19854 time-bucket-20220517-19854 71ffddee4b62a8a2b646dc2037da2748e7df6ec2401a7fcb7bd4bbf127d1bb7f
last-modified: Tue, 17 May 2022 07:34:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJC65PneVCq5K2Al%2Fe6%2BBYLcRgjwkyFMQ7sosMX%2BQgtVrFRY5H3UUVvT7f0EJWirWp3YarETbbsxeA1VhN5sx1%2By0N6BkdvlzijUQzqcvQ0P86AYgLhQOwm%2FvKJMid32mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc34b7b520897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/20211108_Hempamed_Einschlaftropfen_Box_Bot_4000px_540x.jpg>; rel="canonical"

GET
H3 200 210706_DE_Aromaol_PremiumKapseln_20mg_Box-Jar_4000px_540x.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 13 KB
14 KB 56ms
55ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/210706_DE_Aromaol_PremiumKapseln_20mg_Box-Jar_4000px_540x.jpg?v=1628590307

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9438b429cd5de919a4ee493dbb70f5b29048b05a2c596074a9a39cb9c996f1c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 276805
server-timing: imagery;dur=592.677, imageryFetch;dur=103.760, imageryProcess;dur=487.495;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13042
x-xss-protection: 1; mode=block
x-request-id: f26cefa6-6646-4740-aa50-52584a640e00
timing-allow-origin: *
last-modified: Fri, 20 May 2022 06:29:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTw4wDlCWNYzgo%2F%2BitvGZ2OPlQRgNmA7OLHajmKXFAGn6muBpkdS%2FZcS2bnHHQdIjVjuTUGxulYn2ui2I3qDq%2FNvy8Ldqe8adorakZOaKdmBfKuUZdU%2BcnJTr7Yc89raVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc34b7b530897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/210706_DE_Aromaol_PremiumKapseln_20mg_Box-Jar_4000px_540x.jpg>; rel="canonical"

GET
H3 200 20220413_Hempamed_DE_CBD_HundeOel_10ml_6__Box_Bottle_1500px_d1b14d51-efdd-4060-85bd-68118c1aa485_540x.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 16 KB
17 KB 34ms
34ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/20220413_Hempamed_DE_CBD_HundeOel_10ml_6__Box_Bottle_1500px_d1b14d51-efdd-4060-85bd-68118c1aa485_540x.jpg?v=1651676486

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b2f7ee18afa6e23174e31111e331fd8abc33e779797144880b16098079b8156

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 276805
server-timing: imagery;dur=297.068, imageryFetch;dur=58.316, imageryProcess;dur=237.228;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16008
x-xss-protection: 1; mode=block
x-request-id: 2eed8832-5b4f-4097-a85e-acd980e4f284
timing-allow-origin: *
surrogate-key: segment4-8542 shop-29599804 mime-image/webp-8542 time-bucket-20220515-8542 9bc694bea1ab451332f924e663c09353fe18103e92b881987408f2debe8ccc96
last-modified: Sun, 15 May 2022 12:31:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4DO4MYZgn%2FvCC4w%2FiFWgboM7C8DrOtcork1Pm3NvdQQL98d%2Be0jYZsKMQOgI1o0D940v1b9Fc46OKoFgSPXkCwzrgLXKb90v%2FqJ981rFPdAA01aLpZZ6%2BgJkBhH2oUePQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc34b7b540897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/20220413_Hempamed_DE_CBD_HundeOel_10ml_6__Box_Bottle_1500px_d1b14d51-efdd-4060-85bd-68118c1aa485_540x.jpg>; rel="canonical"

GET
H3

200

src=10716248;dc_pre=CNuT_9Gc9vcCFRBKHgId_vQAeQ;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent=
https://ad.doubleclick.net/ddm/activity/src=10716248;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=10716248;dc_pre=CNuT_9Gc9vcCFRBKHgId_vQAeQ;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CNuT_9Gc9vcCFRBKHgId_vQAeQ;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
63 B

71ms
71ms

Image
image/gif

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CNuT_9Gc9vcCFRBKHgId_vQAeQ;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CNuT_9Gc9vcCFRBKHgId_vQAeQ;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2
https://imagesrv.adition.com/1x1.gif

68 B
178 B

105ms
26ms

Image
image/gif

217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 18:12:58 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
date: Mon, 23 May 2022 20:12:58 +0200
server: ADITIONSERVER v1.0
access-control-allow-origin: *
content-type: text/plain
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

1x1.gif
imagesrv.adition.com/
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1
https://imagesrv.adition.com/1x1.gif

68 B
103 B

106ms
26ms

Image
image/gif

217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 18:12:58 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
date: Mon, 23 May 2022 20:12:58 +0200
server: ADITIONSERVER v1.0
access-control-allow-origin: *
content-type: text/plain
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3 204 dst
as.ad4m.at/ad/ 0
631 B 51ms
51ms Image
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=6218&b=2&c=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&e=16748&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fhempamed.de%2F

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 70ffc34b8acf32b8-CDG
expires: 0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=1
https://as.ad4m.at/ad/dpe?b=CAESEC2FOX1U-wxzbohQRXxGPL0&a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=1&google_cver=1

0
633 B

56ms
56ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?b=CAESEC2FOX1U-wxzbohQRXxGPL0&a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=1&google_cver=1

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains; preload
x-download-options: noopen
vary: accept-encoding
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 70ffc34c7c2232b8-CDG
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://as.ad4m.at/ad/dpe?b=CAESEC2FOX1U-wxzbohQRXxGPL0&a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=1&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://ih.adscale.de/tpui?tpid=25&tpuid=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26b%3D__ADSCALE_USER_ID__%26c%3D6
https://ih.adscale.de/tpui?tpid=25&tpuid=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&...
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=37973df607fbb0b7f323a116b93e320e8ba1d60f09f822dbe7f277a29d69a054&c=6

0
633 B

50ms
49ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=37973df607fbb0b7f323a116b93e320e8ba1d60f09f822dbe7f277a29d69a054&c=6

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains; preload
x-download-options: noopen
vary: accept-encoding
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 70ffc34c7c2c32b8-CDG
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=37973df607fbb0b7f323a116b93e320e8ba1d60f09f822dbe7f277a29d69a054&c=6
date: Mon, 23 May 2022 18:12:58 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://pixel.onaudience.com/?partner=234&mapped=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
265 B

129ms
36ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCM...
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=9&b=5236655656407327916&gdpr=0&gdpr_consent=

0
633 B

47ms
46ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=9&b=5236655656407327916&gdpr=0&gdpr_consent=

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains; preload
x-download-options: noopen
vary: accept-encoding
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 70ffc34e3ecc32b8-CDG
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&c=9&b=5236655656407327916&gdpr=0&gdpr_consent=
pragma: no-cache
date: Mon, 23 May 2022 18:12:58 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26b%3D%24%7BPUBMATIC%5FUID%...
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=${PUBMATIC_UID}&c=5

0
633 B

53ms
52ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=${PUBMATIC_UID}&c=5

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 70ffc34e3eca32b8-CDG
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=${PUBMATIC_UID}&c=5
date: Mon, 23 May 2022 18:12:58 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&C=1

43 B
1019 B

36ms
36ms

Image
image/gif

23.35.232.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&C=1
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Server: 23.35.232.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-232-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:12:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 18:12:59 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:12:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 294
Expires: Mon, 23 May 2022 18:12:59 GMT

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX...
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=e8d7934af39b54195192a82b82d30578150e295da1ba1f1305b9fa88f9604&c=7

0
633 B

48ms
47ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=e8d7934af39b54195192a82b82d30578150e295da1ba1f1305b9fa88f9604&c=7

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 70ffc34e9f3f32b8-CDG
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=e8d7934af39b54195192a82b82d30578150e295da1ba1f1305b9fa88f9604&c=7
date: Mon, 23 May 2022 18:12:59 GMT
server: Apache
connection: close
x-powered-by: PHP/7.3.29
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://ad.yieldlab.net/mr?t=2&pid=9140838&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DkVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF%26b%3D%25%25YL%5FUID%25%25%26c%3D4
https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=4865b806-4db4-4dcd-8df7-ee71886fdb90&c=4

0
633 B

87ms
87ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=4865b806-4db4-4dcd-8df7-ee71886fdb90&c=4

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 70ffc34e9f4132b8-CDG
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Location: https://as.ad4m.at/ad/dpe?a=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&b=4865b806-4db4-4dcd-8df7-ee71886fdb90&c=4
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Length: 0
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 22 May 2022 18:12:59 GMT

GET
H2 200 feed.json Show response
integrations.etrusted.com/feeds/review-carousel-service/v1/widgets/wdg-896181bc-6b61-4f29-a69b-c2e63b43abc3/ 3 KB
2 KB 30ms
29ms Fetch
application/json 18.66.248.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integrations.etrusted.com/feeds/review-carousel-service/v1/widgets/wdg-896181bc-6b61-4f29-a69b-c2e63b43abc3/feed.json
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-50.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe670251cf401d03f674195f138e9d242192b9fbca35ec55a9aeb748413de70f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:07:36 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 323
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 23 May 2022 12:56:10 GMT
server: AmazonS3
etag: W/"466247f6c72f081e26a91d045d78c231"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 98WqyswQOPljFtYYEvuGmcg0oroXKbIo
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: xzPHPSUpbuMpoKSGE2PzlNJCaYSpyEQjd5rTJ8isWGcMoHYoHlpA2A==

GET
H2 200 script.js Show response
widgets.getsitecontrol.com/190842/ 52 B
864 B 307ms
230ms Script
text/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getsitecontrol.com/190842/script.js
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 5b1ccd08e901adfcd4b47e942f7c860ccd41f3e90ba07c787fb222cd8b776aee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: E7ZARB6MJFXX2K4G
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 04/26/2022 10:08:47
cdn-pullzone: 44619
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: wxC+Fitk1Dx2qBAWthUG5Os70wOx8jLDgLxLtPMw9R8xVIiwZhFn9fPXd9yl/ihGTdU7DPXlSmc=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Wed, 09 Jun 2021 11:40:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7b0ea7b28a2ed1dad58a287adcc822cb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: e89f625b28e5378773a7aa58ed2906d9
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ui.0bd3.c.css
consent.cookiefirst.com/banner/v2.0.13/static-main/ 10 KB
4 KB 69ms
65ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/v2.0.13/static-main/ui.0bd3.c.css
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: 5d8e8ae1eb1a201e03e7cb45ea547d2e96e4dca8c3616d4d27f174a99fa0d17c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cdn-edgestorageid: 549
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:58
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Thu, 19 May 2022 15:14:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62865ed8-2925"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=31919000
cdn-requestid: 4776f9dc1a036458a5d28b4cbc85d941
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ui.0bd3.c.js Show response
consent.cookiefirst.com/banner/v2.0.13/static-main/ 26 KB
10 KB 67ms
64ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/v2.0.13/static-main/ui.0bd3.c.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: 00ea83677b038e63b1365af2d5c882001d2efce9d098f46f6fc8657d3ee01946

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:58
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Thu, 19 May 2022 15:14:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62865ed8-68fa"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=31919000
cdn-requestid: 4cc2799378f3207d19ca28f94af3b6fd
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 frame.html Show response
ad4m.at/ Frame BBC2 2 KB
2 KB 38ms
38ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/gkky8atb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2225697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 70ffc34c2bbf32b8-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 23 May 2022 18:12:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 23 May 2022 19:12:58 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ye%2BYSqr51O%2FN5avLrF4bTDPHMMzM9qMLZisrkqJ5QETW5q0CIMnDFO9xBf2%2BhnErtGFCObx70G8qsSc%2Btbp6o6ppyHrnxlGCYUsBjCtEOvqJvE0Hh0GLxqmWcwG8Ew8c%2B69jsoY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdvvtSIAwsCmiM-QNfjU4V1IkNqaQClE4RrhA81LOeMfWEq6Es7rtcmMgv5r6VPQvchA57U4Y0qySTbEmuxJwzI

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 7AD5 597 B
966 B 40ms
36ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1480634&mt_adid=238097&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4409 ba5503e master cdg-pixel-x26 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Server: MT3 4409 ba5503e master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 23 May 2022 18:12:57 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 7AD5 597 B
966 B 41ms
36ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4409 ba5503e master cdg-pixel-x25 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Server: MT3 4409 ba5503e master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 23 May 2022 18:12:57 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 7AD5 597 B
966 B 39ms
38ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406081&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master zrh-pixel-x27 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 23 May 2022 18:12:57 GMT

GET
H2 200 tagging Show response
ad13.adfarm1.adition.com/ Frame 20DE 7 B
311 B 36ms
29ms Script
application/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/tagging?type=js&network=3232&tag[Tags_20Days.Hempamed_CBD_DE_20Days]&gdpr=&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=50822&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 20:12:58 +0200
server: ADITIONSERVER v1.0
content-type: application/javascript
content-length: 7
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 tagging Show response
ad13.adfarm1.adition.com/ Frame 20DE 7 B
311 B 34ms
30ms Script
application/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/tagging?type=js&network=3232&tag[Tags_10Days.Hempamed_CBD_DE_10Days]&gdpr=&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=50822&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 20:12:58 +0200
server: ADITIONSERVER v1.0
content-type: application/javascript
content-length: 7
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 wdg-896181bc-6b61-4f29-a69b-c2e63b43abc3.json Show response
integrations.etrusted.com/configurations/v1/ 70 B
619 B 36ms
32ms Fetch
application/json 18.66.248.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integrations.etrusted.com/configurations/v1/wdg-896181bc-6b61-4f29-a69b-c2e63b43abc3.json
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-50.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6181892ca000f5d8a044a46ef1cda98145d98197e39e9696a891c69eabe6dff1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: 7cTxx_ZjZIR9OE00byenuj2EnKAQ7izx
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
etag: "db1a866a8c6961a8eac3c373e7d4554c"
age: 323
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 70
last-modified: Mon, 28 Feb 2022 09:50:57 GMT
server: AmazonS3
date: Mon, 23 May 2022 18:07:36 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: X1tYuIx9OPDmlJVN_x8tI7k6JQetSuDZjfaxLu8mEQKtSFIU4bXItA==

GET
H/1.1 200
OK 1aa279a414.js Show response
tm709.ad-srv.net/tm/a/container/eval/ 153 B
467 B 179ms
119ms Script
application/javascript 148.251.45.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm709.ad-srv.net/tm/a/container/eval/1aa279a414.js?sid=l3dtrnrns3rt71av7qg00bdcm6&rnd=59139437&macroData[urlTrafficCheck]=https%3A%2F%2Fhempamed.de%2F&macroData[transactionId]=&macroData[searchTerm]=&macroData[products]=%5B%5D&macroData[productsAdcell]=&macroData[productName]=&macroData[productId]=empty&macroData[pageType]=homepage&macroData[orderValue]=&macroData[orderProductCount]=&macroData[categoryName]=&macroData[categoryId]=&macroData[basketValue]=&macroData[basketProductCount]=
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/init/1aa279a414.js?&ntmData=ntmData3319837083267&rnd=66717081
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.45.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.45.251.148.clients.your-server.de
Software: nginx /
Resource Hash: f5d9a0ab5a7872ae2fbb1c69589d171aec0bd89ac2324289e4b20401bb49ca5f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:12:59 GMT
Server: nginx
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: application/javascript; charset=utf-8
Content-Length: 153
Expires: 0

GET
H3

200

activityi;dc_pre=CMDG_tGc9vcCFaxCHQkdmgIFPg;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;... Show response
5994599.fls.doubleclick.net/ Frame 093D
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDG_tGc9vcCFaxCHQkdmgIFPg;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

454 B
385 B

44ms
44ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDG_tGc9vcCFaxCHQkdmgIFPg;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2557177488698.237?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

5bc8b6f16b49442921866630c224fcf7fbc7bd9228eece29fddcd91d2c548fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Mon, 23 May 2022 18:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDG_tGc9vcCFaxCHQkdmgIFPg;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2557177488698.237?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CJ-H_9Gc9vcCFRNIHQkd95kKbg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%... Show response
11868943.fls.doubleclick.net/ Frame 326A
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ-H_9Gc9vcCFRNIHQkd95kKbg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%...

