urlscan.io logo urlscan.io
SecurityTrails logo

www.medpex.de Open in urlscan Pro
104.16.54.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://springtournament.com/
Effective URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Submission: On April 16 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 17 domains to perform 45 HTTP transactions. The main IP is 104.16.54.8, located in and belongs to CLOUDFLARENET, US. The main domain is www.medpex.de. The Cisco Umbrella rank of the primary domain is 495981.
TLS certificate: Issued by GeoTrust RSA CA 2018 on May 11th 2022. Valid for: a year.
This is the only time www.medpex.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 199.115.116.43 30633 (LEASEWEB-...)
1 5 103.224.182.206 133618 (TRELLIAN-...)
2 116.203.50.204 24940 (HETZNER-AS)
2 5.9.110.29 24940 (HETZNER-AS)
1 1 88.99.112.6 24940 (HETZNER-AS)
1 4 95.211.116.26 60781 (LEASEWEB-...)
1 18.66.112.3 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 213.133.127.252 24940 (HETZNER-AS)
13 104.16.54.8 13335 (CLOUDFLAR...)
1 18.197.124.41 16509 (AMAZON-02)
5 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 87.230.98.74 61157 (PLUSSERVE...)
1 2a00:1450:400... 15169 (GOOGLE)
4 35.158.4.156 ()
4 159.69.183.15 ()
45 15
1    199.115.116.43 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
springtournament.com
5    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
galotop1.com
2    116.203.50.204 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.204.50.203.116.clients.your-server.de
clever-redirect.com
2    5.9.110.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.110.9.5.clients.your-server.de
lookandfind.me
1    88.99.112.6 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: app3.yadore.com
api.yadore.com
4    95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
de-go.kelkoogroup.net
1    18.66.112.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-3.fra56.r.cloudfront.net
dd.kelkoogroup.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:10::6816:3643 (United States)

ASN13335 (CLOUDFLARENET, US)
www.billiger.de
1    213.133.127.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 252.failover.channelpilot.com
click.cptrack.de
13    104.16.54.8 (None, )

ASN13335 (CLOUDFLARENET, US)
www.medpex.de
images.medpex.de
1    18.197.124.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-124-41.eu-central-1.compute.amazonaws.com
api-js.datadome.co
5    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.consentmanager.mgr.consensu.org
cdn.consentmanager.net
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    87.230.98.74 (Bergisch Gladbach, Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com
c.delivery.consentmanager.net
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    35.158.4.156 (None, )

ASN- ()
js.kctag.net
t2.kctag.net
4    159.69.183.15 (None, )

ASN- ()
aproxy.ksgct.de
Apex Domain
Subdomains		 Transfer
13 medpex.de
www.medpex.de — Cisco Umbrella Rank: 495981
images.medpex.de — Cisco Umbrella Rank: 740336
296 KB
7 consentmanager.net
c.delivery.consentmanager.net — Cisco Umbrella Rank: 41353
cdn.consentmanager.net — Cisco Umbrella Rank: 18023
139 KB
5 kelkoogroup.net
de-go.kelkoogroup.net — Cisco Umbrella Rank: 687020
dd.kelkoogroup.net — Cisco Umbrella Rank: 265586
89 KB
5 galotop1.com
galotop1.com — Cisco Umbrella Rank: 363101
8 KB
4 ksgct.de
aproxy.ksgct.de
93 KB
4 kctag.net
js.kctag.net
t2.kctag.net
89 KB
2 lookandfind.me
lookandfind.me — Cisco Umbrella Rank: 172199
3 KB
2 clever-redirect.com
clever-redirect.com
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
98 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 358
93 KB
1 consensu.org
cdn.consentmanager.mgr.consensu.org — Cisco Umbrella Rank: 21559
7 KB
1 datadome.co
api-js.datadome.co — Cisco Umbrella Rank: 4513
414 B
1 cptrack.de
click.cptrack.de — Cisco Umbrella Rank: 262521
825 B
1 billiger.de
www.billiger.de — Cisco Umbrella Rank: 94057
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
351 B
1 yadore.com
api.yadore.com — Cisco Umbrella Rank: 511466
364 B
1 springtournament.com
springtournament.com
1 KB
45 17
Domain Requested by
10 www.medpex.de de-go.kelkoogroup.net
www.medpex.de
5 galotop1.com 1 redirects galotop1.com
4 aproxy.ksgct.de js.kctag.net
aproxy.ksgct.de
4 cdn.consentmanager.net www.medpex.de
c.delivery.consentmanager.net
cdn.consentmanager.net
4 de-go.kelkoogroup.net 1 redirects lookandfind.me
de-go.kelkoogroup.net
3 t2.kctag.net js.kctag.net
3 c.delivery.consentmanager.net www.medpex.de
3 images.medpex.de www.medpex.de
2 lookandfind.me clever-redirect.com
2 clever-redirect.com galotop1.com
clever-redirect.com
1 js.kctag.net galotop1.com
1 www.googletagmanager.com www.medpex.de
1 cdn.jsdelivr.net www.medpex.de
1 cdn.consentmanager.mgr.consensu.org www.medpex.de
1 api-js.datadome.co dd.kelkoogroup.net
1 click.cptrack.de 1 redirects
1 www.billiger.de 1 redirects
1 www.google-analytics.com de-go.kelkoogroup.net
1 dd.kelkoogroup.net de-go.kelkoogroup.net
1 api.yadore.com 1 redirects
1 springtournament.com 1 redirects
45 21
Subject Issuer Validity Valid
tracker.clever-redirect.com
R3		 2023-02-01 -
2023-05-02		 3 months crt.sh
lookandfind.me
R3		 2023-02-27 -
2023-05-28		 3 months crt.sh
*.kelkoogroup.net
Thawte RSA CA 2018		 2022-08-25 -
2023-09-25		 a year crt.sh
dd.kelkoogroup.net
R3		 2023-02-04 -
2023-05-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
www.medpex.de
GeoTrust RSA CA 2018		 2022-05-11 -
2023-06-11		 a year crt.sh
*.datadome.co
Gandi Standard SSL CA 2		 2022-10-13 -
2023-10-21		 a year crt.sh
1376624012.rsc.cdn77.org
R3		 2023-04-07 -
2023-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
c.delivery.consentmanager.net
R3		 2023-03-19 -
2023-06-17		 3 months crt.sh
*.kctag.net
AlphaSSL CA - SHA256 - G2		 2022-08-18 -
2023-09-19		 a year crt.sh
*.ksgct.de
AlphaSSL CA - SHA256 - G2		 2022-11-22 -
2023-12-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Frame ID: 2305F0FC8030D0C8CC5736484F8BE747
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SULFUR D 6 Dilution 20 Milliliter N1 kaufen | medpex

Page URL History Show full URLs

  1. https://springtournament.com/ HTTP 302
    http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJ... Page URL
  2. http://galotop1.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D10269... HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1026991450&sid=20230417082952559f9208559b3daef0 Page URL
  3. https://clever-redirect.com/s/rc?l=a7e58f88c17ce6646564552edd18d5f6 Page URL
  4. https://lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=medpex.de&s1=721614&s2=&s3... Page URL
  5. https://lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DeVhZQURSdlA2dlNCazJONytyUD... Page URL
  6. https://api.yadore.com/v2/r?e=eVhZQURSdlA2dlNCazJONytyUDFxSFZWbE1SUXN0UWRiZ053QjVydldWZDlSblpmd2NwZ... HTTP 302
    https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliatio... Page URL
  7. https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d45f3ea733a8753199f743... HTTP 303
    https://www.billiger.de/common/modules/api/cmodul?mc=iuvbsfarAGO3&p=Oq42UunqgSbO55O4ef89YkJsKcKean40... HTTP 302
    https://click.cptrack.de/?rd=true&k=ZoSPVeJe1ORXn-KwQq7yW5dF2nG70xmaVk_w8-LCqwJS61ZkMcnTW061quX4I10xR... HTTP 302
    https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

