www.bodfeld-apotheke.de Open in urlscan Pro
2001:41d0:700:2f40:: Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://remote.capitalpone.com/
Effective URL:
https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Submission: On May 04 via api (May 4th 2022, 1:27:18 am UTC) from US — Scanned from DE

Summary HTTP 147 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 51 IPs in 8 countries across 51 domains to perform 147 HTTP transactions. The main IP is 2001:41d0:700:2f40::, located in Germany and belongs to OVH, FR. The main domain is www.bodfeld-apotheke.de. The Cisco Umbrella rank of the primary domain is 304818.
TLS certificate: Issued by R3 on March 28th 2022. Valid for: 3 months.

This is the only time www.bodfeld-apotheke.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.182.241 103.224.182.241	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
36	2001:41d0:700... 2001:41d0:700:2f40::	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	99.86.4.77 99.86.4.77	16509 (AMAZON-02) (AMAZON-02)
1	54.37.201.1 54.37.201.1	16276 (OVH) (OVH)
1	62.146.17.87 62.146.17.87	15598 (IPX-AS15598) (IPX-AS15598)
1	52.57.224.53 52.57.224.53	16509 (AMAZON-02) (AMAZON-02)
1	2a01:4f8:210:... 2a01:4f8:210:11a9::1	24940 (HETZNER-AS) (HETZNER-AS)
1	2a07:a40:0:70... 2a07:a40:0:700::4	48821 (MAUVE) (MAUVE)
1	52.57.38.189 52.57.38.189	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.37 99.86.4.37	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a07:a40:0:30... 2a07:a40:0:300::4	48821 (MAUVE) (MAUVE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	78.47.227.103 78.47.227.103	24940 (HETZNER-AS) (HETZNER-AS)
1	54.239.35.33 54.239.35.33	16509 (AMAZON-02) (AMAZON-02)
14	2600:1901:0:5... 2600:1901:0:5987::	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225a:5800:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:12c0:101... 2a00:12c0:101b:200::19	47215 (FILOO-ASN...) (FILOO-ASN Rhedaer Strasse 25)
1	2600:9000:206... 2600:9000:206f:2000:e:5098:9500:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	212.83.50.108 212.83.50.108	47447 (TTM) (TTM)
2	52.48.93.179 52.48.93.179	16509 (AMAZON-02) (AMAZON-02)
1 2	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
10	2600:1901:0:c... 2600:1901:0:c07c::	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	54.239.37.6 54.239.37.6	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	40.76.174.66 40.76.174.66	() ()
2 4	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	85.114.159.112 85.114.159.112	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.60 217.79.188.60	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 2	52.58.193.70 52.58.193.70	16509 (AMAZON-02) (AMAZON-02)
1 1	15.235.15.221 15.235.15.221	() ()
1	15.197.193.217 15.197.193.217	() ()
1 1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	85.215.5.31 85.215.5.31	() ()
4	104.79.88.164 104.79.88.164	() ()
2 3	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
1	37.157.5.73 37.157.5.73	() ()
2 4	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	() ()
2	2600:1901:0:7... 2600:1901:0:7903::	() ()
1	34.95.108.180 34.95.108.180	() ()
147	51

2 103.224.182.241 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com

remote.capitalpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

utkv6nyu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.92.94.3 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2001:41d0:700:2f40:: (Germany)

ASN16276 (OVH, FR)

www.bodfeld-apotheke.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.86.4.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-77.fra6.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.37.201.1 (France)

ASN16276 (OVH, FR)
PTR: ip1.ip-54-37-201.eu

ixxilon.mauve.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.146.17.87 (Schwandorf in Bayern, Germany)

ASN15598 (IPX-AS15598, DE)
PTR: i-65cb9712-origin-cdn.idealo.com

img.idealo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.224.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-224-53.eu-central-1.compute.amazonaws.com

www.medizinfuchs.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:210:11a9::1 (Germany)

ASN24940 (HETZNER-AS, DE)

www.medipreis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a07:a40:0:700::4 (Germany)

ASN48821 (MAUVE, DE)

bodfeld1.ix.dus.m-eshop.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.38.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-38-189.eu-central-1.compute.amazonaws.com

js.kctag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-37.fra6.r.cloudfront.net

static-eu.payments-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a07:a40:0:300::4 (Germany)

ASN48821 (MAUVE, DE)

rum.mauve.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.47.227.103 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.103.227.47.78.clients.your-server.de

aproxy.ksgct.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.35.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

payments-de.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225a:5800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:12c0:101b:200::19 (Germany)

ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE)

tracking.s24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:2000:e:5098:9500:21 (United States)

ASN16509 (AMAZON-02, US)

d23yuld0pofhhw.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.83.50.108 (Germany) 1 redirects

ASN47447 (TTM, DE)

r.adserver01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.93.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-93-179.eu-west-1.compute.amazonaws.com

the.sciencebehindecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.37.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

payments.amazon.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.76.174.66 (None, )

ASN- ()

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.87 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.112 (Rheinfelden, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad11.adfarm1.adition.com

ad11.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.193.70 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-193-70.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.15.221 (None, ) 1 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.29.65 (Milan, Italy) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (None, ) 1 redirects

ASN- ()

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.79.88.164 (None, )

ASN- ()

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.248 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (None, )

ASN- ()

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11868943.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7903:: (None, )

ASN- ()

graphql.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.108.180 (None, )

ASN- ()

uct.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	bodfeld-apotheke.de www.bodfeld-apotheke.de — Cisco Umbrella Rank: 304818	434 KB
27	usercentrics.eu app.usercentrics.eu — Cisco Umbrella Rank: 11733 api.usercentrics.eu — Cisco Umbrella Rank: 10858 graphql.usercentrics.eu uct.service.usercentrics.eu	164 KB
7	ad4m.at ad4m.at — Cisco Umbrella Rank: 3156 as.ad4m.at — Cisco Umbrella Rank: 3912	17 KB
7	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 cm.g.doubleclick.net — Cisco Umbrella Rank: 289 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 59221 11868943.fls.doubleclick.net — Cisco Umbrella Rank: 68844	6 KB
7	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 6221	37 KB
5	1redirc.com 1 redirects 1redirc.com — Cisco Umbrella Rank: 303902	8 KB
4	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3866 s2.adform.net	30 KB
4	mathtag.com pixel.mathtag.com	4 KB
4	adition.com 2 redirects ad11.adfarm1.adition.com — Cisco Umbrella Rank: 28567 imagesrv.adition.com — Cisco Umbrella Rank: 13762	940 B
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 612	4 KB
4	google.com www.google.com — Cisco Umbrella Rank: 20 adservice.google.com	1 KB
3	adserver01.de 1 redirects r.adserver01.de — Cisco Umbrella Rank: 79842	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 605	13 KB
3	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14274	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901	2 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 5193	737 B
2	clarity.ms d.clarity.ms	23 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	388 B
2	amazon.de payments.amazon.de — Cisco Umbrella Rank: 125013	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3632	656 B
2	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 29190	2 KB
2	sciencebehindecommerce.com the.sciencebehindecommerce.com — Cisco Umbrella Rank: 63906	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	115 KB
2	ksgct.de aproxy.ksgct.de — Cisco Umbrella Rank: 174661	92 KB
2	payments-amazon.com static-eu.payments-amazon.com — Cisco Umbrella Rank: 31017	104 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1095	70 KB
2	lookandfind.me lookandfind.me — Cisco Umbrella Rank: 953563	987 B
2	capitalpone.com 2 redirects remote.capitalpone.com	2 KB
1	twiago.com 1 redirects a.twiago.com	328 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 893	715 B
1	adsrvr.org match.adsrvr.org	265 B
1	onaudience.com 1 redirects pixel.onaudience.com	410 B
1	cloudfront.net d23yuld0pofhhw.cloudfront.net	3 KB
1	s24.com tracking.s24.com — Cisco Umbrella Rank: 72875	1 KB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 401	17 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4383	11 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	amazon.com payments-de.amazon.com — Cisco Umbrella Rank: 98897	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	76 KB
1	mauve.eu rum.mauve.eu — Cisco Umbrella Rank: 275555	3 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	kctag.net js.kctag.net — Cisco Umbrella Rank: 168534	91 KB
1	m-eshop.de bodfeld1.ix.dus.m-eshop.de — Cisco Umbrella Rank: 323170	57 KB
1	medipreis.de www.medipreis.de — Cisco Umbrella Rank: 318752	8 KB
1	medizinfuchs.de www.medizinfuchs.de — Cisco Umbrella Rank: 190461	14 KB
1	idealo.com img.idealo.com — Cisco Umbrella Rank: 87572	7 KB
1	mauve.de ixxilon.mauve.de — Cisco Umbrella Rank: 272587	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	1 KB
1	utkv6nyu.de 1 redirects utkv6nyu.de — Cisco Umbrella Rank: 177066	800 B
1	clever-redirect.com clever-redirect.com	677 B
0	pubmatic.com Failed simage2.pubmatic.com Failed
147	51

	Domain	Requested by
36	www.bodfeld-apotheke.de	lookandfind.me www.bodfeld-apotheke.de
14	app.usercentrics.eu	www.googletagmanager.com app.usercentrics.eu www.bodfeld-apotheke.de 1redirc.com
10	api.usercentrics.eu	app.usercentrics.eu
7	widget.trustpilot.com	www.bodfeld-apotheke.de widget.trustpilot.com
5	as.ad4m.at	www.bodfeld-apotheke.de
5	1redirc.com	1 redirects 1redirc.com
4	pixel.mathtag.com	hal9000.redintelligence.net
4	secure.adnxs.com	2 redirects r.adserver01.de www.bodfeld-apotheke.de
3	track.adform.net	2 redirects hal9000.redintelligence.net
3	r.adserver01.de	1 redirects www.dwin1.com r.adserver01.de
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.bodfeld-apotheke.de
3	www.awin1.com	1 redirects www.dwin1.com www.awin1.com
2	graphql.usercentrics.eu	app.usercentrics.eu
2	adservice.google.com	5994599.fls.doubleclick.net 11868943.fls.doubleclick.net
2	11868943.fls.doubleclick.net	1 redirects hal9000.redintelligence.net
2	5994599.fls.doubleclick.net	1 redirects hal9000.redintelligence.net
2	dsum-sec.casalemedia.com	1 redirects www.bodfeld-apotheke.de
2	ih.adscale.de	2 redirects
2	imagesrv.adition.com	www.bodfeld-apotheke.de
2	ad11.adfarm1.adition.com	2 redirects
2	d.clarity.ms	bat.bing.com d.clarity.ms
2	www.facebook.com	www.bodfeld-apotheke.de
2	payments.amazon.de	static-eu.payments-amazon.com
2	www.google.de	www.bodfeld-apotheke.de
2	www.google.com	www.bodfeld-apotheke.de
2	hal9000.redintelligence.net	1 redirects 1redirc.com
2	the.sciencebehindecommerce.com	www.dwin1.com the.sciencebehindecommerce.com
2	ad4m.at	www.dwin1.com ad4m.at
2	googleads.g.doubleclick.net	www.googleadservices.com
2	connect.facebook.net	1redirc.com connect.facebook.net
2	aproxy.ksgct.de	js.kctag.net
2	static-eu.payments-amazon.com	www.bodfeld-apotheke.de static-eu.payments-amazon.com
2	maxcdn.bootstrapcdn.com	www.bodfeld-apotheke.de maxcdn.bootstrapcdn.com
2	lookandfind.me	clever-redirect.com
2	remote.capitalpone.com	2 redirects
1	uct.service.usercentrics.eu	www.bodfeld-apotheke.de
1	s2.adform.net	hal9000.redintelligence.net
1	a.twiago.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	match.adsrvr.org	www.bodfeld-apotheke.de
1	pixel.onaudience.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	d23yuld0pofhhw.cloudfront.net	www.bodfeld-apotheke.de
1	tracking.s24.com	www.googletagmanager.com
1	ssl.google-analytics.com	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	payments-de.amazon.com	static-eu.payments-amazon.com
1	www.googletagmanager.com	www.bodfeld-apotheke.de
1	rum.mauve.eu	www.bodfeld-apotheke.de
1	fonts.gstatic.com	fonts.googleapis.com
1	js.kctag.net	www.bodfeld-apotheke.de
1	bodfeld1.ix.dus.m-eshop.de	www.bodfeld-apotheke.de
1	www.medipreis.de	www.bodfeld-apotheke.de
1	www.medizinfuchs.de	www.bodfeld-apotheke.de
1	img.idealo.com	www.bodfeld-apotheke.de
1	ixxilon.mauve.de	www.bodfeld-apotheke.de
1	fonts.googleapis.com	www.bodfeld-apotheke.de
1	utkv6nyu.de	1 redirects
1	clever-redirect.com	1redirc.com
0	simage2.pubmatic.com Failed	www.bodfeld-apotheke.de
147	61

This site contains links to these domains. Also see Links.

Domain
blog.bodfeld-apotheke.com
www.facebook.com
www.instagram.com
www.abc-arznei.de
www.idealo.de
www.medizinfuchs.de
www.apomio.de
www.sparmedo.de
www.medipreis.de
www.preis.de
geizhals.de
versandhandel.dimdi.de
www.gruenstempel.de
www.bvl.bund.de

Subject Issuer	Validity	Valid
tracker.clever-redirect.com R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
lookandfind.me R3	`2022-05-03` - `2022-08-01`	3 months	crt.sh
www.bodfeld-apotheke.de R3	`2022-03-28` - `2022-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.trustpilot.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
ixxilon.mauve.de R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.idealo.com Thawte TLS RSA CA G1	`2022-03-22` - `2023-04-14`	a year	crt.sh
*.medizinfuchs.de Amazon	`2021-09-18` - `2022-10-17`	a year	crt.sh
medipreis.de R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
bodfeld1.ix.dus.m-eshop.de R3	`2022-04-25` - `2022-07-24`	3 months	crt.sh
*.kctag.net AlphaSSL CA - SHA256 - G2	`2021-07-27` - `2022-08-28`	a year	crt.sh
static-eu.payments-amazon.com Amazon	`2021-07-22` - `2022-08-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
rum.mauve.eu R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.ksgct.de AlphaSSL CA - SHA256 - G2	`2021-11-05` - `2022-12-07`	a year	crt.sh
payments-de.amazon.com Amazon	`2021-08-26` - `2022-07-31`	a year	crt.sh
app.usercentrics.eu GTS CA 1D4	`2022-04-21` - `2022-07-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-10` - `2022-05-11`	3 months	crt.sh
*.s24.com R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.adserver01.de Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-14`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2021-07-19` - `2022-08-20`	a year	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
api.usercentrics.eu GTS CA 1D4	`2022-04-21` - `2022-07-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
payments.amazon.de Amazon	`2021-11-26` - `2022-11-09`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
graphql.usercentrics.eu GTS CA 1D4	`2022-04-20` - `2022-07-19`	3 months	crt.sh
uct.service.usercentrics.eu GTS CA 1D4	`2022-04-16` - `2022-07-15`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Frame ID: AD834737FA25337DD3F5E0E297EBCD10
Requests: 120 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=48736265000064000502d917
Frame ID: 34B6490950BF2091F822DF3575E5B753
Requests: 5 HTTP requests in this frame

Frame: https://www.awin1.com/alt.php?mid=17298&sv=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Frame ID: 228DA781E74D5E1920CCC9BB3F4AB4CC
Requests: 2 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1
Frame ID: 3937B23944BFD3FF83A2A4D5C1AA6FC4
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 682473CFEF971AA6FF13D07BD13A0174
Requests: 1 HTTP requests in this frame

Frame: https://r.adserver01.de/znamh/data/e43b41fddbac17efe33eb16e490d0b72.html
Frame ID: 86431CAC6BC3B240BA748A0235753A6C
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKzKnLXYxPcCFYvS1QodMrEKyQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2681485383080.04
Frame ID: 8E6F554E6B3BF888C0CA3BA4DDEEC3AB
Requests: 2 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CIiLn7XYxPcCFdgfBgAdL3MPEA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6463474565044.566
Frame ID: 5D4A2B93121BF29FFE5B3FA61F20072C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Apotheke - Arzneimittel & Kosmetik | Bodfeld Apotheke