456 B
390 B

78ms
77ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ-H_9Gc9vcCFRNIHQkd95kKbg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6858989584078.41?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

0c5fed5b005de888894cb8804c7c3c7c9fe7029957af4ab3cc76371bf9689761

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Mon, 23 May 2022 18:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ-H_9Gc9vcCFRNIHQkd95kKbg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6858989584078.41?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 7AD5
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
29 KB

43ms
42ms

Script
application/x-javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1
Protocol: H2
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:58 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 23 May 2022 18:12:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3

200

activityi;dc_pre=CJ-K_9Gc9vcCFdGYhQod4WoILg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7... Show response
5994599.fls.doubleclick.net/ Frame BEA0
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-K_9Gc9vcCFdGYhQod4WoILg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

456 B
389 B

88ms
87ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-K_9Gc9vcCFdGYhQod4WoILg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5529826150479.275?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

a83318a06ab098cc6f974200a6d160150908778792cb107c34a98cf21d93df06

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Mon, 23 May 2022 18:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-K_9Gc9vcCFdGYhQod4WoILg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5529826150479.275?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CJ6W_9Gc9vcCFS1DHQkd59oIhg;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D... Show response
11868943.fls.doubleclick.net/ Frame 5391
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ6W_9Gc9vcCFS1DHQkd59oIhg;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

454 B
388 B

82ms
82ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ6W_9Gc9vcCFS1DHQkd59oIhg;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6422300964740.52?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=53913&version=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

df2c5150ebfac21616ed05dcca11afd5c5b84031aab627720c07a86c7ac14c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:59 GMT
expires: Mon, 23 May 2022 18:12:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:12:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ6W_9Gc9vcCFS1DHQkd59oIhg;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6422300964740.52?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 20DE
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
29 KB

42ms
41ms

Script
application/x-javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=50822&version=1
Protocol: H2
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 23 May 2022 18:12:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame E563 43 B
525 B 51ms
38ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master zrh-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:58 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 18:12:57 GMT

GET
H2 200 styles.css Show response
consent.cookiefirst.com/sites/hempamed.de-39301550-d48f-4a69-a8a8-dcbbe3a7899f/ 2 KB
1 KB 64ms
64ms XHR
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/hempamed.de-39301550-d48f-4a69-a8a8-dcbbe3a7899f/styles.css?v=0bcc9647-7c4f-4243-915a-dce130ef8cca
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: f7543013448a42e1b07bc53b29226c43a784e357a52d97796b66dff9e2c8a6b0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 317
cdn-storageserver: UK-317
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat: 05/23/2022 18:12:58
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: Cookie First CDN-AMS1-879
access-control-allow-origin: *
visitor-location: FR
last-modified: Mon, 11 Apr 2022 20:54:18 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6254957a-645"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=31919000
cdn-requestid: 18b79dc8a1344647505a78cc2120409d
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3

200

src=9858635;dc_pre=CPW6hNKc9vcCFWBIHgIdsnwGKw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9019676682562.818
adservice.google.com/ddm/fls/z/ Frame 20DE
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9858635;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9019676682562.818?
https://ad.doubleclick.net/ddm/activity/src=9858635;dc_pre=CPW6hNKc9vcCFWBIHgIdsnwGKw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=...
https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CPW6hNKc9vcCFWBIHgIdsnwGKw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9...

42 B
63 B

64ms
64ms

Image
image/gif

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CPW6hNKc9vcCFWBIHgIdsnwGKw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9019676682562.818

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=50822&version=1

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CPW6hNKc9vcCFWBIHgIdsnwGKw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9019676682562.818
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookiefirst.png
consent.cookiefirst.com/branding/ 14 KB
15 KB 67ms
67ms Image
image/png 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.cookiefirst.com/branding/cookiefirst.png
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: Cookie First CDN-AMS1-879 /
Resource Hash: c907449e77649b7251526ef8a042c6f0b2e1518c9bca69728f5a6f37d4f92a0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
cdn-edgestorageid: 879
cdn-fileserver: 317
cdn-storageserver: UK-317
cdn-cachedat: 05/23/2022 18:12:59
cdn-pullzone: 236985
content-length: 14774
server: Cookie First CDN-AMS1-879
visitor-location: FR
last-modified: Mon, 11 Apr 2022 15:50:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "62544e2a-39b6"
content-type: image/png
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=31919000
cdn-requestid: 62d101945ce107c1585cd00180f1511c
accept-ranges: bytes
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 7AD5 43 B
525 B 36ms
35ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1480634&mt_adid=238097&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4409 ba5503e master cdg-pixel-x30 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:12:59 GMT
Server: MT3 4409 ba5503e master cdg-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 18:12:58 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 159ms
158ms Script
application/javascript 104.104.52.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C549A79QQNL8BODFM9DG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.106 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 71ebe79.254f73a
date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-102.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 109,104.104.52.102
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=15, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 2022052318125901000200763700400500600300011090A27
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.220.105.202
x-tt-trace-host: 01b4a27882c045ade5217ed421843f5de958042647133ab9078e5e7c90e789236ed6433a1a771bd1fe054b17632c6eeb10b37bfbe9a31de639ea836f4a2c0fbdf309d5c8b17d8578b2d442316a32f4e0a3a7bcbabdf764a426d05a674ad1900ca483ecdf9d494fe2fd85b907d6d42cd477
expires: Mon, 23 May 2022 18:12:59 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 146ms
146ms Script
application/javascript 104.104.52.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C549A79QQNL8BODFM9DG&hostname=hempamed.de
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C549A79QQNL8BODFM9DG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.106 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6fbda3c138db7551085974afa4130dd2df5390cc535c96020513e9c8b3ef60c7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 3488065b.254f7a3
date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-218.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-102.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 97,104.104.52.102
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=5, inner; dur=3
content-length: 1844
pragma: no-cache
server: nginx
x-tt-logid: 20220523181259010002006005005006003058010E28D5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.105.218
x-tt-trace-host: 01b4a27882c045ade5217ed421843f5de958042647133ab9078e5e7c90e789236ea177eefbb897405f0f9d5cbd3a5d9b272bb9349e2c13bba9542442f4c07458cdb768c75b465eb5bde4cc7f4e5f04dc0f7460c738e34e2cf82b343fde40bdb3ea6f6979cbc09dbcc2757f5f7995b40fb5
expires: Mon, 23 May 2022 18:12:59 GMT

GET
H3 200 dc_pre=CMDG_tGc9vcCFaxCHQkdmgIFPg;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=255717...
adservice.google.com/ddm/fls/z/ Frame 093D 42 B
63 B 62ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMDG_tGc9vcCFaxCHQkdmgIFPg;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2557177488698.237

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMDG_tGc9vcCFaxCHQkdmgIFPg;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2557177488698.237?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CJ-H_9Gc9vcCFRNIHQkd95kKbg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=685...
adservice.google.com/ddm/fls/z/ Frame 326A 42 B
63 B 78ms
78ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ-H_9Gc9vcCFRNIHQkd95kKbg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6858989584078.41

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ-H_9Gc9vcCFRNIHQkd95kKbg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6858989584078.41?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://11868943.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CJ-K_9Gc9vcCFdGYhQod4WoILg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5529...
adservice.google.com/ddm/fls/z/ Frame BEA0 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ-K_9Gc9vcCFdGYhQod4WoILg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5529826150479.275

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-K_9Gc9vcCFdGYhQod4WoILg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5529826150479.275?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CJ6W_9Gc9vcCFS1DHQkd59oIhg;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=64223...
adservice.google.com/ddm/fls/z/ Frame 5391 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ6W_9Gc9vcCFS1DHQkd59oIhg;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6422300964740.52

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJ6W_9Gc9vcCFS1DHQkd59oIhg;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6422300964740.52?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://11868943.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1384381/log/3/ 0
244 B 96ms
21ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1384381/log/3/unip?en=pre_d_eng_tb&tos=1646&scd=100&ssd=1&est=1653329577801&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1653329579446&vi=1653329577799&ri=48afe3d16ba3db8099696594d6b30a32&ref=null&cv=20220522-5-RELEASE&item-url=https%3A%2F%2Fhempamed.de%2F
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://hempamed.de
pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect Show response
d.clarity.ms/ 0
90 B 103ms
103ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://hempamed.de
date: Mon, 23 May 2022 18:12:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 7AD5 111 B
592 B 40ms
40ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=46480194722&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D53913%26version%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

GET
H2 200 gyB-hwkiNtc6KnxUVjWHP87JR5-7NdB589yspgpx0N7r5-25NB8.108.woff2
fonts.gstatic.com/s/trainone/v13/ 16 KB
17 KB 90ms
27ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/trainone/v13/gyB-hwkiNtc6KnxUVjWHP87JR5-7NdB589yspgpx0N7r5-25NB8.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Train+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d58dcd02e3156eadcdfe071726b8b6e7a2e87dd667be2ccb82b833c4c55602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 23:53:54 GMT
x-content-type-options: nosniff
age: 411545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16784
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 23:53:54 GMT

GET
H/1.1 200
OK 1aa279a414.html Show response
tm709.ad-srv.net/tm/a/container/tags/iframe/ Frame DE68 1 KB
876 B 717ms
659ms Document
text/html 148.251.45.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm709.ad-srv.net/tm/a/container/tags/iframe/1aa279a414.html?sid=l3dtrnrns3rt71av7qg00bdcm6
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/init/1aa279a414.js?&ntmData=ntmData3319837083267&rnd=66717081
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.45.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.45.251.148.clients.your-server.de
Software: nginx /
Resource Hash: d9ad6bf92228389fb31e16ab141f38a49ab06c234d402f71a095937c70e8da11

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 23 May 2022 18:13:00 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 web-widget-framework-18a6bbaeee17262f066c.js Show response
static.zdassets.com/web_widget/latest/ Frame 8D4B 213 KB
71 KB 39ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=87dec002-4ce2-4e0f-9a4c-b8a0a6b8295b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12e5313fc7e6de3ce64887750d40dcffe04e618c7faf33317e4a5bc79df15cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581980
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: QJ9ADFAM283YMBDE
x-amz-id-2: hBkuKw0m2G6D2Zz1+7eIZXb9jkvF66scbV+P1ycQuC0TsSTOYRMy5XiYZX54Jd8HtKZ+Wyn7LOM=
last-modified: Thu, 12 May 2022 07:56:09 GMT
server: cloudflare
etag: W/"d343d58d9d2daf2ef3f9a50491ca2c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRSuwpFfUYTIGe4cwUPi7EiG7q08RSqS8Xjf6P3ppb7FIGE8Vl1phK9pIup6Dw9%2BTQd0PNr6iBmflrdOimIH3CJrXHGTusRL1VjASwTiStBNfXGs4p56imkd7hTn5xqFxkRaH50%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: C7bmY63jR21pa.0rqdHmmQUp8IwsgT61
cf-ray: 70ffc3504c5c32c4-CDG
expires: Fri, 12 May 2023 07:56:08 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 20DE 130 B
605 B 38ms
37ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2051254&ADFPageName=Hempamed%20CBD%20DE%20Adform%2020%20Days&ADFdivider=%7C&ord=850054454498&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D50822%26version%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a452e981484d0db32a9aa66c65fa84dd8c88ee45b4eed0ebe69dd9837c65da15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 199
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 20DE 130 B
604 B 41ms
40ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2051254&ADFPageName=Hempamed%20CBD%20DE%20Adform%2010%20Days&ADFdivider=%7C&ord=534300651280&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D50822%26version%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6e64da1b51564d16486641b1290320c103e0c448461d13592fc69334a9ddeb1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 198
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 20DE 131 B
605 B 40ms
40ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2108128&ADFPageName=Hempamed%20CBD%20DE%20Adform2%2020%20Days&ADFdivider=%7C&ord=992127498915&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D50822%26version%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aed4469e21f8e133a2063f718d1f3588520cf0716f8ded6b91fd2b9ef0fe6b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 199
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 20DE 131 B
606 B 40ms
39ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2108128&ADFPageName=Hempamed%20CBD%20DE%20Adform2%2010%20Days&ADFdivider=%7C&ord=639097075269&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fhempamed.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D50822%26version%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b3dc5a480c59c9765ffe8baa31c090be69690e1c0398339f9baa72ee207d300a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 200
expires: -1

GET
H3 204 dst
as.ad4m.at/ad/ 0
631 B 55ms
53ms Image
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=6218&b=2&c=kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF&e=16748&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fhempamed.de%2F

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 70ffc350ca9032b8-CDG
expires: 0

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 161ms
160ms Ping
application/octet-stream 104.104.52.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C549A79QQNL8BODFM9DG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.106 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 207eca15.254f9df
date: Mon, 23 May 2022 18:12:59 GMT
x-cache-remote: TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-102.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 114,104.104.52.102
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=23, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202205231812590100040050060030140A02F563
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.220.105.199
x-tt-trace-host: 01b4a27882c045ade5217ed421843f5de958042647133ab9078e5e7c90e789236eb3747d1b5a52be54f42ee3c17ba9c7da53db896ac2f9ee83d149dfda665e5dcd83906e288b11e01393b335bfd627e77e15e6ff14cd33dd0ddabd4c7eabc33fd5fad2fa0e30bf283edf61f36d5bcfe9ec
expires: Mon, 23 May 2022 18:12:59 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
720 B 166ms
165ms Ping
application/octet-stream 104.104.52.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C549A79QQNL8BODFM9DG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.106 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 37fd2297.254f9e1
date: Mon, 23 May 2022 18:12:59 GMT
x-cache-remote: TCP_MISS from a23-220-105-138.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-102.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 118,104.104.52.102
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=27, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220523181259010002006005005006003029010BEBB3
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.220.105.138
x-tt-trace-host: 01b4a27882c045ade5217ed421843f5de958042647133ab9078e5e7c90e789236e78880196f213e36df23ac8abf46b102bbe569590d2ae357bf892380bbbe4a1a8fe0c268afd88010d02496fece97707fb975cf9a3b3f733fe952c455cef551ceaa92035c59b2bbbb488f865ebaeca985b
expires: Mon, 23 May 2022 18:12:59 GMT

GET
H2 200 config Show response
hempamed.zendesk.com/embeddable/ Frame 8D4B 735 B
1 KB 208ms
132ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hempamed.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6330882132d4f908652a9628a4fabc7b22f3a864e53bfb38a78636925272c15d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
x-envoy-decorator-operation: embeddable.embeddable.svc.cluster.local:80/*
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5dd99487dd-9ts4c
x-envoy-upstream-service-time: 3
zendesk-api-version: 2022-01-01
access-control-allow-methods: GET
content-encoding: br
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 70ffc3518bd340b7-CDG
x-runtime: 0.001344
last-modified: Sun, 22 May 2022 17:06:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=womJpyiDZUB1U9QyDX88Wt5XS5dDD6E4ZsK%2BanWPAoEfIzyxX5SiHps4VO0z167%2Bu9dcU1Sdcysr6DNQxEPgnfTvtNM3pIUjCRJPpioQc9C4l8ltuIVvlBkTePjk2Niz%2BDZ09ACj"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 70ffc3518bd340b7-CDG