45
Requests

91 %
HTTPS

28 %
IPv6

17
Domains

21
Subdomains

15
IPs

5
Countries

916 kB
Transfer

2478 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://springtournament.com/ HTTP 302
    http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9 Page URL
  2. http://galotop1.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1026991450%26sid%3D20230417082952559f9208559b3daef0&s=j&enc=os1YmOJFYacxUyu0kToCk349fkhMNTBhMUxBd01zRVQ3dXRpT09UcHJ0UW85UFM3d0xEUU1FUXRqczhLak1hdlgwZVNnYWU5eFNTdWJDSjFIRklJWnQ5VzEvMllRRmYrSWVBRVY2V2hhVHBaRlF2bGZPbUV4eGpVTFFPa3A0NUNJTmFNWW5IUkxYMkZwYWxqYlduRG1ET25ZSXl3Q3BFa3JyUS9QQnZmWXV1bk1BRE9sbzJCcFBsK2NGSnBSNFhjRmU2OHVYd3NIZ21yL1Fzclg5NVZ6ZjNmUEc4YUNZMEhIQXJCQTA3cHNLVkJVQjMvdmFjQXp1c0U0RjUwQTZyRmlZU3dUUDhtZTJrOS9VaEZiUEhUUlVFTU1oL0UvZTdrd1pXbi9YUi8wSVUrNWNRcE00ZVkwRUs0citYaG1RYVYxaHZZMDF2cUphSERHaE5lbHVCeG82K1NqT1hIK3lJTjhWWDRnUGd1Mkw0S2ZlbFRJZzRyeUI0QkQwNkh0QjU2SjduWTRwR2wxbnFNbzVwQktMOURkOVpzUkl5Q0VRMS83Zi9lbEpIbHB3b0dWOGc3dDhiQTN0T0lualJJQXlPbXBydEsxOENTc2N6Q2hVT2xsdXhXYXZSekNSMTd3MzJpNWhBNTRRdFEzT1IvU0tIa0JhYk1SdlNwcHk4dGRGMkpQMDZ3QkFzT1FwZFlaa1ROZTFTa0pNdVdMa0ZhTmd2bVpjUm1STDJmck9FRXhYYVZDd2lQZEFIeXRNaGkxSXJPV043a1o4UHV3NTJTS0Y5eEZEbDBSOFFxQm5jdGhrbW1Sd2Y2QkYvZEtXTWt0SHdJOUZyM3dQcmNRcy96SDh6SXYvalRWT1VTZ1UrZHJURTNiUW1GOFhQMUhldTNyaU43TjhTZkJmUmgwSkFXTW16WEt2MmJuWmY3YWtzSzZsSWdMQ2lmWkVsdTZOSFJFVU52eXVqZ2tLSGVWKzFzLzIrcUhNK0VBZ2hiK1hIQktWVEFUZWc1TGNHT0lPUnVTM3J3cnBtd1A3SmRUN2tacTBVcjNRNXVOa0ttcUptM04zeGNvbEw3Q1VtR1QwNlRBZ1A3K1VNR0VyVVJiazFNeDdUdTh1Z2V4UHBMNDM0Zm1UQXZBbTB2MWxBRlZuYlliaThtRzNMaXRVQ2dnQjBwanpFdi84MFJlcUVMQkhJTU9HUlZKVzkxL1dVenNUQVl0eVFnSk1zdVZMQ25xNVBSRW40ZlNwbmZHVERIQT09&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1026991450&sid=20230417082952559f9208559b3daef0 Page URL
  3. https://clever-redirect.com/s/rc?l=a7e58f88c17ce6646564552edd18d5f6 Page URL
  4. https://lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=medpex.de&s1=721614&s2=&s3=1026991450&s5=cf Page URL
  5. https://lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DeVhZQURSdlA2dlNCazJONytyUDFxSFZWbE1SUXN0UWRiZ053QjVydldWZDlSblpmd2NwZ3BxL3pCWkcxa3o0L0JXdTV1OTlQdGZIcGdXd0Z3NzJidmZkQjZMdTRTMzdVaXNYclFFdEZYUlo3Nlp6RnpRWGgzUVc3UUt4SDFtM3pTc0VMZUFaWTZkR0JETTEraHJwUXpoQm5tYTg2YXl2QVBzMnBuOTVaZnFnT1lBR1gvbzk1QVFZd0dxdWw0ZEhka3NpU2dLaWN4R2hBZVFJeUF6OHRQb0psWTc3SFk2aHhnbzNLT1NGMUNhcmZ3QTZXbVloU2x1RnY1KzlyOEJGTlh3M1lpbmlLU3NsZ2xnYnZqcnY4Q2ZBaEJtMXJqZkt1bEdsVWIyMFB6cDhmbUJONDF3eHpzNktHMzdVN2VxcndmQUhxOFFzZWc4U1B3M3JCQVR2dnU2YXB5V2RIaW1vRzhscW1zWjhZZEJSNTQ5QlZhTXJXVVMzQkRkUHFNYWZtSDBCUGpsWkZNRnZWc1hxQlRZcTRIMzJMYSszTnROK1R4Nm91ZUE9PQ%3D%3D%26i%3DGvl8GLGkKWG0TSCh%26placementId%3D9ffa50cb409bc5ce17df81449875f888&h=cc147dae34ff1474447fe33204fae30e Page URL
  6. https://api.yadore.com/v2/r?e=eVhZQURSdlA2dlNCazJONytyUDFxSFZWbE1SUXN0UWRiZ053QjVydldWZDlSblpmd2NwZ3BxL3pCWkcxa3o0L0JXdTV1OTlQdGZIcGdXd0Z3NzJidmZkQjZMdTRTMzdVaXNYclFFdEZYUlo3Nlp6RnpRWGgzUVc3UUt4SDFtM3pTc0VMZUFaWTZkR0JETTEraHJwUXpoQm5tYTg2YXl2QVBzMnBuOTVaZnFnT1lBR1gvbzk1QVFZd0dxdWw0ZEhka3NpU2dLaWN4R2hBZVFJeUF6OHRQb0psWTc3SFk2aHhnbzNLT1NGMUNhcmZ3QTZXbVloU2x1RnY1KzlyOEJGTlh3M1lpbmlLU3NsZ2xnYnZqcnY4Q2ZBaEJtMXJqZkt1bEdsVWIyMFB6cDhmbUJONDF3eHpzNktHMzdVN2VxcndmQUhxOFFzZWc4U1B3M3JCQVR2dnU2YXB5V2RIaW1vRzhscW1zWjhZZEJSNTQ5QlZhTXJXVVMzQkRkUHFNYWZtSDBCUGpsWkZNRnZWc1hxQlRZcTRIMzJMYSszTnROK1R4Nm91ZUE9PQ==&i=Gvl8GLGkKWG0TSCh&placementId=9ffa50cb409bc5ce17df81449875f888 HTTP 302
    https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false Page URL
  7. https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d45f3ea733a8753199f743ad7f9e7dc2c7f1f46bddf910f9ef54fdb57c4b9ed7fce3873926620da0c509a493b3caecb022a4b1994fac2a00898e199127663cf84f2434613a4fc243576630e6e8d0009a4e94e2d872b8880a2a4454e4d91183be517bbfda79aeb16413cce3c143709e2ac437b48bc2dc0620e2d93b94c13ddb8970693d4d5887d6e6d818e5907387346356e75cf5788b76e3e19c9669b3812088d3bfb683a2efdef962c75aed83c8d84c24ac86074e3461295f4c2033195cd0d3e4159922f0d250880245e7befff26f60958bd6c216cc12f87c80705b886beb7ba5f2538f657f247bf481b1b7b3bf3189f4c57a36ed72c8dd07be8c01c6f55907bd8073eb604c43b00c86b14a7e89b0c4829643426d38cfe8129f5757e7296c49f4fad488828a6b4049dbf453b583da5480f122dd105ec50c443b4d723c7d9b17d400754ca4715dd00a244760e469a3319655d8dca94bc364&url=https%3A%2F%2Fwww.billiger.de%2Fcommon%2Fmodules%2Fapi%2Fcmodul%3Fmc%3DiuvbsfarAGO3%26p%3DOq42UunqgSbO55O4ef89YkJsKcKean40HWN6kGfVJzErnHGOeX0y-q-MlbwEvEYrwQp88RbAvBlykQ8VWw2TChwU-XfyUSjiDIIt-9VjdaIH_2wLl3Wm7jpGYiy-XwvxaPNXK6YN9I8%26mid%3D5036398548%26id%3D5036398548%26ts%3D20230410%26log%3D62AE01GY630TSCAB5SBXJPEKJZKWYC_site_id%3A2 HTTP 303
    https://www.billiger.de/common/modules/api/cmodul?mc=iuvbsfarAGO3&p=Oq42UunqgSbO55O4ef89YkJsKcKean40HWN6kGfVJzErnHGOeX0y-q-MlbwEvEYrwQp88RbAvBlykQ8VWw2TChwU-XfyUSjiDIIt-9VjdaIH_2wLl3Wm7jpGYiy-XwvxaPNXK6YN9I8&mid=5036398548&id=5036398548&ts=20230410&log=62AE01GY630TSCAB5SBXJPEKJZKWYC_site_id:2 HTTP 302
    https://click.cptrack.de/?rd=true&k=ZoSPVeJe1ORXn-KwQq7yW5dF2nG70xmaVk_w8-LCqwJS61ZkMcnTW061quX4I10xRq4UgoNbz8JJtbKXBDZLBw~~&rdlink=https%3A%2F%2Fwww.medpex.de%2Fsulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse HTTP 302
    https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://springtournament.com/ HTTP 302
  • http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9
Request Chain 4
  • http://galotop1.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1026991450%26sid%3D20230417082952559f9208559b3daef0&s=j&enc=os1YmOJFYacxUyu0kToCk349fkhMNTBhMUxBd01zRVQ3dXRpT09UcHJ0UW85UFM3d0xEUU1FUXRqczhLak1hdlgwZVNnYWU5eFNTdWJDSjFIRklJWnQ5VzEvMllRRmYrSWVBRVY2V2hhVHBaRlF2bGZPbUV4eGpVTFFPa3A0NUNJTmFNWW5IUkxYMkZwYWxqYlduRG1ET25ZSXl3Q3BFa3JyUS9QQnZmWXV1bk1BRE9sbzJCcFBsK2NGSnBSNFhjRmU2OHVYd3NIZ21yL1Fzclg5NVZ6ZjNmUEc4YUNZMEhIQXJCQTA3cHNLVkJVQjMvdmFjQXp1c0U0RjUwQTZyRmlZU3dUUDhtZTJrOS9VaEZiUEhUUlVFTU1oL0UvZTdrd1pXbi9YUi8wSVUrNWNRcE00ZVkwRUs0citYaG1RYVYxaHZZMDF2cUphSERHaE5lbHVCeG82K1NqT1hIK3lJTjhWWDRnUGd1Mkw0S2ZlbFRJZzRyeUI0QkQwNkh0QjU2SjduWTRwR2wxbnFNbzVwQktMOURkOVpzUkl5Q0VRMS83Zi9lbEpIbHB3b0dWOGc3dDhiQTN0T0lualJJQXlPbXBydEsxOENTc2N6Q2hVT2xsdXhXYXZSekNSMTd3MzJpNWhBNTRRdFEzT1IvU0tIa0JhYk1SdlNwcHk4dGRGMkpQMDZ3QkFzT1FwZFlaa1ROZTFTa0pNdVdMa0ZhTmd2bVpjUm1STDJmck9FRXhYYVZDd2lQZEFIeXRNaGkxSXJPV043a1o4UHV3NTJTS0Y5eEZEbDBSOFFxQm5jdGhrbW1Sd2Y2QkYvZEtXTWt0SHdJOUZyM3dQcmNRcy96SDh6SXYvalRWT1VTZ1UrZHJURTNiUW1GOFhQMUhldTNyaU43TjhTZkJmUmgwSkFXTW16WEt2MmJuWmY3YWtzSzZsSWdMQ2lmWkVsdTZOSFJFVU52eXVqZ2tLSGVWKzFzLzIrcUhNK0VBZ2hiK1hIQktWVEFUZWc1TGNHT0lPUnVTM3J3cnBtd1A3SmRUN2tacTBVcjNRNXVOa0ttcUptM04zeGNvbEw3Q1VtR1QwNlRBZ1A3K1VNR0VyVVJiazFNeDdUdTh1Z2V4UHBMNDM0Zm1UQXZBbTB2MWxBRlZuYlliaThtRzNMaXRVQ2dnQjBwanpFdi84MFJlcUVMQkhJTU9HUlZKVzkxL1dVenNUQVl0eVFnSk1zdVZMQ25xNVBSRW40ZlNwbmZHVERIQT09&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
  • https://clever-redirect.com/s/r6?s=721614&s3=1026991450&sid=20230417082952559f9208559b3daef0
Request Chain 8
  • https://api.yadore.com/v2/r?e=eVhZQURSdlA2dlNCazJONytyUDFxSFZWbE1SUXN0UWRiZ053QjVydldWZDlSblpmd2NwZ3BxL3pCWkcxa3o0L0JXdTV1OTlQdGZIcGdXd0Z3NzJidmZkQjZMdTRTMzdVaXNYclFFdEZYUlo3Nlp6RnpRWGgzUVc3UUt4SDFtM3pTc0VMZUFaWTZkR0JETTEraHJwUXpoQm5tYTg2YXl2QVBzMnBuOTVaZnFnT1lBR1gvbzk1QVFZd0dxdWw0ZEhka3NpU2dLaWN4R2hBZVFJeUF6OHRQb0psWTc3SFk2aHhnbzNLT1NGMUNhcmZ3QTZXbVloU2x1RnY1KzlyOEJGTlh3M1lpbmlLU3NsZ2xnYnZqcnY4Q2ZBaEJtMXJqZkt1bEdsVWIyMFB6cDhmbUJONDF3eHpzNktHMzdVN2VxcndmQUhxOFFzZWc4U1B3M3JCQVR2dnU2YXB5V2RIaW1vRzhscW1zWjhZZEJSNTQ5QlZhTXJXVVMzQkRkUHFNYWZtSDBCUGpsWkZNRnZWc1hxQlRZcTRIMzJMYSszTnROK1R4Nm91ZUE9PQ==&i=Gvl8GLGkKWG0TSCh&placementId=9ffa50cb409bc5ce17df81449875f888 HTTP 302
  • https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r2.php
galotop1.com/
Redirect Chain
  • https://springtournament.com/
  • http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lE...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
b0a70ad4d8e20c7e996a2e6ae76859c165fdf9cd2289549c77188e0d3d9c518f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