Page URL History Show full URLs

http://remote.capitalpone.com/ HTTP 302
https://remote.capitalpone.com/ HTTP 302
http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGW... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D64658... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=646589179&sid=202205041127128095d1f95df6c032e6 Page URL
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=bodfeld-apotheke.de&s1=7216... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=8048467f0c8f62f0a4adef2ed... HTTP 302
https://www.awin1.com/cread.php?awinmid=17298&awinaffid=101248&clickref=at107999_a180536_m12_p1347... HTTP 302
https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83 Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart
<a[^>]*href=[^>]*/Checkout

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

147
Requests

88 %
HTTPS

41 %
IPv6

51
Domains

61
Subdomains

51
IPs

8
Countries

1483 kB
Transfer

4224 kB
Size

37
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.bodfeld-apotheke.com/
Title: Bodfeld Ratgeber

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bodfeldapo/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bodfeldapo/

Search URL Search Domain Scan URL

URL: https://www.abc-arznei.de/content/faq.1597.html#5

Search URL Search Domain Scan URL

URL: https://www.idealo.de/preisvergleich/Shop/24058.html

Search URL Search Domain Scan URL

URL: https://www.medizinfuchs.de/apotheken-profil/bodfeld-apotheke.de-172.html

Search URL Search Domain Scan URL

URL: https://www.apomio.de/

Search URL Search Domain Scan URL

URL: https://www.sparmedo.de/versandapotheke/53/

Search URL Search Domain Scan URL

URL: https://www.medipreis.de/apotheken-profil/bodfeld-apotheke-119

Search URL Search Domain Scan URL

URL: http://www.preis.de/

Search URL Search Domain Scan URL

URL: https://geizhals.de/

Search URL Search Domain Scan URL

URL: https://versandhandel.dimdi.de/websearch/servlet/Gate?accessid=dimdi_var&term=5b4afab019cd22b85aceb551b511b193

Search URL Search Domain Scan URL

URL: http://www.gruenstempel.de/

Search URL Search Domain Scan URL

URL: https://www.bvl.bund.de/DE/Arbeitsbereiche/05_Tierarzneimittel/02_Verbraucher/07_Haendlerregister/05_Tabelle/tam_haendler_node.html#TAM-H-137

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://remote.capitalpone.com/ HTTP 302
https://remote.capitalpone.com/ HTTP 302
http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9 Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D646589179%26sid%3D202205041127128095d1f95df6c032e6&s=j&enc=3BUTuNSxJUpFljtzO8PZy349flRDZ3ZCNjFNdE5OUjZZYmExYy90elhoeVFVWjBPT3pjeTZQb1kvQ0VBNkxJc3JuVkh1ajZFb1dkdE1DSnpkZE1kZlRKeDJLRVM3ZXlMMDNqcmpiWnZtTVlsbHZiQ3pWdEJ6NTRxQUQ4a2hDdXJvY0N5SEtFQXg3L1ltdEpucytraXI3elV6d3BMWXp4TjNXa1oreVlGNWQzOTNKY3Q5SzNmWlRVSUo2c0FkQjlZby9RL0NmcVJZbFpxV2pUWUE0UHNPYkpuOWtuakVJaU56eG9tVFdvOWtaNXZHS242M3ZYL2Q4bm42S0dKd0dlWTRqVlorOGVwVitmNGY0Q285MzhpdkU1dkZKRFN1TlRqSUJ3Q2NOWU9VR2dwWkMxUUh4NDVxd0JmcFNwWXdGMDlpOHVoV2lUUWhsUDlxV2VLME9tRVk0aDBTOEdWU3VMTzJqOGFHNjI5WnI3VXczeHFJQVpiSEluVytSb3ZQWHU0VDdtdk9rQllBVm9IWGZPRHF2WVdEU0Y0OEpJL0ZyTEpuc25mbGE0K0dZanptYTBsY1VjQVhYemtDK21wMzNuWERXVHV4VVVqM3M5Sko2MjFvN1MzdWNGREFpZ255QkdtSTZ4TFJha2ZheFlQZG05ZzFneVNwUXhOWG9lK3hpUnREZUdFZHIxNmVtS0tiTGtoUTlWdEUyNHc0Um4xSG0zK25xSkhDZnVKYmZ0YzVRSWU1NWNiMGZ5VE1BTEUxaVpZWVVkd1RNNThLMlIzZmZxTnprM0Y2Vmcyc1B1Z0lpMHd4Z0hGNjNxN2pYRUlBMk0zcmJOZDlXRFpKTTA5TE82cGJXQUx6N0xzMGZNQWtpZUhCTWNudUlBaHJOakgzWm9IZEpZZnU1UjhuYUFNRXVBUUlITjZSSE5qMTNMZWw4QnVBQzl4S3RrZWVVZHFMdnNqSFpnMWZqcjRnSGF2ZmpOWEdVUW90UVk1cXRWNjF2UVVoZ090bVBwUnVDYzRiZW8rTE9EdmFXRVVmVUNmUStyNm1ldGFHLzRxZXE2eEd5TnpveDArT0s2Q0JJR0JyTTFTNEF0U085b3d0L3lPNWx1TmZHM09nSzRSRE8yN3k2eWwvdGE1VlAwZEkxNlRCSUM1NmdtdWlFaklWM3c2VlV1Yk5NM1l1aXRpaGdkekRRPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=646589179&sid=202205041127128095d1f95df6c032e6 Page URL
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=bodfeld-apotheke.de&s1=721614&s2=&s3=646589179&s5=cf Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D8048467f0c8f62f0a4adef2eda0e06f9%26url%3Dhttps%253A%252F%252Fwww.bodfeld-apotheke.de%252F&h=249a525973f1bbf215203ecda59643f3 Page URL
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=8048467f0c8f62f0a4adef2eda0e06f9&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F HTTP 302
https://www.awin1.com/cread.php?awinmid=17298&awinaffid=101248&clickref=at107999_a180536_m12_p134708_cDE_s8048467f0c8f62f0a4adef2eda0e06f9 HTTP 302
https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://remote.capitalpone.com/ HTTP 302
https://remote.capitalpone.com/ HTTP 302
http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D646589179%26sid%3D202205041127128095d1f95df6c032e6&s=j&enc=3BUTuNSxJUpFljtzO8PZy349flRDZ3ZCNjFNdE5OUjZZYmExYy90elhoeVFVWjBPT3pjeTZQb1kvQ0VBNkxJc3JuVkh1ajZFb1dkdE1DSnpkZE1kZlRKeDJLRVM3ZXlMMDNqcmpiWnZtTVlsbHZiQ3pWdEJ6NTRxQUQ4a2hDdXJvY0N5SEtFQXg3L1ltdEpucytraXI3elV6d3BMWXp4TjNXa1oreVlGNWQzOTNKY3Q5SzNmWlRVSUo2c0FkQjlZby9RL0NmcVJZbFpxV2pUWUE0UHNPYkpuOWtuakVJaU56eG9tVFdvOWtaNXZHS242M3ZYL2Q4bm42S0dKd0dlWTRqVlorOGVwVitmNGY0Q285MzhpdkU1dkZKRFN1TlRqSUJ3Q2NOWU9VR2dwWkMxUUh4NDVxd0JmcFNwWXdGMDlpOHVoV2lUUWhsUDlxV2VLME9tRVk0aDBTOEdWU3VMTzJqOGFHNjI5WnI3VXczeHFJQVpiSEluVytSb3ZQWHU0VDdtdk9rQllBVm9IWGZPRHF2WVdEU0Y0OEpJL0ZyTEpuc25mbGE0K0dZanptYTBsY1VjQVhYemtDK21wMzNuWERXVHV4VVVqM3M5Sko2MjFvN1MzdWNGREFpZ255QkdtSTZ4TFJha2ZheFlQZG05ZzFneVNwUXhOWG9lK3hpUnREZUdFZHIxNmVtS0tiTGtoUTlWdEUyNHc0Um4xSG0zK25xSkhDZnVKYmZ0YzVRSWU1NWNiMGZ5VE1BTEUxaVpZWVVkd1RNNThLMlIzZmZxTnprM0Y2Vmcyc1B1Z0lpMHd4Z0hGNjNxN2pYRUlBMk0zcmJOZDlXRFpKTTA5TE82cGJXQUx6N0xzMGZNQWtpZUhCTWNudUlBaHJOakgzWm9IZEpZZnU1UjhuYUFNRXVBUUlITjZSSE5qMTNMZWw4QnVBQzl4S3RrZWVVZHFMdnNqSFpnMWZqcjRnSGF2ZmpOWEdVUW90UVk1cXRWNjF2UVVoZ090bVBwUnVDYzRiZW8rTE9EdmFXRVVmVUNmUStyNm1ldGFHLzRxZXE2eEd5TnpveDArT0s2Q0JJR0JyTTFTNEF0U085b3d0L3lPNWx1TmZHM09nSzRSRE8yN3k2eWwvdGE1VlAwZEkxNlRCSUM1NmdtdWlFaklWM3c2VlV1Yk5NM1l1aXRpaGdkekRRPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=646589179&sid=202205041127128095d1f95df6c032e6

Request Chain 84

https://hal9000.redintelligence.net/retarget?a=52197&version=1 HTTP 302
https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1

Request Chain 98

https://secure.adnxs.com/seg?add=19901050&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19901050%26t%3D2

Request Chain 99

https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent= HTTP 302
https://secure.adnxs.com/seg?add=19609390&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19609390%26t%3D2

Request Chain 100

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 101

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=1 HTTP 302
https://as.ad4m.at/ad/dpe?b=CAESEBLxtlxxzL6cdJEwB4t72EI&a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=1&google_cver=1

Request Chain 104

https://ih.adscale.de/tpui?tpid=25&tpuid=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dcd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk%26b%3D__ADSCALE_USER_ID__%26c%3D6 HTTP 302
https://ih.adscale.de/tpui?tpid=25&tpuid=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dcd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&uu=00aea780341c4138b4d6dd84f72a7a3b HTTP 307
https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&b=412e1d9485ade7372c3fdae006764d899772312567c8d4123a5eaf7dddbfd80f&c=6

Request Chain 105

https://pixel.onaudience.com/?partner=234&mapped=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1

Request Chain 106

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dcd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk%26c%3D9%26b%3DSMART_USER_ID HTTP 302
https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=9&b=2223039355776407520&gdpr=0&gdpr_consent=

Request Chain 107

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&C=1

Request Chain 109

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dcd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk%26b%3D%25userid%25%26c%3D7 HTTP 302
https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&b=fad188c19fed4f350374d202cd13ba1494995f13cf77372b2d1b0c060dbc1&c=7

Request Chain 116

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 117

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2681485383080.04 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKzKnLXYxPcCFYvS1QodMrEKyQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2681485383080.04

Request Chain 118

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6463474565044.566 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CIiLn7XYxPcCFdgfBgAdL3MPEA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6463474565044.566

Request Chain 145

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=854029444722&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D52197%26version%3D1%26redirected%3D1 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=854029444722&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D52197%26version%3D1%26redirected%3D1

147 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

http://remote.capitalpone.com/
https://remote.capitalpone.com/
http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE4...

4 KB
2 KB

711ms
176ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 40db96f72a3e005400fc3b5cc67edb0ced9fb4d635ec487c62c4b92631f54005

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 2058
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 May 2022 01:27:13 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 May 2022 01:27:12 GMT
Location: http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 177ms
177ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.25 (Debian)
ETag: "383-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 334ms
168ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.38 (Debian)
ETag: "27ef-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 351ms
180ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=3BUTuNSxJUpFljtzO8PZy349flRDZ3ZCNjFNdE5OUjZZYmExYy90elhoeVFVWjBPT3pjeTZQb1kvQ0VBNkxJc3JuVkh1ajZFb1dkdE1DSnpkZE1kZlRKeDJLRVM3ZXlMMDNqcmpiWnZtTVlsbHZiQ3pWdEJ6NTRxQUQ4a2hDdXJvY0N5SEtFQXg3L1ltdEpucytraXI3elV6d3BMWXp4TjNXa1oreVlGNWQzOTNKY3Q5SzNmWlRVSUo2c0FkQjlZby9RL0NmcVJZbFpxV2pUWUE0UHNPYkpuOWtuakVJaU56eG9tVFdvOWtaNXZHS242M3ZYL2Q4bm42S0dKd0dlWTRqVlorOGVwVitmNGY0Q285MzhpdkU1dkZKRFN1TlRqSUJ3Q2NOWU9VR2dwWkMxUUh4NDVxd0JmcFNwWXdGMDlpOHVoV2lUUWhsUDlxV2VLME9tRVk0aDBTOEdWU3VMTzJqOGFHNjI5WnI3VXczeHFJQVpiSEluVytSb3ZQWHU0VDdtdk9rQllBVm9IWGZPRHF2WVdEU0Y0OEpJL0ZyTEpuc25mbGE0K0dZanptYTBsY1VjQVhYemtDK21wMzNuWERXVHV4VVVqM3M5Sko2MjFvN1MzdWNGREFpZ255QkdtSTZ4TFJha2ZheFlQZG05ZzFneVNwUXhOWG9lK3hpUnREZUdFZHIxNmVtS0tiTGtoUTlWdEUyNHc0Um4xSG0zK25xSkhDZnVKYmZ0YzVRSWU1NWNiMGZ5VE1BTEUxaVpZWVVkd1RNNThLMlIzZmZxTnprM0Y2Vmcyc1B1Z0lpMHd4Z0hGNjNxN2pYRUlBMk0zcmJOZDlXRFpKTTA5TE82cGJXQUx6N0xzMGZNQWtpZUhCTWNudUlBaHJOakgzWm9IZEpZZnU1UjhuYUFNRXVBUUlITjZSSE5qMTNMZWw4QnVBQzl4S3RrZWVVZHFMdnNqSFpnMWZqcjRnSGF2ZmpOWEdVUW90UVk1cXRWNjF2UVVoZ090bVBwUnVDYzRiZW8rTE9EdmFXRVVmVUNmUStyNm1ldGFHLzRxZXE2eEd5TnpveDArT0s2Q0JJR0JyTTFTNEF0U085b3d0L3lPNWx1TmZHM09nSzRSRE8yN3k2eWwvdGE1VlAwZEkxNlRCSUM1NmdtdWlFaklWM3c2VlV1Yk5NM1l1aXRpaGdkekRRPQ%3D%3D&rand=0.18413549755463787
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:14 GMT
Server: Apache/2.4.38 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

r6
clever-redirect.com/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D646589179%26sid%3D202205041127128095d1f95df6c032e6&s=j&enc=3BUTuNSxJUpFljtzO8PZy349flRDZ3ZCNjFNdE5OUjZZYmEx...
https://clever-redirect.com/s/r6?s=721614&s3=646589179&sid=202205041127128095d1f95df6c032e6

329 B
677 B

118ms
37ms

Document
text/html

78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clever-redirect.com/s/r6?s=721614&s3=646589179&sid=202205041127128095d1f95df6c032e6
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: http://1redirc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 329
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 01:27:15 GMT
referrer-policy: no-referrer
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 May 2022 01:27:14 GMT
Location: https://clever-redirect.com/s/r6?s=721614&s3=646589179&sid=202205041127128095d1f95df6c032e6
Server: Apache/2.4.38 (Debian)

GET
H2 200 a Show response
lookandfind.me/s/ 437 B
604 B 110ms
40ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=bodfeld-apotheke.de&s1=721614&s2=&s3=646589179&s5=cf
Requested by: Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=646589179&sid=202205041127128095d1f95df6c032e6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash: 329440ae25d401c033b1cb591fe16a0019429a6cb89853fbc3997656c03fb047

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 437
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 01:27:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by: PHP/7.4.24

GET
H2 200 r
lookandfind.me/s/ 353 B
383 B 32ms
29ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D8048467f0c8f62f0a4adef2eda0e06f9%26url%3Dhttps%253A%252F%252Fwww.bodfeld-apotheke.de%252F&h=249a525973f1bbf215203ecda59643f3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Referer: https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=bodfeld-apotheke.de&s1=721614&s2=&s3=646589179&s5=cf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 353
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 01:27:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by: PHP/7.4.24