POST
H2 204 collect Show response
d.clarity.ms/ 0
25 B 298ms
298ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://hempamed.de
date: Mon, 23 May 2022 18:12:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 web-widget-messenger-38c95ca.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 8D4B 14 KB
4 KB 41ms
40ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d3640f60c9bb90faf0521222d005a61bd425053ffa636852779e1e6e30beffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581979
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 1MVC03SNN7SXT6ED
x-amz-id-2: 0YrNi+NqZJzS5GFTFCxF1xxbZZT0hIsE6MhFICL3DK5pjuWhAv7NczFEr5nVfJZLhZHsyVg2790=
last-modified: Thu, 12 May 2022 07:56:38 GMT
server: cloudflare
etag: W/"ef366a8ec20730ed94401a790653741e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMf9lfVCzSyguMrAx%2Bq2Ic0Lsj6rMK2M4%2FAVH9U7nORGPDgg6pyzubYn7%2BPF3NV7Fo1ypw4ccQokJU8VK7704GB%2FwXWT3H7EK50r85CJmqYUe3sLagjgbtIWNz%2FZSeK23t9%2BkZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: nUdN9HnBHZ.AYyiDJqLU6CKdj4mU4AtN
cf-ray: 70ffc3526fd432c4-CDG
expires: Fri, 12 May 2023 07:56:36 GMT

GET
H2 200 web-widget-1260-38c95ca.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 8D4B 1 MB
298 KB 42ms
42ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-1260-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b9abfe2354e6dbc7288a4ec2aae5bddc09a9db06c0baaf9809d8ad7a3118859

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581978
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: BG92FZFKTRR9PT4M
x-amz-id-2: nKOkkeMIFl3nUF7TUbs1cISMm1FaipmnL7ha64u+eVLvaIUWGhF1fFcuzs/dLsiP8XSkaVdmRfk=
last-modified: Thu, 12 May 2022 07:56:38 GMT
server: cloudflare
etag: W/"69a4d53fb5b053992fe18f51494825b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TE9yDrHzlyL5qfYdL6a9ZcNc%2FpAipD1b4wvHArN9TTtcmmoH4iJlGVT%2BKGDdcLWALBkvcin%2FWRi8JXCUKTdcVUa7FojYNFfvdMjPtzDOGKZJqt%2F5nnX7vLpZLuV2pze0GYYvT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: C85dKPGSNkLMYDRkOJTyV0Uiotj7V7X.
cf-ray: 70ffc352b85632c4-CDG
expires: Fri, 12 May 2023 07:56:36 GMT

GET
H2 200 web-widget-4797-38c95ca.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 8D4B 346 KB
84 KB 39ms
38ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-4797-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f75ffbf918873dda9885e63278b4dd59ae0da41ce12e0d5168254215f64206

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581978
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: BG9CNZEM81T14G1E
x-amz-id-2: 3S4BIO49Jf7WBkO1FUCHG0Zr29wbS9KQVaN0eZPWJU26rxLiMFxlof4g8IDnmIz7f89aYChs4eM=
last-modified: Thu, 12 May 2022 07:56:38 GMT
server: cloudflare
etag: W/"566a05a04957acc103873d60f1b8a9d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaSJGO084JKzGSyiqtOuDIkDGz%2FgSZo1sXLB7lhp8JYg9KEkZM2soR9HtOVU0magIoxfUYuYghO7pd%2FQzIbaxmATGR8aJhwHcH7VubztD5lmrfLJYWF4gDhEY4XV9mZe99YG55w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: pAE1io84a0jwrjROeU6jUR.os5WQL2Lh
cf-ray: 70ffc352b85932c4-CDG
expires: Fri, 12 May 2023 07:56:36 GMT

GET
H2 200 en-us-json-38c95ca.js Show response
static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/ Frame 8D4B 9 KB
3 KB 36ms
36ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6005b4b95a5f2051d22bf97811076fb2192c6cb1fb042fc8f8df21879a527ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581975
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 6N1TGG4W3G7RX565
x-amz-id-2: F9EWYYGC2lkUSCSUuOHWgi1QUhHDvAvpo6ZS8/WTkbwcomxfdqByXFsi0q7QwrfW1Hv/tXldVcc=
last-modified: Thu, 12 May 2022 07:56:39 GMT
server: cloudflare
etag: W/"dc5c9c658221375953d521a7f431f820"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgYaYx1VqmC8twmCEDqCwZlTj5bBug7%2FEXeI4PDtPdEXgMbqUP0FtnUO0FqxSri%2BCI6uXpQTsl6FysXJwe3ePOxeik83I4BB%2Fm70TFeCyUG18gifBI9UJc6hz%2BZQ0gljiMJn7B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: A4uBPGdtPffWZsBzoIIVsuJVoL.i1ZGY
cf-ray: 70ffc3551c1132c4-CDG
expires: Fri, 12 May 2023 07:56:38 GMT

GET
H/1.1 200
OK retarget Show response
ad.ad-srv.net/ Frame 9E3D 0
471 B 91ms
36ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=63935&version=1
Requested by: Host: tm709.ad-srv.net
URL: https://tm709.ad-srv.net/tm/a/container/tags/iframe/1aa279a414.html?sid=l3dtrnrns3rt71av7qg00bdcm6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tm709.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 23 May 2022 18:13:00 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H2 200 web-widget-776-38c95ca.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 8D4B 9 KB
3 KB 38ms
38ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-776-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb6918becbb62e091368c58b0bf8432ba95ab5ae0ad3be2677e0ce8875d76f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581978
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 306EH0N9C8QT8TTZ
x-amz-id-2: kcQRfknsrfRk3iQFHYmgnvwI08l2KAtq281t4pRE8APMoJo8RHLX73r9Kq9EMHcv+YHB2wQoEQU=
last-modified: Thu, 12 May 2022 07:56:38 GMT
server: cloudflare
etag: W/"97310b80d082d54183a70dfc690c0690"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxJczuRfTI3hj7LXvUIQ2OZ5Ilm%2BUHsnwJxR9nbpcgxHRNID%2F9S%2FuUhq0yfEgrRELphRAFhHLQamgZJ%2B2EKW6ebTPmEZLeXul6l8Yehxhxkv2WxSIf6wr0vwpVOnsFsyVHdudDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: KjXDHCEKXV2MGTuM494n3M6BYrHF1g_W
cf-ray: 70ffc3556ca532c4-CDG
expires: Fri, 12 May 2023 07:56:36 GMT

GET
H2 200 web-widget-3923-38c95ca.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 8D4B 2 KB
1 KB 45ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3923-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe299bed3fd3f0fa5c26a5b0951d85ea532ad03a2738dbf29ae98d446f7af359

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581978
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 306ACP9EXHRQBBYF
x-amz-id-2: IclXTLAf992wgKV/Ik/b1X2bfRVGlASIWAU1iVj+T689aQAaIm0WA3LEAl4yhz60JdO5ZZ2QnD0=
last-modified: Thu, 12 May 2022 07:56:38 GMT
server: cloudflare
etag: W/"873de7aa57614f4a825dfa658482d832"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49m5uFgKoHnqYXscoBdj%2Fij8Cs3ME542HXII%2B70OAha8c3sYmQ0Q%2FZbYHAcYLijHT1riksXkjEue6lFV5gvJVk0dJqtdPxzWHyFLZp09kLa1BWRaxkfetJj74KSVTC5pyWMccCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Ret3KMfP8QtS3atVOeCn1pKEFAhaXIAB
cf-ray: 70ffc3556ca832c4-CDG
expires: Fri, 12 May 2023 07:56:36 GMT

GET
H2 200 embeddable_blip
hempamed.zendesk.com/ Frame 8D4B 0
0 62ms
62ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hempamed.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX21lc3NlbmdlciIsInBhZ2VWaWV3Ijp7InRpbWUiOjY5LCJsb2FkVGltZSI6NjEuNSwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IkNCRCDDlmxlIHZvbiBIZW1wYW1lZDogUHJlbWl1bSBDQkQgw5ZsIGpldHp0IGhpZXIga2F1ZmVuIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMS4wLjQ5NTEuNjQgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsaW5pdGlhbC1zY2FsZT0xIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZSwicmVmZXJyZXIiOiJodHRwczovL2hlbXBhbWVkLmRlLyJ9LCJidWlkIjoiMWRmNDBhZmUwODRmNDM4NWJjMWEwOTNmNDU2MDk3N2MiLCJzdWlkIjoiZDdjYTgxMWM3YzA5NGFmYThmNGY3OGViZGZhMjllZjgiLCJ2ZXJzaW9uIjoiMzhjOTVjYSIsInRpbWVzdGFtcCI6IjIwMjItMDUtMjNUMTg6MTM6MDAuMzk3WiIsInVybCI6Imh0dHBzOi8vaGVtcGFtZWQuZGUvIn0=

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 1
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: e6438a09f0e3bacbb347b9c95de938c2
last-modified: Mon, 23 May 2022 18:13:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqaGY4OdYlrW6MoDLSDZTpEU2Tm339AvECDf1t3r7qJPmOmkdt7z8pNx43lGXdeseZ3sqSeAP5%2FBK7OFPlLg4TjbmL4XP0v3gjWOBSTsLF7Chm06nxq6Ecuc4iZ0r5O9agf21ZpE"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 70ffc3558c2640b7-CDG

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 157ms
99ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Lkbxr9&shop=hempamed-cbd.myshopify.com
Requested by: Host: hempamed.de
URL: https://hempamed.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4fc633193dade2b08c4a8bfde3ab6f4d7f827d504fb7494cf5c8faaefd69aca0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: gzip
age: 450
x-cache: HIT, MISS
access-control-max-age: 86400
content-length: 1005
x-served-by: cache-lga21942-LGA, cache-cdg20725-CDG
access-control-allow-origin: *
allow: OPTIONS, GET
server: nginx
x-timer: S1653329581.553900,VS0,VE80
etag: W/"f145c08309af62fd88d45f641e39adf8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 0

GET
H2 200 preload.js Show response
front.optimonk.com/public/50257/shopify/ 3 KB
2 KB 105ms
33ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/50257/shopify/preload.js?shop=hempamed-cbd.myshopify.com

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

73468fdf89edcf5ea5683a6c0f0411fc13f298da13369243b4336afa13216dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"d12-r8KHa7uJRaqPVw+ZJulbCO4H7n0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 523 B
642 B 84ms
22ms Script
application/javascript 178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=81992&shop=hempamed-cbd.myshopify.com

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7fb313a47a115a1b61595b1f34a9e7e143221d594be5560ac2061902c5b33e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:12:59 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H3 200 trustedshops_shopify.js Show response
cdn.shopify.com/s/files/1/2959/9804/t/20/assets/ 4 KB
2 KB 34ms
34ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/trustedshops_shopify.js?v=1645804547&shop=hempamed-cbd.myshopify.com

Requested by

Host: hempamed.de
URL: https://hempamed.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f372d6797feaa75fb52ea274df0f02c84e5785f775785a7358e14e17152aafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 989820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iG2PlS9L9vRwXpRcaY8gVbrRLURgRcYznTr6ACHmCSTrsr0N2lNbDlElnxOwOAjVHriX2nryRxyafkO%2BNaaSdIlcRHzp8HTDtc9XUa%2BRYRcv6oFbSyjr9o9ocL22fQm1MA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=72.253, imageryFetch;dur=69.988
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f666e497-1e4a-44b9-b349-4562ae245f51
timing-allow-origin: *
surrogate-key: segment4-26973 shop-29599804 mime-text/javascript-26973 time-bucket-20220512-26973 80a0bab91baf27d08f98bfbb43ff95e340c9550af55062e200fede6f3f2bc856
last-modified: Thu, 12 May 2022 01:42:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70ffc3561d320897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/trustedshops_shopify.js>; rel="canonical"

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 33CA
Redirect Chain

https://insight.adsrvr.org/track/up?adv=2bkuptt&ref=https%3A%2F%2Fhempamed.de%2F&upid=b9suilz&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=2bkuptt&ref=https%3A%2F%2Fhempamed.de%2F&upid=b9suilz&upv=1.1.0

0
181 B

37ms
36ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=2bkuptt&ref=https%3A%2F%2Fhempamed.de%2F&upid=b9suilz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 23 May 2022 18:13:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 23 May 2022 18:13:00 GMT
location: https://match.adsrvr.org/track/upb/?adv=2bkuptt&ref=https%3A%2F%2Fhempamed.de%2F&upid=b9suilz&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=CF1ED03A2560439D843DF8312A181153&RedC=c.clarity.ms&MXFR=27E59631013169F72F18879C053167CD
https://c.clarity.ms/c.gif?CtsSyncId=CF1ED03A2560439D843DF8312A181153&MUID=1840C1A603DD62A30C20D00B021D633B

42 B
391 B

31ms
31ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=CF1ED03A2560439D843DF8312A181153&MUID=1840C1A603DD62A30C20D00B021D633B
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:00 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9917F02192B34358BA95E18270D0504E Ref B: DUS30EDGE0310 Ref C: 2022-05-23T18:13:00Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=CF1ED03A2560439D843DF8312A181153&MUID=1840C1A603DD62A30C20D00B021D633B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 X4F5D1F8D08CDAC1FC5E156B35CCD3BBF.js Show response
widgets.trustedshops.com/js/ 15 KB
6 KB 229ms
134ms Script
text/javascript 18.64.115.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.trustedshops.com/js/X4F5D1F8D08CDAC1FC5E156B35CCD3BBF.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/2959/9804/t/20/assets/trustedshops_shopify.js?v=1645804547&shop=hempamed-cbd.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-76.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4f3b5a08490d9d17d7fa60a3d46113a1d6b3b3f368e3420b31364ddca4bcb6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 23 May 2022 18:13:01 GMT
content-encoding: gzip
last-modified: Mon, 23 May 2022 05:05:19 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P4
etag: W/"5ce5bb91c85e7fe9eecbc6abc506ea62"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
via: 1.1 6d74947505437c57fd215b170c6b3d90.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: 4mxM7RPTF9EnBQ_sHAi7nCkGer3ve5bKOaSYuAm5IJzm7L-rhe1Q9g==

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
814 B 148ms
147ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 60d5298f-5da2-450f-b68d-674f413b70f5
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XccEv5C0ksMFPBLPzUmwP9f%2FWYBEOQ11pceqtSFxfz6wiFjm30SACmWdQU5nh8Rr%2Fpg4hWc7ynzNVdPqEAWcrju1uClHohb5aF40HQNBpAitvT8H01X6Pq2qo%2F2AC3NbC6prNpVNSHke7vwXMw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hempamed.de
access-control-allow-credentials: true
cf-ray: 70ffc3567becee07-CDG
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H3 200 Hempamed_DE_CBD_GoldMundspray_natur_10ml_5__boxandbot_1500px_540x.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 14 KB
15 KB 37ms
36ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/Hempamed_DE_CBD_GoldMundspray_natur_10ml_5__boxandbot_1500px_540x.jpg?v=1619689776