connection
close
content-encoding
gzip
content-length
2099
content-type
text/html; charset=UTF-8
date
Sun, 16 Apr 2023 22:29:53 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 16 Apr 2023 22:29:52 GMT
location
http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9
server
Apache
jscheck.js
galotop1.com/javascript/ 		899 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
http://galotop1.com/javascript/jscheck.js
Requested by
Host: galotop1.com
URL: http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:54 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 02:14:38 GMT
server
Apache
etag
"383-5e43329b8df80-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
405
swfobject.js
galotop1.com/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://galotop1.com/javascript/swfobject.js
Requested by
Host: galotop1.com
URL: http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:54 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 02:14:38 GMT
server
Apache
etag
"27ef-5e43329b8df80-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
3949
jscheck.php
galotop1.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://galotop1.com/jscheck.php?enc=os1YmOJFYacxUyu0kToCk349fkhMNTBhMUxBd01zRVQ3dXRpT09UcHJ0UW85UFM3d0xEUU1FUXRqczhLak1hdlgwZVNnYWU5eFNTdWJDSjFIRklJWnQ5VzEvMllRRmYrSWVBRVY2V2hhVHBaRlF2bGZPbUV4eGpVTFFPa3A0NUNJTmFNWW5IUkxYMkZwYWxqYlduRG1ET25ZSXl3Q3BFa3JyUS9QQnZmWXV1bk1BRE9sbzJCcFBsK2NGSnBSNFhjRmU2OHVYd3NIZ21yL1Fzclg5NVZ6ZjNmUEc4YUNZMEhIQXJCQTA3cHNLVkJVQjMvdmFjQXp1c0U0RjUwQTZyRmlZU3dUUDhtZTJrOS9VaEZiUEhUUlVFTU1oL0UvZTdrd1pXbi9YUi8wSVUrNWNRcE00ZVkwRUs0citYaG1RYVYxaHZZMDF2cUphSERHaE5lbHVCeG82K1NqT1hIK3lJTjhWWDRnUGd1Mkw0S2ZlbFRJZzRyeUI0QkQwNkh0QjU2SjduWTRwR2wxbnFNbzVwQktMOURkOVpzUkl5Q0VRMS83Zi9lbEpIbHB3b0dWOGc3dDhiQTN0T0lualJJQXlPbXBydEsxOENTc2N6Q2hVT2xsdXhXYXZSekNSMTd3MzJpNWhBNTRRdFEzT1IvU0tIa0JhYk1SdlNwcHk4dGRGMkpQMDZ3QkFzT1FwZFlaa1ROZTFTa0pNdVdMa0ZhTmd2bVpjUm1STDJmck9FRXhYYVZDd2lQZEFIeXRNaGkxSXJPV043a1o4UHV3NTJTS0Y5eEZEbDBSOFFxQm5jdGhrbW1Sd2Y2QkYvZEtXTWt0SHdJOUZyM3dQcmNRcy96SDh6SXYvalRWT1VTZ1UrZHJURTNiUW1GOFhQMUhldTNyaU43TjhTZkJmUmgwSkFXTW16WEt2MmJuWmY3YWtzSzZsSWdMQ2lmWkVsdTZOSFJFVU52eXVqZ2tLSGVWKzFzLzIrcUhNK0VBZ2hiK1hIQktWVEFUZWc1TGNHT0lPUnVTM3J3cnBtd1A3SmRUN2tacTBVcjNRNXVOa0ttcUptM04zeGNvbEw3Q1VtR1QwNlRBZ1A3K1VNR0VyVVJiazFNeDdUdTh1Z2V4UHBMNDM0Zm1UQXZBbTB2MWxBRlZuYlliaThtRzNMaXRVQ2dnQjBwanpFdi84MFJlcUVMQkhJTU9HUlZKVzkxL1dVenNUQVl0eVFnSk1zdVZMQ25xNVBSRW40ZlNwbmZHVERIQT09&rand=0.05600051605351353
Requested by
Host: galotop1.com
URL: http://galotop1.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:54 GMT
server
Apache
connection
close
content-length
0
content-type
text/html; charset=UTF-8
r6
clever-redirect.com/s/
Redirect Chain
  • http://galotop1.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1026991450%26sid%3D20230417082952559f9208559b3daef0&s=j&enc=os1YmOJFYacxUyu0kToCk349fkhMNTBhMUxBd01zRVQ3dX...
  • https://clever-redirect.com/s/r6?s=721614&s3=1026991450&sid=20230417082952559f9208559b3daef0
272 B
541 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clever-redirect.com/s/r6?s=721614&s3=1026991450&sid=20230417082952559f9208559b3daef0
Requested by
Host: galotop1.com
URL: http://galotop1.com/javascript/jscheck.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.203.50.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.50.203.116.clients.your-server.de
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash

Request headers

Referer
http://galotop1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 22:29:55 GMT
Keep-Alive
timeout=5, max=100
Referrer-Policy
no-referrer
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
Transfer-Encoding
chunked

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 16 Apr 2023 22:29:54 GMT
location
https://clever-redirect.com/s/r6?s=721614&s3=1026991450&sid=20230417082952559f9208559b3daef0
server
Apache
rc
clever-redirect.com/s/ 		321 B
589 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clever-redirect.com/s/rc?l=a7e58f88c17ce6646564552edd18d5f6
Requested by
Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=1026991450&sid=20230417082952559f9208559b3daef0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.203.50.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.50.203.116.clients.your-server.de
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 22:29:55 GMT
Keep-Alive
timeout=5, max=99
Referrer-Policy
no-referrer
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
Transfer-Encoding
chunked
a
lookandfind.me/s/ 		939 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=medpex.de&s1=721614&s2=&s3=1026991450&s5=cf
Requested by
Host: clever-redirect.com
URL: https://clever-redirect.com/s/rc?l=a7e58f88c17ce6646564552edd18d5f6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.9.110.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.110.9.5.clients.your-server.de
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k / PHP/8.1.17
Resource Hash
586484af581bf40b8183d5ab0719ad8290d064610d90ef7e2b8d73333cdc0718