GET
H2

200

Primary Request / Show response
www.bodfeld-apotheke.de/
Redirect Chain

https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=8048467f0c8f62f0a4adef2eda0e06f9&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F
https://www.awin1.com/cread.php?awinmid=17298&awinaffid=101248&clickref=at107999_a180536_m12_p134708_cDE_s8048467f0c8f62f0a4adef2eda0e06f9
https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

1 MB
74 KB

905ms
676ms

Document
text/html

2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Requested by

Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D8048467f0c8f62f0a4adef2eda0e06f9%26url%3Dhttps%253A%252F%252Fwww.bodfeld-apotheke.de%252F&h=249a525973f1bbf215203ecda59643f3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

33d47658382029c8aa4d16ea7d947b455b06ea880dd88a1f8333f1e3975a58a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D8048467f0c8f62f0a4adef2eda0e06f9%26url%3Dhttps%253A%252F%252Fwww.bodfeld-apotheke.de%252F&h=249a525973f1bbf215203ecda59643f3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0 max-age=0, must-revalidate, public, s-maxage=604800
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 01:27:16 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT Wed, 04 May 2022 01:27:16 GMT
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding Cookie Authorization
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Allow: GET
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Wed, 04 May 2022 01:27:15 GMT
Location: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 85ms
33ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,700,400italic,600italic,600,700italic&subset=latin,latin-ext

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

914f315058536cfbad727dce21a3ed7af76029a027faa8ab1fb2b9fd30a0cc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 May 2022 01:27:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 May 2022 01:27:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 May 2022 01:27:16 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
7 KB 77ms
30ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632
age: 6544386
cdn-cachedat: 12/13/2021 21:25:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cf-ray: 705d73f848ec68f8-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.min.b88e4352.css
www.bodfeld-apotheke.de/assets/master/tmp/ 211 KB
38 KB 72ms
71ms Stylesheet
text/css 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bodfeld-apotheke.de/assets/master/tmp/main.min.b88e4352.css

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cf61c72d82b3c02a06add82834aac80a82c9993bcc210c9560d35a67bb83a8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 31 Dec 2021 09:18:29 GMT
etag: W/"61cecae5-34bcb"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: public, max-age=7776000, s-maxage=86400
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 main.min.9755d7ca.js Show response
www.bodfeld-apotheke.de/assets/master/tmp/ 346 KB
119 KB 50ms
49ms Script
application/javascript 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bodfeld-apotheke.de/assets/master/tmp/main.min.9755d7ca.js

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

b2c2b920801871ee2f536bc0ed4b241d21b0d14bf0b4d17d59349fd40397e953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 31 Dec 2021 09:18:29 GMT
etag: W/"61cecae5-567ef"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=7776000, s-maxage=86400
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 tp.widget.sync.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 1 KB
1 KB 69ms
22ms Script
application/x-javascript 99.86.4.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-77.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 74428
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 03 May 2022 04:46:48 GMT
content-length: 712
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Feb 2022 14:34:25 GMT
server: AmazonS3
etag: "a148992a7b15dc7e6a9fa9d5e18e4368"
content-type: application/x-javascript
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: CAAV0CcsKH57YhPi-fuqnZ1V3fkOZ9rNOgRh-slu1tWJL50__ojGgQ==

GET
H2 200 Bodfeld-Apotheke-Logo-neu.jpg
www.bodfeld-apotheke.de/documents/logo/ 3 KB
4 KB 23ms
23ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/logo/Bodfeld-Apotheke-Logo-neu.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e7c6e12b4bab558729afedf64947836ae9ff0f54f07045cab98b7727cc84a2e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "ece3e30f2e97491fd0619900c5c27a9547f1749e"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 3574
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 Mail.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Symbole/ 276 B
463 B 34ms
28ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Symbole/Mail.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 96b5782233cedc416f21ccd27fade5959a0e4b407e8bf6e4cca01be91858f066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "c57a376f51d47d249cc32f3918538dbcb6b2913c"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 276
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 2022-05-Magendarm
www.bodfeld-apotheke.de/documents/products/Statisch/BannerMIXED/ 44 KB
45 KB 114ms
107ms Image
image/jpeg 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bodfeld-apotheke.de/documents/products/Statisch/BannerMIXED/2022-05-Magendarm?ver=1649058516

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

7b0a1202cd832918a79a2bb4b73d39e2975bc523ac072db14127eac030579c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
referrer-policy: same-origin
last-modified: Mon, 02 May 2022 07:13:55 GMT
etag: "b0a3-5de0222966190"
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 45219
x-content-type-options: nosniff, nosniff

GET
H2 200 2022-05-Hylovision.png
www.bodfeld-apotheke.de/documents/products/Statisch/BannerMIXED/ 36 KB
36 KB 40ms
33ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/BannerMIXED/2022-05-Hylovision.png?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 854f8507e0f3b9561d33b576e6abcce8f500522e0e4e3db0a858b1e3807773ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "c3615563b4be092e640df35f2ef7b469b03ee7e7"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 36448
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 Cetirizin_ratiopharm_780x350px-min.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/BannerMIXED/ 34 KB
35 KB 38ms
31ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/BannerMIXED/Cetirizin_ratiopharm_780x350px-min.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ea8a271335eb5ff72079414ac2224efd2e44eb27c226c7b9473b031b497d6d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "5f9fa9dd07f9716efe8de99dd263cfb59718150d"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 35098
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 16929620.jpg
www.bodfeld-apotheke.de/documents/products/Listenansicht/ 2 KB
2 KB 39ms
32ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Listenansicht/16929620.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: c1902fe3c52c52bf2dc573a862103c832ed749412a317be988c92f00437e2235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "b0b0010200c344be443e95172fef6ec6172bd0f3"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 1726
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 00999848.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 2 KB
2 KB 41ms
35ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/00999848.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: f497809327084b83a361d89dbf10a61a4e0a27dbfddc3cedf09c891a01029358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "bfedd379f83ab6ef8cd1aebef3a43e03d2d0c898"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 1600
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 03105998.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 2 KB
2 KB 42ms
34ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/03105998.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a6bf370778a9d525faec48a9dcbfa0ef369a350d04607126003e54ab191514f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "75db577fc70438dd6ebd7d69114379cf8649cf0c"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 2050
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 17157007_1.jpg
ixxilon.mauve.de/120/ 2 KB
2 KB 123ms
25ms Image
image/webp 54.37.201.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ixxilon.mauve.de/120/17157007_1.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.201.1 , France, ASN16276 (OVH, FR),
Reverse DNS: ip1.ip-54-37-201.eu
Software: /
Resource Hash: 8dbb99acb3ed3a99466b9cfea5ea5a22fa1c17e9716b1bac1335292d73e61031

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "14f7fbd70962a5116df5c4a6c86448eda3cff3d7"
vary: Accept
content-type: image/webp
cache-control: max-age=1209600,s-maxage=86400,public
x-mauve-image-optimization: 1
x-mauve-image-size: 120x120
content-length: 1850
expires: Wed, 18 May 2022 01:27:16 GMT

GET
H2 200 11697286.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 2 KB
2 KB 42ms
35ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/11697286.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: af3dd3b444144f58657cee6e40a2ae985a2e8110b4f9d4b40db5dc46e8e360dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "9125fab7a52f739ed10318b04f7093d649b561c9"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 2350
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 10090197.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 2 KB
2 KB 40ms
33ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/10090197.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3e3e39309fe640e577e0f0051d2e1018a583ebc7a8cf81febaae23e03ce63c32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "7e1479ccfeba945fc9090f872645f4cbc23560ba"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 2270
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 01830229.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 3 KB
3 KB 41ms
34ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/01830229.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: b2a320228c29c5a10143041e536dab47a5ea54dabad90cbb1dd9ec40a16bb67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "4065f69fb1219711cd1e473f617fe8099eac58fc"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 2628
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 10916160.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 1 KB
2 KB 51ms
45ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/10916160.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9bafd53269c52b6125efbcc797842ab430765c4980b1620a17372671780b019a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "1c77fb6404d358af36d36378abbcda7dabcd2187"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 1534
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 13748591.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 2 KB
2 KB 52ms
45ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/13748591.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 836f5abd1ff40a22a428f7e03a634c9f4e395a3d14347d9703326e67ccf8fda1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "a5a63e85514e1649fabb176f50ea57de7964d3ef"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 1844
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 16622146.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 3 KB
4 KB 57ms
50ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/16622146.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407323faf5688c2ed75ba5406b0d66cd17c7fd5c0283c3f02962f9e386333f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "2a44eb6d7893fc91fa7145eb560ca8a9caab965a"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 3542
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 16359884.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 3 KB
4 KB 56ms
50ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/16359884.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 277fa02748ec163605ff6785196a836c3317bbcd1c34c10be50272acc66daaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "6b98645d9ca3fb280156d8b79c30ff4a766988b8"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 3460
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 12894008.jpg
www.bodfeld-apotheke.de/artikelbilder/120/ 2 KB
2 KB 56ms
49ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/artikelbilder/120/12894008.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 717b6d15a303d3e6452edaf1f7ac5303f36c380a3b1eecf7bfe6a1003cdfcdd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "678d6e6bef8ed367a11ea736f307c688bd55b542"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 2212
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 Abstand_rechte_Spalte_3px.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Sidebar/ 44 B
230 B 55ms
48ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Sidebar/Abstand_rechte_Spalte_3px.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: b29344f8c6b9555faa56b4f2566e3abcdacf9f5ca265336aa6a9e1215c89e1b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "c07c0ed1527d83847a8bd263851174fb3d871de3"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 44
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 f_logo_RGB-Blue_80.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Sidebar/ 1 KB
1 KB 57ms
51ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Sidebar/f_logo_RGB-Blue_80.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ce495e5b4ff0dda8948e06ef347c4c0db604ed7379aed3bd781eb34fb7698a88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "28bd6d2dcbe791a7e05d6eacca6bffa85e0d3211"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 1220
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 IG_Glyph_Fill_80x80.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Sidebar/ 1 KB
2 KB 58ms
52ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Sidebar/IG_Glyph_Fill_80x80.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2f61053867492fd86e9f95c925567ba2bb4ec96b828e9b64727d9721600897d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "915b09804be1417bac846b7360ce2aad9fef72c7"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 1418
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 banner_rezept.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Sidebar/ 4 KB
4 KB 50ms
44ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Sidebar/banner_rezept.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 26cdc8b5efc71f35a05f389447467321db4c2972daf26cc402122d4713fff910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "b4bd4b758f556a8338fe4d5ee430213e103df48c"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 3774
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 Banner_rechte_Spalte_v1.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/ 6 KB
6 KB 55ms
49ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Banner_rechte_Spalte_v1.jpg?ver=1649058516
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 656b1941d8b9fb2a811f698f12767ba8d309a51a81f438877b85749d5a775bf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "cee13a6cb954934c03c349f0ae8da2cda4c7a8fa"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 6068
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 Paypal_Mix_Logo.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Bilder%20CMS/Footer/Zahlung/ 3 KB
3 KB 51ms
45ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Bilder%20CMS/Footer/Zahlung/Paypal_Mix_Logo.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3198a3b8c685c31718cacaf350fa0dd5e965271535e8105f09362028ab0ff596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "4dd4ac03c4cfea56bbee4c588c22b49ab5791b9e"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 3024
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 klarna-logo-min.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Zahlarten/ 936 B
1 KB 54ms
48ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Zahlarten/klarna-logo-min.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1bca7b5df6ba289ad8aeed7c9b6621f5d53ae6c444fca7a639ac3ff1ea438361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "0870e8d958c547990cf8099ac29ea3a50c6dda38"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 936
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 Amazon_pay_White-XL.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Bilder%20CMS/Footer/Zahlung/ 2 KB
2 KB 55ms
49ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Bilder%20CMS/Footer/Zahlung/Amazon_pay_White-XL.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 35087c396da7fd0519fe496b2afa94929825ec5ed6227a7295aaf614bc08e3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "2119631257ce56c1fe4d3a8c53be2084d06b8586"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 1838
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 Vorkasse_Icon_4.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Bilder%20CMS/Footer/Zahlung/ 890 B
1 KB 53ms
47ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Bilder%20CMS/Footer/Zahlung/Vorkasse_Icon_4.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ac0f6dc96d0244ef2d800bfed4de93430538560c1add86605db6684761cddf07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "874142980885d396c2d1c188efd6ab715d6e78a2"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 890
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H/1.1 200
OK s1_rating_extern2.png
img.idealo.com/folder/Shop/24/0/24058/ 6 KB
7 KB 91ms
26ms Image
image/png 62.146.17.87
IPX-AS15598

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.idealo.com/folder/Shop/24/0/24058/s1_rating_extern2.png
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.146.17.87 Schwandorf in Bayern, Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS: i-65cb9712-origin-cdn.idealo.com
Software: Apache /
Resource Hash: a1a58adf173104ceca1ec1c9ddbb12d7581ef2eec179d5781a665f43277c5e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 23:50:57 GMT
Via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront), 1.1 img.idealo.com.ipc00.pro00.eu.idealo.com, 1.1 varnish (Varnish/6.0)
X-Amz-Cf-Pop: FRA53-C1
x-amzn-RequestId: a9d087a3-9d21-4c0b-804f-ee2e0fe83808
X-Cache: Miss from cloudfront
x-url: /folder/Shop/24/0/24058/s1_rating_extern2.png
Connection: keep-alive
x-amz-apigw-id: RkrrLHzEliAFvJA=
Content-Length: 6097
Server: Apache
X-Amzn-Trace-Id: Root=1-6271bfe0-1e162da84470bb626282a856;Sampled=0
X-Robots-Tag: noindex
X-Varnish: 134167648 144349214
Cache-Control: public, max-age=7200
Accept-Ranges: bytes
Content-Type: image/png
X-Amz-Cf-Id: zqa5fkY1od6YbxI8OpM6L8FPueDuZQtDY2O9bLSzUc0Os9XfafcIVQ==
Expires: Wed, 04 May 2022 01:50:57 GMT

GET
H2 200 172
www.medizinfuchs.de/medizinfuchs-siegel-150/id/ 13 KB
14 KB 155ms
55ms Image
image/gif 52.57.224.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medizinfuchs.de/medizinfuchs-siegel-150/id/172

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.224.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-224-53.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

447e6e6dc2d261dd629d16b58e47d417901a93b9d22887d926fb03889d28365c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Jul 2018 14:47:31 GMT
server: Apache/2.4.41 (Ubuntu)
vary: User-Agent,Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
x-host: 10.20.3.237
strict-transport-security: max-age=31536000
x-parsetime: 0.0207
content-length: 13052
x-xss-protection: 1; mode=block
expires: Wed, 11 May 2022 01:27:16 GMT

GET
H2 200 Apomio-Medikamenten-Preisvergleich_Partner-Logo.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/ 2 KB
2 KB 56ms
51ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Apomio-Medikamenten-Preisvergleich_Partner-Logo.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ff4c1653942e37b7e9f3f2247e1387f82af3321947e18690c450297e066ee2c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "126c712f5bb99b9a6372c47a19b7c69f4e3c1050"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 1858
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 partnerapotheke-sparmedo.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/ 3 KB
3 KB 55ms
50ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/partnerapotheke-sparmedo.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 11f2cc3de973f89bf1860ea5269e3bfaae858a7e458af1611cf345790fa4129c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "2843699b6f8413177ba151ec4b7566fd6985ebec"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 2790
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H/1.1 200
OK siegel_110.gif
www.medipreis.de/assets/img/siegel/ 7 KB
8 KB 120ms
28ms Image
image/gif 2a01:4f8:210:11a9::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medipreis.de/assets/img/siegel/siegel_110.gif

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:210:11a9::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

acabef44737ae4a2904d81f8092d07396134478c6ca54b701f78658decd8cfd2

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; base-uri 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:16 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7324
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin
Last-Modified: Mon, 10 Nov 2008 18:20:16 GMT
Server: Apache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif
Cache-Control: max-age=15552000
Content-Security-Policy: object-src 'none'; base-uri 'none'; form-action 'self'; frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Mon, 31 Oct 2022 01:27:16 GMT

