Submitted URL: http://capitaloneemployment.com/
Effective URL: https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_ter...
Submission: On August 17 via api from US

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 15 HTTP transactions. The main IP is 2606:4700:10::6814:3af0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.meds.se.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 7th 2019. Valid for: 2 years.
This is the only time www.meds.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.32.237.91 60781 (LEASEWEB-...)
2 3.90.125.85 14618 (AMAZON-AES)
1 52.218.62.235 16509 (AMAZON-02)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 4 95.211.116.27 60781 (LEASEWEB-...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 4 104.18.27.20 13335 (CLOUDFLAR...)
15 8
Domain Requested by
5 www.meds.se se-go.kelkoogroup.net
www.meds.se
4 se-go.kelkoogroup.net 2 redirects backend.newlgy.com
se-go.kelkoogroup.net
3 assets.hcaptcha.com www.meds.se
hcaptcha.com
2 backend.newlgy.com 1 redirects sarah.ttnrd.com
2 sarah.ttnrd.com capitaloneemployment.com
sarah.ttnrd.com
2 capitaloneemployment.com 1 redirects
1 hcaptcha.com 1 redirects
1 s3-eu-west-1.amazonaws.com sarah.ttnrd.com
15 8

This site contains no links.

Subject Issuer Validity Valid
ttnrd.com
Amazon
2019-12-11 -
2021-01-11
a year crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2019-11-09 -
2020-12-10
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-17 -
2021-07-17
a year crt.sh
*.kelkoogroup.net
DigiCert SHA2 Secure Server CA
2020-07-29 -
2021-10-06
a year crt.sh
trex.meds.se
DigiCert SHA2 Extended Validation Server CA
2019-02-07 -
2021-02-24
2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
Frame ID: 299D0C419B715689C7D8D597C7709F92
Requests: 17 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-challenge.html
Frame ID: 6F0BA81BD60078EA517E9AC3061EC6A4
Requests: 1 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-checkbox.html
Frame ID: 736FD57F33C322F31BEDC26193BDF152
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://capitaloneemployment.com/ Page URL
  2. http://capitaloneemployment.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5NzY... HTTP 302
    https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsIn... Page URL
  3. https://backend.newlgy.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=... HTTP 302
    https://backend.newlgy.com/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji Page URL
  4. https://se-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1597661371725&.sig=winysKWXPgkylVoi4Q5WlvP.ORs-&affi... HTTP 307
    https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f92... Page URL
  5. https://se-go.kelkoogroup.net/redirect?country=se&k=612f7a9541cd6ea61eb554c0e4cff437590d239e4f9781bb50fd86... HTTP 303
    https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

