urlscan.io logo urlscan.io
SecurityTrails logo

www.meds.se Open in urlscan Pro
2606:4700:10::6814:3bf0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://c.apitalonebank.com/
Effective URL: https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_te...
Submission: On September 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 13 HTTP transactions. The main IP is 2606:4700:10::6814:3bf0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.meds.se.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 7th 2019. Valid for: 2 years.
This is the only time www.meds.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.32.237.90 60781 (LEASEWEB-...)
2 35.172.40.232 14618 (AMAZON-AES)
1 52.218.40.243 16509 (AMAZON-02)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 4 95.211.116.27 60781 (LEASEWEB-...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 104.18.27.20 13335 (CLOUDFLAR...)
13 8
2    212.32.237.90 (Hoofddorp, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
c.apitalonebank.com
2    35.172.40.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-40-232.compute-1.amazonaws.com
sarah.ttnrd.com
1    52.218.40.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
2    2606:4700:20::681a:4e (United States)

ASN13335 (CLOUDFLARENET, US)
api.apientry.com
4    95.211.116.27 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com
se-go.kelkoogroup.net
5    2606:4700:10::6814:3bf0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.meds.se
2    104.18.27.20 (United States)

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
assets.hcaptcha.com
Domain Requested by
5 www.meds.se se-go.kelkoogroup.net
www.meds.se
4 se-go.kelkoogroup.net 2 redirects api.apientry.com
se-go.kelkoogroup.net
2 api.apientry.com 1 redirects sarah.ttnrd.com
2 sarah.ttnrd.com c.apitalonebank.com
sarah.ttnrd.com
2 c.apitalonebank.com 1 redirects
1 assets.hcaptcha.com www.meds.se
1 hcaptcha.com 1 redirects
1 s3-eu-west-1.amazonaws.com sarah.ttnrd.com
13 8

This site contains no links.

Subject Issuer Validity Valid
ttnrd.com
Amazon		 2019-12-11 -
2021-01-11		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-18 -
2021-07-18		 a year crt.sh
*.kelkoogroup.net
DigiCert SHA2 Secure Server CA		 2020-07-29 -
2021-10-06		 a year crt.sh
trex.meds.se
DigiCert SHA2 Extended Validation Server CA		 2019-02-07 -
2021-02-24		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
Frame ID: AA9592EFC6AABE5AB1593E600E4633FA
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://c.apitalonebank.com/ Page URL
  2. http://c.apitalonebank.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5ODk... HTTP 302
    https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsIn... Page URL
  3. https://api.apientry.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=... HTTP 302
    https://api.apientry.com/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu Page URL
  4. https://se-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1598952822767&.sig=LXxrxi4zKURYYTsR4aMm0i9KoOo-&affi... HTTP 307
    https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b7598... Page URL
  5. https://se-go.kelkoogroup.net/redirect?country=se&k=612f7a9541cd6ea61eb554c0e4cff437590d239e4f9781bbc6226a... HTTP 303
    https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaig... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