GET
H2 200 PreisDE%20Logo.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Bilder%20CMS/Footer/ 2 KB
2 KB 56ms
51ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Bilder%20CMS/Footer/PreisDE%20Logo.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9c169fb4bd3757c9b71e5860dc4b108b2f5d54ea6deb7eccd76eecc07cf92c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "413fa069ddafd64ac1df7ac78573dda30dca319b"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 1606
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 geizhals_logo.gif
www.bodfeld-apotheke.de/documents/products/Statisch/Seite%20Allgemein/ 3 KB
3 KB 56ms
52ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Seite%20Allgemein/geizhals_logo.gif
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 51068d6b77959de746655230a7303db5c08cbc2d1085815a8cdad0e16c7980f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "a4ff221c3f9be4c60e2e3bcaf98a49e53411fb10"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 2874
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 Dimdi%20Logo.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Seite%20Allgemein/ 8 KB
8 KB 58ms
54ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Seite%20Allgemein/Dimdi%20Logo.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d2cc5a9c7e606ad4a5632e886a561a0313ff5e05bfb8de1c8dc0fb0da8e6ba72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "05207547aa14e0ebc93c5167980d1a283f4321d3"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 8374
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 Gruenstempellogo-freigestellt.jpg
www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Logos/ 10 KB
10 KB 58ms
54ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Shop%20neu/Logos/Gruenstempellogo-freigestellt.jpg
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 286834772de1f864b85e160c46eef3fb8209305dad915543e787e19ca34390ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "f7ff858a8d036bbb0c751994aa0c72256d20fb3f"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 10252
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 EU-Sicherheitslogo-TAM_1.png
www.bodfeld-apotheke.de/documents/products/Statisch/Sicherheit/ 2 KB
3 KB 58ms
54ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Sicherheit/EU-Sicherheitslogo-TAM_1.png
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6f163a8d6c114ad781b91abecced92bb0c5e5b3c9ffcaf97fd625f5f97b61eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "154b35350a52920c5c954a9bfa562b19382ec2e5"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 2440
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H2 200 ssl-certificate-ohne-zackenrand.gif
www.bodfeld-apotheke.de/documents/products/Statisch/Seite%20Allgemein/ 6 KB
6 KB 58ms
55ms Image
image/webp 2001:41d0:700:2f40::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bodfeld-apotheke.de/documents/products/Statisch/Seite%20Allgemein/ssl-certificate-ohne-zackenrand.gif
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:700:2f40:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d9a45b47c784d0c34280090ecf47a74bad6517e03cdb8946865ac6529727b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
etag: "163be6848332786a7fba17f744fec8d2fd7ef889"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000,public
x-mauve-image-optimization: 1
content-length: 6386
expires: Fri, 03 Jun 2022 01:27:16 GMT

GET
H/1.1 200
OK 2022-05-Gingium.jpg
bodfeld1.ix.dus.m-eshop.de/shops/0014921-K/admin/dokumente/artikel/Statisch/BannerMIXED/ 56 KB
57 KB 186ms
40ms Image
image/jpeg 2a07:a40:0:700::4
MAUVE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bodfeld1.ix.dus.m-eshop.de/shops/0014921-K/admin/dokumente/artikel/Statisch/BannerMIXED/2022-05-Gingium.jpg

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a07:a40:0:700::4 , Germany, ASN48821 (MAUVE, DE),

Reverse DNS

Software

Apache /

Resource Hash

ecf1c6d562d695aa2055cc28ec14628652df26abe77f89dd25b3fb03a33a2247

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:16 GMT
Last-Modified: Mon, 02 May 2022 07:10:31 GMT
Server: Apache
ETag: "e1c9-5de0216798ac0"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 57801

GET
H2 200 kias-bodfeld.js Show response
js.kctag.net/ 91 KB
91 KB 156ms
93ms Script
application/javascript 52.57.38.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.kctag.net/kias-bodfeld.js
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.38.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-38-189.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.1 /
Resource Hash: 09bc290498f9af334f34c170a5cb73ae5b4f154b05acf3c63b41edfd90f74280

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jan 2022 16:56:32 GMT
server: openresty/1.19.3.1
x-amz-cf-pop: DUS51-P2
etag: "35d13781c9300153f11d780636cef7ed"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
x-amz-version-id: gxqFEQNojg3MAv0PG8NMiW62BLZXUt9M
cache-control: max-age=60
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 92696
x-amz-cf-id: bOFVEtYbfp7iTyTCikMvRS2XXXquu7Fa4aO-B-EqM5WF2zADG-LFbQ==

GET
H2 200 Widgets.js Show response
static-eu.payments-amazon.com/OffAmazonPayments/de/lpa/js/ 296 KB
91 KB 89ms
24ms Script
application/x-javascript 99.86.4.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-eu.payments-amazon.com/OffAmazonPayments/de/lpa/js/Widgets.js
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-37.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c03f3c8bb2a6876ba1c5e8fd9650f0fe539bb240ec14f71e5833213a5c8fb591

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: JjsIhxrRsGTfjKaPT2w83qWJZ1OrYuFn
content-encoding: gzip
last-modified: Tue, 03 May 2022 04:09:03 GMT
server: AmazonS3
age: 860
etag: W/"4158ff6152dfde984dabfce8653c1682"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
cache-control: max-age=1200,public
date: Wed, 04 May 2022 01:12:57 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 0uspEv3ECq17hd6Olf9BZS1uos-98usTuy4exsysihcX5owCGP-yuw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 74ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,700,400italic,600italic,600,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 9706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:45:30 GMT

GET
H/1.1 200
OK rum.js Show response
rum.mauve.eu/ 7 KB
3 KB 167ms
38ms Script
application/javascript 2a07:a40:0:300::4
MAUVE

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.mauve.eu/rum.js

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a07:a40:0:300::4 , Germany, ASN48821 (MAUVE, DE),

Reverse DNS

Software

Apache /

Resource Hash

30766f7163277bd345138dcd51eaac2920fdc1f124f866d7123986bf9f197540

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 2269
x-xss-protection: 1; mode=block
Last-Modified: Sat, 14 Aug 2021 04:28:31 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1cc0-5c97d66839021-gzip"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, s-maxage=86400, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 60ms
33ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 5584589
cdn-proxyver: 1.02
cdn-cachedat: 01/30/2022 20:52:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64464
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5e5092ac6751ff3ef1b0194b3ded0bf9
accept-ranges: bytes
cf-ray: 705d73f91b455b26-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 31ms
30ms Script
application/x-javascript 99.86.4.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-77.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b99590413d5e22ce7b94d73504a5f39b600e5cb766bee40ae2b80427add977a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 78805
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 03 May 2022 03:33:52 GMT
content-length: 6094
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Feb 2022 14:34:25 GMT
server: AmazonS3
etag: "7994b24c56b0cf0251f3a2dd842273be"
content-type: application/x-javascript
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: ZHS3tCXlv7badV0WwSBMSlKEf_E5L_JfUkWvGL1WYJzX0QjjHmiynA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
76 KB 95ms
41ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W56GVL

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a6b70f7ccb60d1e7e43d1734e56446148bab01b2e799feb30173e9cc038e996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77169
x-xss-protection: 0
last-modified: Wed, 04 May 2022 00:21:06 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 May 2022 01:27:16 GMT

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/ Frame 34B6 13 KB
3 KB 22ms
22ms Document
text/html 99.86.4.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=48736265000064000502d917

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-77.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e0bde5b77f298483ae35e9afa2c71dd9de11fd9e528fcf0c89453f245bf15e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 77708
cache-control: max-age=86400
content-encoding: gzip
content-length: 3103
content-type: text/html
date: Tue, 03 May 2022 03:52:35 GMT
etag: "7c645b4a2aad5230b459bda2baff2268"
last-modified: Mon, 21 Mar 2022 13:48:22 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: E1GhMviU1dDpFX_AO7a2q96BJ0AozBXW40yBlvhZP14AJokZ0YVeVA==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK aut.js Show response
aproxy.ksgct.de/js/ 9 KB
10 KB 85ms
24ms Script
application/javascript 78.47.227.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aproxy.ksgct.de/js/aut.js
Requested by: Host: js.kctag.net
URL: https://js.kctag.net/kias-bodfeld.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.47.227.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.103.227.47.78.clients.your-server.de
Software: openresty/1.17.8.2 /
Resource Hash: 000eee67db3387fcec6cb57d9252cb4cc1f90f6958be4b12dfff6392674140f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 04 May 2022 01:27:17 GMT
Server: openresty/1.17.8.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK srp.js Show response
aproxy.ksgct.de/js/ 82 KB
82 KB 109ms
48ms Script
application/javascript 78.47.227.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aproxy.ksgct.de/js/srp.js
Requested by: Host: js.kctag.net
URL: https://js.kctag.net/kias-bodfeld.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.47.227.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.103.227.47.78.clients.your-server.de
Software: openresty/1.17.8.2 /
Resource Hash: 49f3de6b7dc9a80d6876259b6254adca2d3b30de6bd3e26c2ebf029275a630c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 04 May 2022 01:27:17 GMT
Server: openresty/1.17.8.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK sessionstabilizer Show response
payments-de.amazon.com/gp/widgets/ 91 B
1 KB 376ms
92ms XHR
application/json 54.239.35.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-de.amazon.com/gp/widgets/sessionstabilizer?countryOfEstablishment=DE&ledgerCurrency=EUR&isSandbox=false
Requested by: Host: static-eu.payments-amazon.com
URL: https://static-eu.payments-amazon.com/OffAmazonPayments/de/lpa/js/Widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.35.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: fee8e3010708a743ed388151825350a422e5165adf434b5bbde2b0dfb85bb7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:17 GMT
Server: Server
x-amz-rid: W0D89S9WVG4CDF9J5RDN
x-amzn-RequestId: W0D89S9WVG4CDF9J5RDN
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bodfeld-apotheke.de
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 91

GET
H2 200 login.js Show response
static-eu.payments-amazon.com/v2/ 45 KB
14 KB 22ms
22ms Script
application/javascript 99.86.4.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-eu.payments-amazon.com/v2/login.js
Requested by: Host: static-eu.payments-amazon.com
URL: https://static-eu.payments-amazon.com/OffAmazonPayments/de/lpa/js/Widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-37.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f834b98d719e934b7390d992b657bc774fb12c792310dee00230e862a0efb30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: _aCOErWPbeA1xRRcp86uRlIuQGU111Kn
content-encoding: gzip
last-modified: Tue, 03 May 2022 04:08:47 GMT
server: AmazonS3
age: 61
etag: W/"c0a1870541c9295a2d49ab14462fddb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
cache-control: max-age=1200,public
date: Wed, 04 May 2022 01:26:17 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: NMGeNQ6f5gHeT8wZOrgi-nBSFcOra6jhFLTuaNeXhKiWx8ECuUg2Jw==

GET
H2 200 loader.js Show response
app.usercentrics.eu/browser-ui/latest/ 59 KB
20 KB 77ms
23ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56GVL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4c6fa7b8232fec44a9621c5347ad9ce509dc8297e35608095a4399f3d2e297f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 00:39:59 GMT
content-encoding: gzip
age: 2838
x-guploader-uploadid: ADPycduxuXpGGRxl12t4OkZ52wFXPwaPriPhJ6ntLzSg380peEagH8byJacUafDk5ZxOTz6-ek8rxqFnIDNNw_hrvZFpRw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20122
last-modified: Thu, 28 Apr 2022 12:50:56 GMT
server: UploadServer
etag: "ceda3f33dd6c4b6bf4ed66fff1d09f8b"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=/08UuQ==, md5=zto/M91sS2v07Wb/8dCfiw==
x-goog-generation: 1651150255940718
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 20122
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 04 May 2022 01:39:59 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 115ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56GVL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 056AF93C73F94646AD610965F2FE5440 Ref B: FRAEDGE1507 Ref C: 2022-05-04T01:27:17Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 04 May 2022 01:27:16 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 87ms
32ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56GVL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 May 2022 01:27:17 GMT

GET
H2 200 17298.js Show response
www.dwin1.com/ 42 KB
11 KB 148ms
43ms Script
application/javascript 2600:9000:225a:5800:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/17298.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56GVL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:5800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a204dc4aa005f94fc05fa0d413b996162aab0c82614c7d9d58fe1051c9d6f89f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: SKXYldzOuaNY.mP0KV589asLR1vsmvnv
content-encoding: gzip
etag: W/"f1f8f01b46b5f7ab0728731bb35034c5"
age: 576
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 12:10:41 GMT
server: AmazonS3
date: Wed, 04 May 2022 01:27:17 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: QSvunH7QtomIELFqP9gbuPSRvwXr4375PY14sThlWmB5jhP8HK7CEg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 70ms
23ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: 4JfgWWZkizvgP1UEWL3ceTQqIdgfhZh+PhfYPo9rScPnekrYyMiFQWlSjdpFtZm2qT6WHPW8Eq7aPiW8VBauTw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 04 May 2022 01:27:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56GVL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2182
date: Wed, 04 May 2022 00:50:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 04 May 2022 02:50:55 GMT

GET
H2 200 conversion-tracking.js Show response
tracking.s24.com/js/ 2 KB
1 KB 90ms
23ms Script
application/javascript 2a00:12c0:101b:200::19
FILOO-ASN Rhedaer...

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.s24.com/js/conversion-tracking.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56GVL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:12c0:101b:200::19 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),

Reverse DNS

Software

Resource Hash

46b33fc911c3bcc66e91842779791dc97a3c9367839e18c641dfce155518cad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 17 Mar 2022 16:38:46 GMT
etag: "0efe5f338a89e342994feaba98c5add0a"
x-robots-tag: noindex, nofollow
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
p3p: CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
cache-control: max-age=86400, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-type: application/javascript
content-length: 1024

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/ Frame 34B6 80 KB
23 KB 28ms
28ms Script
application/x-javascript 99.86.4.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=48736265000064000502d917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-77.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fc68a100bff8630edcbcf9267f3c4605a95b3cb94d28e82d52148406c6f238ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=48736265000064000502d917
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 80075
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 03 May 2022 03:12:43 GMT
content-length: 23026
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Mar 2022 13:48:24 GMT
server: AmazonS3
etag: "968f1b32986f7b8c7ff662112f3436f6"
content-type: application/x-javascript
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: 0-8MAI4x1lj1LuciUDZE7xU2WLmw1XQMfxYug8j_vVHI4wK056OmAQ==

GET
H2 200 LwA.png
d23yuld0pofhhw.cloudfront.net/default/de/en_GB/live/lwa/gold/small/ 3 KB
3 KB 82ms
22ms Image
image/png 2600:9000:206f:2000:e:5098:9500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d23yuld0pofhhw.cloudfront.net/default/de/en_GB/live/lwa/gold/small/LwA.png
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2000:e:5098:9500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f67548826dedc450d8eafec6a446a5add801ba36088c4bbc621ef8fcb976fce2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 02:51:53 GMT
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jun 2018 00:05:28 GMT
server: AmazonS3
age: 81325
etag: "8ee7c88f05ab861037b7e17c304457f7"
x-cache: Hit from cloudfront
cache-control: max-age=86400,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3219
x-amz-cf-id: YaLgUo20G79RhnajYR5ybEDfBARgc9smcOzL4UteWYhGA0C0sBQ3lA==

GET
H2 200 539ad60defb9600b94d7df2c Show response
widget.trustpilot.com/trustbox-data/ Frame 34B6 7 KB
2 KB 22ms
22ms XHR
application/json 99.86.4.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/539ad60defb9600b94d7df2c?businessUnitId=48736265000064000502d917&locale=de-DE&reviewStars=4%2C5&reviewsPerPage=20