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
https://lookandfind.me
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 22:29:55 GMT
Keep-Alive
timeout=5, max=100
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.17
r
lookandfind.me/s/ 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DeVhZQURSdlA2dlNCazJONytyUDFxSFZWbE1SUXN0UWRiZ053QjVydldWZDlSblpmd2NwZ3BxL3pCWkcxa3o0L0JXdTV1OTlQdGZIcGdXd0Z3NzJidmZkQjZMdTRTMzdVaXNYclFFdEZYUlo3Nlp6RnpRWGgzUVc3UUt4SDFtM3pTc0VMZUFaWTZkR0JETTEraHJwUXpoQm5tYTg2YXl2QVBzMnBuOTVaZnFnT1lBR1gvbzk1QVFZd0dxdWw0ZEhka3NpU2dLaWN4R2hBZVFJeUF6OHRQb0psWTc3SFk2aHhnbzNLT1NGMUNhcmZ3QTZXbVloU2x1RnY1KzlyOEJGTlh3M1lpbmlLU3NsZ2xnYnZqcnY4Q2ZBaEJtMXJqZkt1bEdsVWIyMFB6cDhmbUJONDF3eHpzNktHMzdVN2VxcndmQUhxOFFzZWc4U1B3M3JCQVR2dnU2YXB5V2RIaW1vRzhscW1zWjhZZEJSNTQ5QlZhTXJXVVMzQkRkUHFNYWZtSDBCUGpsWkZNRnZWc1hxQlRZcTRIMzJMYSszTnROK1R4Nm91ZUE9PQ%3D%3D%26i%3DGvl8GLGkKWG0TSCh%26placementId%3D9ffa50cb409bc5ce17df81449875f888&h=cc147dae34ff1474447fe33204fae30e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.9.110.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.110.9.5.clients.your-server.de
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k / PHP/8.1.17
Resource Hash

Request headers

Referer
https://lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=medpex.de&s1=721614&s2=&s3=1026991450&s5=cf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
https://lookandfind.me
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 22:29:55 GMT
Keep-Alive
timeout=5, max=99
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.17
offersearchGo
de-go.kelkoogroup.net/
Redirect Chain
  • https://api.yadore.com/v2/r?e=eVhZQURSdlA2dlNCazJONytyUDFxSFZWbE1SUXN0UWRiZ053QjVydldWZDlSblpmd2NwZ3BxL3pCWkcxa3o0L0JXdTV1OTlQdGZIcGdXd0Z3NzJidmZkQjZMdTRTMzdVaXNYclFFdEZYUlo3Nlp6RnpRWGgzUVc3UUt4SDF...
  • https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37...
34 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
Requested by
Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DeVhZQURSdlA2dlNCazJONytyUDFxSFZWbE1SUXN0UWRiZ053QjVydldWZDlSblpmd2NwZ3BxL3pCWkcxa3o0L0JXdTV1OTlQdGZIcGdXd0Z3NzJidmZkQjZMdTRTMzdVaXNYclFFdEZYUlo3Nlp6RnpRWGgzUVc3UUt4SDFtM3pTc0VMZUFaWTZkR0JETTEraHJwUXpoQm5tYTg2YXl2QVBzMnBuOTVaZnFnT1lBR1gvbzk1QVFZd0dxdWw0ZEhka3NpU2dLaWN4R2hBZVFJeUF6OHRQb0psWTc3SFk2aHhnbzNLT1NGMUNhcmZ3QTZXbVloU2x1RnY1KzlyOEJGTlh3M1lpbmlLU3NsZ2xnYnZqcnY4Q2ZBaEJtMXJqZkt1bEdsVWIyMFB6cDhmbUJONDF3eHpzNktHMzdVN2VxcndmQUhxOFFzZWc4U1B3M3JCQVR2dnU2YXB5V2RIaW1vRzhscW1zWjhZZEJSNTQ5QlZhTXJXVVMzQkRkUHFNYWZtSDBCUGpsWkZNRnZWc1hxQlRZcTRIMzJMYSszTnROK1R4Nm91ZUE9PQ%3D%3D%26i%3DGvl8GLGkKWG0TSCh%26placementId%3D9ffa50cb409bc5ce17df81449875f888&h=cc147dae34ff1474447fe33204fae30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
f74ba6fa75d9102c6cf129764861a5e12f495fea60c0bfd434bb5642a2be33f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DeVhZQURSdlA2dlNCazJONytyUDFxSFZWbE1SUXN0UWRiZ053QjVydldWZDlSblpmd2NwZ3BxL3pCWkcxa3o0L0JXdTV1OTlQdGZIcGdXd0Z3NzJidmZkQjZMdTRTMzdVaXNYclFFdEZYUlo3Nlp6RnpRWGgzUVc3UUt4SDFtM3pTc0VMZUFaWTZkR0JETTEraHJwUXpoQm5tYTg2YXl2QVBzMnBuOTVaZnFnT1lBR1gvbzk1QVFZd0dxdWw0ZEhka3NpU2dLaWN4R2hBZVFJeUF6OHRQb0psWTc3SFk2aHhnbzNLT1NGMUNhcmZ3QTZXbVloU2x1RnY1KzlyOEJGTlh3M1lpbmlLU3NsZ2xnYnZqcnY4Q2ZBaEJtMXJqZkt1bEdsVWIyMFB6cDhmbUJONDF3eHpzNktHMzdVN2VxcndmQUhxOFFzZWc4U1B3M3JCQVR2dnU2YXB5V2RIaW1vRzhscW1zWjhZZEJSNTQ5QlZhTXJXVVMzQkRkUHFNYWZtSDBCUGpsWkZNRnZWc1hxQlRZcTRIMzJMYSszTnROK1R4Nm91ZUE9PQ%3D%3D%26i%3DGvl8GLGkKWG0TSCh%26placementId%3D9ffa50cb409bc5ce17df81449875f888&h=cc147dae34ff1474447fe33204fae30e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length
34547
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 22:29:56 GMT
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.03319S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-Frame-Options
ALLOWALL
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698148_1681684196122_33454823
country
de
leadId
62AE01GY630TSCAB5SBXJPEKJZKWYC

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 16 Apr 2023 22:29:55 GMT
location
https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
server
nginx
x-powered-by
PHP/8.0.28
p.png
de-go.kelkoogroup.net/assets/images/ 		68 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de-go.kelkoogroup.net/assets/images/p.png?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d45f3ea733a8753199f743ad7f9e7dc2c7f1f46bddf910f9ef54fdb57c4b9ed7fce3873926620da0c509a493b3caecb022a4b1994fac2a00898e199127663cf84f2434613a4fc243576630e6e8d0009a4e94e2d872b8880a2a4454e4d91183be517bbfda79aeb16413cce3c143709e2ac437b48bc2dc0620e2d93b94c13ddb8970693d4d5887d6e6d818e5907387346356e75cf5788b76e3e19c9669b3812088d3bfb683a2efdef962c75aed83c8d84c24ac86074e3461295f4c2033195cd0d3e4159922f0d250880245e7befff26f60958bd6c216cc12f87c80705b886beb7ba5f2538f657f247bf481b1b7b3bf3189f4c57a36ed72c8dd07be8c01c6f55907bd8073eb604c43b00c86b14a7e89b0c4829643426d38cfe8129f5757e7296c49f4fad488828a6b4049dbf453b583da5480f122dd105ec50c443b4d723c7d9b17d400754ca4715dd00a244760e469a3319655d8dca94bc364
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 22:29:56 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
leadId
62AE01GY630TSCAB5SBXJPEKJZKWYC
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.002383S
X-Frame-Options
ALLOWALL
Content-Type
image/png
Cache-Control
private, must-revalidate
clickId
107698148_1681684196122_33454823
country
de
X-Robots-Tag
noindex,nofollow
Content-Length
68
X-XSS-Protection
1; mode=block
tags.js
dd.kelkoogroup.net/ 		255 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/tags.js
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-3.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront), 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date
Sun, 16 Apr 2023 21:46:31 GMT
x-amz-cf-pop
FRA60-P2, FRA56-P5
age
2605
x-cache
Hit from cloudfront
content-length
53156
last-modified
Tue, 11 Apr 2023 12:44:37 GMT
server
Apache
etag
"3fd47-5f90edab56424-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
lHtIsMC_QZZ3jbxEOVer9ItU-c3UzW1waSYWvfNC3Y4pRnHy8hCQag==
expires
Sun, 16 Apr 2023 22:46:31 GMT
collect
www.google-analytics.com/ 		35 B
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fde-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1681660801027%26.sig%3DIIxAU10L4pCBOKRnN7OruDgCVkY-%26affiliationId%3D96965883%26comId%3D100542120%26country%3Dde%26offerId%3D87c96fd393abd105b693fe7d0bf7915b%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965883%7C100542120%7C&ul=en-us&de=UTF-8&dt=Weiterleitung%20zu%20Medpex.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAAABAAAAAC~&cid=471625308.1681684196&tid=UA-168544891-7&_gid=781845207.1681684196&_r=1&cd1=96965883&cd2=62AE01GY630TSCAB5SBXJPEKJZKWYC&cd3=100542120&cd4=a4c6294-1878c306b1b-70dd14&cd5=&cd6=96965883%7C100542120%7C&z=836488966
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Apr 2023 22:29:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://de-go.kelkoogroup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp
de-go.kelkoogroup.net/ 		0
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://de-go.kelkoogroup.net/fp?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d45f3ea733a8753199f743ad7f9e7dc2c7f1f46bddf910f9ef54fdb57c4b9ed7fce3873926620da0c509a493b3caecb022a4b1994fac2a00898e199127663cf84f2434613a4fc243576630e6e8d0009a4e94e2d872b8880a2a4454e4d91183be517bbfda79aeb16413cce3c143709e2ac437b48bc2dc0620e2d93b94c13ddb8970693d4d5887d6e6d818e5907387346356e75cf5788b76e3e19c9669b3812088d3bfb683a2efdef962c75aed83c8d84c24ac86074e3461295f4c2033195cd0d3e4159922f0d250880245e7befff26f60958bd6c216cc12f87c80705b886beb7ba5f2538f657f247bf481b1b7b3bf3189f4c57a36ed72c8dd07be8c01c6f55907bd8073eb604c43b00c86b14a7e89b0c4829643426d38cfe8129f5757e7296c49f4fad488828a6b4049dbf453b583da5480f122dd105ec50c443b4d723c7d9b17d400754ca4715dd00a244760e469a3319655d8dca94bc364
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