13
Requests

92 %
HTTPS

29 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

502 kB
Transfer

907 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://c.apitalonebank.com/ Page URL
  2. http://c.apitalonebank.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5ODk2MDAyMCwiaWF0IjoxNTk4OTUyODIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb285dTdqcDc3OW9jNmIyOWcwaWxhMjMiLCJuYmYiOjE1OTg5NTI4MjAsInRzIjoxNTk4OTUyODIwOTQ4MTEwfQ.ztNMwyTSXCUfBPciuil869Es3M8IHdLm5Zy_HO7fRNk&sid=388ce956-ec36-11ea-8d3d-edd0bb6daa78 HTTP 302
    https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG9uZWJhbmsuY29tIn0.z-sQ0IJ1aFKL4E_cuXAVIHbQVSOuzpadhkg1Hblplv0 Page URL
  3. https://api.apientry.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=8278144681&visitorIPAddress=46.253.202.164&forceOPENMerchant=14333713&smart=true&sourcePlatform=tonic&cpc=0.003&source=514e696a373f60162f035445&campaignName=RON-SE-DESKTOP-Normalize%20klk-96957619&geo=SE&clickId=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r.1598952821.da5b85870f34e83d057ebf75dfa48516&match=ron&device=desktop&browser=chrome&os=macintosh&long_campaign_id=5d592fb0a8c69e0f6c42b19e&isRON=true HTTP 302
    https://api.apientry.com/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu Page URL
  4. https://se-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1598952822767&.sig=LXxrxi4zKURYYTsR4aMm0i9KoOo-&affiliationId=96957619&catId=133301&comId=100457501&contextLevel=1&contextOfferPosition=49&contextPageSize=50&country=se&ecs=ok&merchantid=100457501&offerId=fc476283580545084e3583d19227dc0a&searchId=1076992048058_1598952822698_16564&searchQuery=&service=5&wait=true&custom1=8278144681&custom2=a~r-3240txXDyzRwCBqH4iR0ixPP%7C%7Cdt~2020-09-01%7C%7Cs~514e696a373f60162f035445%7C%7Ck~100457501%7C%7Ch~09&addedParams=true HTTP 307
    https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef54ecd218a54e93b637bd3e6c4b94dc94dc9d6f0a09129f1ff86ffeb8edd95da15fa1017c0fb864521393b2286f636c5c894c4adca5567c9f68263a29a0105f9e1642a9d9f461ad64fdd79c6dbf83cf4c09f1805bbc9d7c07bf0aaf4c2f5df21e938090d8515c3f3496fa3846797176c3e59652ffd9b933e77d3153adc1c4df4fd3380cb6555228dd6423ba03d8dd151bbac1581532659158cb954e685fd6096b5d140fe2ab25f3535a2eb7da2155a62374b0bd22fd214517886523fafa88bd58d5b3ab869c34d5c439221a6297fc494df7a5dc2fb119bf717fd2119fd564fe1b2749a36ccfcaf217222a79f5379a3622197ec2a72c0156544ee043f0323997bf51c50db517ffbd844e6afa0ae70ee58d85abe7156edd63e4edfedddb7a1adb83a83137403d56a4d46e050a6e8bb5f484b606ad790caeb4a4fb62d2be23c5974652d9670d9a2f6afedf43449b8feb8d9bc2b6eb73a72ce279637b22fa2d1604cff7073a9bbfe9191e437352d930139ea1faa0e46725f888ed09658a7a3777f373efa69a2c2f5f8b2c58219069a6d6f6138ce8e7a0351751475f257d4450eae04dec269a11238ac934949968f16c74147009ae5df4fde57bfe8412ddad9332d118cc4acd80a58ed900f63e76d14a5252d8b20718593&o= Page URL
  5. https://se-go.kelkoogroup.net/redirect?country=se&k=612f7a9541cd6ea61eb554c0e4cff437590d239e4f9781bbc6226a0fc6446f3905ff61d5b01d81916c3ba017ea31f77f3ac892a6901d3ff485bb3fa0ccbed9071274f793bc3ba040b2876e62761a8300c888b9d73ec5ce086d80503ea4365ddf11d44b790e58be0bd304b81664ab88422722460154ca104a0643d850be311c7c2d64a3caa3b6313953f2e09e83de4babae8bbcc20d87ce46518c6f79725ac125399ae79e257a62e108ac88602239dc931bc490dacfee283c268647f6c6cadad05de7af48cf3469facd641d2baaf09eae935acd5a78f3e61308dabd5acf947d35c27406bf4dea3aa3&leadId=dc1-kls-prod-silo-01.prod.dc1.kelkoo.net_1598952823315_136748&clickId=107698238_1598952823246_21693&url=https%3A%2F%2Fwww.meds.se%2Fnuxe-melting-shower-gel-200ml%3Futm_source%3Dkelkoose%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DNuxe%2BMelting%2BShower%2BGel%2B200ml&initiator=timeout HTTP 303
    https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://c.apitalonebank.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5ODk2MDAyMCwiaWF0IjoxNTk4OTUyODIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb285dTdqcDc3OW9jNmIyOWcwaWxhMjMiLCJuYmYiOjE1OTg5NTI4MjAsInRzIjoxNTk4OTUyODIwOTQ4MTEwfQ.ztNMwyTSXCUfBPciuil869Es3M8IHdLm5Zy_HO7fRNk&sid=388ce956-ec36-11ea-8d3d-edd0bb6daa78 HTTP 302
  • https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG9uZWJhbmsuY29tIn0.z-sQ0IJ1aFKL4E_cuXAVIHbQVSOuzpadhkg1Hblplv0
Request Chain 4
  • https://api.apientry.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=8278144681&visitorIPAddress=46.253.202.164&forceOPENMerchant=14333713&smart=true&sourcePlatform=tonic&cpc=0.003&source=514e696a373f60162f035445&campaignName=RON-SE-DESKTOP-Normalize%20klk-96957619&geo=SE&clickId=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r.1598952821.da5b85870f34e83d057ebf75dfa48516&match=ron&device=desktop&browser=chrome&os=macintosh&long_campaign_id=5d592fb0a8c69e0f6c42b19e&isRON=true HTTP 302
  • https://api.apientry.com/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu
Request Chain 5
  • https://se-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1598952822767&.sig=LXxrxi4zKURYYTsR4aMm0i9KoOo-&affiliationId=96957619&catId=133301&comId=100457501&contextLevel=1&contextOfferPosition=49&contextPageSize=50&country=se&ecs=ok&merchantid=100457501&offerId=fc476283580545084e3583d19227dc0a&searchId=1076992048058_1598952822698_16564&searchQuery=&service=5&wait=true&custom1=8278144681&custom2=a~r-3240txXDyzRwCBqH4iR0ixPP%7C%7Cdt~2020-09-01%7C%7Cs~514e696a373f60162f035445%7C%7Ck~100457501%7C%7Ch~09&addedParams=true HTTP 307
  • https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef54ecd218a54e93b637bd3e6c4b94dc94dc9d6f0a09129f1ff86ffeb8edd95da15fa1017c0fb864521393b2286f636c5c894c4adca5567c9f68263a29a0105f9e1642a9d9f461ad64fdd79c6dbf83cf4c09f1805bbc9d7c07bf0aaf4c2f5df21e938090d8515c3f3496fa3846797176c3e59652ffd9b933e77d3153adc1c4df4fd3380cb6555228dd6423ba03d8dd151bbac1581532659158cb954e685fd6096b5d140fe2ab25f3535a2eb7da2155a62374b0bd22fd214517886523fafa88bd58d5b3ab869c34d5c439221a6297fc494df7a5dc2fb119bf717fd2119fd564fe1b2749a36ccfcaf217222a79f5379a3622197ec2a72c0156544ee043f0323997bf51c50db517ffbd844e6afa0ae70ee58d85abe7156edd63e4edfedddb7a1adb83a83137403d56a4d46e050a6e8bb5f484b606ad790caeb4a4fb62d2be23c5974652d9670d9a2f6afedf43449b8feb8d9bc2b6eb73a72ce279637b22fa2d1604cff7073a9bbfe9191e437352d930139ea1faa0e46725f888ed09658a7a3777f373efa69a2c2f5f8b2c58219069a6d6f6138ce8e7a0351751475f257d4450eae04dec269a11238ac934949968f16c74147009ae5df4fde57bfe8412ddad9332d118cc4acd80a58ed900f63e76d14a5252d8b20718593&o=
Request Chain 13
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload HTTP 302
  • https://assets.hcaptcha.com/captcha/v1/31d8c84/hcaptcha.js