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b45d72213054e26a569778fbed0b899bc9b403b5b0b79e9a1d0514017b8ee97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 276807
server-timing: imagery;dur=247.561, imageryFetch;dur=77.753, imageryProcess;dur=168.605;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14282
x-xss-protection: 1; mode=block
x-request-id: 34c1877a-7d4a-4136-a665-a5cf5480efe7
timing-allow-origin: *
last-modified: Fri, 20 May 2022 04:59:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwVWQnr7ZJ66fWa1yCCBicZ03KYlOWLDOJS4ma7x7DhDduiF1rkieoppuNmZURugvKzF%2FtAPmGG2xI0gslin5T0CHn8HI53k1X36QEOh%2Fxz9UbLb594gogeAC5SFDlZWDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc3567ddc0897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/Hempamed_DE_CBD_GoldMundspray_natur_10ml_5__boxandbot_1500px_540x.jpg>; rel="canonical"

GET
H3 200 Hempamed_Activ-CBD-Gel_Box-and-Tube0000_low_540x.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 15 KB
16 KB 142ms
141ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/Hempamed_Activ-CBD-Gel_Box-and-Tube0000_low_540x.jpg?v=1611675309

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7430d0f1c48dc295576c3565bb961139bebedef6c2cb5060ce85cf902acfdbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=217.548, imageryFetch;dur=44.500, imageryProcess;dur=171.792;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15382
x-xss-protection: 1; mode=block
x-request-id: 531e6f57-b2a0-442a-814f-e0b310a26abc
timing-allow-origin: *
last-modified: Fri, 20 May 2022 07:10:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UizZBp06BqzlLyRUG0z8RUmx9I5CHjQoeSZsk8QkbojHFy%2BuKJMpEx9olkxObeaJv%2BOKHyUlaYPrUWi29rQlP67R%2FBxB3LUceFcfLKtXlnJV2rDauj4phzUX7kMnadKkeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc3567ddf0897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/Hempamed_Activ-CBD-Gel_Box-and-Tube0000_low_540x.jpg>; rel="canonical"

GET
H3 200 20220321_Hempamed_DE_CBD_PremiumOel_10ml_RZ_10__Box-Bottle_1500px_540x.jpg
cdn.shopify.com/s/files/1/2959/9804/products/ 16 KB
17 KB 31ms
31ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/2959/9804/products/20220321_Hempamed_DE_CBD_PremiumOel_10ml_RZ_10__Box-Bottle_1500px_540x.jpg?v=1651737028

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d6595b0ae880568f9667157d5136e86c0351a306646b6f8d959062e3a6e8206

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 732117
server-timing: imagery;dur=239.657, imageryFetch;dur=49.750, imageryProcess;dur=188.702;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16614
x-xss-protection: 1; mode=block
x-request-id: b5c63b90-76fe-4ff8-9d4f-4312f6413ec0
timing-allow-origin: *
surrogate-key: segment4-14613 shop-29599804 mime-image/webp-14613 time-bucket-20220514-14613 868dd02b36018ecb5ed1c8960ba9d4aa250fb37b911e49e85e17b21012bc52f7
last-modified: Sat, 14 May 2022 15:01:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLIBxNzj9noYQ2bFZzU0pNn5ARLmef3QdEQNtjmZM0uccGozCiBKZ1c5RB2BGHpbDgQwBFNsDgmqI6bctoZjrfaiNTD%2BRarw%2BxXXVl3Gzm98axEUBkbVidIquQmXIejNbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70ffc3567de00897-CDG
link: <https://cdn.shopify.com/s/files/1/2959/9804/products/20220321_Hempamed_DE_CBD_PremiumOel_10ml_RZ_10__Box-Bottle_1500px_540x.jpg>; rel="canonical"

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 79ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81992&shop=hempamed-cbd.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:27:13 GMT
server: nginx
etag: W/"626a33c1-a5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 24 May 2022 18:13:00 GMT

GET
H2 200 preload.js Show response
front.optimonk.com/public/50257/js/ 3 KB
2 KB 90ms
90ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/50257/js/preload.js?213

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/50257/shopify/preload.js?shop=hempamed-cbd.myshopify.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2a1318e1a4c2a32ab462f57324248b6c74871392090b0ad79aaf1918b97c1f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"d52-9Yd/TKnmuJvOBjDqQhSpyKvkHH0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 fender_analytics.3b056da2b5af587ace67.js Show response
static-tracking.klaviyo.com/onsite/js/ 21 KB
8 KB 90ms
20ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.3b056da2b5af587ace67.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Lkbxr9&shop=hempamed-cbd.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6800f4571faf5ff6865a72c7f8aeb43c7eb7953d4caf49f0074f5a4b53832d2e

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: qk6zcVUrr43Gx.HuL2pRhbGvbeqy9iTa
content-encoding: gzip
age: 453
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7503
x-amz-id-2: uhwUGxmSxRAwfllfjKx5yW8TrV+ZUyTtww3+yDMAb/ePamf1LC6HiyAd6cB5Q34RLLywDuVVuAw=
x-served-by: cache-lga13623-LGA, cache-cdg20733-CDG
last-modified: Mon, 23 May 2022 18:05:18 GMT
server: AmazonS3
etag: "7d1c3e2d4c9e2c4db55bd356d3b48088"
vary: Accept-Encoding
x-amz-request-id: H0F64F5E32EGR8AM
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 1, 417

GET
H2 200 static.15c46cf2acaee1ad8b86.js Show response
static-tracking.klaviyo.com/onsite/js/ 14 KB
6 KB 90ms
20ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.15c46cf2acaee1ad8b86.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Lkbxr9&shop=hempamed-cbd.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3d9ecb5fa660fa96dcc77b68b9c84e5ecd664f029156d741f1aedc79ce6bd45

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: ABNyf2RBAJ8n8DMOfQq3HO71xnbYLmD8
content-encoding: gzip
age: 453
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5905
x-amz-id-2: reN0OVYDhgvtQF8SMGSr0cdBX9oyShfSutwmSJWBCGd56qXfzJ2MqLpgRJB1RHfBREFG0tvxrsE=
x-served-by: cache-lga21960-LGA, cache-cdg20733-CDG
last-modified: Mon, 23 May 2022 18:05:18 GMT
server: AmazonS3
etag: "faeaf0670038ba4391c3b7eecb33e4ab"
vary: Accept-Encoding
x-amz-request-id: H0FF22K1S3YPMGHN
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 3, 430

GET
H2 200 sharedUtils.ac67ecc041f3e65fe37e.js Show response
static.klaviyo.com/onsite/js/ 32 KB
13 KB 60ms
20ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.ac67ecc041f3e65fe37e.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Lkbxr9&shop=hempamed-cbd.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6209b0ee91e6db5f1cb2f349ebe814bdcc413b7940c5860be8a66f8a40ded95

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: xJnCrIKXs7bstYeh1SYe5OtdmL4dKGC9
content-encoding: gzip
age: 456
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12637
x-amz-id-2: +unmTIQLRc+h42UlW11ckv8w4neRbYja/pGR6oB9CLSlRSICrSOGeepIkjMAprE2E6zZ64e7fAw=
x-served-by: cache-lga21939-LGA, cache-cdg20749-CDG
last-modified: Tue, 17 May 2022 13:57:45 GMT
server: AmazonS3
etag: "b6477f7fb592302c2133964fab354458"
vary: Accept-Encoding
x-amz-request-id: DTR5CBF4QM72CWYC
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 1, 356

GET
H2 200 vendors~signup_forms.a75d5024e83ef6195ac0.js Show response
static.klaviyo.com/onsite/js/ 37 KB
13 KB 61ms
20ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.a75d5024e83ef6195ac0.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Lkbxr9&shop=hempamed-cbd.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bee8644ecd26a7e98f72824775b6923c176afad9726d0b2c76c5c06812c2201

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: iHagBOJNloD99BUz4UVYWi2TizRxJn0h
content-encoding: gzip
age: 452
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12760
x-amz-id-2: a8QtdZajyjzdjFbrka845MlrxnT2jMmk3PvriQisMLlE6cO1yWqypBU+xQaalciRqlL2R94cqGo=
x-served-by: cache-lga21949-LGA, cache-cdg20749-CDG
last-modified: Mon, 23 May 2022 18:05:18 GMT
server: AmazonS3
etag: "27b311c3b947d791e4a237c4c5769f2c"
vary: Accept-Encoding
x-amz-request-id: H0FC0SPV2AA8NVGT
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 3, 291

GET
H2 200 signup_forms.140b2cdec064869adc05.js Show response
static.klaviyo.com/onsite/js/ 53 KB
19 KB 61ms
21ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Lkbxr9&shop=hempamed-cbd.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c75710eeaa9bc34bb2a365b709fa5b4274b574e0022409028dad13f0b651937

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: 5WSRu0xzA32tUtwOjK3SzO8fGojHQSA0
content-encoding: gzip
age: 455
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 19132
x-amz-id-2: IJ7Ghivw18joGTdges9W2OeQnl4J+jtRihnfcb0J74S38CVL6X5AujUtgrmfqxheZItk8QZ1Bcw=
x-served-by: cache-lga21970-LGA, cache-cdg20749-CDG
last-modified: Mon, 23 May 2022 18:05:18 GMT
server: AmazonS3
etag: "6b8904e6ad86e7402e0eca09ab0b84b8"
vary: Accept-Encoding
x-amz-request-id: 6JMCE86E9ES38Z0F
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 1, 246

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2A48 14 KB
6 KB 178ms
24ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=hempamed.de&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hempamed.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6039
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 18:13:00 GMT
server-processing-duration-in-ticks: 1938
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 preload-base.js Show response
front.optimonk.com/ 50 KB
16 KB 36ms
35ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.js?v=4d9fb651a8

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/50257/js/preload.js?213

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d5819a94b00e11df610b9c8fdac2ff057bc1e4e34a58cb81686acbfa3c9f9b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"c993-xZCjT8q1YocsG3DN+LDvQMBvxxA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 sentry.72c35c673102dbf675f0.js Show response
static.klaviyo.com/onsite/js/ 39 KB
14 KB 20ms
20ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sentry.72c35c673102dbf675f0.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2652f0c7c7b7905018e1a14dd565b946e15d9e7ac92e4b88cfbe54eeda8fa0d6

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: OYx9hgarlAcADJpd_z3npiVgW9HDTTV4
content-encoding: gzip
age: 455
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13733
x-amz-id-2: FNN3I9d6sQkPC8o2ihP3+Jc9J3sTqWUI82MddK0e99ir4HZYrhrhsKtfmyWw/NbwI+cXp20HWaQ=
x-served-by: cache-lga13623-LGA, cache-cdg20749-CDG
last-modified: Wed, 27 Apr 2022 20:36:07 GMT
server: AmazonS3
etag: "a8c2468bbb12338630abadf2b3aea3e6"
vary: Accept-Encoding
x-amz-request-id: PQA13S140XCQ4KHP
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 1, 233

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 711 B
1 KB 73ms
21ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=Lkbxr9

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7622a820637247da1eaa8b52a6c229000647b6bece2ad44e1b3d88cf6ba03ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 1682822
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=900
content-length: 711
x-served-by: cache-bos4645-BOS, cache-cdg20741-CDG
allow: GET, HEAD, OPTIONS
server: nginx
vary: Cookie
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v5/Lkbxr9/ 61 KB
8 KB 69ms
20ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v5/Lkbxr9/full-forms
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad5921ea7406330873c917235896a0676a8d0f785c265db1391ad54c3495fa53

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: LFxa_Op06Z.5cQv9D3P49Y5MjqCyS_s8
content-encoding: gzip
age: 38328
via: 1.1 varnish
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/Lkbxr9 custom-fonts/Lkbxr9
content-length: 7208
x-amz-id-2: 2jHpdp7dy7DXWXwYoix0e/bCUsFs1mCULimIFcQvb31G2+uv7m+cjLtIe/63XDikBprD7ASCh7w=
x-served-by: cache-cdg20741-CDG
client-geo-country: FR
last-modified: Mon, 23 May 2022 07:25:30 GMT
server: AmazonS3
x-timer: S1653329581.794895,VS0,VE1
etag: "3804384aaeb114f82aba389fdb438538"
vary: Accept-Encoding
x-amz-request-id: WRZY3ADC60410Z7Y
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
content-type: application/json
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 1

GET
H3 200 cart.json Show response
hempamed.de/ Frame C9DA 283 B
1 KB 216ms
185ms Fetch
application/json 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hempamed.de/cart.json

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=4d9fb651a8

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

27a7e91abe980a5b38048d85cf4fd6ae87be14b942b87ba2d4cddc817a33fa58

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
server-timing-public: processing;dur=21, db;dur=7
content-type: application/json; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 29599804
x-shardid: 265
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: de
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
x-download-options: noopen
x-shopid: 29599804
x-request-id: ea7fe894-da73-4410-bee8-21ff06cbb1b9
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 70ffc35819e8cd8f-CDG
x-sorting-hat-podid: 265
x-cartjs-updatedat: 0

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 94 KB
32 KB 122ms
23ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=4d9fb651a8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 7cdc558992cf8d77ea5e9fb2360e25aaf19eb850036f750657963044a5b3ca1c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: br
cdn-edgestorageid: 832
age: 0
x-guploader-uploadid: ADPycdswA-ghktfF4njiQ_WOtZN-ME1s4QoQGQsviShWynYGMF0Rrz_8WHsmaj0LSPUXp7h8fMo6CZEzhyFS9_TwfxuiBSMIgFo7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 05/05/2022 06:37:52
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Thu, 05 May 2022 06:37:44 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"514bf3d0110bfc3d1e7378053e444d82"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=9qL8bg==, md5=UUvz0BEL/D0ec3gFPkRNgg==
x-goog-generation: 1651732664453193
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 96276
cdn-requestid: 700634b7097ba8b39e322bdd67a905a4
content-type: application/javascript
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 load Show response
front.optimonk.com/public/50257/js/ 0
347 B 98ms
35ms XHR
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/50257/js/load

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 trustbadge.js Show response
widgets.trustedshops.com/assets/ 261 KB
73 KB 43ms
43ms Script
application/javascript 18.64.115.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.trustedshops.com/assets/trustbadge.js
Requested by: Host: widgets.trustedshops.com
URL: https://widgets.trustedshops.com/js/X4F5D1F8D08CDAC1FC5E156B35CCD3BBF.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-76.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee576a7005587f299bc9dd78c41253e84752a5d4409443196b0a3b381125cd85

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:10:32 GMT
content-encoding: gzip
etag: W/"f2a44ef8899184b6490f304241719e43"
last-modified: Mon, 23 May 2022 07:34:00 GMT
server: AmazonS3
age: 149
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6d74947505437c57fd215b170c6b3d90.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: TXL50-P4
x-amz-cf-id: xcbgBFGRkRcGHbuMAoOEVQ1VI8OogsAMmQatH54ByEVt4vzOMhbRgA==

GET
H2 200 vendors~ClientStore.d35e4f7273793c120160.js Show response
static.klaviyo.com/onsite/js/ 31 KB
11 KB 21ms
21ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~ClientStore.d35e4f7273793c120160.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a424f2663b62231a917a4574d954787269793ea5091f8081dae9f335c8a80c1b

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: 0.80568jcbFVp.mg.XC8PASSurlD9e_C
content-encoding: gzip
age: 455
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 10720
x-amz-id-2: aFXCSDkP1/YuVdt0vf+OtlHfqYYDTQ/wId9O3mkpQszxsGcBE79sFcEjtUG1kEGUufFZz4j3h5E=
x-served-by: cache-lga21974-LGA, cache-cdg20749-CDG
last-modified: Wed, 27 Apr 2022 20:36:07 GMT
server: AmazonS3
etag: "58a892eadafe0209c46cedaa4770aa17"
vary: Accept-Encoding
x-amz-request-id: PQA7Z882N51MDHZW
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 4, 115