Date
Sun, 16 Apr 2023 22:29:56 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
leadId
62AE01GY630TSCAB5SBXJPEKJZKWYC
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.006824S
X-Frame-Options
ALLOWALL
Content-Type
text/plain; charset=UTF-8
clickId
107698148_1681684196122_33454823
country
de
X-Robots-Tag
noindex,nofollow
Content-Length
0
X-XSS-Protection
1; mode=block
Primary Request sulfur-d-6-dilution-p1787077
www.medpex.de/
Redirect Chain
  • https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d45f3ea733a8753199f743ad7f9e7dc2c7f1f46bddf910f9ef54fdb57c4b9ed7fce3873926620da0c509a493b3caecb022a4b1994fac2a008...
  • https://www.billiger.de/common/modules/api/cmodul?mc=iuvbsfarAGO3&p=Oq42UunqgSbO55O4ef89YkJsKcKean40HWN6kGfVJzErnHGOeX0y-q-MlbwEvEYrwQp88RbAvBlykQ8VWw2TChwU-XfyUSjiDIIt-9VjdaIH_2wLl3Wm7jpGYiy-Xwvxa...
  • https://click.cptrack.de/?rd=true&k=ZoSPVeJe1ORXn-KwQq7yW5dF2nG70xmaVk_w8-LCqwJS61ZkMcnTW061quX4I10xRq4UgoNbz8JJtbKXBDZLBw~~&rdlink=https%3A%2F%2Fwww.medpex.de%2Fsulfur-d-6-dilution-p1787077%3Fai%3...
  • https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
56 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce342dd22d5b5380f50feaf04f9d7ceb720b2ca04712b9cedf1375b453e7c2e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://de-go.kelkoogroup.net/offersearchGo?.ts=1681660801027&.sig=IIxAU10L4pCBOKRnN7OruDgCVkY-&affiliationId=96965883&comId=100542120&country=de&offerId=87c96fd393abd105b693fe7d0bf7915b&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=78c2822cc5e99654ef6e1995b8ba7a9c6235e87fe4e0d9ce2d9a24d422c4024b&custom2=SRdytlITOR16&custom3=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, post-check=0, pre-check=0, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7b8fdeb80f3336dd-FRA
content-encoding
br
content-type
text/html; charset=ISO-8859-15
date
Sun, 16 Apr 2023 22:29:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src https: 'self'
date
Sun, 16 Apr 2023 22:29:56 GMT
expect-ct
max-age=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Sun, 16 Apr 2023 22:29:56 GMT
location
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ChannelPilotTraxport
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1;mode=block
/
api-js.datadome.co/js/ 		236 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.124.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-124-41.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash

Request headers

Referer
https://de-go.kelkoogroup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 16 Apr 2023 22:29:56 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
236
expires
0
global.04062335.css
www.medpex.de/css/ 		85 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/css/global.04062335.css
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
833c1d3fb4361aafbb6839ec825a72cebe6ac191ec1fe8d5ce0c0d1a739e6d97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 21:35:53 GMT
server
cloudflare
age
867160
cf-polished
origSize=86847
etag
W/"642f3b39-1533f"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7b8fdeb9483a36dd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 06 May 2023 21:37:17 GMT
fonts.css
www.medpex.de/css/ 		3 KB
675 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/css/fonts.css
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc8d12f92db5feb6a89f3c2a34c0d0dfca5bf39dd6f503337577104e1d42c381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 20:11:56 GMT
server
cloudflare
age
1269685
cf-polished
origSize=4266
etag
W/"64249b8c-10aa"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7b8fdeb9483936dd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 May 2023 05:48:32 GMT
global.04062335.js
www.medpex.de/js/ 		180 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/js/global.04062335.js
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5ca9a7f46da0e266c9f1d1d161d3785f5eb3af2800072521efd888474d29cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 21:35:53 GMT
server
cloudflare
age
867160
cf-polished
origSize=184305
etag
W/"642f3b39-2cff1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
cf-ray
7b8fdeb9483b36dd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 06 May 2023 21:37:17 GMT
global.async.04062335.js
www.medpex.de/js/ 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/js/global.async.04062335.js
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fed89f0412757aea3316ef91b61da45396c0cf3a6187ad6ec6fd4810066b5ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 21:35:53 GMT
server
cloudflare
age
867157
cf-polished
origSize=162128
etag
W/"642f3b39-27950"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
cf-ray
7b8fdebaab152c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 06 May 2023 21:37:20 GMT
cmp.min.css
cdn.consentmanager.mgr.consensu.org/delivery/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/cmp.min.css
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5a6ba85f02457a00843cbf8f47a19ecd8fdb56be4315b09e8f4e2231401dbdec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 16 Apr 2023 22:29:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
1540
x-accel-date
1681682657
x-77-nzt
AcO1rgWeEUj/BAYAAA
x-accel-expires
@1681684457
last-modified
Sun, 12 Feb 2023 21:03:26 GMT
server
CDN77-Turbo
etag
W/"8075-5f4870fc6c380"
x-77-nzt-ray
25b02131f1101bb3e5763c642acbd21d
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800, public
access-control-max-age
1000
jquery.selectbox.min.js
www.medpex.de/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/js/jquery.selectbox.min.js
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eaeb35d143e69f48d9bd6cf191d814ece93ad901b4d6da95b4d48e847ed180f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:11:56 GMT
server
cloudflare
age
1269685
etag
W/"64249b8c-2413"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
cf-ray
7b8fdeb9483c36dd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 May 2023 05:48:32 GMT
jquery.imagetools.min.js
www.medpex.de/js/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/js/jquery.imagetools.min.js
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bae48bd38f198398753d51ea4eb967a6f3e89a3da0789330d7a19219846a10f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:11:56 GMT
server
cloudflare
age
1105443
etag
W/"64249b8c-a378"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
cf-ray
7b8fdebaab192c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 04 May 2023 03:25:54 GMT
vfBGDYZTv9s37DeVnFIVka-30.jpg
images.medpex.de/medias/87092/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.medpex.de/medias/87092/vfBGDYZTv9s37DeVnFIVka-30.jpg
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cb58f85d73227032fb5d5ee9d98605cdb736afbb1cc2732d49ac33daf351ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
cf-cache-status
HIT
age
56595
cf-polished
qual=85, origFmt=jpeg, origSize=28567
content-disposition
inline; filename="vfBGDYZTv9s37DeVnFIVka-30.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16388
cf-bgj
imgq:85,h2pri
last-modified
Mon, 22 Dec 2014 22:24:52 GMT
server
cloudflare
etag
"54989a34-6f97"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7b8fdebac98e36dd-FRA
expires
Tue, 16 May 2023 22:29:57 GMT
scandit-sdk@5.x
cdn.jsdelivr.net/npm/ 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/scandit-sdk@5.x
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb501272279fa3ea8c5a9860c87f5d050e7765b660ed6e7a0ee81f015b42e641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5585
x-jsd-version
5.13.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-yyz4544-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"4b887-SE/r8CvEBB+IoaU/2+FxWMKBdek"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jce88mjPrrz9VTWwfdm%2F4xXEfX3ajXWkuu%2FzzKpLDAS4FwsehotIUJlnIfBpWVf%2F5KUlRTGglAoyFtwVIbnpjtlCd3n0ttHARtma%2BOwdC1GZSAb3z2yz3%2FilLPYqfRjIB%2BYp4ob%2FSHfn8ktRSCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b8fdeba8f49366f-FRA
responsive.04062335.css
www.medpex.de/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/css/responsive.04062335.css
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b5a694d50a2764bebb82165e53c8a4b95ea34b497186b5d440233cc9ceac15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 21:35:53 GMT
server
cloudflare
age
867157
cf-polished
origSize=19437
etag
W/"642f3b39-4bed"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7b8fdebaab1a2c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 06 May 2023 21:37:20 GMT
cmp.php
c.delivery.consentmanager.net/delivery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.delivery.consentmanager.net/delivery/cmp.php?cdid=5ba9148ef68f&h=https%3A%2F%2Fwww.medpex.de%2Fsulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse&&__cmpfcc=1&l=en&o=1681684197529
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
7c312a2ef53c7263b49c48d77a80c6dba57e66bb2e50867589058670fd60e7a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Apr 2023 22:29:57 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Apr 2023 22:29:57 GMT
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cmp_en.min.js
cdn.consentmanager.net/delivery/js/ 		484 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/js/cmp_en.min.js
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
68fcb61a8ac3a8cf22c7d9878462bdd7d18d0ce93d9b18e5b5013db8a1e3e0c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 16 Apr 2023 22:29:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
1526
x-accel-date
1681682671
x-77-nzt
AcO1rgVtb4r/9gUAAA
x-accel-expires
@1681684471
last-modified
Mon, 03 Apr 2023 16:02:54 GMT
server
CDN77-Turbo
etag
W/"642af8ae-78ea9"
x-77-nzt-ray
25b02131f1101bb3e5763c64e2bb7d22
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, public
access-control-max-age
1000
gtm.js
www.googletagmanager.com/ 		319 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRHRDX&gtm_auth=bauecoqNnMRnuy4GgoJ2NA&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7bf79647e9f6a11af13f278fdc6d25813dceff54e44bcb5f206d6450661b583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99794
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp2p.514.png
images.medpex.de/images/sprites/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.medpex.de/images/sprites/sp2p.514.png
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/css/global.04062335.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc30457d4c596df166204f282797b23baa27cd333d7065a42550c1cf9af8c6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
cf-cache-status
HIT
age
264154
cf-polished
origFmt=png, origSize=39402
content-disposition
inline; filename="sp2p.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36526
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 14:26:40 GMT
server
cloudflare
etag
"642ed6a0-99ea"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7b8fdebac99236dd-FRA
expires
Tue, 16 May 2023 22:29:57 GMT
sp1p.514.png
images.medpex.de/images/sprites/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.medpex.de/images/sprites/sp1p.514.png
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/css/global.04062335.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93314010371a7946b2e53504679ba575067dc01d03d6b0bc364faa85c5c3be7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
cf-cache-status
HIT
age
271138
cf-polished
origFmt=png, origSize=13553
content-disposition
inline; filename="sp1p.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12028
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 14:26:40 GMT
server
cloudflare
etag
"642ed6a0-34f1"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7b8fdebac99336dd-FRA
expires
Tue, 16 May 2023 22:29:57 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51e521ff9c6f33b880928ee55cc6503571bbd69140341d66048ad78e46920dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/svg+xml
latin.woff2
www.medpex.de/css/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/css/fonts/latin.woff2
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Request headers