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
c.apitalonebank.com/ 		475 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
http://c.apitalonebank.com/
Protocol
HTTP/1.1
Server
212.32.237.90 Hoofddorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
c.apitalonebank.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
475
content-type
text/html; charset=utf-8
date
Tue, 01 Sep 2020 09:33:40 GMT
server
nginx
set-cookie
sid=388ce956-ec36-11ea-8d3d-edd0bb6daa78; path=/; domain=.apitalonebank.com; expires=Sun, 19 Sep 2088 12:47:47 GMT; max-age=2147483647; HttpOnly
tr
sarah.ttnrd.com/
Redirect Chain
  • http://c.apitalonebank.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5ODk2MDAyMCwiaWF0IjoxNTk4OTUyODIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb285dTdqcDc3OW9jNmIyOWcwa...
  • https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG9uZWJhbmsuY29tIn0.z-sQ0IJ1aFKL4E_cuXAVIHbQVSOuzpadhkg1Hblplv0
Requested by
Host: c.apitalonebank.com
URL: http://c.apitalonebank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.40.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-40-232.compute-1.amazonaws.com
Software
/
Resource Hash
c888f95d2f5eb7655c531d50416cd136a72cc1c2b228983369131ea2859f0fe2

Request headers

:method
GET
:authority
sarah.ttnrd.com
:scheme
https
:path
/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG9uZWJhbmsuY29tIn0.z-sQ0IJ1aFKL4E_cuXAVIHbQVSOuzpadhkg1Hblplv0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://c.apitalonebank.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://c.apitalonebank.com/

Response headers

status
200
date
Tue, 01 Sep 2020 09:33:41 GMT
content-type
text/html; charset=utf-8
content-length
2152
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
set-cookie
checkme=20a5e64ed86042478f1a457470bf500db789; Path=/

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Tue, 01 Sep 2020 09:33:40 GMT
location
https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG9uZWJhbmsuY29tIn0.z-sQ0IJ1aFKL4E_cuXAVIHbQVSOuzpadhkg1Hblplv0
server
nginx
set-cookie
sid=388ce956-ec36-11ea-8d3d-edd0bb6daa78; path=/; domain=.apitalonebank.com; expires=Sun, 19 Sep 2088 12:47:48 GMT; max-age=2147483647; HttpOnly
ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by
Host: sarah.ttnrd.com
URL: https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG9uZWJhbmsuY29tIn0.z-sQ0IJ1aFKL4E_cuXAVIHbQVSOuzpadhkg1Hblplv0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.40.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 01 Sep 2020 09:33:43 GMT
Last-Modified
Fri, 12 Aug 2016 15:23:54 GMT
Server
AmazonS3
x-amz-request-id
9C3AB0959CB56CE0
ETag
"dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
6820
x-amz-id-2
JKbnCi4eIjuo2jz7FJs+CzCdfHkoEo972/WVw4cwNWtd+vLTncBPsnbcGuWDuZ96Rwie3A4utUY=
trx
sarah.ttnrd.com/ 		553 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sarah.ttnrd.com/trx?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&confirm=20a5e64ed86042478f1a457470bf500d&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Fc.apitalonebank.com%2F&reftaken=feed&refEqual=true
Requested by
Host: sarah.ttnrd.com
URL: https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG9uZWJhbmsuY29tIn0.z-sQ0IJ1aFKL4E_cuXAVIHbQVSOuzpadhkg1Hblplv0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.40.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-40-232.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 01 Sep 2020 09:33:42 GMT
referrer-policy
no-referrer
content-type
text/html; charset=utf-8
x-robots-tag
noindex, nofollow
content-length
553
p3p
CP="CUR NOI NID STA STP"
hybrid-web
api.apientry.com/v1/
Redirect Chain
  • https://api.apientry.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=8278144681&visitorIPAddress=46.253.202.164&force...
  • https://api.apientry.com/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu
1 KB
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.apientry.com/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu
Requested by
Host: sarah.ttnrd.com
URL: https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG9uZWJhbmsuY29tIn0.z-sQ0IJ1aFKL4E_cuXAVIHbQVSOuzpadhkg1Hblplv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd8ee6654427839bc4cd09a83b964d1c431c5f4ef3412a6006220d81666ee73a