GET
H2 200 ClientStore.f861494a3bb8396f5dad.js Show response
static.klaviyo.com/onsite/js/ 107 KB
24 KB 24ms
23ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/ClientStore.f861494a3bb8396f5dad.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51228ad2f2bcc03bf76672c20b918cbef3aed6ed9aa859e99aeee94fcf7bdc30

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: vo9RWCrZUIvpHU0dGRNz6KkO_xwJbW.n
content-encoding: gzip
age: 455
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 24513
x-amz-id-2: eFqKvhhHiOb3wGATxyY9O6v63jSssZ0/7DFAa53tVv10qxws7mBDH9LN8xcso5dM0FJiBcBm7+s=
x-served-by: cache-lga13625-LGA, cache-cdg20749-CDG
last-modified: Wed, 18 May 2022 17:31:15 GMT
server: AmazonS3
etag: "65e9ae5768a00c0842ee6a278619a699"
vary: Accept-Encoding
x-amz-request-id: 4PFZ5X5TJ0SS69QB
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 1, 119

GET
H3 200 css2
fonts.googleapis.com/ 9 KB
656 B 93ms
38ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 May 2022 16:46:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 23 May 2022 18:13:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 May 2022 18:13:00 GMT

GET
H2 200 233.ac4aaef24b03675b7581.css
static.klaviyo.com/onsite/js/ 68 KB
6 KB 22ms
21ms Stylesheet
text/css 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/233.ac4aaef24b03675b7581.css
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7938b25262fb457e540afd0f50048e0ec9f951324fd1d85228b1242e0cdd81cc

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: xJxm8tMbDNxTsXSWBj0VdjBf8IsPjtnx
content-encoding: gzip
age: 452
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5969
x-amz-id-2: 5PzNuZjRvXWtoROPae/DpiR5GLA8vSTP5vsxBoBDD4cXiCANsX1FvAoWttcdsT+DXO0QqKY3DlA=
x-served-by: cache-lga21946-LGA, cache-cdg20749-CDG
last-modified: Mon, 23 May 2022 18:05:17 GMT
server: AmazonS3
etag: "450ff83f5cf6daef8b7c262b6cb3f21e"
vary: Accept-Encoding
x-amz-request-id: 95AG72YDHWY334A2
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: text/css
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 2, 111

GET
H2 200 styles.937ca39d09b8603ee92c.js Show response
static.klaviyo.com/onsite/js/ 122 B
359 B 22ms
21ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/styles.937ca39d09b8603ee92c.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a629ce00500034dd23150bc4a928014305b1fec86fc8f06b566f31dbfdaec11d

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: K87TnAeVZ352itWDV_B1hWNUbEzgrEir
content-encoding: gzip
age: 455
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 103
x-amz-id-2: b7AA1Wr2BIbDrInGYyBdlEqagVTBzsEjmUhymBVnZ53vXHx5HdqZHvGiS04enCS6si8YhuSbRmk=
x-served-by: cache-lga13622-LGA, cache-cdg20749-CDG
last-modified: Mon, 02 May 2022 21:43:31 GMT
server: AmazonS3
etag: "2481b70dcccb0e9c7ecd4fd8faee8de7"
vary: Accept-Encoding
x-amz-request-id: S0GMG5E8H1K3BJXJ
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 1, 114

GET
H2 200 vendors~Render.d45c84c434474cedf89f.js Show response
static.klaviyo.com/onsite/js/ 40 KB
13 KB 23ms
22ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~Render.d45c84c434474cedf89f.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 549c5447e985294d7c9175f9c6a5169d17ef6986319445f9497f8a9192095d8d

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: KQTiTCYyLTtCSVNpy.DUzJA4S4MzYfVE
content-encoding: gzip
age: 455
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13281
x-amz-id-2: MDMRgU65JmQm88F7GmlNPTkc/s49MLBAG7+wWX9e5M0P+gscx2cptSr2GBXCfVnNQy71MQie9t0=
x-served-by: cache-lga21925-LGA, cache-cdg20749-CDG
last-modified: Fri, 29 Apr 2022 15:16:57 GMT
server: AmazonS3
etag: "dfcbf73089368187ee8f779bbeb7464b"
vary: Accept-Encoding
x-amz-request-id: A0NEHRVQD9NE4VX0
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 1, 114

GET
H2 200 Render.f80edef5ad6d28656d59.js Show response
static.klaviyo.com/onsite/js/ 87 KB
26 KB 25ms
25ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/Render.f80edef5ad6d28656d59.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7f1d0616d66853bde81d2b6be1908db41b3bca8a5387e3eeab9ace22fae991f

Request headers

Referer: https://hempamed.de/
Origin: https://hempamed.de
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: ry3oCXS6VY6zM3GSpn7grz30MZvsZ1sh
content-encoding: gzip
age: 455
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 26269
x-amz-id-2: KdTqo8thTwvftqDxy/T7r2gNYtA2tItlyL33zXbQinLrtec/A311jXmceHXehkQd19OMyECcoNA=
x-served-by: cache-lga21968-LGA, cache-cdg20749-CDG
last-modified: Thu, 19 May 2022 14:15:52 GMT
server: AmazonS3
etag: "c6f44c7555deffdc73439e593eb0c8c6"
vary: Accept-Encoding
x-amz-request-id: GJHMQRGTS7NJ5SQE
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Mon, 23 May 2022 18:13:00 GMT
x-cache-hits: 2, 118

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2A48
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=hempamed.de&sn=ChromeSyncframe&so=0&topUrl=hempamed.de&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=AHgSK3xWUVU4TkV1SjM5YUtrWGxlNHhRNmhqeG5DWkRWaUg5N2dwOWNBK2ZMMUZBYkhXRDMzM3FqVDEvdzNvNktjcSs5cDJ0N3hoczM5Rjl1RStkTWhCM3ZXb0NURFQxcStldXBvVmo2YkJCamQxLzBQcUhHQ1JxZkg1WF...

419 B
625 B

182ms
22ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AHgSK3xWUVU4TkV1SjM5YUtrWGxlNHhRNmhqeG5DWkRWaUg5N2dwOWNBK2ZMMUZBYkhXRDMzM3FqVDEvdzNvNktjcSs5cDJ0N3hoczM5Rjl1RStkTWhCM3ZXb0NURFQxcStldXBvVmo2YkJCamQxLzBQcUhHQ1JxZkg1WFd2MzMraStIWjRzd3V0aDVtNHFyNU9SZGhYdGRORFdZOHcxTEdsN1hvc0VNRkpVNmtWOTd5ck55Y3Z2ZWR6VWYvMllyblB5cDZCWmk3Z3RWUGFiNDlhWlVwZnpIYVlyN1cxdjlKbTFVUWFiZFBUQUtKblVqaFVpMTZDZW1WUmhnZFcvZUprT2ZhRHZ4YnFmNGp3WGJSa3RtT1dXZFVCdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5c2672b0dbeeda6d780fcd6f441e150af15eb1de16dc66d81b248c87d5894983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:00 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4342
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:00 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=AHgSK3xWUVU4TkV1SjM5YUtrWGxlNHhRNmhqeG5DWkRWaUg5N2dwOWNBK2ZMMUZBYkhXRDMzM3FqVDEvdzNvNktjcSs5cDJ0N3hoczM5Rjl1RStkTWhCM3ZXb0NURFQxcStldXBvVmo2YkJCamQxLzBQcUhHQ1JxZkg1WFd2MzMraStIWjRzd3V0aDVtNHFyNU9SZGhYdGRORFdZOHcxTEdsN1hvc0VNRkpVNmtWOTd5ck55Y3Z2ZWR6VWYvMllyblB5cDZCWmk3Z3RWUGFiNDlhWlVwZnpIYVlyN1cxdjlKbTFVUWFiZFBUQUtKblVqaFVpMTZDZW1WUmhnZFcvZUprT2ZhRHZ4YnFmNGp3WGJSa3RtT1dXZFVCdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1416
content-length: 541
expires: 0

GET
H2 200 trustmark_120x120.png
widgets.trustedshops.com/assets/images/ 8 KB
8 KB 43ms
42ms Image
image/png 18.64.115.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.trustedshops.com/assets/images/trustmark_120x120.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-76.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45414d90709f784fcb63afe7b2827e4ebe5ebd9b94841a05629395f3943bbc2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 23 May 2022 18:10:33 GMT
via: 1.1 6d74947505437c57fd215b170c6b3d90.cloudfront.net (CloudFront)
last-modified: Mon, 23 May 2022 07:34:00 GMT
server: AmazonS3
age: 149
etag: "d85f5c61a2d1e39cf0301c6a0779fc61"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=3600
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
content-length: 8208
x-amz-cf-id: z--BWyC3G3dnTKZgdP_7ZRbEq7mAnpJTQ0b1lTITXtM7ISSy__E2jg==

GET
H2 200 508.jfclientsdk-893b21341e437ef1712c.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 9 KB
4 KB 50ms
26ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/508.jfclientsdk-893b21341e437ef1712c.js
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: fe7c01c09db58ac2ea5ad79017cc9ad7c2099eb177e826b13248515aa1be4f8e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
content-encoding: br
cdn-edgestorageid: 832
age: 0
x-guploader-uploadid: ADPycdvrZgsjGNAHdWxNdLhwtWKTUOb5vtMjjv5tRg5KCn8EQB5BwoHIMnoDmdA1q1SeiMh8-mUCHR6_-GxVfNQU-bU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 03/12/2022 04:37:45
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Mon, 15 Nov 2021 07:16:44 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"5acfca015c98e66550cfd327af3ab0fb"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=87I7uQ==, md5=Ws/KAVyY5mVQz9Mnrzqw+w==
x-goog-generation: 1636960604614821
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 9454
cdn-requestid: 16783ef6400f8824e9bc881691e15cb1
content-type: application/javascript
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 103.jfclientsdk-2775af6bb1ef2617d2b5.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 8 KB
4 KB 47ms
23ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/103.jfclientsdk-2775af6bb1ef2617d2b5.js
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: b8654209f3456faba9f227d6ef407a65369bd1de70ef534f36ae63118b2886ef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
content-encoding: br
cdn-edgestorageid: 832
x-guploader-uploadid: ADPycds6iDV5u2aIeCc0zWSt3oNbcWpAsDffUJFSGPhbVdWyco_S06-SfDLalFpP-wmNgJmuRvDUrBLRl7dVZy_6CxyYfFtY8bQi
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 05/05/2022 06:37:53
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Thu, 05 May 2022 06:37:39 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7ad8b3eeb5cfb71f396feb835b93839a"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=moWfgw==, md5=etiz7rXPtx85b+uDW5ODmg==
x-goog-generation: 1651732659298054
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 8007
cdn-requestid: 0393211afdaa0268307ddc68769d4c84
content-type: application/javascript
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 metric Show response
telemetrics.klaviyo.com/v1/ 0
331 B 412ms
286ms XHR
text/plain 18.64.115.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://telemetrics.klaviyo.com/v1/metric
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-118.txl50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
via: 1.1 95e3cc9e14ff093ad937f013959268c0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P4
x-amzn-requestid: 39e586f8-e5d4-4cc0-bfd9-24117b8b01f8
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-amzn-trace-id: Root=1-628bcead-47527f085743c3381b1177b4;Sampled=0
x-amz-apigw-id: Sl07IF_DoAMFt-w=
x-amz-cf-id: J0EPbwghUN5dx6slmUx8h3Pbpak32KH4_IgdrWaCcFCzkQtQTtO3lw==

GET
H2 200 363.jfclientsdk-45817228856ecc92df55.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 71 KB
25 KB 25ms
21ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/363.jfclientsdk-45817228856ecc92df55.js
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 42dd1580f08ce097eb016607569e2947aa3ec792742135aa4415d3df0d6dbc0b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
content-encoding: br
cdn-edgestorageid: 832
x-guploader-uploadid: ADPycdt2hgXTCDJ2J8RW57vM0t_i2jEnVc2_hbWITkkhU2l4JE3aJfT7c0JVih_OxU9IaskVxnjXomP4LEzXUR1KveY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 03/12/2022 04:37:51
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Mon, 15 Nov 2021 07:16:42 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"16ab041e56befcd585976042bc43027b"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=xwcgHg==, md5=FqsEHla+/NWFl2BCvEMCew==
x-goog-generation: 1636960602542946
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 72757
cdn-requestid: 8737f823722ff4c4798cc653f15eedd8
content-type: application/javascript
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 997.jfclientsdk-f07cbbf17331034b8b68.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 2 KB
2 KB 35ms
32ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/997.jfclientsdk-f07cbbf17331034b8b68.js
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 5168687db41ad16a2e5087cff577a1e70455d941b076f82a76521c41267a3a90

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
content-encoding: br
cdn-edgestorageid: 832
x-guploader-uploadid: ADPycdulMkmIzBlklea7FoZ8DzwZPtRLBIbTG7_sOSOL-ypYRM0yztg0ovE9IkrrBy0AYEkmKZTj3D8JvXXYRIgjFBQlYQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 05/14/2022 10:24:19
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Thu, 05 May 2022 06:37:42 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"015fc140cc4423ad5dcb0b4af8f9db21"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=9dhHHA==, md5=AV/BQMxEI61dywtK+PnbIQ==
x-goog-generation: 1651732662246884
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 2436
cdn-requestid: d164975b08753f10ff415209c88ad4bd
content-type: application/javascript
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 event Show response
sslwidget.criteo.com/ 7 KB
8 KB 187ms
43ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=81992&v=5.10.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-mc&p3=e%3Ddis&adce=1&bundle=czGF9F9wV2ZoblVGZ3FPc2gzQWR1V3JIanpVem1aaTdPd0dsSXhxUiUyRnB4QUlUcWdMaU9LQlZPSVlNS0ZlSUozaDM1eEJ4VUl0aXhDYUVOcnIwMk41VTA2c1dvWE5tdUxpQU56dnRUTVFEMnBEWGRJRG9ZdEV2WkFqOWZjWTZ3VVAxRGI1YTdpMmJyRkFkJTJCcm9kZWxtc3VBZmd3JTNEJTNE&tld=hempamed.de&dy=1&fu=https%3A%2F%2Fhempamed.de%2F&dtycbr=14738

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

20a420e1cdca075745fc24eacaeef6e33fed4b9f68caffacd2b67c4c1424c173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:00 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 21200261
content-type: application/x-javascript
expires: 0

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
85 B 246ms
143ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 18:13:01 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
content-type: application/json; charset=utf-8

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 243ms
141ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 18:13:01 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
content-type: application/json; charset=utf-8

GET
H2 200 aacxc.php
c.aaxads.com/ Frame 4E53 44 B
289 B 192ms
66ms Image
image/gif 23.33.71.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=3&wbsh=crx&ryvlg=k-r2FNkpSTsmkLxBE7WUr8XG6mJ3NbZ3q-ZYiCkg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.71.161 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-33-71-161.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 23 May 2022 18:13:01 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 44
x-mnet-hl2: E
expires: Mon, 23 May 2022 18:13:01 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4E53
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-r2FNkpSTsmkLxBE7WUr8XG6mJ3NbZ3q-ZYiCkg&google_cm&google_hm=ay1yMkZOa3BTVHNta0x4QkU3V1VyOFhHNm1KM05iWjNxL...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-r2FNkpSTsmkLxBE7WUr8XG6mJ3NbZ3q-ZYiCkg&google_gid=CAESENiWsei9bD0XqU214E14528&google_cver=1&google_ula=913071,0