15
Requests

93 %
HTTPS

29 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

503 kB
Transfer

918 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capitaloneemployment.com/ Page URL
  2. http://capitaloneemployment.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5NzY2ODU2OSwiaWF0IjoxNTk3NjYxMzY5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb20waDM4bW45YTUyMm1iNmcwMWRzYWYiLCJuYmYiOjE1OTc2NjEzNjksInRzIjoxNTk3NjYxMzY5ODc0MzM2fQ.jGAwzry2WQwKlDrVVXuGSlu4t4y7KXIQi-o1HROjM7A&sid=53b996cc-e077-11ea-8b02-edd04d51ef8c HTTP 302
    https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YWxvbmVlbXBsb3ltZW50LmNvbSJ9.VDAN1QoKeGmTnbcjv9mPlIZ47dr_gZfvVUf6pEUMLkM Page URL
  3. https://backend.newlgy.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=8278144681&visitorIPAddress=46.253.202.164&forceOPENMerchant=14333713&smart=true&sourcePlatform=tonic&cpc=0.003&source=5e31e9d6432dbc5fcc55d324&campaignName=RON-SE-DESKTOP-Normalize%20klk-96957619&geo=SE&clickId=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r.1597661370.dac658bca3974387952103f240263103&match=ron&device=desktop&browser=chrome&os=macintosh&long_campaign_id=5d592fb0a8c69e0f6c42b19e&isRON=true HTTP 302
    https://backend.newlgy.com/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji Page URL
  4. https://se-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1597661371725&.sig=winysKWXPgkylVoi4Q5WlvP.ORs-&affiliationId=96957619&catId=133301&comId=100457501&contextLevel=1&contextOfferPosition=47&contextPageSize=50&country=se&ecs=ok&merchantid=100457501&offerId=3f7300051b4682037df3aaba97e0c714&searchId=10769819929069_1597661371692_23710&searchQuery=&service=5&wait=true&custom1=8278144681&custom2=a~r-mxC5tXfZssssp6ub9AI7awOh%7C%7Cdt~2020-08-17%7C%7Cs~5e31e9d6432dbc5fcc55d324%7C%7Ck~100457501%7C%7Ch~10&addedParams=true HTTP 307
    https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd5007aff220e47ecb9fe45eed5ac102be684d57a64655ce50b8043d71527caf54883ad22297828a73b5a9d11dbbafdc0bdded221c7cea041dc6453e297b07b81078972cc6884f51a354f8d6a04cdf24ffe2199cf4b8381ddada3b041dcef524d57cc321906ce470027af1157cdd5d6923259bf5b02f83f778c6ab96444812024b218468f4ad673fd1acd4abadf106dd600c1a2359758d9f655b4298dd0d30e9003382e63b3c9d52b998f09b8ac7674cf5db194ecd6217fe0c8e6034045c2970f811662bd993110265a3281e8ddb50be536c1218962382a4cb7965a2c6199967f9e2360e752e71169636c6602abb80654a04aac09e62e0a4581bd7379d1d33513fcad360eba67af3c1f8857afe160c12d6a39b5e27944d23da6b0035b8c5e4fb074edeaae1930d21dee159be390d5f50fbc9c9f96dc4208ce6f7409fc4c3a2f915a4910a4dbded0db0ca06e3828a12bcba1f78f931748bee46b258b706be4322910c4c34b70775f90de245b27d7f54eedb4257376c9e4c7cf241cc680c6fbbd17e3c8e7a16b30dbd691ef8a44ecd237566631f6ebb5d10a9283060d62aa12fe1999da239277afbaec9ea240d566288adfbb26a1ae8b7e9f2ee3bbd7ed1eafeac1f50f09dec0bb4cb101f7c66cb929b92831f0e133cb&o= Page URL
  5. https://se-go.kelkoogroup.net/redirect?country=se&k=612f7a9541cd6ea61eb554c0e4cff437590d239e4f9781bb50fd86e4de8bb5626bba031dc6cc0130ee13d3bb675bd00ee0b3cd2ee146e9d1bbffab504e4d9085e1aad3dcbd32c3b13a9dafb43c4aac1c0e011be42c200db09cda42b4bde3e1481e4f3d8b551a3abbf41fa6167a1e29933cc6e65a3a9156cdadef77ce7442fbfd8ea35d3c1494acc677538c3e22be390c1a829c01356a340480df0199946452e24eea9026b521ea9dc15f79461a9e158bf49ea15ae312029e5a36eedc4f2793fdaa7054710145a4c15dc6aa80c0f7e8f68a2a7f8f1506febb9559067b38d692ede6252be1b3d071c4&leadId=dc1-kls-prod-srv-04.prod.dc1.kelkoo.net_1597661372407_81872&clickId=107698238_1597661372335_83955&url=https%3A%2F%2Fwww.meds.se%2Fpixi-clarity-cleanser-135-ml%3Futm_source%3Dkelkoose%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPixi%2BClarity%2BCleanser%2B135%2Bml&initiator=timeout HTTP 303
    https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://capitaloneemployment.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5NzY2ODU2OSwiaWF0IjoxNTk3NjYxMzY5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb20waDM4bW45YTUyMm1iNmcwMWRzYWYiLCJuYmYiOjE1OTc2NjEzNjksInRzIjoxNTk3NjYxMzY5ODc0MzM2fQ.jGAwzry2WQwKlDrVVXuGSlu4t4y7KXIQi-o1HROjM7A&sid=53b996cc-e077-11ea-8b02-edd04d51ef8c HTTP 302