Referer
https://www.medpex.de/css/fonts.css
Origin
https://www.medpex.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:11:56 GMT
server
cloudflare
age
1105588
etag
"64249b8c-af00"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7b8fdebabb222c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44800
expires
Thu, 04 May 2023 03:23:29 GMT
categorymenu.json
www.medpex.de/ 		85 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.medpex.de/categorymenu.json
Requested by
Host: www.medpex.de
URL: https://www.medpex.de/js/global.04062335.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.54.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4237ffad204e142b6da02e3a596eba09d1952a0c3163c7b3fa0841ecac2ef7b8

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.medpex.de/sulfur-d-6-dilution-p1787077?ai=10010&utm_source=billiger.de&utm_campaign=cpc&utm_medium=pse
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 16 Apr 2023 01:11:19 GMT
server
cloudflare
etag
W/"643b4b37-1537e"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=86400, public
cf-ray
7b8fdebbcc2e2c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 17 Apr 2023 22:29:57 GMT
bV8xLndfNTA5MTAuZF8xODkzNy54XzM2LnYucC50XzE4OTM3Lnh0XzM2.js
cdn.consentmanager.net/delivery/customdata/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/customdata/bV8xLndfNTA5MTAuZF8xODkzNy54XzM2LnYucC50XzE4OTM3Lnh0XzM2.js
Requested by
Host: c.delivery.consentmanager.net
URL: https://c.delivery.consentmanager.net/delivery/cmp.php?cdid=5ba9148ef68f&h=https%3A%2F%2Fwww.medpex.de%2Fsulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse&&__cmpfcc=1&l=en&o=1681684197529
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cec8a778c0747b113d7f7973786942fb5c3099cf786b473b973f82f12a3fe4c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 16 Apr 2023 22:29:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
645
x-accel-date
1681683552
x-xss-protection
0
x-77-nzt
AcO1rgWgaHv/hQIAAA
x-accel-expires
@1681685352
last-modified
Sun, 16 Apr 2023 22:19:12 GMT
server
CDN77-Turbo
x-77-nzt-ray
25b02131f1101bb3e5763c6453a30f2d
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*, *
cache-control
public, max-age=1800
access-control-max-age
1000
expires
Sun, 16 Apr 2023 22:49:12 GMT
langpurpose_de.min.js
cdn.consentmanager.net/delivery/lang/ 		63 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/lang/langpurpose_de.min.js
Requested by
Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6fd6893284fe86ba660743d7cf49e8406bf0803d007c2e7445afd69f28060547
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 16 Apr 2023 22:29:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
1516
x-accel-date
1681682682
x-77-nzt
AcO1rgWYs5//7AUAAA
x-accel-expires
@1681684482
last-modified
Wed, 15 Mar 2023 23:46:22 GMT
server
CDN77-Turbo
etag
W/"641258ce-fbcf"
x-77-nzt-ray
25b02131f1101bb3e6763c64abfa7207
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, public
access-control-max-age
1000
/
c.delivery.consentmanager.net/delivery/info/ 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.delivery.consentmanager.net/delivery/info/?id=50910&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fwww.medpex.de%2Fsulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse&o=1681684198210&l=DE&lv=46460&d=1&ct=14&e=&e2=&e3=&i=&sv=83&dv=36&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Apr 2023 22:29:58 GMT
Last-Modified
Sun, 16 Apr 2023 22:29:58 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Content-Length
43
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
c.delivery.consentmanager.net/delivery/info/ 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.delivery.consentmanager.net/delivery/info/?id=50910&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fwww.medpex.de%2Fsulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse&o=1681684198211&l=DE&lv=46460&d=1&ct=14&e=&e2=&e3=&i=&sv=83&dv=36&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Apr 2023 22:29:58 GMT
Last-Modified
Sun, 16 Apr 2023 22:29:58 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Content-Length
43
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
logo1666335451x3785.gif
cdn.consentmanager.net/delivery/img/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.consentmanager.net/delivery/img/logo1666335451x3785.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
952e36ac0df3ac4e393084faa3260f032a26aa1268c9c7b8e7326b255f69eeb1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 16 Apr 2023 22:29:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-cache
HIT
x-77-cache
HIT
x-age
76074
x-accel-date
1681608124
content-length
20963
x-77-nzt
AcO1rgXlYZL/KikBAA
x-accel-expires
@1681694524
last-modified
Fri, 21 Oct 2022 06:57:31 GMT
server
CDN77-Turbo
etag
"635242db-51e3"
x-77-nzt-ray
25b02131f1101bb3e6763c644dd23b0e
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
kias-medpex.js
js.kctag.net/ 		88 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.kctag.net/kias-medpex.js
Requested by
Host: galotop1.com
URL: http://galotop1.com/r2.php?e=SuHs3BI56ipo1FsSV4U8u349fk9ENHlZMXNSQVRnZVF2ckJYdjgwZjhBSGk4TXlsVlJXQVMwUWFxNjA4WE1EeEgwZzFNSnVCS0dNTXJyNkdFZ1hGRjFjQ3JKRHpSY0FueEE3MDZDUWt3dWdkMVdDd1dHYlMyUXRSVWpYZ0lEUEZyZVJFVWV4V1J1c0hDSnJhU25xV3RuQkdsc1lGN2xNZjRGMWJlZ3FGdDEvSm4zN00yYld4QUlsWHN6ZTlXR1B4Ynh2ZzJVeUdxc0IwRit1c1N2VkF1R1Q4dVg5UHNWeWVCV1k2VGVjVzBiZmEvSUJoeW8zNnBnSnJTaHlhNnBxbGkrQkhjRzVRd1d0ZzkwWktMNk9WbmhvV0EyTWdyM1NRMDl1R0R1aEMyOUxuWGlTRWVLZ2dLUTBURjcxTW5zMnFzZGZ2TnRMTGp0Rm1xdldwVXp5ZnhQbFV1cDhjMURoaDRQZ1k4WG1CZjRodmE2Z1Q3MEU3RGpvRkFWYlR4K29qUzA1enZRVENhNEE2d1d5QUljK3FpcEJNV1hwaDJEcm1tb0hqa3FDZVk0UG5xK3dSWE9VL1EzVHB6eWxZZjNyQUZSdmZQSXJ4RWxTRm1Qenh5UDZMUWgwckgyYjZzNGNDenZUTzJLL3I1WW5lWGhuTHdESUVmWHRLclVJNnE1Rm0zc0kya1RwREJ6OUpuVW15RDN0c2xxWUgrRTJSNGgyaUUzRjYzSUNXajdJVzdSWGF3NGMwSGxjcmlBYzU0ODB5cnpIL01EcHhHMjg3MU1zYWlkbElaVjFRRnU5MlZ6dHBmM3J2VXByditHaWxDdWpFSjRHc2s4WTF0aGdVZm4rWGg1WE1DdlBzYkUvR2pmL3dGbTF6L3B3WmF0ZTN3eksvdXBoRy8vQ1p3Mkxza2JwQ01TQjZFTFRLd3p6YjJjbHoyZkxjRE9oZ3lsWXRMTFYxQ1FqN1Q1MHl2dy9FUjBOTFJ5QW9kTGwyRU5uaUtQcER5dzlyb21VQUg2S0V5WThNNXUwUlcyOCs3bnZacjNuRDJ0NU80K2JoZlM1UWdlVC9kdHVqTy82OWRxOS84WjVOUzBaa2h1MWNVNjhpbFU9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.4.156 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
7e5af132e97d165ec1462df13ae82321d0ade7f0739b65f18a72988b09656d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 22:29:58 GMT
x-amz-version-id
sJ9kM31dQuN_dMeDH3DLIVkDJSe9ak_U
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
59
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
90541
last-modified
Mon, 03 Apr 2023 12:21:41 GMT
server
openresty
etag
"cdea4c7533ab46defa3d00a6bea2d808"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
_H8KlojT2f7ArZ0d_9rQteXKaFIOD5cIbxR1zel8LZ0DxDiLVf-YFw==
srp.js
aproxy.ksgct.de/js/ 		82 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aproxy.ksgct.de/js/srp.js
Requested by
Host: js.kctag.net
URL: https://js.kctag.net/kias-medpex.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.69.183.15 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
49f3de6b7dc9a80d6876259b6254adca2d3b30de6bd3e26c2ebf029275a630c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 16 Apr 2023 22:29:58 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
json
t2.kctag.net/live/ 		20 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t2.kctag.net/live/json?type=ncpv&pt=product_detail&p=1787077%7C100&ph=0&sh=63515af67b69b4001b54abd4&ra=1681685158930&ksid=ZyuP0YlyO6mZ4dZFRYbNrvKx&url=https%3A%2F%2Fwww.medpex.de%2Fsulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse&st=default&callback=kci1681684198548
Requested by
Host: js.kctag.net
URL: https://js.kctag.net/kias-medpex.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.4.156 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
95194bbb47770dfcda2468f98c1320258d69d3fe291a31f6ad1bec8fb9269e42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
text/javascript
date
Sun, 16 Apr 2023 22:29:58 GMT
cache-control
no-cache
server
openresty
content-length
20
expires
Thu, 01 Jan 1970 00:00:01 GMT
aut.js
aproxy.ksgct.de/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aproxy.ksgct.de/js/aut.js
Requested by
Host: js.kctag.net
URL: https://js.kctag.net/kias-medpex.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.69.183.15 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
f39adaf6670282f092d1c181ba479e8d2fc5659d92d70e6db4c9076eaab64ab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 16 Apr 2023 22:29:58 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
i
aproxy.ksgct.de/ 		19 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aproxy.ksgct.de/i?raw=1&ts=301087199
Requested by
Host: aproxy.ksgct.de
URL: https://aproxy.ksgct.de/js/aut.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.69.183.15 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
cef2287d87ca583e06ce6c50a1672b012ffb3ba9bc2ac2049540a70903bd43c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 22:29:58 GMT
Server
openresty
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.medpex.de
Access-Control-Expose-Headers
set-cookie
Cache-Control
max-age=31536000,private
Access-Control-Allow-Credentials
true
P3P
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Connection
keep-alive
Content-Length
19
s
aproxy.ksgct.de/ 		104 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aproxy.ksgct.de/s?t=kmTzM3F&v=1&w=810256464&a=1&b=11&f=0&o=17&r=6&e=https%3A//de-go.kelkoogroup.net/&ro=https%3A//www.medpex.de/sulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/112.0.5615.49%20Safari/537.36&userid=7222778632616346830&p=referer(%2Fsulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse_URL_END)sh(medpex.de)pt(product_detail)p1(_1787077_)nc(true&external_uid=ZyuP0YlyO6mZ4dZFRYbNrvKx&uid_stable=1&nw=3610&lt=shop(medpex.de)screentype(default)pagetype(product_detail&s=slot(slot-product-footer*slot(slot-product-footer_multibanner_1*slot(slot-product-footer_multibanner_2