43 B
371 B

72ms
23ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-r2FNkpSTsmkLxBE7WUr8XG6mJ3NbZ3q-ZYiCkg&google_gid=CAESENiWsei9bD0XqU214E14528&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:01 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1146764
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-r2FNkpSTsmkLxBE7WUr8XG6mJ3NbZ3q-ZYiCkg&google_gid=CAESENiWsei9bD0XqU214E14528&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 4E53 0
476 B 396ms
103ms Image
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-WLHlYJSTsmkLxBE7WUr8XG6mJ3MYjCan_z9zfg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:13:01 GMT
Cache-Control: no-cache
X-TraceId: 2f34584e380f772ac1e9edaa2edbdfbf
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 4E53 0
239 B 163ms
28ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-z4NmC5STsmkLxBE7WUr8XG6mJ3P_9xfe8ABwyA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 4E53 37 B
140 B 84ms
27ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-L3vSS5STsmkLxBE7WUr8XG6mJ3NqiMesIleTHg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 4E53 43 B
466 B 24ms
20ms Image
image/gif 185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-PDPqWpSTsmkLxBE7WUr8XG6mJ3P4diw3VrbnbA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:00 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 4E53
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-FtEwGZSTsmkLxBE7WUr8XG6mJ3NciIWG18VH-g&seg=130915
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-FtEwGZSTsmkLxBE7WUr8XG6mJ3NciIWG18VH-g%26seg%3D130915

43 B
1 KB

42ms
42ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-FtEwGZSTsmkLxBE7WUr8XG6mJ3NciIWG18VH-g%26seg%3D130915

Protocol

HTTP/1.1

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:13:01 GMT
X-Proxy-Origin: 92.222.212.18; 92.222.212.18; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ba1d2701-b513-4646-bb7e-b0e500a4a116
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:13:01 GMT
X-Proxy-Origin: 92.222.212.18; 92.222.212.18; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 710d246c-7fb4-4e4c-bcd3-7e5db592c3ee
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-FtEwGZSTsmkLxBE7WUr8XG6mJ3NciIWG18VH-g%26seg%3D130915
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4E53
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=806949325725164914

43 B
370 B

22ms
22ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=806949325725164914

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:01 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2018503
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:13:01 GMT
X-Proxy-Origin: 92.222.212.18; 92.222.212.18; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0f2755eb-33b9-46c9-8aa4-6dbc076e76fc
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=806949325725164914
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 4E53
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-8P2mkpSTsmkLxBE7WUr8XG6mJ3Oh8T2BcqBKcA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8P2mkpSTsmkLxBE7WUr8XG6mJ3Oh8T2BcqBKcA

43 B
446 B

30ms
30ms

Image
image/gif

18.203.97.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8P2mkpSTsmkLxBE7WUr8XG6mJ3Oh8T2BcqBKcA
Protocol: H2
Server: 18.203.97.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-97-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 18:13:01 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8P2mkpSTsmkLxBE7WUr8XG6mJ3Oh8T2BcqBKcA
date: Mon, 23 May 2022 18:13:01 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 4E53 42 B
113 B 21ms
18ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NTEmdGw9NDMyMDA=&piggybackCookie=uid:k-gS3xO5STsmkLxBE7WUr8XG6mJ3M7nRT_H-Tg8Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK rum
r.casalemedia.com/ Frame 4E53 43 B
1 KB 135ms
40ms Image
image/gif 23.35.232.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-48lY55STsmkLxBE7WUr8XG6mJ3NZ46Q78ZXUHA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.232.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-232-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:13:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 18:13:01 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 4E53 0
194 B 349ms
25ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 4E53
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-e1CgaZSTsmkLxBE7WUr8XG6mJ3Mb7AYuu8oUaw
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-e1CgaZSTsmkLxBE7WUr8XG6mJ3Mb7AYuu8oUaw&verify=true

0
121 B

27ms
26ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-e1CgaZSTsmkLxBE7WUr8XG6mJ3Mb7AYuu8oUaw&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-e1CgaZSTsmkLxBE7WUr8XG6mJ3Mb7AYuu8oUaw&verify=true
date: Mon, 23 May 2022 18:13:01 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 um
criteo-sync.teads.tv/ Frame 4E53 23 B
172 B 182ms
52ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k--OMBnJSTsmkLxBE7WUr8XG6mJ3MjfTK9r7dtMg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 23 May 2022 18:13:01 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 pixel
cm.adform.net/ Frame 4E53 43 B
162 B 126ms
37ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-AZAQhpSTsmkLxBE7WUr8XG6mJ3PSQiHw1mawlA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
last-modified: Wed, 10 Apr 2019 11:14:34 GMT
server: nginx
accept-ranges: bytes
etag: "5cadd01a-2b"
content-length: 43
content-type: image/gif

GET
H2

200

1by1.png
cotads.adscale.de/ads/pixel/ Frame 4E53
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-BJDF5pSTsmkLxBE7WUr8XG6mJ3MA9vPWk8P0Nw&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
https://cotads.adscale.de/ads/pixel/1by1.png?uid=82d818379e5f5c39ed06543275ab0e0101185f574bc744149e04ad8c2daee221

321 B
698 B

115ms
23ms

Image
image/png

2600:9000:21f3:f800:1b:832b:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cotads.adscale.de/ads/pixel/1by1.png?uid=82d818379e5f5c39ed06543275ab0e0101185f574bc744149e04ad8c2daee221
Protocol: H2
Server: 2600:9000:21f3:f800:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 13:13:54 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 23:05:25 GMT
server: AmazonS3
age: 363548
etag: "c1ab48a971e5c1a7eae346346487762d"
x-cache: Hit from cloudfront
x-amz-version-id: L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 321
x-amz-cf-id: 1_sBPnO8DsyRqH3ZNvCAzjZHCE_0Q8Apoy_O-0iX21C9t5rN2i2hAQ==

Redirect headers

location: https://cotads.adscale.de/ads/pixel/1by1.png?uid=82d818379e5f5c39ed06543275ab0e0101185f574bc744149e04ad8c2daee221
date: Mon, 23 May 2022 18:13:01 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2 200 cksync.php
contextual.media.net/ Frame 4E53 45 B
784 B 344ms
219ms Image
image/gif 104.102.28.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-okaRQ5STsmkLxBE7WUr8XG6mJ3OMbpt7IY7Y9w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.28.29 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-102-28-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 23 May 2022 18:13:01 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 23 May 2022 18:13:01 GMT

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 4E53 0
360 B 38ms
37ms Image
text/plain 104.89.29.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-Q_bJ_5STsmkLxBE7WUr8XG6mJ3PvmCJv5fplXw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.29.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-29-143.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:13:01 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 22 May 2022 18:13:01 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 4E53 43 B
220 B 29ms
28ms Image
image/gif 35.156.151.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-lKowhZSTsmkLxBE7WUr8XG6mJ3PGuieJXTtVUw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.151.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-151-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:13:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 4E53 68 B
262 B 106ms
23ms Image
image/png 18.195.54.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Xh_mFJSTsmkLxBE7WUr8XG6mJ3MJJaoHesI6pw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.54.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-54-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
content-length: 68
content-type: image/png

GET
H/1.1 200
OK getusermatch.php
a.twiago.com/rtb/ Frame 4E53 43 B
237 B 110ms
37ms Image
image/gif 85.215.5.31
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k--K2P8JSTsmkLxBE7WUr8XG6mJ3Ppi_8NvMSmcg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 18:13:01 GMT
server: Apache
connection: close
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 4E53
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-gvzzhZSTsmkLxBE7WUr8XG6mJ3NkHqs7yHaCAg&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

155ms
20ms

Image
image/gif

2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:13:02 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1653329581.dop213.pa1.t,1653329582.cds230.pa1.shn,1653329582.cds230.pa1.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:13:01 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1653329581811048-388
Expires: Mon, 23 May 2022 18:13:01 GMT

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 4E53 49 B
235 B 79ms
23ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-7pVQmZSTsmkLxBE7WUr8XG6mJ3PnyEJgyyygLA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:01 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4E53 0
98 B 60ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-emVzbpSTsmkLxBE7WUr8XG6mJ3OzmkErVBM-wA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21115

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 4E53 40 B
40 B 88ms
25ms Image
text/html 3.124.27.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-JDOYYZSTsmkLxBE7WUr8XG6mJ3O_KPCBj9nbDQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.27.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-27-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:01 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 sync
matching.ivitrack.com/ Frame 4E53 42 B
274 B 89ms
24ms Image
image/gif 34.117.157.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-au6rCpSTsmkLxBE7WUr8XG6mJ3MtfaPB84GdRw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:13:00 GMT
via: 1.1 google
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4E53
Redirect Chain

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=240294409137550247

43 B
370 B

26ms
26ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=240294409137550247

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:13:01 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2119164
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:13:01 GMT
X-Proxy-Origin: 92.222.212.18; 92.222.212.18; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2c1fda76-e565-4ce6-92f4-8565d1be0556
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=240294409137550247
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 4E53 43 B
220 B 26ms
26ms Image
image/gif 35.156.151.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=117&user_id=k-lKowhZSTsmkLxBE7WUr8XG6mJ3PGuieJXTtVUw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.151.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-151-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:13:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 4E53 0
522 B 39ms
38ms Image
text/plain 104.89.29.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=12438557&ext_id=k-Q_bJ_5STsmkLxBE7WUr8XG6mJ3PvmCJv5fplXw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.29.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-29-143.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:13:01 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 22 May 2022 18:13:01 GMT

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 4E53 0
360 B 35ms
35ms Image
text/plain 104.89.29.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-Q_bJ_5STsmkLxBE7WUr8XG6mJ3PvmCJv5fplXw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.29.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-29-143.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:13:01 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 22 May 2022 18:13:01 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 197ms
196ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://hempamed.de/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://hempamed.de
date: Mon, 23 May 2022 18:13:01 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 204 unip Show response
trc-events.taboola.com/1384381/log/3/ 0
243 B 22ms
22ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1384381/log/3/unip?en=pre_d_eng_tb&tos=4647&scd=100&ssd=1&est=1653329577801&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1653329582448&vi=1653329577799&ri=48afe3d16ba3db8099696594d6b30a32&ref=null&cv=20220522-5-RELEASE&item-url=https%3A%2F%2Fhempamed.de%2F
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hempamed.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://hempamed.de
pragma: no-cache
date: Mon, 23 May 2022 18:13:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.reviews.io
URL: https://api.reviews.io/widget/options?store=hempamed.de&widget_id=5HSWwC1KTGvP8XnL