  • https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YWxvbmVlbXBsb3ltZW50LmNvbSJ9.VDAN1QoKeGmTnbcjv9mPlIZ47dr_gZfvVUf6pEUMLkM
Request Chain 4
  • https://backend.newlgy.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=8278144681&visitorIPAddress=46.253.202.164&forceOPENMerchant=14333713&smart=true&sourcePlatform=tonic&cpc=0.003&source=5e31e9d6432dbc5fcc55d324&campaignName=RON-SE-DESKTOP-Normalize%20klk-96957619&geo=SE&clickId=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r.1597661370.dac658bca3974387952103f240263103&match=ron&device=desktop&browser=chrome&os=macintosh&long_campaign_id=5d592fb0a8c69e0f6c42b19e&isRON=true HTTP 302
  • https://backend.newlgy.com/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji
Request Chain 5
  • https://se-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1597661371725&.sig=winysKWXPgkylVoi4Q5WlvP.ORs-&affiliationId=96957619&catId=133301&comId=100457501&contextLevel=1&contextOfferPosition=47&contextPageSize=50&country=se&ecs=ok&merchantid=100457501&offerId=3f7300051b4682037df3aaba97e0c714&searchId=10769819929069_1597661371692_23710&searchQuery=&service=5&wait=true&custom1=8278144681&custom2=a~r-mxC5tXfZssssp6ub9AI7awOh%7C%7Cdt~2020-08-17%7C%7Cs~5e31e9d6432dbc5fcc55d324%7C%7Ck~100457501%7C%7Ch~10&addedParams=true HTTP 307
  • https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd5007aff220e47ecb9fe45eed5ac102be684d57a64655ce50b8043d71527caf54883ad22297828a73b5a9d11dbbafdc0bdded221c7cea041dc6453e297b07b81078972cc6884f51a354f8d6a04cdf24ffe2199cf4b8381ddada3b041dcef524d57cc321906ce470027af1157cdd5d6923259bf5b02f83f778c6ab96444812024b218468f4ad673fd1acd4abadf106dd600c1a2359758d9f655b4298dd0d30e9003382e63b3c9d52b998f09b8ac7674cf5db194ecd6217fe0c8e6034045c2970f811662bd993110265a3281e8ddb50be536c1218962382a4cb7965a2c6199967f9e2360e752e71169636c6602abb80654a04aac09e62e0a4581bd7379d1d33513fcad360eba67af3c1f8857afe160c12d6a39b5e27944d23da6b0035b8c5e4fb074edeaae1930d21dee159be390d5f50fbc9c9f96dc4208ce6f7409fc4c3a2f915a4910a4dbded0db0ca06e3828a12bcba1f78f931748bee46b258b706be4322910c4c34b70775f90de245b27d7f54eedb4257376c9e4c7cf241cc680c6fbbd17e3c8e7a16b30dbd691ef8a44ecd237566631f6ebb5d10a9283060d62aa12fe1999da239277afbaec9ea240d566288adfbb26a1ae8b7e9f2ee3bbd7ed1eafeac1f50f09dec0bb4cb101f7c66cb929b92831f0e133cb&o=
Request Chain 13
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload HTTP 302
  • https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
capitaloneemployment.com/
480 B
848 B
Document
General
Full URL
http://capitaloneemployment.com/
Protocol
HTTP/1.1
Server
212.32.237.91 Hoofddorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
capitaloneemployment.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
480
content-type
text/html; charset=utf-8
date
Mon, 17 Aug 2020 10:49:29 GMT
server
nginx
set-cookie
sid=53b996cc-e077-11ea-8b02-edd04d51ef8c; path=/; domain=.capitaloneemployment.com; expires=Sat, 04 Sep 2088 14:03:36 GMT; max-age=2147483647; HttpOnly
tr
sarah.ttnrd.com/
Redirect Chain
  • http://capitaloneemployment.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5NzY2ODU2OSwiaWF0IjoxNTk3NjYxMzY5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb20waDM4bW45YTUyMm1i...
  • https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YW...
2 KB
2 KB
Document
General
Full URL
https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YWxvbmVlbXBsb3ltZW50LmNvbSJ9.VDAN1QoKeGmTnbcjv9mPlIZ47dr_gZfvVUf6pEUMLkM
Requested by
Host: capitaloneemployment.com
URL: http://capitaloneemployment.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.125.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-125-85.compute-1.amazonaws.com
Software
/
Resource Hash
0339f15dd7fbcc5efc46433f1c146a7b2f3a48b5a5c180f13d82be267369ed4d