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-77.fra6.r.cloudfront.net

Software

Resource Hash

c064a060be0d570e0e59c77f93126e41f93f1671a920f6ad7ebe0bc167018554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=48736265000064000502d917
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 1397
x-cache: Hit from cloudfront
date: Wed, 04 May 2022 01:14:21 GMT
content-length: 2060
x-xss-protection: 1; mode=block
x-skip-cache-cookie: 0
etag: "df4597cc633b31d10c71577d07078701"
vary: Accept-Encoding
x-fallback-status: BYPASS
content-type: application/json; charset=utf-8
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
cache-control: public,max-age=1800
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: WKnzigQDMNs-cy9hc4XnGkIw4YFv-jgW-PNYiNTUMKNfMrPCtCmxJA==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 34B6 0
308 B 51ms
50ms XHR
text/plain 99.86.4.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=de-DE&styleHeight=500px&styleWidth=100%25&schemaType=Organization&stars=4%2C5&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&referrer=https%3A%2F%2Flookandfind.me%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=48736265000064000502d917&widgetId=539ad60defb9600b94d7df2c

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-77.fra6.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=48736265000064000502d917
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:16 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: iDCEgvFSEJnmNPPbjW3_ll04vntFt9hjzX3uyaaBsmAPzU1HgtMfyA==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxView Show response
widget.trustpilot.com/stats/ Frame 34B6 0
308 B 51ms
51ms XHR
text/plain 99.86.4.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxView?locale=de-DE&styleHeight=500px&styleWidth=100%25&schemaType=Organization&stars=4%2C5&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&referrer=https%3A%2F%2Flookandfind.me%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=48736265000064000502d917&widgetId=539ad60defb9600b94d7df2c

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-77.fra6.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?templateId=539ad60defb9600b94d7df2c&businessunitId=48736265000064000502d917
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:16 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: whesb8DuTBsuAisK7Kn9opTDxcGvePRlS1VlyPmWCxieEPHXHYSjQQ==
x-xss-protection: 1; mode=block

GET
H3 200 715032792273875 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 169ms
145ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/715032792273875?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8014dedf4d29ea7b1773385396309d6852067b013cf518688ff20acf523387a2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ala71mtCtLlCewXMKT0d0BakHGyqUWsDuhrm31BoRwX/xEfYhFoU23w8Ix5OqU3wbPlQRz+8QB6zZ6JNBXWrFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 04 May 2022 01:27:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651627637477
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 index.module.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 263 KB
78 KB 69ms
23ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/index.module.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ef9928ef132ec32f87933303bcffbed07a92b67387f753818fe95219d4528c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:31 GMT
content-encoding: gzip
age: 477166
x-guploader-uploadid: ADPycdtcJsz15PI674Pt77Ost1mz3p9v6OEKWrvG6ztr1MPWUmprTzRDiXFcB23AUMUuA5vPD1YIyRpYriK5U90u98EG
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79748
last-modified: Thu, 28 Apr 2022 12:50:39 GMT
server: UploadServer
etag: "d678a89c4fb07d583cf08ca96569bf75"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=ux3GJw==, md5=1nionE+wfVg88IypZWm/dQ==
x-goog-generation: 1651150239384931
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 79748
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:31 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/850161443/ 3 KB
1 KB 86ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850161443/?random=1651627637401&cv=9&fst=1651627637401&num=1&label=unLMCIyW-HEQo96xlQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Online%20Apotheke%20-%20Arzneimittel%20%26%20Kosmetik%20%7C%20Bodfeld%20Apotheke&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82c650466a941ed39ec1a591cbceab3d57f1b9844e079366d466f1a1b6f3c5ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1167
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/955859150/ 3 KB
2 KB 84ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955859150/?random=1651627637405&cv=9&fst=1651627637405&num=1&label=2SGaCIu0-G8QzoHlxwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Online%20Apotheke%20-%20Arzneimittel%20%26%20Kosmetik%20%7C%20Bodfeld%20Apotheke&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14072bd93c02619cb1856c9a099e9309c9b217ca98674381bb1b5ee166bca1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1167
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5626153.js Show response
bat.bing.com/p/action/ 1 KB
1 KB 174ms
173ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5626153.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8fdf7313d6410e21adfcc8498972bd991d8ef1648909f987b9fcbee0790f8b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F70F82B7AC894005B958B915FC5FB0FF Ref B: FRAEDGE1507 Ref C: 2022-05-04T01:27:17Z
date: Wed, 04 May 2022 01:27:16 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 904

GET
H2 204 0
bat.bing.com/action/ 0
175 B 46ms
46ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5626153&Ver=2&mid=ff4adecd-a821-457d-928e-f808848eaa56&sid=55cd9350cb4911eca4eb1be8e8326bc9&vid=55cdc300cb4911eca7c309e708ca0e6c&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Online%20Apotheke%20-%20Arzneimittel%20%26%20Kosmetik%20%7C%20Bodfeld%20Apotheke&kw=Online%20Apotheke,%20Versandapotheke,%20Arzneimittel,%20Medikamente&p=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&r=https%3A%2F%2Flookandfind.me%2F&lt=1849&evt=pageLoad&msclkid=N&sv=1&rn=804542

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 24F23AC3AB664074961AB4A59FEA59E9 Ref B: FRAEDGE1507 Ref C: 2022-05-04T01:27:17Z
date: Wed, 04 May 2022 01:27:16 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cogsiput.js Show response
ad4m.at/ 33 KB
12 KB 88ms
32ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cogsiput.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/17298.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88df20410ca504c7d5995614ccca10814389d185e0fd2cdc4371dd847e918ea2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash: crc32c=t8qwLQ==, md5=o1hfQuGMWMQC0d0JHqehag==
date: Wed, 04 May 2022 01:27:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35400
x-guploader-uploadid: ADPycdtSWIQTpR8KtneAGurzUbrFlKIMc0pDY-uvU6qJZhmyn5Y6T21mnas1w-kHGl-yA1ywKTWEn_S49doF149HDA4euQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 03 May 2022 15:36:52 GMT
server: cloudflare
etag: W/"a3585f42e18c58c402d1dd091ea7a16a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrmAsLwLAQy5P0K1iDVahfHBeVHzJZoSzXNmIiigAqXi1U%2BJcOv%2Fq%2BzEqk1wHaFlNseLUpiqpTstXNN8oClqoyT1D%2BbkofqJzY9Sg%2Fs5ipSmN0v02iDFBZORubG%2FiUZkj5qYOH0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1651592212039930
content-type: application/javascript; charset=utf-8
expires: Tue, 03 May 2022 15:37:17 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11575
cf-ray: 705d73fe5b719131-FRA
cf-bgj: minify

GET
H/1.1 200
OK data.php Show response
r.adserver01.de/znamh/ 1 KB
1 KB 91ms
26ms Script
application/javascript 212.83.50.108
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.adserver01.de/znamh/data.php?url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&page=home&value=&token=bodfeld_de
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/17298.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.83.50.108 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: nginx /
Resource Hash: d63746b7c0ac2176774b5953d54904aa4688e2a6af8442bd64f4db9a36721be1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK alt.php Show response
www.awin1.com/ Frame 228D 155 B
508 B 58ms
58ms Document
text/html 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/alt.php?mid=17298&sv=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Requested by

Host: www.dwin1.com
URL: https://www.dwin1.com/17298.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2ec1414098ace9cdb263573bea4b4903cf6d983735828af61ca07cad1f7f7fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 140
Content-Type: text/html
Date: Wed, 04 May 2022 01:27:17 GMT
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400
Vary: Accept-Encoding

GET
H/1.1 200 d9core Show response
the.sciencebehindecommerce.com/ 11 KB
4 KB 238ms
48ms Script
application/javascript 52.48.93.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/d9core
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/17298.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.93.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-93-179.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: ef6a2557a326969a36ae948e30726078a79fb240df4be14e36ba0e1c1b08b723

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:17 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: the.sciencebehindecommerce.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 3609

GET
H/1.1

200
OK

retarget Show response
hal9000.redintelligence.net/ Frame 3937
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=52197&version=1
https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1

2 KB
1 KB

140ms
85ms

Document
text/html

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=W%2Fqe5AS1XOqV602IjRs4oX49fm93NFFCWWthQ3NBcE9JbmU5NHdDdjhNYm1VS3lGWmF1c3g4ZDduYjNxdW1ycmdBVDBBOHJHbWw1VEdPQUZZRVpibzBwcjd2M2lwdElJNVJxL0FFQmlaaWtjU3pscThjMFBMcE1DVERBeE42djdNWnVlQ0tSNlkybGRTSjlILzB4ZGY5SERMVEp1aUtUbVpad2pRZG8yTWNpZXh4a3g3a0R0WGtFY0xhVDd3ajJFbWg3WjhkcE1mamJDUnk2VGtrcFRqUEw5emMvbGtYak9VdFkrWFlBcUpPSmhnSjhJdEFYbG50U3FZdFFuc2srSm9JNU9PdmM0c2Y4SUtHeTNzNXdpak1ybTlpdmozYkhkT3FZQkhNMFV4MU5VWCtHQ1JUeVBVWFlTNUJzc0RKd0pXSG1UcVlaY1k1dzBUSWU2bFhJSVgxenUzYjlWbkE0SEdiYnVlVUZIeGpUNkQzZHlxNXV4SmcwK0JHUDhQbjZhaTRJWDBIcENLSjVKL1NUY3NraGFObGNSZ251QjhhRldGQ2xFdlFCUkVpNjhOWEdLakVwKzVONksyWk9RTkl5OXNUWXlMUndDTm9POFNBL0VWVGhjOFZXMUZ6R1NTQnhmNFcwbkpFYUlueWRPcDB2MUw3enBqcXRyNlFpcEpJdHVPenFsVm01enN0MWtjKzROSUpXa1gya0Y3dlVVeXlDdW9GQlZjZkpVL2JZK2FPQ0U1T25XTWlUa0Rab2VNSDl2UVVZNHZ3TXAwUDR3OWlNVnZqMmZGVTFoN1dxN2MxVGwzZlFIQ2lSS0N5SUNkYm00b2FuMzk3b2NBRTVYK29DaWVPelQ4aHBjZGh6YVo2VFhkVVp2eXlzazFzUWF1ek16MDQ4Wmp0NVkycjdETE9TbUVDamV4NUlJRFBobEN1RXFhZ2xROVVGOVdMOWhlbVZkV3pienoreG1YSzRZN3dLYjVVUmlhOXhxbDUzWFdSZ1JvZDV1WUxUWHZFejdWallYMnBFUkJKWnZuNWlBYkxHbDlETWpPVTU5VFR4eHkyc3FSRmgwWGxwbmhiaXV2N0pDc1BXZmxENnM3UmhiMmc9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f8cc5cc78b40dcae9c8d40507822aed335a023ef55d8efd00c9a9f4ec4e5ee7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 843
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 May 2022 01:27:17 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 May 2022 01:27:17 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=52197&version=1&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H3 200 languages.json Show response
api.usercentrics.eu/settings/edufm2SP/latest/ 61 B
98 B 93ms
46ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/edufm2SP/latest/languages.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/2.30.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2d2c7f6b6e6d6fd1a5be5a272dc73a28844515fc5a5fab019ec06bc52f42a681

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/json

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
content-encoding: gzip
age: 0
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycdsR7qzlQjuUd8XUlqH8G_TSRL3UVzH5pwJ6oP_IYWxnkZmUbAgl0peY1EJJSqW84QYAPAEWDDWPixxhkeVJPIeD9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
last-modified: Fri, 29 Apr 2022 06:24:45 GMT
server: UploadServer
etag: "29334677b2e7ce9a8d41a93cb37375cd"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=sbjViQ==, md5=KTNGd7LnzpqNQak8s3N1zQ==
x-goog-generation: 1643302275079428
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length: 66
accept-ranges: bytes
content-type: application/json
expires: Wed, 04 May 2022 01:27:27 GMT

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/edufm2SP/latest/ Frame 0
0 94ms
42ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/edufm2SP/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bodfeld-apotheke.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Origin
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 01:27:17 GMT
expires: Wed, 04 May 2022 01:27:17 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycdsiq0aIMFn05Ct8Q5QN-a5SZIVWu6xhNoDwoyziriuWq3EcXxBzD9siKn7oBLudUfuW9Nl-ZkErRGApXxMZoa4Y2MuyXpDq

GET
H2 200 /
www.google.com/pagead/1p-user-list/955859150/ 42 B
548 B 87ms
34ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/955859150/?random=1651627637405&cv=9&fst=1651626000000&num=1&label=2SGaCIu0-G8QzoHlxwM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&frm=0&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Online%20Apotheke%20-%20Arzneimittel%20%26%20Kosmetik%20%7C%20Bodfeld%20Apotheke&async=1&fmt=3&is_vtc=1&random=684412705&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/955859150/ 42 B
108 B 88ms
36ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/955859150/?random=1651627637405&cv=9&fst=1651626000000&num=1&label=2SGaCIu0-G8QzoHlxwM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&frm=0&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Online%20Apotheke%20-%20Arzneimittel%20%26%20Kosmetik%20%7C%20Bodfeld%20Apotheke&async=1&fmt=3&is_vtc=1&random=684412705&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/850161443/ 42 B
108 B 86ms
34ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/850161443/?random=1651627637401&cv=9&fst=1651626000000&num=1&label=unLMCIyW-HEQo96xlQM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&frm=0&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Online%20Apotheke%20-%20Arzneimittel%20%26%20Kosmetik%20%7C%20Bodfeld%20Apotheke&async=1&fmt=3&is_vtc=1&random=819093073&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/850161443/ 42 B
548 B 87ms
35ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/850161443/?random=1651627637401&cv=9&fst=1651626000000&num=1&label=unLMCIyW-HEQo96xlQM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&frm=0&url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Online%20Apotheke%20-%20Arzneimittel%20%26%20Kosmetik%20%7C%20Bodfeld%20Apotheke&async=1&fmt=3&is_vtc=1&random=819093073&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 17298.gif
www.awin1.com/m/ Frame 228D 43 B
488 B 55ms
55ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/m/17298.gif

Requested by

Host: www.awin1.com
URL: https://www.awin1.com/alt.php?mid=17298&sv=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.awin1.com/alt.php?mid=17298&sv=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 May 2022 01:27:17 GMT
Allow: GET
ETag: 17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: max-age=0
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame 6824 2 KB
2 KB 58ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/cogsiput.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 488931
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 705d73fed98e91d1-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 04 May 2022 01:27:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 04 May 2022 02:27:17 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fm55hy%2F5uxhkLKxMj2FkeoAfvWnt7cBCsc%2Fo6HAFv%2FdyKs8uSoL8hMuBOhXrouIkWMgWJpOGf%2Bq3yNTyFO5%2ByMeMD%2FHwrH7E4drpdWxuxoh6ijI%2FML%2BswOMxxrOeYg7WV4FysYc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdtyt0YYJGM7L4Qh4KppAxdHUa6qSHGwk_MVt1bnpkWR4u_j_tebe8lZvHDpkzKsfKnRm3Uay31h5MKGRnI-yLI

POST
H/1.1 200
OK uedata Show response
payments.amazon.de/cs/ 0
744 B 297ms
85ms XHR
application/json 54.239.37.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.amazon.de/cs/uedata
Requested by: Host: static-eu.payments-amazon.com
URL: https://static-eu.payments-amazon.com/OffAmazonPayments/de/lpa/js/Widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.37.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 04 May 2022 01:27:17 GMT
Server: Server
x-amz-rid: NMNCKX5V1R3HZECAN12B
x-amzn-RequestId: NMNCKX5V1R3HZECAN12B
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bodfeld-apotheke.de
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK uedata Show response
payments.amazon.de/cs/ 0
529 B 283ms
74ms XHR
application/json 54.239.37.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.amazon.de/cs/uedata
Requested by: Host: static-eu.payments-amazon.com
URL: https://static-eu.payments-amazon.com/OffAmazonPayments/de/lpa/js/Widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.37.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 04 May 2022 01:27:17 GMT
Server: Server
x-amz-rid: C4S156AW0H9WJKYMMSP5
x-amzn-RequestId: C4S156AW0H9WJKYMMSP5
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bodfeld-apotheke.de
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 65ms
22ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=715032792273875&ev=PageView&dl=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1651627637573&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22356782488344600%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221277082442453401%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1651627637569.1204174913&it=1651627637318&coo=false&exp=p0&rqm=GET