Request headers

:method
GET
:authority
api.apientry.com
:scheme
https
:path
/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d2ed90a31d105a61f7bf84ee2ecefb5601598952822
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sarah.ttnrd.com/tr?id=010bd1f8b1fa38a202e369ecf25bd1d4346d9f1eaa.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA5MDEwOTMzIiwiZCI6ImFwaXRhbG9uZWJhbmsuY29tIn0.z-sQ0IJ1aFKL4E_cuXAVIHbQVSOuzpadhkg1Hblplv0

Response headers

status
200
date
Tue, 01 Sep 2020 09:33:43 GMT
content-type
text/html; charset=utf-8
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-api-version
3.5.5
x-request-id
9tdbkgl137k0s242s0rnk986amc292fj
cf-cache-status
DYNAMIC
cf-request-id
04ea9ceea5000005e9e612c200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5cbdfdc439bc05e9-FRA
content-encoding
br

Redirect headers

status
302
date
Tue, 01 Sep 2020 09:33:42 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d2ed90a31d105a61f7bf84ee2ecefb5601598952822; expires=Thu, 01-Oct-20 09:33:42 GMT; path=/; domain=.apientry.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
location
/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu
x-api-version
3.5.5
x-request-id
elg9eqd5uer2nn77974o7pbldem0dhkn
cf-cache-status
DYNAMIC
cf-request-id
04ea9ceda0000005e9e611b200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5cbdfdc29ccb05e9-FRA
Cookie set go
se-go.kelkoogroup.net/
Redirect Chain
  • https://se-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1598952822767&.sig=LXxrxi4zKURYYTsR4aMm0i9KoOo-&affiliationId=96957619&catId=133301&comId=100457501&contextLevel=1&contextOfferPosition=49&cont...
  • https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef...
25 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef54ecd218a54e93b637bd3e6c4b94dc94dc9d6f0a09129f1ff86ffeb8edd95da15fa1017c0fb864521393b2286f636c5c894c4adca5567c9f68263a29a0105f9e1642a9d9f461ad64fdd79c6dbf83cf4c09f1805bbc9d7c07bf0aaf4c2f5df21e938090d8515c3f3496fa3846797176c3e59652ffd9b933e77d3153adc1c4df4fd3380cb6555228dd6423ba03d8dd151bbac1581532659158cb954e685fd6096b5d140fe2ab25f3535a2eb7da2155a62374b0bd22fd214517886523fafa88bd58d5b3ab869c34d5c439221a6297fc494df7a5dc2fb119bf717fd2119fd564fe1b2749a36ccfcaf217222a79f5379a3622197ec2a72c0156544ee043f0323997bf51c50db517ffbd844e6afa0ae70ee58d85abe7156edd63e4edfedddb7a1adb83a83137403d56a4d46e050a6e8bb5f484b606ad790caeb4a4fb62d2be23c5974652d9670d9a2f6afedf43449b8feb8d9bc2b6eb73a72ce279637b22fa2d1604cff7073a9bbfe9191e437352d930139ea1faa0e46725f888ed09658a7a3777f373efa69a2c2f5f8b2c58219069a6d6f6138ce8e7a0351751475f257d4450eae04dec269a11238ac934949968f16c74147009ae5df4fde57bfe8412ddad9332d118cc4acd80a58ed900f63e76d14a5252d8b20718593&o=
Requested by
Host: api.apientry.com
URL: https://api.apientry.com/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-go-vip.kelkoo.com
Software
/
Resource Hash
8de8470854244cc578d985a0f752489e791a53eac1631dca4a0907547c51d48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
se-go.kelkoogroup.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://api.apientry.com/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
referer=https%3A%2F%2Fapi.apientry.com%2Fv1%2Fhybrid-web%3Fq%3Dcl3odlzdiew47zwicfk6eg2vyu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://api.apientry.com/v1/hybrid-web?q=cl3odlzdiew47zwicfk6eg2vyu