Request headers

:method
GET
:authority
sarah.ttnrd.com
:scheme
https
:path
/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YWxvbmVlbXBsb3ltZW50LmNvbSJ9.VDAN1QoKeGmTnbcjv9mPlIZ47dr_gZfvVUf6pEUMLkM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://capitaloneemployment.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://capitaloneemployment.com/

Response headers

status
200
date
Mon, 17 Aug 2020 10:49:30 GMT
content-type
text/html; charset=utf-8
content-length
2169
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
set-cookie
checkme=7f7901f3ff588da6ef4602f5da857db1b789; Path=/

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Mon, 17 Aug 2020 10:49:29 GMT
location
https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YWxvbmVlbXBsb3ltZW50LmNvbSJ9.VDAN1QoKeGmTnbcjv9mPlIZ47dr_gZfvVUf6pEUMLkM
server
nginx
set-cookie
sid=53b996cc-e077-11ea-8b02-edd04d51ef8c; path=/; domain=.capitaloneemployment.com; expires=Sat, 04 Sep 2088 14:03:37 GMT; max-age=2147483647; HttpOnly
ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/
7 KB
7 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by
Host: sarah.ttnrd.com
URL: https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YWxvbmVlbXBsb3ltZW50LmNvbSJ9.VDAN1QoKeGmTnbcjv9mPlIZ47dr_gZfvVUf6pEUMLkM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.62.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 17 Aug 2020 10:49:32 GMT
Last-Modified
Fri, 12 Aug 2016 15:23:54 GMT
Server
AmazonS3
x-amz-request-id
8060856291889843
ETag
"dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
6820
x-amz-id-2
H6xJjCkf2+b1IiGBDiaRC8qZFbnoaDgNyBQMSPRo/+Gxtn9sC+M0L3qHV+8Mugqarelp6DihAhc=
trx
sarah.ttnrd.com/
555 B
706 B
XHR
General
Full URL
https://sarah.ttnrd.com/trx?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&confirm=7f7901f3ff588da6ef4602f5da857db1&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Fcapitaloneemployment.com%2F&reftaken=feed&refEqual=true
Requested by
Host: sarah.ttnrd.com
URL: https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YWxvbmVlbXBsb3ltZW50LmNvbSJ9.VDAN1QoKeGmTnbcjv9mPlIZ47dr_gZfvVUf6pEUMLkM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.125.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-125-85.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 17 Aug 2020 10:49:31 GMT
referrer-policy
no-referrer
content-type
text/html; charset=utf-8
x-robots-tag
noindex, nofollow
content-length
555
p3p
CP="CUR NOI NID STA STP"
hybrid-web
backend.newlgy.com/v1/
Redirect Chain
  • https://backend.newlgy.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=8278144681&visitorIPAddress=46.253.202.164&for...
  • https://backend.newlgy.com/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji
1 KB
735 B
Document
General
Full URL
https://backend.newlgy.com/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji
Requested by
Host: sarah.ttnrd.com
URL: https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YWxvbmVlbXBsb3ltZW50LmNvbSJ9.VDAN1QoKeGmTnbcjv9mPlIZ47dr_gZfvVUf6pEUMLkM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4432 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aef4efd78e8dc10214bb50369c989d8ddbb1d3d15669e899824d01f96fc1858

Request headers

:method
GET
:authority
backend.newlgy.com
:scheme
https
:path
/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d25c72da53d8a9efea944fd06e45175011597661371
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sarah.ttnrd.com/tr?id=01f6ccef530fa272e882cfc260c706a715fd43d3a1.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA4MTcxMDQ5IiwiZCI6ImNhcGl0YWxvbmVlbXBsb3ltZW50LmNvbSJ9.VDAN1QoKeGmTnbcjv9mPlIZ47dr_gZfvVUf6pEUMLkM

Response headers

status
200
date
Mon, 17 Aug 2020 10:49:32 GMT
content-type
text/html; charset=utf-8
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-api-version
3.5.3
x-request-id
h4rel1ts8jousd9al1m5ereigjmq83ah
cf-cache-status
DYNAMIC
cf-request-id
049da2f42900001f555ca65200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c42d4337e571f55-FRA
content-encoding
br

Redirect headers

status
302
date
Mon, 17 Aug 2020 10:49:31 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d25c72da53d8a9efea944fd06e45175011597661371; expires=Wed, 16-Sep-20 10:49:31 GMT; path=/; domain=.newlgy.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
location
/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji
x-api-version
3.5.3
x-request-id
udsvriiik06m45cfkujut89qdaufpkg5
cf-cache-status
DYNAMIC
cf-request-id
049da2f32500001f555ca53200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c42d431da861f55-FRA
Cookie set go
se-go.kelkoogroup.net/
Redirect Chain
  • https://se-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1597661371725&.sig=winysKWXPgkylVoi4Q5WlvP.ORs-&affiliationId=96957619&catId=133301&comId=100457501&contextLevel=1&contextOfferPosition=47&cont...
  • https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd...
25 KB
26 KB
Document
General
Full URL
https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd5007aff220e47ecb9fe45eed5ac102be684d57a64655ce50b8043d71527caf54883ad22297828a73b5a9d11dbbafdc0bdded221c7cea041dc6453e297b07b81078972cc6884f51a354f8d6a04cdf24ffe2199cf4b8381ddada3b041dcef524d57cc321906ce470027af1157cdd5d6923259bf5b02f83f778c6ab96444812024b218468f4ad673fd1acd4abadf106dd600c1a2359758d9f655b4298dd0d30e9003382e63b3c9d52b998f09b8ac7674cf5db194ecd6217fe0c8e6034045c2970f811662bd993110265a3281e8ddb50be536c1218962382a4cb7965a2c6199967f9e2360e752e71169636c6602abb80654a04aac09e62e0a4581bd7379d1d33513fcad360eba67af3c1f8857afe160c12d6a39b5e27944d23da6b0035b8c5e4fb074edeaae1930d21dee159be390d5f50fbc9c9f96dc4208ce6f7409fc4c3a2f915a4910a4dbded0db0ca06e3828a12bcba1f78f931748bee46b258b706be4322910c4c34b70775f90de245b27d7f54eedb4257376c9e4c7cf241cc680c6fbbd17e3c8e7a16b30dbd691ef8a44ecd237566631f6ebb5d10a9283060d62aa12fe1999da239277afbaec9ea240d566288adfbb26a1ae8b7e9f2ee3bbd7ed1eafeac1f50f09dec0bb4cb101f7c66cb929b92831f0e133cb&o=
Requested by
Host: backend.newlgy.com
URL: https://backend.newlgy.com/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-go-vip.kelkoo.com
Software
/
Resource Hash
7f25888455e808d598889a75ab725511481699873df42bafb1414b3882ca125d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
se-go.kelkoogroup.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://backend.newlgy.com/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
referer=https%3A%2F%2Fbackend.newlgy.com%2Fv1%2Fhybrid-web%3Fq%3Deklcjlxvyjqidzhjwaudkneeji
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://backend.newlgy.com/v1/hybrid-web?q=eklcjlxvyjqidzhjwaudkneeji