Requested by
Host: aproxy.ksgct.de
URL: https://aproxy.ksgct.de/js/srp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.69.183.15 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
4264b112a67797bf00c127a049cbe73e7bf0328d300a5448aa89f0ef5e64a89a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Apr 2023 22:29:58 GMT
Server
openresty
ETag
7222778632612938003
Content-Type
text/javascript
P3P
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Cache-Control
no-cache
Connection
keep-alive
Content-Length
104
Expires
Sat, 01 Jan 2000 00:00:00 GMT
json
t2.kctag.net/live/ 		20 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t2.kctag.net/live/json?type=nces&pt=product_detail&sl=slot-product-footer&p=1787077%7C100&ph=0&sh=63515af67b69b4001b54abd4&ra=1681685158930&ksid=ZyuP0YlyO6mZ4dZFRYbNrvKx&url=https%3A%2F%2Fwww.medpex.de%2Fsulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse&st=default&callback=kci1681684198994
Requested by
Host: js.kctag.net
URL: https://js.kctag.net/kias-medpex.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.4.156 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
c5194111e55b7a93f3abc940e50da410a537b37ea3e279da2e62a2c3ee618cd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
text/javascript
date
Sun, 16 Apr 2023 22:29:59 GMT
cache-control
no-cache
server
openresty
content-length
20
expires
Thu, 01 Jan 1970 00:00:01 GMT
json
t2.kctag.net/live/ 		20 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t2.kctag.net/live/json?type=ncesv&pt=product_detail&sl=slot-product-footer&p=1787077%7C100&ph=0&sh=63515af67b69b4001b54abd4&ra=1681685158930&ksid=ZyuP0YlyO6mZ4dZFRYbNrvKx&url=https%3A%2F%2Fwww.medpex.de%2Fsulfur-d-6-dilution-p1787077%3Fai%3D10010%26utm_source%3Dbilliger.de%26utm_campaign%3Dcpc%26utm_medium%3Dpse&st=default&callback=kci1681684198995
Requested by
Host: js.kctag.net
URL: https://js.kctag.net/kias-medpex.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.4.156 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
432fa6387d78057ed48d3c4be6335c401e232f53e9d23b5c1681c9612346a73c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.medpex.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
text/javascript
date
Sun, 16 Apr 2023 22:29:59 GMT
cache-control
no-cache
server
openresty
content-length
20
expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| Swiper function| calculateWidths function| pushPersonalizationEvents function| runPersonalizationEvents function| openUrlInSameTab function| openUrlInNewTab function| openUrl function| detectNewTabLaunch function| toggleInputZoom function| alterParcelShopSelection function| chooseAddressType function| appendClone function| toggleMoreLink function| toggleFields function| initializeSnapper function| buildProductListSelectboxes function| buildQuantitySelectbox function| lazyLoadSwiperImages function| buildSelectbox function| generateSwiper function| fillSwiperContentWithJson function| handleSwiperAutoplay function| handleSwiperResize function| calculateSlidesPerView function| calculateImageSwipesPerView function| toggleSelectionBox function| prepareNewMemopadDialog function| InputLimiter function| htmlEncode function| htmlDecode function| isDefined function| setRecaptchaToken function| initRecaptcha function| retrieveCookieDomain function| retrieveDomain function| retrieveTld function| resetPickUpLocationDialog function| initMap function| geocodeAddress function| deleteCurrentMarker function| createListItem function| createMarker function| createInfoWindow function| appendMarkers function| selectParcelShop function| findCurrentStreet function| findCurrentPostalCode function| getParcelShop function| displayParcelShopSelection function| choosePrescriptionType function| closePrescriptionSelection function| openScanner function| toggleRedeemByMailSection function| setSubmitFunctionForAddProductToCart function| addTrackingToProduct function| executeAddTrackingToProduct function| sendTrackingTriggered function| insertCategorySponsoredProducts function| insertCategoryBrandedHeaders function| insertSearchSponsoredProducts function| insertSearchBrandedHeaders function| insertProductRelatedSponsoredProducts function| decodeXmlString function| insertSponsoredProductsSlider function| insertSponsoredProducts function| insertBrandedHeaders function| countOrganicResult function| $ function| jQuery function| Cookies function| Snap object| gd boolean| gdprAppliesGlobally number| cmp_id string| cmp_cdid string| cmp_params string| cmp_host string| cmp_cdn string| cmp_proto string| cmp_codesrc function| cmp_getsupportedLangs function| cmp_getRTLLangs function| cmp_getlang function| cmp_addFrame function| cmp_rc function| cmp_stub function| cmp_msghandler function| cmp_setStub function| __cmp function| __tcfapi function| __uspapi object| dataLayer object| ScanditSDK object| __core-js_shared__ object| regeneratorRuntime function| objectFitPolyfill function| HowlerGlobal object| Howler function| Howl function| Sound object| prescriptionNumbers undefined| codePicker function| initializeUploader function| initializeScanner function| executeAction function| closeScanner function| readUrl function| creatingLoadingDiv function| getPrescriptionElementId function| initializePrescription function| filterScannedUrls function| processBarcode function| processRootJSON function| processJSONPrescription function| failedPrescription function| succesfulPrescription function| removeResultEntry function| countNotNullPrescriptionNumbers function| handleDisablingAddToCartButton function| addERxPrescriptionsToCart undefined| affiliateImage object| jQuery183016221380601735613 function| transitionEnd function| initializeUsermenu function| initializeNavigation function| initializeTouchNavigation function| initializeTooltips function| loadInitialCategory function| findInitiallySelectedCategory function| createCategoryModel function| createTouchCategoryTreeModel function| createNewTouchCategoryTree function| displayTouchCategoryTree function| changeTouchCategory function| calculateDestinationContext function| initializePopupNavigation function| createNewPopupCategoryTree function| displayPopupCategoryTree function| buildPopupCategoryTreeMarkup function| closePopupCategoryTree function| getPopupCategoryItemClass function| getParentCategory function| getSubCategories function| addOffsetCorrection function| addTitleToLinksWithWidthOverflow function| appendFriendReferralDialog function| abortClickProcessing function| openWindow function| disableButton function| enableButton function| highlightElement function| toggleCheckBoxes function| buildFancybox function| changedCartEntryQuantity function| deleteCartEntry function| trackCartEntryUpdate function| trackCartEntryDeletion function| trackGoogleAnalyticsCartEntryDeletion function| removeCartEntries function| saveCartEntryQuantity function| updateCartInfo function| updateMessages function| updateCartValues function| updateCartSubtotalWithFadeOut function| updateCartSubtotalShort function| selectItemInDropDown function| validateDate function| processMemopadForm function| validateIban function| largeNumberModulo function| updateCityAutoCompleter function| showDialog function| closeDialog function| markFieldAsInvalid function| deleteHistory object| x10 object| Defiant function| Spinner function| cmp_gppmanifest function| cmp_fibo function| cmp_reader function| cmp_writer function| cmp_cs function| cmp_lang function| cmp_affiliatedomains function| cmp_purpose function| cmp_stack function| cmp_vendor function| cmp_utils function| cmp_snapshot function| cmp_storage function| cmp_gpp_helper function| cmp_api function| cmp_contentblocking function| cmp_behavior function| cmp_amp function| cmp_eventwrapper function| cmp_html function| cmp_wcagdialog function| cmp_display function| cmp_display_age function| cmp_display_background function| cmp_display_cookieinfo function| cmp_display_cookielist function| cmp_display_images function| cmp_display_langchoice function| cmp_display_policy function| cmp_display_welect function| cmpsource function| cmpmngr_queryfile string| cmpccsversionbuild function| cmp_unq function| cmp_fnd number| cmpccsversion function| btoa2 function| atob2 function| cmp_loadconsole function| cmp_getGPPManifests function| cmp_regulations function| cmp_getregulation function| cmp_getcss object| cmpmngr function| __cmapi function| __gpp function| cmp_loadCS function| cmp_append_script function| cmp_append_script2 string| cmp_config_data_cs object| cmp_config_data object| cmp_scripts object| cmp_scripturls string| cmp_warn object| cmp_timer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| cmp_svg_no function| cmp_svg_yes function| cmp_svg_yesorange function| cmp_svg_noorange function| cmp_svg_multi function| cmp_svg_nodisabled function| cmp_svg_yesdisabled function| cmp_svg_icomatexternal_link function| cmp_spachange number| cmpGDPR number| cmpCCPA string| cmpRegulation string| cmpConsentString string| cmpCurrentStatus string| cmpLastStatus string| cmpLastTCFStatus string| cmpLoadingStatus string| cmpDisplayStatus string| cmpVendorsConsent string| cmpCustomVendorsConsent string| cmpGoogleVendorsConsent string| cmpPurposesConsent string| cmpCustomPurposeConsent string| cmpConsentVendors string| cmpConsentPurposes string| cmpLIVendors string| cmpLIPurposes string| cmpIABUSP number| cmpDesignId boolean| consentExists boolean| userChoiceExists string| userChoiceType string| userChoiceStatus object| commands object| commandPageSettings object| commandPageSlots undefined| products undefined| commandSetCartProducts function| insertScript function| createProductArrayFromPageData function| productListContains function| postProcessPreGeneratedCommand function| addSetPageSlotsCallback function| extractSlotContainerIds object| kias object| utag_data