Response headers

Date
Tue, 01 Sep 2020 09:33:43 GMT
leadId
dc1-kls-prod-silo-01.prod.dc1.kelkoo.net_1598952823315_136748
clickId
107698238_1598952823246_21693
country
se
Request-Time
6
X-Robots-Tag
noindex,nofollow
Referrer-Policy
unsafe-url
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Content-Type
text/html; charset=UTF-8
Content-Length
25143
Set-Cookie
kelkooID=a4c62e8-1744903da13-1638f; Max-Age=31536000; Expires=Wed, 01 Sep 2021 09:33:43 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly lastSearchedKeyword=a3dkPU51eGUgTWVsdGluZyBTaG93ZXIgR2VsIDIwMG1sfHRzPTE1OTg5NTI4MjMzMTZ8Y2F0SWQ9MTMzMzAxfGNvbUlkPTEwMDQ1NzUwMQ==; Max-Age=31536000; Expires=Wed, 01 Sep 2021 09:33:43 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P
CP="Anything"
ApacheTracking
localhost
Keep-Alive
timeout=40, max=93
Connection
Keep-Alive

Redirect headers

Date
Tue, 01 Sep 2020 09:33:43 GMT
clickId
107698238_1598952823246_21693
country
se
Location
/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef54ecd218a54e93b637bd3e6c4b94dc94dc9d6f0a09129f1ff86ffeb8edd95da15fa1017c0fb864521393b2286f636c5c894c4adca5567c9f68263a29a0105f9e1642a9d9f461ad64fdd79c6dbf83cf4c09f1805bbc9d7c07bf0aaf4c2f5df21e938090d8515c3f3496fa3846797176c3e59652ffd9b933e77d3153adc1c4df4fd3380cb6555228dd6423ba03d8dd151bbac1581532659158cb954e685fd6096b5d140fe2ab25f3535a2eb7da2155a62374b0bd22fd214517886523fafa88bd58d5b3ab869c34d5c439221a6297fc494df7a5dc2fb119bf717fd2119fd564fe1b2749a36ccfcaf217222a79f5379a3622197ec2a72c0156544ee043f0323997bf51c50db517ffbd844e6afa0ae70ee58d85abe7156edd63e4edfedddb7a1adb83a83137403d56a4d46e050a6e8bb5f484b606ad790caeb4a4fb62d2be23c5974652d9670d9a2f6afedf43449b8feb8d9bc2b6eb73a72ce279637b22fa2d1604cff7073a9bbfe9191e437352d930139ea1faa0e46725f888ed09658a7a3777f373efa69a2c2f5f8b2c58219069a6d6f6138ce8e7a0351751475f257d4450eae04dec269a11238ac934949968f16c74147009ae5df4fde57bfe8412ddad9332d118cc4acd80a58ed900f63e76d14a5252d8b20718593&o=
Request-Time
1
X-Robots-Tag
noindex,nofollow
Referrer-Policy
unsafe-url
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Content-Length
0
Set-Cookie
referer=https%3A%2F%2Fapi.apientry.com%2Fv1%2Fhybrid-web%3Fq%3Dcl3odlzdiew47zwicfk6eg2vyu; Max-Age=31536000; Expires=Wed, 01 Sep 2021 09:33:43 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P
CP="Anything"
ApacheTracking
localhost
Keep-Alive
timeout=40, max=99
Connection
Keep-Alive
Content-Type
text/plain
p.png
se-go.kelkoogroup.net/assets/images/ 		68 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://se-go.kelkoogroup.net/assets/images/p.png?country=se&k=612f7a9541cd6ea61eb554c0e4cff437590d239e4f9781bbc6226a0fc6446f3905ff61d5b01d81916c3ba017ea31f77f3ac892a6901d3ff485bb3fa0ccbed9071274f793bc3ba040b2876e62761a8300c888b9d73ec5ce086d80503ea4365ddf11d44b790e58be0bd304b81664ab88422722460154ca104a0643d850be311c7c2d64a3caa3b6313953f2e09e83de4babae8bbcc20d87ce46518c6f79725ac125399ae79e257a62e108ac88602239dc931bc490dacfee283c268647f6c6cadad05de7af48cf3469facd641d2baaf09eae935acd5a78f3e61308dabd5acf947d35c27406bf4dea3aa3&leadId=dc1-kls-prod-silo-01.prod.dc1.kelkoo.net_1598952823315_136748&clickId=107698238_1598952823246_21693
Requested by
Host: se-go.kelkoogroup.net
URL: https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef54ecd218a54e93b637bd3e6c4b94dc94dc9d6f0a09129f1ff86ffeb8edd95da15fa1017c0fb864521393b2286f636c5c894c4adca5567c9f68263a29a0105f9e1642a9d9f461ad64fdd79c6dbf83cf4c09f1805bbc9d7c07bf0aaf4c2f5df21e938090d8515c3f3496fa3846797176c3e59652ffd9b933e77d3153adc1c4df4fd3380cb6555228dd6423ba03d8dd151bbac1581532659158cb954e685fd6096b5d140fe2ab25f3535a2eb7da2155a62374b0bd22fd214517886523fafa88bd58d5b3ab869c34d5c439221a6297fc494df7a5dc2fb119bf717fd2119fd564fe1b2749a36ccfcaf217222a79f5379a3622197ec2a72c0156544ee043f0323997bf51c50db517ffbd844e6afa0ae70ee58d85abe7156edd63e4edfedddb7a1adb83a83137403d56a4d46e050a6e8bb5f484b606ad790caeb4a4fb62d2be23c5974652d9670d9a2f6afedf43449b8feb8d9bc2b6eb73a72ce279637b22fa2d1604cff7073a9bbfe9191e437352d930139ea1faa0e46725f888ed09658a7a3777f373efa69a2c2f5f8b2c58219069a6d6f6138ce8e7a0351751475f257d4450eae04dec269a11238ac934949968f16c74147009ae5df4fde57bfe8412ddad9332d118cc4acd80a58ed900f63e76d14a5252d8b20718593&o=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-go-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef54ecd218a54e93b637bd3e6c4b94dc94dc9d6f0a09129f1ff86ffeb8edd95da15fa1017c0fb864521393b2286f636c5c894c4adca5567c9f68263a29a0105f9e1642a9d9f461ad64fdd79c6dbf83cf4c09f1805bbc9d7c07bf0aaf4c2f5df21e938090d8515c3f3496fa3846797176c3e59652ffd9b933e77d3153adc1c4df4fd3380cb6555228dd6423ba03d8dd151bbac1581532659158cb954e685fd6096b5d140fe2ab25f3535a2eb7da2155a62374b0bd22fd214517886523fafa88bd58d5b3ab869c34d5c439221a6297fc494df7a5dc2fb119bf717fd2119fd564fe1b2749a36ccfcaf217222a79f5379a3622197ec2a72c0156544ee043f0323997bf51c50db517ffbd844e6afa0ae70ee58d85abe7156edd63e4edfedddb7a1adb83a83137403d56a4d46e050a6e8bb5f484b606ad790caeb4a4fb62d2be23c5974652d9670d9a2f6afedf43449b8feb8d9bc2b6eb73a72ce279637b22fa2d1604cff7073a9bbfe9191e437352d930139ea1faa0e46725f888ed09658a7a3777f373efa69a2c2f5f8b2c58219069a6d6f6138ce8e7a0351751475f257d4450eae04dec269a11238ac934949968f16c74147009ae5df4fde57bfe8412ddad9332d118cc4acd80a58ed900f63e76d14a5252d8b20718593&o=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ApacheTracking