Response headers

Date
Mon, 17 Aug 2020 10:49:32 GMT
leadId
dc1-kls-prod-srv-04.prod.dc1.kelkoo.net_1597661372407_81872
clickId
107698238_1597661372335_83955
country
se
sentToLG
false
Request-Time
8
X-Robots-Tag
noindex,nofollow
Referrer-Policy
unsafe-url
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Content-Type
text/html; charset=UTF-8
Content-Length
25109
Set-Cookie
kelkooID=a4c6224-173fc09dff7-c138; Max-Age=31536000; Expires=Tue, 17 Aug 2021 10:49:32 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly lastSearchedKeyword=a3dkPVBpeGkgQ2xhcml0eSBDbGVhbnNlciAxMzUgbWx8dHM9MTU5NzY2MTM3MjQwOXxjYXRJZD0xMzMzMDF8Y29tSWQ9MTAwNDU3NTAx; Max-Age=31536000; Expires=Tue, 17 Aug 2021 10:49:32 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P
CP="Anything"
ApacheTracking
localhost
Keep-Alive
timeout=40, max=80
Connection
Keep-Alive

Redirect headers

Date
Mon, 17 Aug 2020 10:49:32 GMT
clickId
107698238_1597661372335_83955
country
se
Location
/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd5007aff220e47ecb9fe45eed5ac102be684d57a64655ce50b8043d71527caf54883ad22297828a73b5a9d11dbbafdc0bdded221c7cea041dc6453e297b07b81078972cc6884f51a354f8d6a04cdf24ffe2199cf4b8381ddada3b041dcef524d57cc321906ce470027af1157cdd5d6923259bf5b02f83f778c6ab96444812024b218468f4ad673fd1acd4abadf106dd600c1a2359758d9f655b4298dd0d30e9003382e63b3c9d52b998f09b8ac7674cf5db194ecd6217fe0c8e6034045c2970f811662bd993110265a3281e8ddb50be536c1218962382a4cb7965a2c6199967f9e2360e752e71169636c6602abb80654a04aac09e62e0a4581bd7379d1d33513fcad360eba67af3c1f8857afe160c12d6a39b5e27944d23da6b0035b8c5e4fb074edeaae1930d21dee159be390d5f50fbc9c9f96dc4208ce6f7409fc4c3a2f915a4910a4dbded0db0ca06e3828a12bcba1f78f931748bee46b258b706be4322910c4c34b70775f90de245b27d7f54eedb4257376c9e4c7cf241cc680c6fbbd17e3c8e7a16b30dbd691ef8a44ecd237566631f6ebb5d10a9283060d62aa12fe1999da239277afbaec9ea240d566288adfbb26a1ae8b7e9f2ee3bbd7ed1eafeac1f50f09dec0bb4cb101f7c66cb929b92831f0e133cb&o=
Request-Time
1
X-Robots-Tag
noindex,nofollow
Referrer-Policy
unsafe-url
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Content-Length
0
Set-Cookie
referer=https%3A%2F%2Fbackend.newlgy.com%2Fv1%2Fhybrid-web%3Fq%3Deklcjlxvyjqidzhjwaudkneeji; Max-Age=31536000; Expires=Tue, 17 Aug 2021 10:49:32 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P
CP="Anything"
ApacheTracking
localhost
Keep-Alive
timeout=40, max=96
Connection
Keep-Alive
Content-Type
text/plain
p.png
se-go.kelkoogroup.net/assets/images/
68 B
618 B
Image
General
Full URL
https://se-go.kelkoogroup.net/assets/images/p.png?country=se&k=612f7a9541cd6ea61eb554c0e4cff437590d239e4f9781bb50fd86e4de8bb5626bba031dc6cc0130ee13d3bb675bd00ee0b3cd2ee146e9d1bbffab504e4d9085e1aad3dcbd32c3b13a9dafb43c4aac1c0e011be42c200db09cda42b4bde3e1481e4f3d8b551a3abbf41fa6167a1e29933cc6e65a3a9156cdadef77ce7442fbfd8ea35d3c1494acc677538c3e22be390c1a829c01356a340480df0199946452e24eea9026b521ea9dc15f79461a9e158bf49ea15ae312029e5a36eedc4f2793fdaa7054710145a4c15dc6aa80c0f7e8f68a2a7f8f1506febb9559067b38d692ede6252be1b3d071c4&leadId=dc1-kls-prod-srv-04.prod.dc1.kelkoo.net_1597661372407_81872&clickId=107698238_1597661372335_83955
Requested by
Host: se-go.kelkoogroup.net