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 04 May 2022 01:27:17 GMT

GET
H/1.1 200
OK e43b41fddbac17efe33eb16e490d0b72.html Show response
r.adserver01.de/znamh/data/ Frame 8643 166 B
413 B 24ms
24ms Document
text/html 212.83.50.108
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.adserver01.de/znamh/data/e43b41fddbac17efe33eb16e490d0b72.html
Requested by: Host: r.adserver01.de
URL: https://r.adserver01.de/znamh/data.php?url=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&page=home&value=&token=bodfeld_de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.83.50.108 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: nginx /
Resource Hash: 235e9d65aa8b31feb0d83bbe9d0fef40e12a47ed7b2e7e059bd9fadd5f046ea5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 04 May 2022 01:27:17 GMT
ETag: W/"5df8be28-a6"
Last-Modified: Tue, 17 Dec 2019 11:38:16 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.35/ 53 KB
23 KB 417ms
109ms Script
application/javascript 40.76.174.66

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.35/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5626153.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
content-encoding: br
etag: "1d85e80e187b365"
last-modified: Tue, 03 May 2022 00:01:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 8643
Redirect Chain

https://secure.adnxs.com/seg?add=19901050&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19901050%26t%3D2

43 B
1 KB

29ms
29ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19901050%26t%3D2

Requested by

Host: r.adserver01.de
URL: https://r.adserver01.de/znamh/data/e43b41fddbac17efe33eb16e490d0b72.html

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.adserver01.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 May 2022 01:27:17 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fd088ff6-c22d-4b29-9074-075e3deafaf5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 04 May 2022 01:27:17 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 568dc173-f1bf-4469-a120-65befa55e05c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19901050%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent=
https://secure.adnxs.com/seg?add=19609390&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19609390%26t%3D2

43 B
1 KB

31ms
31ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19609390%26t%3D2

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 May 2022 01:27:17 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9c5da804-fa34-4289-8d1d-b39b3c1d7421
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 04 May 2022 01:27:17 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b3e43ef8-050d-4467-ad0d-a854e8208810
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19609390%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2
https://imagesrv.adition.com/1x1.gif

68 B
103 B

88ms
25ms

Image
image/gif

217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 04 May 2022 01:27:17 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
date: Wed, 04 May 2022 03:27:17 +0200
server: ADITIONSERVER v1.0
access-control-allow-origin: *
content-type: text/plain
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

1x1.gif
imagesrv.adition.com/
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1
https://imagesrv.adition.com/1x1.gif

68 B
178 B

88ms
25ms

Image
image/gif

217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 04 May 2022 01:27:17 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
date: Wed, 04 May 2022 03:27:17 +0200
server: ADITIONSERVER v1.0
access-control-allow-origin: *
content-type: text/plain
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 204 dst
as.ad4m.at/ad/ 0
515 B 45ms
37ms Image
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=1609&b=2&c=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&e=25595&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 705d73ff3c999131-FRA
expires: 0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=1
https://as.ad4m.at/ad/dpe?b=CAESEBLxtlxxzL6cdJEwB4t72EI&a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=1&google_cver=1

0
633 B

33ms
33ms

Image
text/plain

2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?b=CAESEBLxtlxxzL6cdJEwB4t72EI&a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=1&google_cver=1

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 705d73ffda6e91d1-FRA
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://as.ad4m.at/ad/dpe?b=CAESEBLxtlxxzL6cdJEwB4t72EI&a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=1&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://ih.adscale.de/tpui?tpid=25&tpuid=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dcd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk%26b%3D__ADSCALE_USER_ID__%26c%3D6
https://ih.adscale.de/tpui?tpid=25&tpuid=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dcd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&...
https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&b=412e1d9485ade7372c3fdae006764d899772312567c8d4123a5eaf7dddbfd80f&c=6

0
633 B

33ms
33ms

Image
text/plain

2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&b=412e1d9485ade7372c3fdae006764d899772312567c8d4123a5eaf7dddbfd80f&c=6

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 705d73ffea8f91d1-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&b=412e1d9485ade7372c3fdae006764d899772312567c8d4123a5eaf7dddbfd80f&c=6
date: Wed, 04 May 2022 01:27:17 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://pixel.onaudience.com/?partner=234&mapped=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1

70 B
265 B

248ms
48ms

Image
image/gif

15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: H2
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
content-length: 0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dcd_pNXGa1H0h-s_NE...
https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=9&b=2223039355776407520&gdpr=0&gdpr_consent=

0
633 B

33ms
33ms

Image
text/plain

2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=9&b=2223039355776407520&gdpr=0&gdpr_consent=

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 705d74004ace91d1-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&c=9&b=2223039355776407520&gdpr=0&gdpr_consent=
pragma: no-cache
date: Wed, 04 May 2022 01:27:17 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&C=1

43 B
1019 B

69ms
69ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&C=1
Requested by: Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 May 2022 01:27:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 May 2022 01:27:17 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 04 May 2022 01:27:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 294
Expires: Wed, 04 May 2022 01:27:17 GMT

GET Pug
simage2.pubmatic.com/AdServer/ 0
0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dcd_pNXGa1H0h-...
https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&b=fad188c19fed4f350374d202cd13ba1494995f13cf77372b2d1b0c060dbc1&c=7

0
633 B

33ms
33ms

Image
text/plain

2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&b=fad188c19fed4f350374d202cd13ba1494995f13cf77372b2d1b0c060dbc1&c=7

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 705d74012bac91d1-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk&b=fad188c19fed4f350374d202cd13ba1494995f13cf77372b2d1b0c060dbc1&c=7
date: Wed, 04 May 2022 01:27:17 GMT
server: Apache
connection: close
x-powered-by: PHP/7.3.30
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H3 200 dps-de.json Show response
api.usercentrics.eu/settings/edufm2SP/latest/ 6 KB
2 KB 41ms
41ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/edufm2SP/latest/dps-de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/2.30.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6ee354023913be6ec01d46c1dc9c9d7dcb78fe311c193aa0dd263283dc2a4c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/json

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
content-encoding: gzip
age: 0
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycdvqaUEpxmNQzYo2sgElCcxUBz3EDIiPrVjtyeAo7fvHMyIfntjq9LLULlRuL_wpzL1iMZKzFlx7VWVJwQ_Lo0WTn8MKkULn
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1521
last-modified: Fri, 29 Apr 2022 06:24:45 GMT
server: UploadServer
etag: "7a019c11ce0f60fc61a34d892dc166b9"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=WwuvHw==, md5=egGcEc4PYPxho02JLcFmuQ==
x-goog-generation: 1651213485659369
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length: 1521
accept-ranges: bytes
content-type: application/json
expires: Wed, 04 May 2022 01:27:27 GMT

OPTIONS
H3 200 dps-de.json
api.usercentrics.eu/settings/edufm2SP/latest/ Frame 0
0 42ms
42ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/edufm2SP/latest/dps-de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bodfeld-apotheke.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Origin
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 01:27:17 GMT
expires: Wed, 04 May 2022 01:27:17 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycduTU9WivrmfLI1ZRVQztRTWdkm_Qgj--yp1pAhX9juwn5LzNf-0qdMJaqBgZD0SAc1ZuufSlHlzgTnAq8zj86fjV5V-zodu

POST
H/1.1 200 lgc Show response
the.sciencebehindecommerce.com/ 0
578 B 58ms
58ms XHR
text/plain 52.48.93.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/lgc
Requested by: Host: the.sciencebehindecommerce.com
URL: https://the.sciencebehindecommerce.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.93.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-93-179.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 04 May 2022 01:27:16 GMT
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://www.bodfeld-apotheke.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 3937 597 B
1 KB 164ms
117ms Script
text/javascript 104.79.88.164

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1467868&mt_adid=235478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 -, , ASN (),
Reverse DNS
Software: MT3 4281 354de82 master iad-pixel-x15 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:17 GMT
Server: MT3 4281 354de82 master iad-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 04 May 2022 01:27:16 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 3937 597 B
1 KB 162ms
115ms Script
text/javascript 104.79.88.164

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406315&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 -, , ASN (),
Reverse DNS
Software: MT3 4379 fe37bbe master iad-pixel-x10 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:17 GMT
Server: MT3 4379 fe37bbe master iad-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 04 May 2022 01:27:16 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 3937 597 B
1 KB 168ms
120ms Script
text/javascript 104.79.88.164

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 -, , ASN (),
Reverse DNS
Software: MT3 4379 fe37bbe master iad-pixel-x2 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:17 GMT
Server: MT3 4379 fe37bbe master iad-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 04 May 2022 01:27:16 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 3937
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
29 KB

605ms
80ms

Script
application/x-javascript

37.157.5.73

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1
Protocol: H2
Server: 37.157.5.73 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:18 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 04 May 2022 01:27:17 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3

200

activityi;dc_pre=CKzKnLXYxPcCFYvS1QodMrEKyQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7... Show response
5994599.fls.doubleclick.net/ Frame 8E6F
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKzKnLXYxPcCFYvS1QodMrEKyQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

455 B
388 B

113ms
70ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKzKnLXYxPcCFYvS1QodMrEKyQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2681485383080.04?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

2bd45b3946dfc0db438e3bccc61ce29c1287bf17493c5ec29262a019069a6979

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 01:27:17 GMT
expires: Wed, 04 May 2022 01:27:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 01:27:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKzKnLXYxPcCFYvS1QodMrEKyQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2681485383080.04?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CIiLn7XYxPcCFdgfBgAdL3MPEA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D... Show response
11868943.fls.doubleclick.net/ Frame 5D4A
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CIiLn7XYxPcCFdgfBgAdL3MPEA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

455 B
389 B

84ms
37ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CIiLn7XYxPcCFdgfBgAdL3MPEA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6463474565044.566?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

316f3a6ad7a9d25ef5919b9cbef406964ba6af64899546d558ad61378b9d5439

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 01:27:17 GMT
expires: Wed, 04 May 2022 01:27:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 01:27:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CIiLn7XYxPcCFdgfBgAdL3MPEA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6463474565044.566?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 core.json Show response
api.usercentrics.eu/settings/edufm2SP/latest/ 852 B
504 B 44ms
44ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/edufm2SP/latest/core.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/2.30.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4216d2deccc0dd02e99b37e0076b2d5bdb09209a3fd216ecefa9ad25df45c304

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/json

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
content-encoding: gzip
age: 0
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycdukPowppEOCv88qPpxfH6nLu5J1JoRY9PtrhDMXle93ocE8jEtxC8mskkk89fxL5-DPsS44BnYoU6e-hQO7vFSczQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 472
last-modified: Fri, 29 Apr 2022 06:24:45 GMT
server: UploadServer
etag: "b8b9404a2c09124b28d38a9d90ac3660"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=mFIqwA==, md5=uLlASiwJEkso04qdkKw2YA==
x-goog-generation: 1651213485662987
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length: 472
accept-ranges: bytes
content-type: application/json
expires: Wed, 04 May 2022 01:27:27 GMT

OPTIONS
H3 200 core.json
api.usercentrics.eu/settings/edufm2SP/latest/ Frame 0
0 42ms
42ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/edufm2SP/latest/core.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bodfeld-apotheke.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Origin
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 01:27:17 GMT
expires: Wed, 04 May 2022 01:27:17 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycduVv2EQrMHCb1UMAgERcYuPjmvSR_00qRTm_TRwRKq-lvulsoxabgQvTkf2s-arwS7cEEAEKfEkt6bMpYYHUK9HtrvQrvyF

GET
H3 200 1px.png
app.usercentrics.eu/session/ 489 B
551 B 70ms
23ms Image
image/png 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=edufm2SP

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:20:36 GMT
content-encoding: gzip
age: 401
x-guploader-uploadid: ADPycds4fxBMjcupMHNp-u1eRooQcAK3aCP37GDev7BIxU1czwXKuWHoaUH6DTgtaAwMPKJk0MOtVeSYF2c9wvrbVERuuw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
x-goog-generation: 1588928773413784
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
content-type: image/png
expires: Wed, 04 May 2022 01:50:36 GMT

GET
H3 200 de.json Show response
api.usercentrics.eu/settings/edufm2SP/latest/ 28 KB
8 KB 41ms
41ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/edufm2SP/latest/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/2.30.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e497f172395761345a726b8c28deff606a9e72ec89811afd53e039b762776bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/json

Response headers

date: Wed, 04 May 2022 01:27:17 GMT
content-encoding: gzip
age: 0
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycdu7OjE1mskPbdrQTdf7T-HTlgRP3GCrkznAuWHGMZ3SVWdlNU4uCfgd8FBIRC96H1c6v4-r2-TC54y1EgZMGAJoMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8560
last-modified: Fri, 29 Apr 2022 06:24:45 GMT
server: UploadServer
etag: "0a4eed6455052432665364ef7c73e046"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=qbq2eQ==, md5=Ck7tZFUFJDJmU2TvfHPgRg==
x-goog-generation: 1651213485662957
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length: 8560
accept-ranges: bytes
content-type: application/json
expires: Wed, 04 May 2022 01:27:27 GMT

OPTIONS
H3 200 de.json
api.usercentrics.eu/settings/edufm2SP/latest/ Frame 0
0 40ms
40ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/edufm2SP/latest/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bodfeld-apotheke.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Origin
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 01:27:17 GMT
expires: Wed, 04 May 2022 01:27:17 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycdtSwOnPXOY6CNQ_Ku8i-wY7yq8UqMg6-mUc5Cl2L3VnJTKbDdQofEtoNUrUZOHrhaEqv6c9a1Fb2B-mazxBJt1hkw

GET
H3 200 DefaultData-52be91d2-3f298392.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 2 KB
901 B 24ms
24ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/DefaultData-52be91d2-3f298392.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b591a206a3a12cccc952f07c70c716123f48c72dd5a07960c6647b6057e980d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:31 GMT
content-encoding: gzip
age: 477166
x-guploader-uploadid: ADPycdsDQ678mAK40DqnErM8xhaLHGOJW5TZcWk40VyLVb5h2SIMg6OBoUn4OXQMAxP2hVjQZqIMBsW0knP6i6IN_xHVGQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 870
last-modified: Thu, 28 Apr 2022 12:50:33 GMT
server: UploadServer
etag: "518f6a68384b2d6d76c3b6d0d822c9cb"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=qxWTUA==, md5=UY9qaDhLLW12w7bQ2CLJyw==
x-goog-generation: 1651150233235279
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 870
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:31 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 3937 43 B
525 B 117ms
117ms Image
image/gif 104.79.88.164

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 -, , ASN (),
Reverse DNS
Software: MT3 4379 fe37bbe master iad-pixel-x17 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 01:27:18 GMT
Server: MT3 4379 fe37bbe master iad-pixel-x17 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 May 2022 01:27:17 GMT

GET
H2 200 dc_pre=CKzKnLXYxPcCFYvS1QodMrEKyQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2681...
adservice.google.com/ddm/fls/z/ Frame 8E6F 42 B
494 B 275ms
57ms Image
image/gif 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKzKnLXYxPcCFYvS1QodMrEKyQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2681485383080.04

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKzKnLXYxPcCFYvS1QodMrEKyQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2681485383080.04?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIiLn7XYxPcCFdgfBgAdL3MPEA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=64634...
adservice.google.com/ddm/fls/z/ Frame 5D4A 42 B
107 B 266ms
58ms Image
image/gif 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIiLn7XYxPcCFdgfBgAdL3MPEA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6463474565044.566

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CIiLn7XYxPcCFdgfBgAdL3MPEA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6463474565044.566?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 translations-de.json Show response
api.usercentrics.eu/translations/ 7 KB
2 KB 23ms
23ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/2.30.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9b0baefcd1f5d7f3b810a9a46e0ad7de827a02f0622cf806de7e36ee334ea936