localhost
Date
Tue, 01 Sep 2020 09:33:43 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
0
P3P
CP="Anything"
Connection
Keep-Alive
Content-Length
68
X-XSS-Protection
1; mode=block
Referrer-Policy
unsafe-url
ETag
"abef500f7606dbac9cd1835ba482f1abe32612dd"
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
private, must-revalidate
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=40, max=100
Expires
Wed, 01 Sep 2021 08:27:45 GMT
Primary Request nuxe-melting-shower-gel-200ml
www.meds.se/
Redirect Chain
  • https://se-go.kelkoogroup.net/redirect?country=se&k=612f7a9541cd6ea61eb554c0e4cff437590d239e4f9781bbc6226a0fc6446f3905ff61d5b01d81916c3ba017ea31f77f3ac892a6901d3ff485bb3fa0ccbed9071274f793bc3ba040b...
  • https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
499 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
Requested by
Host: se-go.kelkoogroup.net
URL: https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef54ecd218a54e93b637bd3e6c4b94dc94dc9d6f0a09129f1ff86ffeb8edd95da15fa1017c0fb864521393b2286f636c5c894c4adca5567c9f68263a29a0105f9e1642a9d9f461ad64fdd79c6dbf83cf4c09f1805bbc9d7c07bf0aaf4c2f5df21e938090d8515c3f3496fa3846797176c3e59652ffd9b933e77d3153adc1c4df4fd3380cb6555228dd6423ba03d8dd151bbac1581532659158cb954e685fd6096b5d140fe2ab25f3535a2eb7da2155a62374b0bd22fd214517886523fafa88bd58d5b3ab869c34d5c439221a6297fc494df7a5dc2fb119bf717fd2119fd564fe1b2749a36ccfcaf217222a79f5379a3622197ec2a72c0156544ee043f0323997bf51c50db517ffbd844e6afa0ae70ee58d85abe7156edd63e4edfedddb7a1adb83a83137403d56a4d46e050a6e8bb5f484b606ad790caeb4a4fb62d2be23c5974652d9670d9a2f6afedf43449b8feb8d9bc2b6eb73a72ce279637b22fa2d1604cff7073a9bbfe9191e437352d930139ea1faa0e46725f888ed09658a7a3777f373efa69a2c2f5f8b2c58219069a6d6f6138ce8e7a0351751475f257d4450eae04dec269a11238ac934949968f16c74147009ae5df4fde57bfe8412ddad9332d118cc4acd80a58ed900f63e76d14a5252d8b20718593&o=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3bf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72463a77b0c6cf5090e100c53ac19560f4e56b5aca18126d3d00205c8de820c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.meds.se
:scheme
https
:path
/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef54ecd218a54e93b637bd3e6c4b94dc94dc9d6f0a09129f1ff86ffeb8edd95da15fa1017c0fb864521393b2286f636c5c894c4adca5567c9f68263a29a0105f9e1642a9d9f461ad64fdd79c6dbf83cf4c09f1805bbc9d7c07bf0aaf4c2f5df21e938090d8515c3f3496fa3846797176c3e59652ffd9b933e77d3153adc1c4df4fd3380cb6555228dd6423ba03d8dd151bbac1581532659158cb954e685fd6096b5d140fe2ab25f3535a2eb7da2155a62374b0bd22fd214517886523fafa88bd58d5b3ab869c34d5c439221a6297fc494df7a5dc2fb119bf717fd2119fd564fe1b2749a36ccfcaf217222a79f5379a3622197ec2a72c0156544ee043f0323997bf51c50db517ffbd844e6afa0ae70ee58d85abe7156edd63e4edfedddb7a1adb83a83137403d56a4d46e050a6e8bb5f484b606ad790caeb4a4fb62d2be23c5974652d9670d9a2f6afedf43449b8feb8d9bc2b6eb73a72ce279637b22fa2d1604cff7073a9bbfe9191e437352d930139ea1faa0e46725f888ed09658a7a3777f373efa69a2c2f5f8b2c58219069a6d6f6138ce8e7a0351751475f257d4450eae04dec269a11238ac934949968f16c74147009ae5df4fde57bfe8412ddad9332d118cc4acd80a58ed900f63e76d14a5252d8b20718593&o=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://se-go.kelkoogroup.net/go?country=se&k=35ccdb24a8092a530c42eb01f781076b2075b5c1aa4d05339aea6a2b75988ecc743bb6c4f875bd4422293b2f960d54d015669073adf42e1ec11922ada5605649bd391ba2df2ff42914b96ef54ecd218a54e93b637bd3e6c4b94dc94dc9d6f0a09129f1ff86ffeb8edd95da15fa1017c0fb864521393b2286f636c5c894c4adca5567c9f68263a29a0105f9e1642a9d9f461ad64fdd79c6dbf83cf4c09f1805bbc9d7c07bf0aaf4c2f5df21e938090d8515c3f3496fa3846797176c3e59652ffd9b933e77d3153adc1c4df4fd3380cb6555228dd6423ba03d8dd151bbac1581532659158cb954e685fd6096b5d140fe2ab25f3535a2eb7da2155a62374b0bd22fd214517886523fafa88bd58d5b3ab869c34d5c439221a6297fc494df7a5dc2fb119bf717fd2119fd564fe1b2749a36ccfcaf217222a79f5379a3622197ec2a72c0156544ee043f0323997bf51c50db517ffbd844e6afa0ae70ee58d85abe7156edd63e4edfedddb7a1adb83a83137403d56a4d46e050a6e8bb5f484b606ad790caeb4a4fb62d2be23c5974652d9670d9a2f6afedf43449b8feb8d9bc2b6eb73a72ce279637b22fa2d1604cff7073a9bbfe9191e437352d930139ea1faa0e46725f888ed09658a7a3777f373efa69a2c2f5f8b2c58219069a6d6f6138ce8e7a0351751475f257d4450eae04dec269a11238ac934949968f16c74147009ae5df4fde57bfe8412ddad9332d118cc4acd80a58ed900f63e76d14a5252d8b20718593&o=