URL: https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd5007aff220e47ecb9fe45eed5ac102be684d57a64655ce50b8043d71527caf54883ad22297828a73b5a9d11dbbafdc0bdded221c7cea041dc6453e297b07b81078972cc6884f51a354f8d6a04cdf24ffe2199cf4b8381ddada3b041dcef524d57cc321906ce470027af1157cdd5d6923259bf5b02f83f778c6ab96444812024b218468f4ad673fd1acd4abadf106dd600c1a2359758d9f655b4298dd0d30e9003382e63b3c9d52b998f09b8ac7674cf5db194ecd6217fe0c8e6034045c2970f811662bd993110265a3281e8ddb50be536c1218962382a4cb7965a2c6199967f9e2360e752e71169636c6602abb80654a04aac09e62e0a4581bd7379d1d33513fcad360eba67af3c1f8857afe160c12d6a39b5e27944d23da6b0035b8c5e4fb074edeaae1930d21dee159be390d5f50fbc9c9f96dc4208ce6f7409fc4c3a2f915a4910a4dbded0db0ca06e3828a12bcba1f78f931748bee46b258b706be4322910c4c34b70775f90de245b27d7f54eedb4257376c9e4c7cf241cc680c6fbbd17e3c8e7a16b30dbd691ef8a44ecd237566631f6ebb5d10a9283060d62aa12fe1999da239277afbaec9ea240d566288adfbb26a1ae8b7e9f2ee3bbd7ed1eafeac1f50f09dec0bb4cb101f7c66cb929b92831f0e133cb&o=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-go-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd5007aff220e47ecb9fe45eed5ac102be684d57a64655ce50b8043d71527caf54883ad22297828a73b5a9d11dbbafdc0bdded221c7cea041dc6453e297b07b81078972cc6884f51a354f8d6a04cdf24ffe2199cf4b8381ddada3b041dcef524d57cc321906ce470027af1157cdd5d6923259bf5b02f83f778c6ab96444812024b218468f4ad673fd1acd4abadf106dd600c1a2359758d9f655b4298dd0d30e9003382e63b3c9d52b998f09b8ac7674cf5db194ecd6217fe0c8e6034045c2970f811662bd993110265a3281e8ddb50be536c1218962382a4cb7965a2c6199967f9e2360e752e71169636c6602abb80654a04aac09e62e0a4581bd7379d1d33513fcad360eba67af3c1f8857afe160c12d6a39b5e27944d23da6b0035b8c5e4fb074edeaae1930d21dee159be390d5f50fbc9c9f96dc4208ce6f7409fc4c3a2f915a4910a4dbded0db0ca06e3828a12bcba1f78f931748bee46b258b706be4322910c4c34b70775f90de245b27d7f54eedb4257376c9e4c7cf241cc680c6fbbd17e3c8e7a16b30dbd691ef8a44ecd237566631f6ebb5d10a9283060d62aa12fe1999da239277afbaec9ea240d566288adfbb26a1ae8b7e9f2ee3bbd7ed1eafeac1f50f09dec0bb4cb101f7c66cb929b92831f0e133cb&o=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ApacheTracking
localhost
Date
Mon, 17 Aug 2020 10:49:32 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
0
P3P
CP="Anything"
Connection
Keep-Alive
Content-Length
68
X-XSS-Protection
1; mode=block
Referrer-Policy
unsafe-url
ETag
"56be5e3a14d7c554cf89de2ffd0b80269532a778"
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
private, must-revalidate
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=40, max=97
Expires
Tue, 17 Aug 2021 07:15:19 GMT
Primary Request pixi-clarity-cleanser-135-ml
www.meds.se/
Redirect Chain
  • https://se-go.kelkoogroup.net/redirect?country=se&k=612f7a9541cd6ea61eb554c0e4cff437590d239e4f9781bb50fd86e4de8bb5626bba031dc6cc0130ee13d3bb675bd00ee0b3cd2ee146e9d1bbffab504e4d9085e1aad3dcbd32c3b13...
  • https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
499 KB
187 KB
Document
General
Full URL
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
Requested by
Host: se-go.kelkoogroup.net