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/json

Response headers

date: Tue, 03 May 2022 13:25:21 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 43317
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycdu2XwY8sYI560GmKDf6ZlS0gL-p77EIWScf9yve728lJXinb43DFANyXM-u7rX8r4ozrwPcbFiTnCMKrdGDNX7CuLiYf9tq
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2508
last-modified: Tue, 29 Mar 2022 10:32:35 GMT
server: UploadServer
etag: "50526ccc3167bc410edf63028eb04682"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=i8+G/w==, md5=UFJszDFnvEEO32MCjrBGgg==
x-goog-generation: 1648549955427938
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400, s-maxage=86400
x-goog-stored-content-length: 2508
accept-ranges: bytes
content-type: application/json
expires: Wed, 04 May 2022 13:25:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 44ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=715032792273875&ev=Microdata&dl=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1651627638077&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Online%20Apotheke%20-%20Arzneimittel%20%26%20Kosmetik%20%7C%20Bodfeld%20Apotheke%22%2C%22meta%3Adescription%22%3A%22Ihre%20Versandapotheke%3A%20%E2%9C%93%20Medikamente%20online%20kaufen%20%E2%9C%93%20Bis%20zu%2060%25%20sparen%20%E2%9C%93%20Arznei%20%26%20Kosmetik%20%E2%9C%93%20pharmazeutische%20Beratung%20%E2%96%BA%20www.bodfeld-apotheke.de%22%2C%22meta%3Akeywords%22%3A%22Online%20Apotheke%2C%20Versandapotheke%2C%20Arzneimittel%2C%20Medikamente%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.bodfeld-apotheke.de%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.bodfeld-apotheke.de%2Fsearch%2Fresult%3Fterm%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.bodfeld-apotheke.de%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.bodfeld-apotheke.de%2Fdocuments%2Flogo%2FBodfeld-Apotheke-Logo-neu.jpg%22%7D%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1651627637569.1204174913&it=1651627637318&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 04 May 2022 01:27:18 GMT

OPTIONS
H3 200 translations-de.json
api.usercentrics.eu/translations/ Frame 0
0 43ms
42ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bodfeld-apotheke.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Origin
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 01:27:17 GMT
expires: Wed, 04 May 2022 01:27:17 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEBW
x-guploader-uploadid: ADPycds2TN3OvdVlmJ85bXmec3kboOEJoq7cRntNmKqVWbcyAMwjWnpYC8N2ZsVmdGxHd0-V80psWwKgs13J0Gec1g9JOg

GET
H3 200 DefaultUI-9fc368c2-be37fa37.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 2 KB
781 B 24ms
23ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/DefaultUI-9fc368c2-be37fa37.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

276f31232372ad298767c0d824e676395224cd94ca87c8e4c8cc7c1664521431

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:31 GMT
content-encoding: gzip
age: 477167
x-guploader-uploadid: ADPycdsai04617b7JvK4k9mEaMxpZ-Htlv5_ROS_JiceGBi3YmluF2PmF48ho7XM634SsjjkevpqlUZUajMr6tuVgJ99
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750
last-modified: Thu, 28 Apr 2022 12:50:33 GMT
server: UploadServer
etag: "b33a6c57cb1611919c3e4472a18470bf"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=X0dY7A==, md5=szpsV8sWEZGcPkRyoYRwvw==
x-goog-generation: 1651150233613824
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 750
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:31 GMT

GET
H3 200 FirstLayerCustomization-2d7d828a-20e96c87.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 3 KB
1021 B 25ms
23ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/FirstLayerCustomization-2d7d828a-20e96c87.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

840afcd3c541055d137abb7144adbe397bdc68cc4aea1fe9e09ba8965d9e333c

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/2.30.0/DefaultUI-9fc368c2-be37fa37.js
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:31 GMT
content-encoding: gzip
age: 477167
x-guploader-uploadid: ADPycdtx_A5hur4yn-iEOYd4CtDddyAwIpV3jXI0q7mrwV8wRzSJ0owuv7TVtmFT9DZrLdY7ufg1ABzzsH4SxjsqdYnh2A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 990
last-modified: Thu, 28 Apr 2022 12:50:33 GMT
server: UploadServer
etag: "af42348ab86fc1e6843cf687cfb3acf5"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=A8kQlA==, md5=r0I0irhvweaEPPaHz7Os9Q==
x-goog-generation: 1651150233798371
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 990
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:31 GMT

GET
H3 200 ButtonsCustomization-67b796ca-fc513fc1.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 472 B
267 B 25ms
24ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/ButtonsCustomization-67b796ca-fc513fc1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c6e4d7bf0b25e289d1c8fa4261b1c78b16841dfc759a102045d113e3af3cf6c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/2.30.0/DefaultUI-9fc368c2-be37fa37.js
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:31 GMT
content-encoding: gzip
age: 477167
x-guploader-uploadid: ADPycdua1lxLtu_nb2iV-CBumppXvubWzywudTGHtzei7mmBs0Xj2YZdo1pCubhBpoSrCuv7RFnIUM1IAfsdwsSj_Vzg2Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236
last-modified: Thu, 28 Apr 2022 12:50:32 GMT
server: UploadServer
etag: "2358e92ba0f7d8f6260b9ebe0643aa9f"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=vecjlw==, md5=I1jpK6D32PYmC56+BkOqnw==
x-goog-generation: 1651150232693102
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 236
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:31 GMT

GET
H3 200 SecondLayerUI-a0ca78a5-4125ce9c.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 431 B
303 B 25ms
24ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/SecondLayerUI-a0ca78a5-4125ce9c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

678e2ade7856471a6b24e047d1bf63f01ed4759aa3c3f054b0ce0d2940a6c0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/2.30.0/DefaultUI-9fc368c2-be37fa37.js
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:31 GMT
content-encoding: gzip
age: 477167
x-guploader-uploadid: ADPycdsQCV49bsGNPICP54sS_RSDmhIUmzwGlYo4KFNRvOyFS6dihk9e1S9yIszI29QeAvF1QkdyYuEj6sfe4j-uyV2tbQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 272
last-modified: Thu, 28 Apr 2022 12:50:34 GMT
server: UploadServer
etag: "a31a3ab6ba8d66f533c9d5c2dd48f638"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=IMlH4g==, md5=oxo6trqNZvUzydXC3Uj2OA==
x-goog-generation: 1651150234567925
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 272
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:31 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
99 B 109ms
108ms XHR
text/plain 40.76.174.66

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.35/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.bodfeld-apotheke.de
date: Wed, 04 May 2022 01:27:18 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 Taglogger-1c2141ea-0384842d.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 1 KB
646 B 23ms
23ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/Taglogger-1c2141ea-0384842d.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0492ae0e4a95c4119fdf18b5f554c8cda3d72a2a9874d216ed36e9efad918f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:31 GMT
content-encoding: gzip
age: 477167
x-guploader-uploadid: ADPycdveuZQyQB3shDNwplHvT3kSTxm_zNEADJsoX8HKCokwPwX4SnfEZII_Yx0DUPLIToInGY7WADICVn2cpNeKe1aw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 615
last-modified: Thu, 28 Apr 2022 12:50:34 GMT
server: UploadServer
etag: "fc96d7ec69c04c79a137c8f606aa27b4"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=PMTdOA==, md5=/JbX7GnATHmhN8j2BqontA==
x-goog-generation: 1651150234956865
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 615
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:31 GMT

POST
H3 200 graphql Show response
graphql.usercentrics.eu/ 1 KB
782 B 77ms
28ms Fetch
application/json 2600:1901:0:7903::

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/2.30.0/index.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7903:: -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 7b4b94b549758e11b768b85360b581c58ed67e9947fdab34b6135617c653732e

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
X-Request-ID: 9348cc5e-3ae7-4864-b1a2-a13c983a7e1c
content-type: application/json

Response headers

date: Wed, 04 May 2022 01:27:18 GMT
content-encoding: gzip
etag: W/"5d7-73xolFgPTXdlc/AKClW53r7iXdk"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H3 200 index-29bbe392.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 2 KB
1014 B 23ms
23ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/index-29bbe392.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2fc4f32c90420be3076fa1cbc60a3253eaa650d0aac804e5c502626b4bb4cd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:40 GMT
content-encoding: gzip
age: 477158
x-guploader-uploadid: ADPycdty5z_DB3TYb4ytlCGVtHSE3WV6qacfB40I8iW8iXW08iFMbHD-tixOXDtfOSPM_Bh5ED2GPsT5plu2AkBC57KvHQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 978
last-modified: Thu, 28 Apr 2022 12:50:38 GMT
server: UploadServer
etag: "dd3c4dae34d3048e088c85b34c386eaa"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=kXh3BQ==, md5=3TxNrjTTBI4IjIWzTDhuqg==
x-goog-generation: 1651150238260515
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 978
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:40 GMT

GET
H2 200 uct
uct.service.usercentrics.eu/ 35 B
277 B 148ms
39ms Image
image/gif 34.95.108.180

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uct.service.usercentrics.eu/uct?v=1&cid=e85a1e36a59e9f23a24e834bbf412eefd4d6f03df0a9ad0bed85674e1dc4931f&sid=edufm2SP&t=1&abv=&r=https%3A%2F%2Fwww.bodfeld-apotheke.de%2F%3Fp%3Daw%26utm_source%3Daw%26awc%3D17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83&cb=1651627638282

Requested by

Host: www.bodfeld-apotheke.de
URL: https://www.bodfeld-apotheke.de/?p=aw&utm_source=aw&awc=17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.95.108.180 -, , ASN (),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 01:27:18 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
strict-transport-security: max-age=7776000
content-type: image/gif
x-cloud-trace-context: 99f625e6cbcca1f8bbf591b27ae431a7
cache-control: no-store
function-execution-id: hja95ou0h949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

OPTIONS
H2 204 graphql
graphql.usercentrics.eu/ Frame 0
0 152ms
26ms Preflight 2600:1901:0:7903::

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7903:: -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://www.bodfeld-apotheke.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 04 May 2022 01:27:18 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H3 200 index-fabc5a3f.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 5 KB
2 KB 23ms
23ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/index-fabc5a3f.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

88c8d879331daa52ab38c5eb0b84e1bd02345dc8382443e8dda06fd5157d8727

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:40 GMT
content-encoding: gzip
age: 477158
x-guploader-uploadid: ADPycdvw41e1wwoFOTUqlR-wWf9IkU3GVcZMqhskJbQiqwV7f5XLH6GYGFy1b-sF6wFPtBs2JthyDfBzAR_h6et7St3wQNR99T-1
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2000
last-modified: Thu, 28 Apr 2022 12:50:38 GMT
server: UploadServer
etag: "dad8d722193b5e5b919bb211741bf1e1"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=RyyNMA==, md5=2tjXIhk7XluRm7IRdBvx4Q==
x-goog-generation: 1651150238615368
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 2000
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:40 GMT

GET
H3 200 SaveButton-a2e5c525.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 1 KB
525 B 24ms
23ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/SaveButton-a2e5c525.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ac116e2e30bcf4e573f3856abb2f5bf2cd0d165b5208edb89b8f5d1aefc4d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/2.30.0/index-fabc5a3f.js
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:40 GMT
content-encoding: gzip
age: 477158
x-guploader-uploadid: ADPycdvyBIatsoQiDxFMIJpFB1h6wgAKU6LD-N6dAwQSuiXP2zoZn0i60OXpLh1BAp8fgHw90nWmnrO9GFUSl02Af2zbGA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486
last-modified: Thu, 28 Apr 2022 12:50:34 GMT
server: UploadServer
etag: "5dd95c40f198de93ea23354b5b980a87"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=FQigJg==, md5=XdlcQPGY3pPqIzVLW5gKhw==
x-goog-generation: 1651150234385972
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 486
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:40 GMT

GET
H3 200 VirtualServiceItem-e5caa70d.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 143 KB
43 KB 25ms
24ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/VirtualServiceItem-e5caa70d.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

234d64e699fea42de34f3b0da562128509c4910e1d4bf3eaa0d5a6c5829372e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/2.30.0/index-fabc5a3f.js
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:40 GMT
content-encoding: gzip
age: 477158
x-guploader-uploadid: ADPycdv98wNWAVMES2VztFbeRpCLeyXdfFsplUWK9pDXXADT_WAkJ29GY-Nnp4uPsfzTnxPrreMIgL3yqqF_bmFQAUGwshQixpjv
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43616
last-modified: Thu, 28 Apr 2022 12:50:35 GMT
server: UploadServer
etag: "02366b434f40505e8bba5995af42085b"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=sFAq8g==, md5=AjZrQ09AUF6LulmVr0IIWw==
x-goog-generation: 1651150235559540
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 43616
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:40 GMT

GET
H3 200 DefaultTabs-8e925d62.js Show response
app.usercentrics.eu/browser-ui/2.30.0/ 3 KB
1 KB 27ms
27ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/2.30.0/DefaultTabs-8e925d62.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

690d204e7af56fa31b00a903abada48981d7189dd79b5d47cb4a4107a7a6acb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/2.30.0/index-fabc5a3f.js
Origin: https://www.bodfeld-apotheke.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 12:54:40 GMT
content-encoding: gzip
age: 477158
x-guploader-uploadid: ADPycdukvRDNmFr7UGnnOK2Q-nUEFS0_UNGr3Ky92_XQ6qQN_7sscxjli9ZxLLcvu7GcBnjOa4Si1Qf5thhz9sNJnoQQGjBNZadH
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1403
last-modified: Thu, 28 Apr 2022 12:50:33 GMT
server: UploadServer
etag: "fbeeb467b7bb48740aa937b58be0166f"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=fzgHOQ==, md5=++60Z7e7SHQKqTe1i+AWbw==
x-goog-generation: 1651150233405189
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 1403
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 12:54:40 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame 3937
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=854029444722&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintel...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=854029444722&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.red...

111 B
592 B

44ms
44ms

Script
text/javascript

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=854029444722&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D52197%26version%3D1%26redirected%3D1

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52197&version=1&redirected=1

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 04 May 2022 01:27:18 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=854029444722&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D52197%26version%3D1%26redirected%3D1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dcd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk%26b%3D%24%7BPUBMATIC%5FUID%7D%26c%3D5