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wdsmedia.go2oh.net/	1970-01-20 05:26:52	Name: ohbid Value: 69902dcf-bbcb-46c9-ae1e-788a1b7f67b2
wdsmedia.go2oh.net/	1970-01-20 05:26:52	Name: ohb_visitor Value: 83b7cf74-b988-3d9e-b5a5-5ea3ba7ccbe7
wdsmedia.go2oh.net/	1970-01-20 03:54:43	Name: oh_ssn_122 Value: 1394f278d998ac996169c5437908e0e4
hempamed.de/	1970-01-20 12:01:05	Name: secure_customer_sig Value:
hempamed.de/	1970-01-20 03:35:39	Name: localization Value: DE
.hempamed.de/	1970-01-20 03:35:39	Name: _orig_referrer Value:
.hempamed.de/	1970-01-20 03:35:39	Name: _landing_page Value: %2F
.hempamed.de/	1970-01-20 12:01:05	Name: _y Value: ad1a2434-8022-4e72-b411-c7a52c68859f
.hempamed.de/	1970-01-20 03:15:31	Name: _s Value: 5efd78f4-57c9-4599-b2f4-0ed0cca7c37c
.hempamed.de/	1970-01-20 12:01:05	Name: _shopify_y Value: ad1a2434-8022-4e72-b411-c7a52c68859f
.hempamed.de/	1970-01-20 03:15:31	Name: _shopify_s Value: 5efd78f4-57c9-4599-b2f4-0ed0cca7c37c
.hempamed.de/	1970-01-20 05:25:05	Name: _gcl_au Value: 1.1.654749091.1653329578
.adfarm1.adition.com/	1970-01-20 05:25:05	Name: UserID1 Value: 7100996462753350867
.hempamed.de/	1970-01-20 12:01:05	Name: kameleoonVisitorCode Value: _js_4ilneusei27t7uub
.hyj.mobi/	1970-01-20 20:46:41	Name: dmc-12 Value: b9087d3b-c3df-4056-a7f8-815f73c30d19
.bing.com/	1970-01-20 12:37:05	Name: MUID Value: 1840C1A603DD62A30C20D00B021D633B
.klaviyo.com/	1970-01-20 03:15:31	Name: __cf_bm Value: qtLGaUVV319IlO.DJCNg_Xky3jawua6V5adr9WIQMCY-1653329577-0-AX0+fPr1/tPv/6mIEbjR+BIDr45axQT1R2TfbqrtJjO8P5fJWgTFoXeVnWpTGtrbJ9dVEW/Qt7BaJ0FOvWalH6c=
.hyj.mobi/	1970-01-20 20:46:41	Name: dmc-12-r Value: DEdXcdAd
.redintelligence.net/	1970-01-20 05:25:05	Name: 8lcfmzhxc8d6_uid Value: 92e8e57287ba1be5
.ad-srv.net/	1970-01-20 05:25:05	Name: kdb0xdq3ls8m_uid Value: 3c067b04190ec672
hempamed.de/	1970-01-20 03:15:40	Name: ba_hash Value: 628bcea9b681c
hempamed.de/	1970-01-20 03:15:40	Name: ba_redirect Value: true
www.clarity.ms/	1970-01-20 12:01:05	Name: CLID Value: 876b54db60c64d07834b7337cf946e1c.20220523.20230523
.bidswitch.net/	1970-01-20 12:01:05	Name: tuuid Value: 2081ad7c-951e-4ad6-93a1-2d71e5b8edc0
.bidswitch.net/	1970-01-20 12:01:05	Name: c Value: 1653329578
.bidswitch.net/	1970-01-20 12:01:05	Name: tuuid_lu Value: 1653329578
.doubleclick.net/	1970-01-20 12:37:05	Name: IDE Value: AHWqTUmdUJE8JtOiSUi9rIHjma17lEGSUgd0KF6hOFzzx8vcU5P7FxiFHTINZkolbrI
.hempamed.de/	1970-01-20 03:16:55	Name: _uetsid Value: f9b31d20dac311ecb53503db628daf24
.hempamed.de/	1970-01-20 12:37:05	Name: _uetvid Value: f9b33840dac311ecb5e9efa09fb49b58
hempamed.de/	1970-01-20 03:15:29	Name: outbrain_cid_fetch Value: true
.hempamed.de/	1970-01-20 03:15:31	Name: _shopify_sa_t Value: 2022-05-23T18%3A12%3A58.562Z
.hempamed.de/	1970-01-20 03:15:31	Name: _shopify_sa_p Value:
.hempamed.de/	1970-01-20 20:46:41	Name: _ga Value: GA1.2.1979549604.1653329579
.hempamed.de/	1970-01-20 03:16:55	Name: _gid Value: GA1.2.180074458.1653329579
.hempamed.de/	1970-01-20 03:15:29	Name: _gat Value: 1
.adform.net/	1970-01-20 04:00:07	Name: C Value: 1
.ad-srv.net/	1970-01-20 05:25:05	Name: u8x7eovwf3h6_uid Value: 5c19870010eded5b
.adform.net/	1970-01-20 04:41:53	Name: uid Value: 2528533165235411569
.onaudience.com/	1970-01-20 12:01:05	Name: cookie Value: 0639c3fe6f844168
.onaudience.com/	1970-01-20 03:16:55	Name: done_redirects147 Value: 1
.mathtag.com/	1970-01-20 12:41:24	Name: uuid Value: 5db9628b-ceaa-4500-ad1c-e52fce079ff0
.adscale.de/	1970-01-20 11:57:45	Name: uu Value: fc9a0d63d0fd4cbebbaf407aef7bc99c
.adscale.de/	1970-01-20 11:57:45	Name: cct Value: 1653329578868
.pubmatic.com/	1970-01-20 05:25:05	Name: KRTBCOOKIE_466 Value: 16530-2081ad7c-951e-4ad6-93a1-2d71e5b8edc0
.pubmatic.com/	1970-01-20 03:58:41	Name: PugT Value: 1653329578
.hempamed.de/	1970-01-20 12:01:05	Name: _clck Value: 5n1j4x\|1\|f1p\|0
.smartadserver.com/	1970-01-20 12:45:43	Name: pid Value: 5236655656407327916
.smartadserver.com/	1970-01-20 12:45:43	Name: TestIfCookieP Value: ok
.mathtag.com/	1970-01-20 03:58:41	Name: mt_misc Value: mt_bt:1
.yieldlab.net/	1970-01-20 12:01:05	Name: id Value: 4865b806-4db4-4dcd-8df7-ee71886fdb90
.casalemedia.com/	1970-01-20 12:01:05	Name: CMID Value: YovOq88CWoXpFvAdTelpnQAA
.casalemedia.com/	1970-01-20 05:25:05	Name: CMPS Value: 5154
.casalemedia.com/	1970-01-20 05:25:05	Name: CMPRO Value: 1114
.hempamed.de/	1970-01-20 03:16:55	Name: _clsk Value: 1kf9rom\|1653329579619\|1\|1\|d.clarity.ms/collect
.adsrvr.org/	1970-01-20 12:01:05	Name: TDID Value: 69188095-7303-453d-8279-409939bc4cf9
.c.bing.com/	1970-01-20 12:37:05	Name: SRM_B Value: 1840C1A603DD62A30C20D00B021D633B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:37:05	Name: MUID Value: 1840C1A603DD62A30C20D00B021D633B
.c.clarity.ms/	1970-01-20 03:15:30	Name: ANONCHK Value: 0
hempamed.de/	1970-01-20 20:46:41	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NTMzMjk1ODEsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vaGVtcGFtZWQuZGUvIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjUzMzI5NTgxLCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL2hlbXBhbWVkLmRlLyJ9fQ==
hempamed.de/	1970-01-20 12:01:05	Name: optiMonkClientId Value: 981946ac-41bc-4061-acc4-439624f512f7
.criteo.com/	1970-01-20 12:37:05	Name: uid Value: 2ab7b2d7-2b22-46f6-ab30-85f6e75e0e54
.hempamed.de/	1970-01-20 12:44:53	Name: cto_bundle Value: czGF9F9wV2ZoblVGZ3FPc2gzQWR1V3JIanpVem1aaTdPd0dsSXhxUiUyRnB4QUlUcWdMaU9LQlZPSVlNS0ZlSUozaDM1eEJ4VUl0aXhDYUVOcnIwMk41VTA2c1dvWE5tdUxpQU56dnRUTVFEMnBEWGRJRG9ZdEV2WkFqOWZjWTZ3VVAxRGI1YTdpMmJyRkFkJTJCcm9kZWxtc3VBZmd3JTNEJTNE
.smartadserver.com/	1970-01-20 12:45:43	Name: csync Value: 79:k-PDPqWpSTsmkLxBE7WUr8XG6mJ3P4diw3VrbnbA\|132:kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF
.ih.adscale.de/	1970-01-20 11:57:45	Name: tu Value: 4#381788810#40~k-BJDF5pSTsmkLxBE7WUr8XG6mJ3MA9vPWk8P0Nw~459258~0~0#25~kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF~459258~0~0
.casalemedia.com/	1970-01-20 03:16:55	Name: CMST Value: YovOq2KLzq0A
.casalemedia.com/	1970-01-20 12:01:05	Name: CMRUM3 Value: 14628bcead2760k-48lY55STsmkLxBE7WUr8XG6mJ3NZ46Q78ZXUHA&05628bceab2760kVZ-PtdTzp1DX0wCMHW9AL4HeC5i7rLF
.360yield.com/	1970-01-20 05:25:05	Name: tuuid Value: 175ce50d-6cb4-4a56-8893-658f4533a6b1
.360yield.com/	1970-01-20 05:25:05	Name: tuuid_lu Value: 1653329581
.360yield.com/	1970-01-20 05:25:05	Name: um Value: !38,d1F0iT.EIJ2MPalv3Tp6jM2gHsCnilwCC7VmPkKBYl0dB1x-2D8dzPYPZ28XrcDVXiGd2HM3,1661105581
.360yield.com/	1970-01-20 05:25:05	Name: umeh Value: !38,0,1715537581,-1
.adnxs.com/	1970-01-20 05:25:05	Name: uuid2 Value: 240294409137550247
.yahoo.com/	1970-01-20 12:01:27	Name: A3 Value: d=AQABBK3Oi2ICEC3CNztUUoQN4c2IV78n-XoFEgEBAQEgjWKVYgAAAAAA_eMAAA&S=AQAAAhv6EcGFuWkUymhwrbytg2o
.sharethrough.com/	1970-01-20 03:58:41	Name: stx_user_id Value: e1c844be-f4aa-4d38-a448-25b268fcaaf6
.analytics.yahoo.com/	1970-01-20 12:01:05	Name: IDSYNC Value: 18zh~251u
.adnxs.com/	1970-01-20 05:25:05	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E><kAdsb!fss0=RroE7VW]Fp9TDU.60q:l7^cpD]Xo67^O8PHJ$aaA?X.+BgcrLE=%RBm4gZD3Nwb:*-Z#DI2Z#DIgl#XsfaUqWl#
exchange.mediavine.com/	1970-01-20 03:35:39	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22fbbb5980-dac3-11ec-8f41-97763688dca6%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 03:35:39	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22fbbb5980-dac3-11ec-8f41-97763688dca6%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 03:35:39	Name: criteo Value: %7B%22id%22%3A%22k-JDOYYZSTsmkLxBE7WUr8XG6mJ3O_KPCBj9nbDQ%22%2C%22version%22%3A%22criteo%22%7D
ads.stickyadstv.com/	1970-01-20 03:58:41	Name: UID Value: b5b5e3cde6e7f7f8a5c6c71294e05226
ads.stickyadstv.com/	1970-01-20 03:58:41	Name: uid-bp-11554 Value: k-gvzzhZSTsmkLxBE7WUr8XG6mJ3NkHqs7yHaCAg
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: d11aa4cdff4cbfae7bbdee11c8d327b
.outbrain.com/	1970-01-20 05:25:05	Name: obuid Value: 88511c7a-623b-44af-950d-b44170f1a097
.outbrain.com/	1970-01-20 03:44:17	Name: criteo Value: k-WLHlYJSTsmkLxBE7WUr8XG6mJ3MYjCan_z9zfg
.media.net/	1970-01-20 12:01:05	Name: visitor-id Value: 2963311810715488000V10
.media.net/	1970-01-20 03:58:41	Name: data-c-ts Value: 1653329581
.media.net/	1970-01-20 03:58:41	Name: data-c Value: k-okaRQ5STsmkLxBE7WUr8XG6mJ3OMbpt7IY7Y9w~~3