URL: https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd5007aff220e47ecb9fe45eed5ac102be684d57a64655ce50b8043d71527caf54883ad22297828a73b5a9d11dbbafdc0bdded221c7cea041dc6453e297b07b81078972cc6884f51a354f8d6a04cdf24ffe2199cf4b8381ddada3b041dcef524d57cc321906ce470027af1157cdd5d6923259bf5b02f83f778c6ab96444812024b218468f4ad673fd1acd4abadf106dd600c1a2359758d9f655b4298dd0d30e9003382e63b3c9d52b998f09b8ac7674cf5db194ecd6217fe0c8e6034045c2970f811662bd993110265a3281e8ddb50be536c1218962382a4cb7965a2c6199967f9e2360e752e71169636c6602abb80654a04aac09e62e0a4581bd7379d1d33513fcad360eba67af3c1f8857afe160c12d6a39b5e27944d23da6b0035b8c5e4fb074edeaae1930d21dee159be390d5f50fbc9c9f96dc4208ce6f7409fc4c3a2f915a4910a4dbded0db0ca06e3828a12bcba1f78f931748bee46b258b706be4322910c4c34b70775f90de245b27d7f54eedb4257376c9e4c7cf241cc680c6fbbd17e3c8e7a16b30dbd691ef8a44ecd237566631f6ebb5d10a9283060d62aa12fe1999da239277afbaec9ea240d566288adfbb26a1ae8b7e9f2ee3bbd7ed1eafeac1f50f09dec0bb4cb101f7c66cb929b92831f0e133cb&o=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3af0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b110a65a5210c726ce97413b2366fb31bb4668b5af1b83bba06dd81b6eaaa1c8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.meds.se
:scheme
https
:path
/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd5007aff220e47ecb9fe45eed5ac102be684d57a64655ce50b8043d71527caf54883ad22297828a73b5a9d11dbbafdc0bdded221c7cea041dc6453e297b07b81078972cc6884f51a354f8d6a04cdf24ffe2199cf4b8381ddada3b041dcef524d57cc321906ce470027af1157cdd5d6923259bf5b02f83f778c6ab96444812024b218468f4ad673fd1acd4abadf106dd600c1a2359758d9f655b4298dd0d30e9003382e63b3c9d52b998f09b8ac7674cf5db194ecd6217fe0c8e6034045c2970f811662bd993110265a3281e8ddb50be536c1218962382a4cb7965a2c6199967f9e2360e752e71169636c6602abb80654a04aac09e62e0a4581bd7379d1d33513fcad360eba67af3c1f8857afe160c12d6a39b5e27944d23da6b0035b8c5e4fb074edeaae1930d21dee159be390d5f50fbc9c9f96dc4208ce6f7409fc4c3a2f915a4910a4dbded0db0ca06e3828a12bcba1f78f931748bee46b258b706be4322910c4c34b70775f90de245b27d7f54eedb4257376c9e4c7cf241cc680c6fbbd17e3c8e7a16b30dbd691ef8a44ecd237566631f6ebb5d10a9283060d62aa12fe1999da239277afbaec9ea240d566288adfbb26a1ae8b7e9f2ee3bbd7ed1eafeac1f50f09dec0bb4cb101f7c66cb929b92831f0e133cb&o=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://se-go.kelkoogroup.net/go?country=se&k=c3aaced8e1936d1372e201f21776f354d9d09ff4611b140802a9192c8f924805a6cf574cf1fd748bedafabb789b934afee0f0bde9006ab889c53d03c1c23085b837822bdda694103e18dabd5007aff220e47ecb9fe45eed5ac102be684d57a64655ce50b8043d71527caf54883ad22297828a73b5a9d11dbbafdc0bdded221c7cea041dc6453e297b07b81078972cc6884f51a354f8d6a04cdf24ffe2199cf4b8381ddada3b041dcef524d57cc321906ce470027af1157cdd5d6923259bf5b02f83f778c6ab96444812024b218468f4ad673fd1acd4abadf106dd600c1a2359758d9f655b4298dd0d30e9003382e63b3c9d52b998f09b8ac7674cf5db194ecd6217fe0c8e6034045c2970f811662bd993110265a3281e8ddb50be536c1218962382a4cb7965a2c6199967f9e2360e752e71169636c6602abb80654a04aac09e62e0a4581bd7379d1d33513fcad360eba67af3c1f8857afe160c12d6a39b5e27944d23da6b0035b8c5e4fb074edeaae1930d21dee159be390d5f50fbc9c9f96dc4208ce6f7409fc4c3a2f915a4910a4dbded0db0ca06e3828a12bcba1f78f931748bee46b258b706be4322910c4c34b70775f90de245b27d7f54eedb4257376c9e4c7cf241cc680c6fbbd17e3c8e7a16b30dbd691ef8a44ecd237566631f6ebb5d10a9283060d62aa12fe1999da239277afbaec9ea240d566288adfbb26a1ae8b7e9f2ee3bbd7ed1eafeac1f50f09dec0bb4cb101f7c66cb929b92831f0e133cb&o=