Response headers

status
403
date
Tue, 01 Sep 2020 09:33:43 GMT
content-type
text/html; charset=UTF-8
cf-chl-bypass
1
set-cookie
__cfduid=d0eb1ed22b7497729eba938793eb8e6fb1598952823; expires=Thu, 01-Oct-20 09:33:43 GMT; path=/; domain=.meds.se; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options
SAMEORIGIN
cf-request-id
04ea9cf3870000060945a32200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5cbdfdcc0a080609-FRA
content-encoding
br

Redirect headers

Date
Tue, 01 Sep 2020 09:33:43 GMT
leadId
dc1-kls-prod-silo-01.prod.dc1.kelkoo.net_1598952823315_136748
clickId
107698238_1598952823246_21693
country
se
Location
https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
Request-Time
0
X-Robots-Tag
noindex,nofollow
Referrer-Policy
unsafe-url
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Content-Length
0
P3P
CP="Anything"
ApacheTracking
localhost
Keep-Alive
timeout=40, max=99
Connection
Keep-Alive
Content-Type
text/plain
v1
www.meds.se/cdn-cgi/challenge-platform/orchestrate/captcha/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meds.se/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Requested by
Host: www.meds.se
URL: https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3bf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17c2c2ab3947f36d815bdf23d9048ac140c3f802ee30515812d373775bfb9f5c