19 Cookies

Domain/Path Name / Value
springtournament.com/ Name: __tad
Value: 1681684192.6052702
.galotop1.com/ Name: __dsnsid
Value: 20230417082952559f9208559b3daef0
lookandfind.me/ Name: bbe93f296de375c1416880f79409f6c3
Value: f27de18d8508740dc839d3459c44fecde9062112d8650ccad21e99b29563e9b7a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22bbe93f296de375c1416880f79409f6c3%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.kelkoogroup.net/ Name: kelkooID
Value: a4c6294-1878c306b1b-70dd14
.kelkoogroup.net/ Name: _ga
Value: GA1.2.471625308.1681684196
.kelkoogroup.net/ Name: _gid
Value: GA1.2.781845207.1681684196
www.billiger.de/ Name: billigerderevisit
Value: tag%3DH4r6fumAjWsXnqCsiGJCAuJ6-_XlaYpOsw-3OtL3
www.billiger.de/ Name: oVKH0jxASv8sDlV-ytXE5vyeWXWsd3oSY63EyttsclDmNWpQs5XcMc
Value: IFGj7teWwCceGc9aEoiG95XTfZv9nRWEA
www.billiger.de/ Name: billiger_session
Value: 5oOqXM0PaW8H4r6fumAjWsXnqCsiGJCAuJ6-_XlaYpOsw-3OtL3
.billiger.de/ Name: __cf_bm
Value: Am2QM2.SnovbfHOBz7IEBTxc7MfPOJJRtNV9dIQrpvo-1681684196-0-ATDGc3vYRK1Q0BshDZ5C8bB90FrF3PKLS3kX42P63SVHeNjsODV6dYe1mwDmVBOMuCo+aY/eDXR2LfweTaPnxAgynofjCEk67qv2yrDi11ln
.kelkoogroup.net/ Name: datadome
Value: 0wBafjcQURt0Qy5KmaE_CE2ZiG_KTGfwcCKrsOIXbydjLO_S_zI3zYubDbDXPmVjwf6_-aSJFtWSfMrogbtJSr-F-ji24hmx9oTI1_JabsfTL57PsQFx7kRXR~Cnri4-
.cptrack.de/ Name: __cpc
Value: Dp1UTXW_rqMkGR4rXaWrpZE9K1O6vaWFXBeEpCxq3Ekk91_LyBRjBOiyB6KcVbDW9-n7e8lWBEzLm9Hy4V_pN96jZe7iFqbu6ABPGEIEK18~
www.medpex.de/ Name: dm-ESID
Value: eyUwi1Ks136EpVaPurQDfwv2Jzzy2be1
.medpex.de/ Name: AI
Value: 10010
www.medpex.de/ Name: JSESSIONID
Value: PNDJCALLGNOC
.medpex.de/ Name: __cf_bm
Value: MFwjBqGff5210w6EHJ3lj_k0h1NOLkLngxIKyuvbfT8-1681684197-0-ARofDtPYWLh0c0RXcIdHbYk4p8k/6YgxSI4NRFFTfdnGo4VDTyojC+zQZnx8hi0gGYBRxIBmqK+EMW1IPYYZ/+A=
.medpex.de/ Name: _cfuvid
Value: b5mYjVGHLqlS7.ZNv3QadkqU6PPvT2eJrEDOxHXwOos-1681684197275-0-604800000
.medpex.de/ Name: __cmpcvcx50910
Value: __s23_s905_c2706__
.medpex.de/ Name: __cmpcpcx50910
Value: __51__

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
api.yadore.com
aproxy.ksgct.de
c.delivery.consentmanager.net
cdn.consentmanager.mgr.consensu.org
cdn.consentmanager.net
cdn.jsdelivr.net
clever-redirect.com
click.cptrack.de
dd.kelkoogroup.net
de-go.kelkoogroup.net
galotop1.com
images.medpex.de
js.kctag.net
lookandfind.me
springtournament.com
t2.kctag.net
www.billiger.de
www.google-analytics.com
www.googletagmanager.com
www.medpex.de
103.224.182.206
104.16.54.8
116.203.50.204
159.69.183.15
18.197.124.41
18.66.112.3
199.115.116.43
213.133.127.252
2606:4700:10::6816:3643
2606:4700::6810:5614
2a00:1450:4001:808::200e
2a00:1450:4001:82a::2008
2a02:6ea0:c700::11
35.158.4.156
5.9.110.29
87.230.98.74
88.99.112.6
95.211.116.26
0fed89f0412757aea3316ef91b61da45396c0cf3a6187ad6ec6fd4810066b5ae
2bae48bd38f198398753d51ea4eb967a6f3e89a3da0789330d7a19219846a10f
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
4237ffad204e142b6da02e3a596eba09d1952a0c3163c7b3fa0841ecac2ef7b8
4264b112a67797bf00c127a049cbe73e7bf0328d300a5448aa89f0ef5e64a89a
432fa6387d78057ed48d3c4be6335c401e232f53e9d23b5c1681c9612346a73c
49f3de6b7dc9a80d6876259b6254adca2d3b30de6bd3e26c2ebf029275a630c2
51e521ff9c6f33b880928ee55cc6503571bbd69140341d66048ad78e46920dfb
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
586484af581bf40b8183d5ab0719ad8290d064610d90ef7e2b8d73333cdc0718
5a6ba85f02457a00843cbf8f47a19ecd8fdb56be4315b09e8f4e2231401dbdec
5cb58f85d73227032fb5d5ee9d98605cdb736afbb1cc2732d49ac33daf351ed1
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
68fcb61a8ac3a8cf22c7d9878462bdd7d18d0ce93d9b18e5b5013db8a1e3e0c3
6fd6893284fe86ba660743d7cf49e8406bf0803d007c2e7445afd69f28060547
7c312a2ef53c7263b49c48d77a80c6dba57e66bb2e50867589058670fd60e7a7
7e5af132e97d165ec1462df13ae82321d0ade7f0739b65f18a72988b09656d38
833c1d3fb4361aafbb6839ec825a72cebe6ac191ec1fe8d5ce0c0d1a739e6d97
95194bbb47770dfcda2468f98c1320258d69d3fe291a31f6ad1bec8fb9269e42
952e36ac0df3ac4e393084faa3260f032a26aa1268c9c7b8e7326b255f69eeb1
9bc30457d4c596df166204f282797b23baa27cd333d7065a42550c1cf9af8c6b
9eaeb35d143e69f48d9bd6cf191d814ece93ad901b4d6da95b4d48e847ed180f
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7bf79647e9f6a11af13f278fdc6d25813dceff54e44bcb5f206d6450661b583
b0a70ad4d8e20c7e996a2e6ae76859c165fdf9cd2289549c77188e0d3d9c518f
bc8d12f92db5feb6a89f3c2a34c0d0dfca5bf39dd6f503337577104e1d42c381
c5194111e55b7a93f3abc940e50da410a537b37ea3e279da2e62a2c3ee618cd2
cb501272279fa3ea8c5a9860c87f5d050e7765b660ed6e7a0ee81f015b42e641
ce342dd22d5b5380f50feaf04f9d7ceb720b2ca04712b9cedf1375b453e7c2e6
cec8a778c0747b113d7f7973786942fb5c3099cf786b473b973f82f12a3fe4c0
cef2287d87ca583e06ce6c50a1672b012ffb3ba9bc2ac2049540a70903bd43c8
cf5ca9a7f46da0e266c9f1d1d161d3785f5eb3af2800072521efd888474d29cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f39adaf6670282f092d1c181ba479e8d2fc5659d92d70e6db4c9076eaab64ab2
f3b5a694d50a2764bebb82165e53c8a4b95ea34b497186b5d440233cc9ceac15
f74ba6fa75d9102c6cf129764861a5e12f495fea60c0bfd434bb5642a2be33f2
f93314010371a7946b2e53504679ba575067dc01d03d6b0bc364faa85c5c3be7