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shopifyorderlimits.s3.amazonaws.com/limits/hempamed-cbd.myshopify.com?v=65&r=20200630145049&shop=hempamed-cbd.myshopify.com Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: https://hempamed.de/ Message: Access to XMLHttpRequest at 'https://api.reviews.io/widget/options?store=hempamed.de&widget_id=5HSWwC1KTGvP8XnL' from origin 'https://hempamed.de' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.reviews.io/widget/options?store=hempamed.de&widget_id=5HSWwC1KTGvP8XnL Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11868943.fls.doubleclick.net
5994599.fls.doubleclick.net
a.klaviyo.com
a.twiago.com
ad.360yield.com
ad.ad-srv.net
ad.doubleclick.net
ad.yieldlab.net
ad1.adfarm1.adition.com
ad11.adfarm1.adition.com
ad13.adfarm1.adition.com
ad4m.at
ads-engagement.presage.io
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
amplify.outbrain.com
analytics.tiktok.com
analytics.webgains.io
api.bounce-commerce.de
api.reviews.io
as.ad4m.at
assets.reviews.io
bat.bing.com
buybrands.info
c.aaxads.com
c.bing.com
c.clarity.ms
cannatrust.eu
cdn.mouseflow.com
cdn.shopify.com
cdn.stickyadstv.com
cdn.taboola.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
consent.cookiefirst.com
contextual.media.net
cotads.adscale.de
criteo-sync.teads.tv
d.clarity.ms
d1um8515vdn9kb.cloudfront.net
dis.criteo.com
dsum-sec.casalemedia.com
dynamic.criteo.com
eb2.3lift.com
ekr.zdassets.com
eu-tlp06.kameleoon.eu
exchange.mediavine.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
fonts.shopifycdn.com
front.optimonk.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
gum.criteo.com
hal9000.redintelligence.net
hempamed.de
hempamed.zendesk.com
ib.adnxs.com
ih.adscale.de
imagesrv.adition.com
insight.adsrvr.org
integrations.etrusted.com
jfapiprod.optimonk.com
js.adsrvr.org
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
monorail-edge.shopifysvc.com
mug.criteo.com
pix.hyj.mobi
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
r.adserver01.de
r.casalemedia.com
rtb-csync.smartadserver.com
s2.adform.net
sdk.loyaltylion.net
secure.adnxs.com
shopifyorderlimits.s3.amazonaws.com
simage2.pubmatic.com
sslwidget.criteo.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.criteo.net
static.klaviyo.com
static.zdassets.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
t.adcell.com
telemetrics.klaviyo.com
tm.ad-srv.net
tm709.ad-srv.net
tr.outbrain.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
ucarecdn.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
w2s9lwr4sh.kameleoon.eu
wdsmedia.go2oh.net
widget.reviews.io
widgets.getsitecontrol.com
widgets.trustedshops.com
winads.eraofecom.org
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
api.reviews.io
104.102.28.29
104.102.29.173
104.104.52.106
104.111.242.245
104.16.254.71
104.16.255.71
104.16.51.111
104.18.70.113
104.18.72.113
104.89.29.143
138.199.37.226
138.201.135.164
141.226.228.48
141.94.170.64
142.250.185.162
142.250.185.226
142.250.186.102
143.204.215.68
144.76.91.199
148.251.45.252
151.101.129.44
151.101.130.133
151.101.194.133
151.101.2.133
151.101.66.133
151.139.128.11
152.228.175.12
157.245.25.14
178.250.0.157
178.250.0.163
178.250.2.140
178.250.2.151
18.156.0.31
18.157.218.241
18.195.54.68
18.203.97.155
18.64.115.118
18.64.115.76
18.64.115.87
18.66.248.10
18.66.248.50
184.30.20.207
184.30.21.112
185.255.84.153
185.64.190.80
185.86.139.114
195.201.164.250
2001:4de0:ac19::1:b:2b
212.83.50.108
217.79.188.11
217.79.188.2
217.79.188.54
23.227.38.32
23.33.71.161
23.35.232.247
2600:9000:2111:fa00:6:7d8a:4ac0:21
2600:9000:21f3:f800:1b:832b:ac00:93a1
2606:4700:10::6816:d7f
2606:4700:20::681a:a1e
2606:4700:20::681a:ad1
2606:4700:3034::6815:3d98
2606:4700::6811:180e
2606:4700::6812:5a6
2620:1ec:27::cafe:1846
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:813::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a01:4f8:272:50e8::2
2a02:17f8:9001:3e00::107
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:f7::5c7b:e061
2a02:cb40:200::242
2a03:2880:f01c:8012:face:b00c:0:3
3.124.27.94
34.117.157.22
34.117.177.207
35.156.151.58
35.190.71.124
35.71.131.137
37.157.4.23
37.157.4.29
37.157.5.71
37.252.172.249
37.252.172.37
40.76.174.66
52.142.114.2
52.218.248.250
54.255.0.219
65.9.65.116
69.173.144.138
70.42.32.159
76.223.111.18
84.17.46.53
85.114.159.112
85.215.5.31
0023e1b2122cd7bfb6abc83567b43d77e7896b3ce72bb2a4b789b0c87b9721b8
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
00ea83677b038e63b1365af2d5c882001d2efce9d098f46f6fc8657d3ee01946
017b98b9a240b99d8519f252cc10cf7900305fa4e607a04bdc24b07dc64ce5a4
022ce8c81f162fd15bf94d556094735ae437cc33a37b50298358b9e173fb4598
035f81ad01c592578ae1808bbe164eca53a4c00a0198622fd1d638155db00391
03600c8364d6306282dfdf3663390a20504815e082ef7e3e4da6023266c77c2a
06b1350ef5fb569adab388b472d0a86cd10ee58b5a40c97151db08780334434d
071ab97966fe335ee0021cd23dc0f84cdf3ab67613e56b33511968ec989d16f6
0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0c5fed5b005de888894cb8804c7c3c7c9fe7029957af4ab3cc76371bf9689761
10b7f371fb7191b9ad8c64a81a734b1ea5f5c260437172f0904d83a3c8c6394a
1239462b40c481a4acc4299efdec2c9269b6180d6f2c4ba348f7e0ef7fe5be74
143f82b5cb816b44e88b3ea887f797b2c293ffa442d622e6d8eb6c9550426ec1
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
17f4c15957477f0013ab17d7e6078d97473e7036f5ed899a1c19c23c8221b2bd
1a0ae1a0d066f40e19341b9abfd7b10cab72be1c1ad646b80f2f78d7242d2777
1b2f7ee18afa6e23174e31111e331fd8abc33e779797144880b16098079b8156
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e499be587638f717b60b6b76181b9a5609da8fb9940c12a05fd77280e1707f8
20a420e1cdca075745fc24eacaeef6e33fed4b9f68caffacd2b67c4c1424c173
225f46d646199123e9dbcebe4ffe7b97dff347e6e5dc31692b2dc4be91f16986
229860842b915839781a7d3c7bd790170c5072d726d583ea6c1abee4e7cacad4
2652f0c7c7b7905018e1a14dd565b946e15d9e7ac92e4b88cfbe54eeda8fa0d6
27a7e91abe980a5b38048d85cf4fd6ae87be14b942b87ba2d4cddc817a33fa58
2a1318e1a4c2a32ab462f57324248b6c74871392090b0ad79aaf1918b97c1f95
2c27ff0caa70a51f9cc07c0b0b715c640b6213b9120695e277316fd475cab794
2c41862d5cdefda32dd0c6adcaca25ec3baa208538638bdb264306ed98f6578d
2dd577e244074b74bcf2e1a59c90089ac7b9f693c9e91a8e5bff6a378dd34f10
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33f74a6ff5be97e44088d6301836aa1af451649be5c7046f0e1f53b66a680afe
343b9e1f52342349ea7bd351c7093e9be0a234997e9b8b597bbb9576e2502d02
345413c98f82aefb16c1b15a0d3b1b0167185ab437ef5a5bd025200a7abb1dd6
363a8f34508b3139adb7ce7ee35f49ef1b0f35f569c4c4bb8ee1ba636ba81d60
37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5
39ae6b832f7fae6d6e5db10a55020c09884ef05138ff1ed069ad1d5eb198c17c
3ba47121e95cf0e046c6eb1559e7cb2cbd733b528cf7cf3656c2abce75866b8c
3c75710eeaa9bc34bb2a365b709fa5b4274b574e0022409028dad13f0b651937
3c825fdab5bc22347c031621ca03879a32d3e64d995c7986349aabd713ee1351
3caac5c3cc4052eedfc72becf6b03803eaac0c5d8514314ea1fa7ec2b7ce9ac2
3cbfe1c077ba0169a3fb52f9173b184da791852587d1d4f5aac9b6e09e76894e
3d0293870d3d4cd1d60621be8a38fcf3c49d8df2832cf1c4df3aad528ec16822
3d3640f60c9bb90faf0521222d005a61bd425053ffa636852779e1e6e30beffb
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
42096233be12ea904aaf3cdd708e311576beada3fa022425d140ce2efa8b1a79
4243b93dfd253dabb3466e42a4a14f53401de470683281daeea61126513b4531
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42dd1580f08ce097eb016607569e2947aa3ec792742135aa4415d3df0d6dbc0b
45414d90709f784fcb63afe7b2827e4ebe5ebd9b94841a05629395f3943bbc2a
4548350a365a5a63e88a00d84f2faeb3c319bfdd354720cef561c52bf48a2dc5
45fd9848450b8139c5daad01573a8dc8b57a60cf9d723f612d8b2b887dec8cd9
496c75c49f0cd0d943581150e7a8fbf1a55a2d8498a3b2d8d1900a919e884d6b
4b1d05a64a5fb2b440f3bd76d82f164073f184cad51f6a8676e06a798b61e084
4b45d72213054e26a569778fbed0b899bc9b403b5b0b79e9a1d0514017b8ee97
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6b7ed86dd141acbf230cc72c91131cb77761100fc063527cc12377d5d989c4
4d6595b0ae880568f9667157d5136e86c0351a306646b6f8d959062e3a6e8206
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609
4fc633193dade2b08c4a8bfde3ab6f4d7f827d504fb7494cf5c8faaefd69aca0
51228ad2f2bcc03bf76672c20b918cbef3aed6ed9aa859e99aeee94fcf7bdc30
5168687db41ad16a2e5087cff577a1e70455d941b076f82a76521c41267a3a90
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549c5447e985294d7c9175f9c6a5169d17ef6986319445f9497f8a9192095d8d
5585e8dd1b3e1006ff2303d8d9650711ea84ac2046524983901f5d4d40504c12
558b1ca48c32a7f523df2ae72c9bb801084b86140907f9d37ded3a2116337d53
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
585530301e16591696a6fbae6f92ed624c0eb27f911e1838e53f5b0df2f85e56
59e6ffff8b12b46fba8ee79526338a327481660bada9eb459c654c30b4ef0832
5b1ccd08e901adfcd4b47e942f7c860ccd41f3e90ba07c787fb222cd8b776aee
5bc8b6f16b49442921866630c224fcf7fbc7bd9228eece29fddcd91d2c548fee
5c2672b0dbeeda6d780fcd6f441e150af15eb1de16dc66d81b248c87d5894983
5d6281d8b29f81e221f79d932ddd95b97b6aa36e98647f3ba24000acb4c09922
5d8e8ae1eb1a201e03e7cb45ea547d2e96e4dca8c3616d4d27f174a99fa0d17c
5df82f84b139415c25027afbab9e8d104bdd51d35d92f366acdaa4728ef4caed
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
6005b4b95a5f2051d22bf97811076fb2192c6cb1fb042fc8f8df21879a527ead
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6024e76e8e6ae3f8836c3d145605357144b5b9229ec59ad8e180ce653ed66799
6181892ca000f5d8a044a46ef1cda98145d98197e39e9696a891c69eabe6dff1
62bbf84279a285d0dfefcb487233d6352fe2dc78ee527dcf012604cefcaf0a7a
6330882132d4f908652a9628a4fabc7b22f3a864e53bfb38a78636925272c15d
635436613a59dcad198a566f08a03bbce349628391ebb99e6b32caf6b39caeb0
64f75ffbf918873dda9885e63278b4dd59ae0da41ce12e0d5168254215f64206
65ac6cc05d7933437081474bbbc2b72e0a1a340281837480bbc6bdef0b997267
662187a964f65dac27c7ce45d93cf1b8fce7c1a36d837846361b23b962ad0841
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
6800f4571faf5ff6865a72c7f8aeb43c7eb7953d4caf49f0074f5a4b53832d2e
68d18be3ba92856a2311b5247fa8efb89b8167a0ba8d7260596704e9f08f55b1
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
6e64da1b51564d16486641b1290320c103e0c448461d13592fc69334a9ddeb1e
6fbda3c138db7551085974afa4130dd2df5390cc535c96020513e9c8b3ef60c7
714029a0c7fc3451e71e981f2bb5640c04e7de55b160c571842cbc25da754f3d
7182f192ea86e80e031a0d3c58b48c565bc1bf9afca6f8fedb01e28ed7f6c4d3
72770d2adbe7c198b256b9c55fc5c3d39a6bb6fffe7c21f981ba74b7322c0b5f
73468fdf89edcf5ea5683a6c0f0411fc13f298da13369243b4336afa13216dde
7430d0f1c48dc295576c3565bb961139bebedef6c2cb5060ce85cf902acfdbbe
7622a820637247da1eaa8b52a6c229000647b6bece2ad44e1b3d88cf6ba03ccb
77e3bdfb73066e1c7ce07b8e91e81b63380a761919fa65049925a0238fbbdd1c
7938b25262fb457e540afd0f50048e0ec9f951324fd1d85228b1242e0cdd81cc
7b9abfe2354e6dbc7288a4ec2aae5bddc09a9db06c0baaf9809d8ad7a3118859
7bee8644ecd26a7e98f72824775b6923c176afad9726d0b2c76c5c06812c2201
7cdc558992cf8d77ea5e9fb2360e25aaf19eb850036f750657963044a5b3ca1c
7e2d172db253cc60b59c126f829c1ccf101512e31c6fdb76ddcf6b30b5258f78
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
7fb313a47a115a1b61595b1f34a9e7e143221d594be5560ac2061902c5b33e1e
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834ef365505a980fd031502c176b097ff5a86a1682f339c102c8081a7040b830
853a03664587e8ce2dc0809730e089774a45cc4e67b6328d948b56af62985a9d
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
86c39fd7f5dd6cfe3a6ee7bae0e18fb3cd5a0a4cbc9e8d32320289e893f15533
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
880e1a8a65ab9c3c9f9569c7e99a1cb50a64e2c5ed17911380d77e57539ea607
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c30308ef47c56b82818c377efc73047639ce7dffd13f7da93344cccef55f682
8d30da3045d9ddff05746b578e80204fc1e013a37968e78f9f05ef977d8ee2df
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1cad5542973259296b1d2caf9baa56aa0da5c71f3ac5f351fdb510c11310b4
8f372d6797feaa75fb52ea274df0f02c84e5785f775785a7358e14e17152aafa
9061c6ae3e66cd5d55c1790dee3dbdab18981e2f3f029d9f6145b0b2473507e1
924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402
92af92c8456d3d902afd8b15fed3ec50f98a9416ec176866ed38c6ac5773e288
9379a4678a9d21e8245f1aea21e02d4e73a9186296d7bde276606a4e03d8c00a
9438b429cd5de919a4ee493dbb70f5b29048b05a2c596074a9a39cb9c996f1c8
958df42ef1d8bb54fd60181bee980ea37b012c71a2c40e599b21d3e8f7402f2c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c4d8488c7a4aa05d23234bf9faf32308fdf246a919691766dcaf4b8efb11235
9c85d74f98be6a0fc142cdbdc564b9bfa7951b40854e29c6febfaada6e0a5be4
9fc67b5de62e6003fd10d5ffba892d54f066bc7e82463340911dcc5855494acd
a081ed513735ffb15626985d663652a2879e96f0b6695e7ceda16d519372555c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a40950eb5ad54604185f23d2989461a5c89a17d4ab384a674960bc370ddc5524
a424f2663b62231a917a4574d954787269793ea5091f8081dae9f335c8a80c1b
a452e981484d0db32a9aa66c65fa84dd8c88ee45b4eed0ebe69dd9837c65da15
a629ce00500034dd23150bc4a928014305b1fec86fc8f06b566f31dbfdaec11d
a6b81aa7f33b141f664af931510adb6a75f7953c4fa1bb6d6a4d7ba26d2e179a
a83318a06ab098cc6f974200a6d160150908778792cb107c34a98cf21d93df06
a85c5c7cda7906787a061021c46323f9a12e8f4d914c1615577f26f2528db937
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
a9a68d4e821745ea72a80679fde315348a0e0c3570ef02eb5898827fef82cb6a
aad71eeadb53db291f1ac518035af344bb7acaf6c59fdb4b93cd1345a27616e1
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
ad12c547c9ffecd1be09d7d4e3ee88982e79560d72b8a85745198c6dea8500b2
ad5921ea7406330873c917235896a0676a8d0f785c265db1391ad54c3495fa53
aed4469e21f8e133a2063f718d1f3588520cf0716f8ded6b91fd2b9ef0fe6b1a
b142433e6721e29e69906c3a4700735ba2fd9c50785e05e81864f91df41c3ec2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b254af9e43209f827929ae94c85cca468d0c92b080287947467768ecfbcab1ea
b2666a2f678a8564527f79c02b49ef33d0e84c154b80fa3bfb763e7e5f55814f
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3dc5a480c59c9765ffe8baa31c090be69690e1c0398339f9baa72ee207d300a
b41860f4dadff1e2d430820b7dc2b839ec708e61036f6767c3cf2702af050729
b6d58dcd02e3156eadcdfe071726b8b6e7a2e87dd667be2ccb82b833c4c55602
b8654209f3456faba9f227d6ef407a65369bd1de70ef534f36ae63118b2886ef
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6918becbb62e091368c58b0bf8432ba95ab5ae0ad3be2677e0ce8875d76f4b
bed614616a162fc53d756bfa5e0f80ac5f00110c16c9c8d67bcae707f3ef2b7f
c05191e83946b8c1e14f6c493a004d0afaea7dc63d12f21f3c3d0bb2b75bd86c
c12e5313fc7e6de3ce64887750d40dcffe04e618c7faf33317e4a5bc79df15cd
c196ba332033b4a2c4d5dd75a7181a14fc95b3f110633a8fdd108f1b0d65ee47
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c7f4bbda1f148f2639667ea4e0f5d024c633001cc8562de805abc614cc29c569
c907449e77649b7251526ef8a042c6f0b2e1518c9bca69728f5a6f37d4f92a0e
c954b743b05de886d5161aa96bc8795974cf3214c7d815c53c1e97d32ef8b71a
cc6a07524e88b23ff3141a801d7f5e9d1566dd312a8b64dca06cbfdb8fa6f328
cf01a67e2591e708dd01183a6ea0258d4870d2de19a990b8018227605ae2a39b
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d375daca4fe7985462915845f17acaf8ee04290e1b00e4b3eb713cc2d63d761e
d3ccee6ce84c625fa684189c0a4742f68e3e16b61e3d37694e5012365b10a985
d4f3b5a08490d9d17d7fa60a3d46113a1d6b3b3f368e3420b31364ddca4bcb6a
d5819a94b00e11df610b9c8fdac2ff057bc1e4e34a58cb81686acbfa3c9f9b8e
d6ce79238a663584deb9c3792e8fa23dea01d528e241e52e833af027508a879f
d7f1d0616d66853bde81d2b6be1908db41b3bca8a5387e3eeab9ace22fae991f
d898973bc6738b24a4fd47177850ab3598319c1a8383c5d111876c1599d6aa03
d9ad6bf92228389fb31e16ab141f38a49ab06c234d402f71a095937c70e8da11
d9f0834fce52e81f578870b52fe97065a2a4a9f1380ae22baa13df5d4ded13bc
da707a6b31314817176ac37a88db4b145f94890f3a6e5c7b6d71b0e9b1a01430
daa70dc9f6846ce066684966c3a917254ba886137d3e5223dbc0611ba9417fa4
dd9b8aa44d780db3aefdefb0a68fc5a2bc2b1409abe3abeb3bc99b8954360501
ddcb4c572e37c2ccb76213c572c22aa95f4032981bc9baac963f06711de0385b
df2c5150ebfac21616ed05dcca11afd5c5b84031aab627720c07a86c7ac14c1a
e21a8b48f9312941028c5512887f7ec2da422ccb88b4d5f7d30f302b4a984769
e399100651f926dc2fb9eed56c1b961e883947eda1dbbc9f763eee939146fc2b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d9ecb5fa660fa96dcc77b68b9c84e5ecd664f029156d741f1aedc79ce6bd45
e6209b0ee91e6db5f1cb2f349ebe814bdcc413b7940c5860be8a66f8a40ded95
e9d4bbd49c5a2ea21305e4589d60ebcd1918ff17033ccdb09f48f418c9d43a21
ecc5bd64f2874b3a150e05f9fda591c805c4a63ae33d243e3b3959c28bdacdb0
edd2458ae14bc0b280c921d4876074daa61ac24a9a3201fa0e242bc3b73b9bfa
ee2db945e28875424676c5a66051ad597321e39937a418e0a04b673f3d9f66ff
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee576a7005587f299bc9dd78c41253e84752a5d4409443196b0a3b381125cd85
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef355597c4adf94781873c1161c2fa44c6e302b1e6f841704dc3bc084a2ddf25
f4ae3ebd56e6205c70cc0bf837e63efda63e9e847dd19a11f9fd57603480a483
f5d9a0ab5a7872ae2fbb1c69589d171aec0bd89ac2324289e4b20401bb49ca5f
f6b34699092cdb4b51d0460d09661b53b652dbb563784f348fd429f9a5e0d0a7
f7543013448a42e1b07bc53b29226c43a784e357a52d97796b66dff9e2c8a6b0
f75afc208415563bd2c84c68db2577b5edf789dda3e714b2fc3ce520a4ae66da
f8f9befef7c8374ab5e15f84ac2feb93982586bc13875f9e9648016446fc19ae
fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e
fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e
fd284131bd431df68ad1a75bb7bc1cc446bba8cc1698b22bd5d4293db3cd90cb
fe299bed3fd3f0fa5c26a5b0951d85ea532ad03a2738dbf29ae98d446f7af359
fe670251cf401d03f674195f138e9d242192b9fbca35ec55a9aeb748413de70f
fe7c01c09db58ac2ea5ad79017cc9ad7c2099eb177e826b13248515aa1be4f8e

hempamed.de Open in urlscan Pro 23.227.38.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

308 Requests

90 %HTTPS

27 %IPv6

74 Domains

118 Subdomains

96 IPs

12 Countries

3330 kBTransfer

8283 kBSize

87 Cookies

8 Outgoing links

Page URL History

Redirected requests

308 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hempamed.de Open in urlscan Pro
23.227.38.32 Public Scan

Screenshot
Live screenshot

Full Image

308
Requests

90 %
HTTPS

27 %
IPv6

74
Domains

118
Subdomains

96
IPs

12
Countries

3330 kB
Transfer

8283 kB
Size

87
Cookies

308 HTTP transactions
0 data transactions