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
remote.capitalpone.com/	1970-01-23 18:23:07	Name: __tad Value: 1651627632.1945316
.1redirc.com/	1970-01-20 11:32:43	Name: __dsnsid Value: 202205041127128095d1f95df6c032e6
clever-redirect.com/	1970-01-20 02:48:34	Name: b9a1618e44a3ae2f7c6e958249a9dea7 Value: d6a0036c4a0fd91f92389ce320e915b0de2dbce3ff69b326ed24a4ed48be0105a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22b9a1618e44a3ae2f7c6e958249a9dea7%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
utkv6nyu.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: o2nmm763747fd01iq05tm1gn52
.awin1.com/	1970-01-20 03:30:19	Name: aw17298 Value: 101248\|0\|0\|1651627635\|at107999_a180536_m12_p134708_cDE_s8048467f0c8f62f0a4adef2eda0e06f9\|aw\|0
.awin1.com/	1970-01-20 11:32:43	Name: bId Value: HLEX_6271d6735d8670.35161436
www.bodfeld-apotheke.de/	1969-12-31 23:59:59	Name: route Value: 1651627636.817.30445.439655
www.bodfeld-apotheke.de/	1970-01-20 02:47:14	Name: meshop_sid Value: rr7vijpu8094tbs49nl9ae50eh
www.medizinfuchs.de/	1970-01-20 02:57:12	Name: AWSALBCORS Value: Oi0FXFDtssNUTRkfdPP0W/T+HPr/XNR1rWYdzn7AdqVPOg5QPFXnhxHqWUEYCNsv1ta5KwnrJb/5H2yp6gu/i92VbrRPxx5zi7vCm24zNhY5FZw0d48efSLyACgb
.bodfeld-apotheke.de/	1970-01-20 04:56:43	Name: _gcl_au Value: 1.1.1208610141.1651627637
www.bodfeld-apotheke.de/	1970-01-20 03:30:19	Name: awcookie Value: aw
www.bodfeld-apotheke.de/	1970-01-20 02:48:34	Name: language Value: en_GB
www.bodfeld-apotheke.de/	1969-12-31 23:59:59	Name: amazon-pay-connectedAuth Value: connectedAuth_general
.bing.com/	1970-01-20 12:08:43	Name: MUID Value: 3FB72D1FAF9567CC1FD23C85AEFE669A
.bodfeld-apotheke.de/	1970-01-20 02:48:34	Name: _uetsid Value: 55cd9350cb4911eca4eb1be8e8326bc9
.bodfeld-apotheke.de/	1970-01-20 12:08:43	Name: _uetvid Value: 55cdc300cb4911eca7c309e708ca0e6c
.bodfeld-apotheke.de/	1970-01-20 11:32:43	Name: _aw_m_17298 Value: 17298_1651627635_969d2f03dbfa2fc44ba6460c88327c83
.amazon.com/	1970-01-20 11:32:43	Name: session-token Value: "XE4uHgkmDQA1GK4QtqAyMNnhXr8X+7aVuZhz5Tvn5X1CYAUcd/lOGHlDf48tkjkg/jCoLg50mBVUaUHAn8OMxcM51yL4gFYaT0nnPgcq21aawHs4dnzqtk1KF/mof4n22ZDWc4mllrwL6rOfA1wlymiwZ/6ZgYfELrI2TqgZnWosQZyNal+5YMGH8BZbsbBN9iq1jRCSokE="
.amazon.com/	1970-01-20 11:32:43	Name: session-id Value: 260-9704417-9270112
.amazon.com/	1970-01-20 11:32:43	Name: session-id-time Value: 2082758400
.amazon.com/	1970-01-20 11:32:43	Name: session-id-apay Value: 260-9704417-9270112
www.bodfeld-apotheke.de/	1970-01-20 11:32:43	Name: apay-session-set Value: inwqkN7dWt8CMJn6SkDPGLr5IX37oa2ZbZMGzA6cGLYDTwH%2BW%2ByTx3Zt0cgTZUA%3D
.bodfeld-apotheke.de/	1970-01-20 04:56:43	Name: _fbp Value: fb.1.1651627637569.1204174913
.redintelligence.net/	1970-01-20 04:56:43	Name: 8lcfmzhxc8d6_uid Value: 688441a3d1564043
.adscale.de/	1970-01-20 11:29:23	Name: uu Value: 00aea780341c4138b4d6dd84f72a7a3b
.adscale.de/	1970-01-20 11:29:23	Name: cct Value: 1651627637691
.adfarm1.adition.com/	1970-01-20 04:56:43	Name: UserID1 Value: 7093686686090003323
.doubleclick.net/	1970-01-20 12:08:43	Name: IDE Value: AHWqTUlcrdH2_EabvQaendAlTx_UBF6z98_fXQ_-6BpfFbBqyZrcLd2_1C1Cea-TTLQ
.ih.adscale.de/	1970-01-20 11:29:23	Name: tu Value: 4#2889173136#25~cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk~458785~0~0
.adnxs.com/	1970-01-20 04:56:43	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2In<F(DZQ!@wnf-Te9(>wL5L!!'Vv$j3o:
.sciencebehindecommerce.com/	1970-01-20 11:32:43	Name: _D9J Value: 20ed0cc4e1ab4d939705759dd10211cf
.adnxs.com/	1970-01-20 04:56:43	Name: uuid2 Value: 8455525706569956069
.smartadserver.com/	1970-01-20 12:17:22	Name: pid Value: 2223039355776407520
.smartadserver.com/	1970-01-20 12:17:22	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 12:17:22	Name: csync Value: 132:cd_pNXGa1H0h-s_NEK4HloRF3EuyyTPk
.casalemedia.com/	1970-01-20 11:32:43	Name: CMID Value: YnHWdaUzIUR8HuMgHpZWvwAA
.casalemedia.com/	1970-01-20 04:56:43	Name: CMPS Value: 3195

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11868943.fls.doubleclick.net
1redirc.com
5994599.fls.doubleclick.net
a.twiago.com
ad11.adfarm1.adition.com
ad4m.at
adservice.google.com
api.usercentrics.eu
app.usercentrics.eu
aproxy.ksgct.de
as.ad4m.at
bat.bing.com
bodfeld1.ix.dus.m-eshop.de
clever-redirect.com
cm.g.doubleclick.net
connect.facebook.net
d.clarity.ms
d23yuld0pofhhw.cloudfront.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graphql.usercentrics.eu
hal9000.redintelligence.net
ih.adscale.de
imagesrv.adition.com
img.idealo.com
ixxilon.mauve.de
js.kctag.net
lookandfind.me
match.adsrvr.org
maxcdn.bootstrapcdn.com
payments-de.amazon.com
payments.amazon.de
pixel.mathtag.com
pixel.onaudience.com
r.adserver01.de
remote.capitalpone.com
rtb-csync.smartadserver.com
rum.mauve.eu
s2.adform.net
secure.adnxs.com
simage2.pubmatic.com
ssl.google-analytics.com
static-eu.payments-amazon.com
the.sciencebehindecommerce.com
track.adform.net
tracking.s24.com
uct.service.usercentrics.eu
utkv6nyu.de
widget.trustpilot.com
www.awin1.com
www.bodfeld-apotheke.de
www.dwin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.medipreis.de
www.medizinfuchs.de
simage2.pubmatic.com
103.224.182.206
103.224.182.241
104.102.29.65
104.79.88.164
104.92.94.3
138.201.64.38
142.250.184.194
142.250.185.226
142.250.186.70
15.197.193.217
15.235.15.221
157.90.169.168
185.33.221.87
185.86.139.114
2001:41d0:700:2f40::
212.83.50.108
217.79.188.60
2600:1901:0:5987::
2600:1901:0:7903::
2600:1901:0:c07c::
2600:9000:206f:2000:e:5098:9500:21
2600:9000:225a:5800:f:8ce2:fb80:93a1
2606:4700:20::ac43:4a81
2606:4700::6812:acf
2620:1ec:c11::200
2a00:12c0:101b:200::19
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200a
2a01:4f8:210:11a9::1
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::7
2a07:a40:0:300::4
2a07:a40:0:700::4
34.95.108.180
37.157.5.73
37.157.6.248
40.76.174.66
52.48.93.179
52.57.224.53
52.57.38.189
52.58.193.70
54.239.35.33
54.239.37.6
54.37.201.1
62.146.17.87
78.46.197.88
78.47.227.103
85.114.159.112
85.215.5.31
99.86.4.37
99.86.4.77
000eee67db3387fcec6cb57d9252cb4cc1f90f6958be4b12dfff6392674140f4
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
0492ae0e4a95c4119fdf18b5f554c8cda3d72a2a9874d216ed36e9efad918f92
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09bc290498f9af334f34c170a5cb73ae5b4f154b05acf3c63b41edfd90f74280
0a6b70f7ccb60d1e7e43d1734e56446148bab01b2e799feb30173e9cc038e996
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f2cc3de973f89bf1860ea5269e3bfaae858a7e458af1611cf345790fa4129c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14072bd93c02619cb1856c9a099e9309c9b217ca98674381bb1b5ee166bca1fd
1ac116e2e30bcf4e573f3856abb2f5bf2cd0d165b5208edb89b8f5d1aefc4d12
1bca7b5df6ba289ad8aeed7c9b6621f5d53ae6c444fca7a639ac3ff1ea438361
234d64e699fea42de34f3b0da562128509c4910e1d4bf3eaa0d5a6c5829372e8
235e9d65aa8b31feb0d83bbe9d0fef40e12a47ed7b2e7e059bd9fadd5f046ea5
26cdc8b5efc71f35a05f389447467321db4c2972daf26cc402122d4713fff910
276f31232372ad298767c0d824e676395224cd94ca87c8e4c8cc7c1664521431
277fa02748ec163605ff6785196a836c3317bbcd1c34c10be50272acc66daaeb
286834772de1f864b85e160c46eef3fb8209305dad915543e787e19ca34390ca
2bd45b3946dfc0db438e3bccc61ce29c1287bf17493c5ec29262a019069a6979
2d2c7f6b6e6d6fd1a5be5a272dc73a28844515fc5a5fab019ec06bc52f42a681
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ec1414098ace9cdb263573bea4b4903cf6d983735828af61ca07cad1f7f7fdd
2f61053867492fd86e9f95c925567ba2bb4ec96b828e9b64727d9721600897d4
2fc4f32c90420be3076fa1cbc60a3253eaa650d0aac804e5c502626b4bb4cd66
30766f7163277bd345138dcd51eaac2920fdc1f124f866d7123986bf9f197540
316f3a6ad7a9d25ef5919b9cbef406964ba6af64899546d558ad61378b9d5439
3198a3b8c685c31718cacaf350fa0dd5e965271535e8105f09362028ab0ff596
329440ae25d401c033b1cb591fe16a0019429a6cb89853fbc3997656c03fb047
33d47658382029c8aa4d16ea7d947b455b06ea880dd88a1f8333f1e3975a58a6
35087c396da7fd0519fe496b2afa94929825ec5ed6227a7295aaf614bc08e3a7
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e3e39309fe640e577e0f0051d2e1018a583ebc7a8cf81febaae23e03ce63c32
3f834b98d719e934b7390d992b657bc774fb12c792310dee00230e862a0efb30
407323faf5688c2ed75ba5406b0d66cd17c7fd5c0283c3f02962f9e386333f63
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
40db96f72a3e005400fc3b5cc67edb0ced9fb4d635ec487c62c4b92631f54005
4216d2deccc0dd02e99b37e0076b2d5bdb09209a3fd216ecefa9ad25df45c304
447e6e6dc2d261dd629d16b58e47d417901a93b9d22887d926fb03889d28365c
46b33fc911c3bcc66e91842779791dc97a3c9367839e18c641dfce155518cad9
49f3de6b7dc9a80d6876259b6254adca2d3b30de6bd3e26c2ebf029275a630c2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6fa7b8232fec44a9621c5347ad9ce509dc8297e35608095a4399f3d2e297f2
51068d6b77959de746655230a7303db5c08cbc2d1085815a8cdad0e16c7980f4
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
656b1941d8b9fb2a811f698f12767ba8d309a51a81f438877b85749d5a775bf4
678e2ade7856471a6b24e047d1bf63f01ed4759aa3c3f054b0ce0d2940a6c0d9
690d204e7af56fa31b00a903abada48981d7189dd79b5d47cb4a4107a7a6acb4
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ee354023913be6ec01d46c1dc9c9d7dcb78fe311c193aa0dd263283dc2a4c0a
6f163a8d6c114ad781b91abecced92bb0c5e5b3c9ffcaf97fd625f5f97b61eaa
717b6d15a303d3e6452edaf1f7ac5303f36c380a3b1eecf7bfe6a1003cdfcdd6
7b0a1202cd832918a79a2bb4b73d39e2975bc523ac072db14127eac030579c0f
7b4b94b549758e11b768b85360b581c58ed67e9947fdab34b6135617c653732e
8014dedf4d29ea7b1773385396309d6852067b013cf518688ff20acf523387a2
82c650466a941ed39ec1a591cbceab3d57f1b9844e079366d466f1a1b6f3c5ce
836f5abd1ff40a22a428f7e03a634c9f4e395a3d14347d9703326e67ccf8fda1
840afcd3c541055d137abb7144adbe397bdc68cc4aea1fe9e09ba8965d9e333c
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
854f8507e0f3b9561d33b576e6abcce8f500522e0e4e3db0a858b1e3807773ef
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88c8d879331daa52ab38c5eb0b84e1bd02345dc8382443e8dda06fd5157d8727
88df20410ca504c7d5995614ccca10814389d185e0fd2cdc4371dd847e918ea2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbb99acb3ed3a99466b9cfea5ea5a22fa1c17e9716b1bac1335292d73e61031
8fdf7313d6410e21adfcc8498972bd991d8ef1648909f987b9fcbee0790f8b72
90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073
914f315058536cfbad727dce21a3ed7af76029a027faa8ab1fb2b9fd30a0cc79
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
96b5782233cedc416f21ccd27fade5959a0e4b407e8bf6e4cca01be91858f066
9b0baefcd1f5d7f3b810a9a46e0ad7de827a02f0622cf806de7e36ee334ea936
9bafd53269c52b6125efbcc797842ab430765c4980b1620a17372671780b019a
9c169fb4bd3757c9b71e5860dc4b108b2f5d54ea6deb7eccd76eecc07cf92c0d
a1a58adf173104ceca1ec1c9ddbb12d7581ef2eec179d5781a665f43277c5e1e
a204dc4aa005f94fc05fa0d413b996162aab0c82614c7d9d58fe1051c9d6f89f
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a6bf370778a9d525faec48a9dcbfa0ef369a350d04607126003e54ab191514f0
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
ac0f6dc96d0244ef2d800bfed4de93430538560c1add86605db6684761cddf07
acabef44737ae4a2904d81f8092d07396134478c6ca54b701f78658decd8cfd2
af3dd3b444144f58657cee6e40a2ae985a2e8110b4f9d4b40db5dc46e8e360dd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29344f8c6b9555faa56b4f2566e3abcdacf9f5ca265336aa6a9e1215c89e1b1
b2a320228c29c5a10143041e536dab47a5ea54dabad90cbb1dd9ec40a16bb67d
b2c2b920801871ee2f536bc0ed4b241d21b0d14bf0b4d17d59349fd40397e953
b591a206a3a12cccc952f07c70c716123f48c72dd5a07960c6647b6057e980d2
b99590413d5e22ce7b94d73504a5f39b600e5cb766bee40ae2b80427add977a7
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
c03f3c8bb2a6876ba1c5e8fd9650f0fe539bb240ec14f71e5833213a5c8fb591
c064a060be0d570e0e59c77f93126e41f93f1671a920f6ad7ebe0bc167018554
c1902fe3c52c52bf2dc573a862103c832ed749412a317be988c92f00437e2235
c6e4d7bf0b25e289d1c8fa4261b1c78b16841dfc759a102045d113e3af3cf6c9
ce495e5b4ff0dda8948e06ef347c4c0db604ed7379aed3bd781eb34fb7698a88
cf61c72d82b3c02a06add82834aac80a82c9993bcc210c9560d35a67bb83a8a0
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d2cc5a9c7e606ad4a5632e886a561a0313ff5e05bfb8de1c8dc0fb0da8e6ba72
d63746b7c0ac2176774b5953d54904aa4688e2a6af8442bd64f4db9a36721be1
d9a45b47c784d0c34280090ecf47a74bad6517e03cdb8946865ac6529727b032
e0bde5b77f298483ae35e9afa2c71dd9de11fd9e528fcf0c89453f245bf15e09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e497f172395761345a726b8c28deff606a9e72ec89811afd53e039b762776bd0
e7c6e12b4bab558729afedf64947836ae9ff0f54f07045cab98b7727cc84a2e3
ea8a271335eb5ff72079414ac2224efd2e44eb27c226c7b9473b031b497d6d38
ecf1c6d562d695aa2055cc28ec14628652df26abe77f89dd25b3fb03a33a2247
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6a2557a326969a36ae948e30726078a79fb240df4be14e36ba0e1c1b08b723
ef9928ef132ec32f87933303bcffbed07a92b67387f753818fe95219d4528c93
f497809327084b83a361d89dbf10a61a4e0a27dbfddc3cedf09c891a01029358
f67548826dedc450d8eafec6a446a5add801ba36088c4bbc621ef8fcb976fce2
f8cc5cc78b40dcae9c8d40507822aed335a023ef55d8efd00c9a9f4ec4e5ee7c
fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e
fc68a100bff8630edcbcf9267f3c4605a95b3cb94d28e82d52148406c6f238ce
fee8e3010708a743ed388151825350a422e5165adf434b5bbde2b0dfb85bb7bf
ff4c1653942e37b7e9f3f2247e1387f82af3321947e18690c450297e066ee2c9

www.bodfeld-apotheke.de Open in urlscan Pro 2001:41d0:700:2f40:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

88 %HTTPS

41 %IPv6

51 Domains

61 Subdomains

51 IPs

8 Countries

1483 kBTransfer

4224 kBSize

37 Cookies

14 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bodfeld-apotheke.de Open in urlscan Pro
2001:41d0:700:2f40:: Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

88 %
HTTPS

41 %
IPv6

51
Domains

61
Subdomains

51
IPs

8
Countries

1483 kB
Transfer

4224 kB
Size

37
Cookies

147 HTTP transactions
0 data transactions