Request headers

Referer
https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Sep 2020 09:33:43 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cf-ray
5cbdfdccac000609-FRA
cf-request-id
04ea9cf3eb0000060945a3b200000001
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
423ce5f12fa2e4ec1ab4fe5b0a10e09fa90d0c0d18687ff854a73875badc85dd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
transparent.gif
www.meds.se/cdn-cgi/images/trace/captcha/nojs/h/ 		42 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.meds.se/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=5cbdfdcc0a080609
Requested by
Host: www.meds.se
URL: https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3bf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Sep 2020 09:33:43 GMT
last-modified
Wed, 26 Aug 2020 10:03:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f463379-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5cbdfdccbc220609-FRA
content-length
42
cf-request-id
04ea9cf3f00000060945a3d200000001
expires
Tue, 01 Sep 2020 11:33:43 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8a223e6c9fe800ecbacdb513dc8a37d690bff2fa93e96b0de70da16a59eacfd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		117 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c18f329e25dd39a04256d7d2778d8926fe9c8777b82105d6444a40e0c57874b

Request headers

Origin
https://www.meds.se
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/vnd.ms-opentype;charset=binary
truncated
/ 		121 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1e4fe1fc6cb20df0c07d5740f847923d957ce81b436ae9b013d730397116d7b

Request headers

Origin
https://www.meds.se
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/vnd.ms-opentype;charset=binary
hcaptcha.js
assets.hcaptcha.com/captcha/v1/31d8c84/
Redirect Chain
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
  • https://assets.hcaptcha.com/captcha/v1/31d8c84/hcaptcha.js
62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/31d8c84/hcaptcha.js
Requested by
Host: www.meds.se
URL: https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48a3d5ae592f32d01a2b3d5768d2584f820013d8283efd43396011ca34fad41a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Sep 2020 09:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
7742
cf-polished
origSize=63828
status
200
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
58E5E9CB951089C3
x-amz-id-2
wCtqnKwBuyTuGo5m4yOWqYfZQLvPDJjR6B27vSVcfzB86D72bLxDaGoZ9HTWuP7jIp3f1rThA4M=
last-modified
Mon, 31 Aug 2020 23:36:59 GMT
server
cloudflare
etag
W/"1c8448fbcec12802063b255596764869"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600
cf-request-id
04ea9cf51d00000d3ae39f5200000001
cf-ray
5cbdfdce98150d3a-ARN
cf-bgj
minify

Redirect headers

date
Tue, 01 Sep 2020 09:33:43 GMT
x-content-type-options
nosniff
server
cloudflare
status
302
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://assets.hcaptcha.com/captcha/v1/31d8c84/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
5cbdfdcd8dcd0d3a-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04ea9cf47500000d3ae39e6200000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
ebcb5de0e9fd55c
www.meds.se/cdn-cgi/challenge-platform/generate/ov1/0.5916586734226705:1598951580:14e1db884974552ea1eb2a5ab0523098631ce29c60bda8eae496b0c79e22af4e/5cbdfdcc0a080609/ 		34 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.meds.se/cdn-cgi/challenge-platform/generate/ov1/0.5916586734226705:1598951580:14e1db884974552ea1eb2a5ab0523098631ce29c60bda8eae496b0c79e22af4e/5cbdfdcc0a080609/ebcb5de0e9fd55c
Requested by
Host: www.meds.se
URL: https://www.meds.se/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3bf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23238c2fe174df298a6e1d79906ff9e89f0a45dc1900ec4febbfe001e0e4634f

Request headers

Referer
https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
ebcb5de0e9fd55c
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 01 Sep 2020 09:33:43 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5cbdfdcd1d280609-FRA
cf-request-id
04ea9cf42e0000060945a43200000001
truncated
/ 		202 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f44c15203942d0d0e793fe51794b1ed41399318bd9a9aa48733e6846931c1c00

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
ebcb5de0e9fd55c
www.meds.se/cdn-cgi/challenge-platform/generate/ov1/0.5916586734226705:1598951580:14e1db884974552ea1eb2a5ab0523098631ce29c60bda8eae496b0c79e22af4e/5cbdfdcc0a080609/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.meds.se/cdn-cgi/challenge-platform/generate/ov1/0.5916586734226705:1598951580:14e1db884974552ea1eb2a5ab0523098631ce29c60bda8eae496b0c79e22af4e/5cbdfdcc0a080609/ebcb5de0e9fd55c
Requested by
Host: www.meds.se
URL: https://www.meds.se/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3bf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1193ddd8906920dadb3281186c8715fa2baed266269b6b04b5cf88cf841928a4

Request headers

Referer
https://www.meds.se/nuxe-melting-shower-gel-200ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Nuxe+Melting+Shower+Gel+200ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
ebcb5de0e9fd55c
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 01 Sep 2020 09:33:44 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5cbdfdceda600609-FRA
cf-request-id
04ea9cf5420000060945a57200000001

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _cf_chl_opt function| _cf_chl_enter function| a function| b function| _cf_chl_hload function| sendRequest boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx function| _ number| oqc object| hcaptcha object| grecaptcha boolean| _cf_chl_hloaded object| button

2 Cookies

Domain/Path Name / Value
www.meds.se/ Name: cf_chl_prog
Value: a8
.meds.se/ Name: __cfduid
Value: d0eb1ed22b7497729eba938793eb8e6fb1598952823