Response headers

status
403
date
Mon, 17 Aug 2020 10:49:32 GMT
content-type
text/html; charset=UTF-8
cf-chl-bypass
1
set-cookie
__cfduid=d4b4ae2a0c1c8e13b317b74c14c030be01597661372; expires=Wed, 16-Sep-20 10:49:32 GMT; path=/; domain=.meds.se; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options
SAMEORIGIN
cf-request-id
049da2f989000017827d19b200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5c42d43c0c431782-FRA
content-encoding
br

Redirect headers

Date
Mon, 17 Aug 2020 10:49:32 GMT
leadId
dc1-kls-prod-srv-04.prod.dc1.kelkoo.net_1597661372407_81872
clickId
107698238_1597661372335_83955
country
se
Location
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
Request-Time
0
X-Robots-Tag
noindex,nofollow
Referrer-Policy
unsafe-url
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Content-Length
0
P3P
CP="Anything"
ApacheTracking
localhost
Keep-Alive
timeout=40, max=57
Connection
Keep-Alive
Content-Type
text/plain
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
423ce5f12fa2e4ec1ab4fe5b0a10e09fa90d0c0d18687ff854a73875badc85dd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
117 KB
117 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
https://www.meds.se
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/vnd.ms-opentype;charset=binary
truncated
/
121 KB
121 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
https://www.meds.se
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/vnd.ms-opentype;charset=binary
v1
www.meds.se/cdn-cgi/challenge-platform/orchestrate/captcha/
30 KB
10 KB
Script
General
Full URL
https://www.meds.se/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Requested by
Host: www.meds.se
URL: https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3af0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69aaba14beab9227bcb6f3a0b8d18b0b52094a8346e3fce694cd5f447e5a6fff

Request headers

Referer
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 17 Aug 2020 10:49:33 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cf-ray
5c42d43d5fda1782-FRA
cf-request-id
049da2fa57000017827d1b8200000001
transparent.gif
www.meds.se/cdn-cgi/images/trace/captcha/nojs/h/
42 B
238 B
Image
General
Full URL
https://www.meds.se/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=5c42d43c0c431782
Requested by
Host: www.meds.se
URL: https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3af0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 17 Aug 2020 10:49:33 GMT
last-modified
Wed, 12 Aug 2020 15:26:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f340a32-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5c42d43d5fdd1782-FRA
content-length
42
cf-request-id
049da2fa57000017827d1b9200000001
expires
Mon, 17 Aug 2020 12:49:33 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8a223e6c9fe800ecbacdb513dc8a37d690bff2fa93e96b0de70da16a59eacfd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
hcaptcha.js
assets.hcaptcha.com/captcha/v1/558182b/
Redirect Chain
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
  • https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js
62 KB
21 KB
Script
General
Full URL
https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js
Requested by
Host: www.meds.se
URL: https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23b3fb70919ee3c7f42c2a161dea8d1978c9cee5d398034b3ff8293826792bb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 17 Aug 2020 10:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
388039
cf-polished
origSize=63599
status
200
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
489DE42FCABEB6C4
x-amz-id-2
xAcrEDAMy9DxfdnMKTbfdb9U7OyQpVuGa0Cx+JbyV+eGvP5cZxS8cIjzl3lEfTbbLPkQO2/qp38=
last-modified
Mon, 10 Aug 2020 20:32:01 GMT
server
cloudflare
etag
W/"273f6ffcafc06e0f0ae6241755176c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600
cf-request-id
049da2fd270000169d5b28b200000001
cf-ray
5c42d441d92b169d-ARN
cf-bgj
minify

Redirect headers

date
Mon, 17 Aug 2020 10:49:33 GMT
x-content-type-options
nosniff
server
cloudflare
status
302
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://assets.hcaptcha.com/captcha/v1/558182b/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
5c42d43e7950169d-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
049da2fb060000169d5b25d200000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
73e1efd7f727851
www.meds.se/cdn-cgi/challenge-platform/generate/ov1/0.03948765520368832:1597658830:6e238abf4796ed5761b95e134a6706afaec8df0d6647694e730a87755637e7dd/5c42d43c0c431782/
43 KB
7 KB
XHR
General
Full URL
https://www.meds.se/cdn-cgi/challenge-platform/generate/ov1/0.03948765520368832:1597658830:6e238abf4796ed5761b95e134a6706afaec8df0d6647694e730a87755637e7dd/5c42d43c0c431782/73e1efd7f727851
Requested by
Host: www.meds.se
URL: https://www.meds.se/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3af0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed9bee416c2b2d37e8d7a4047cd7c9b1d7dc6271f6dd107ae7e53978b7c131d

Request headers

Referer
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
73e1efd7f727851
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 17 Aug 2020 10:49:33 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5c42d43e09f01782-FRA
cf-request-id
049da2fac2000017827d1be200000001
73e1efd7f727851
www.meds.se/cdn-cgi/challenge-platform/generate/ov1/0.03948765520368832:1597658830:6e238abf4796ed5761b95e134a6706afaec8df0d6647694e730a87755637e7dd/5c42d43c0c431782/
6 KB
2 KB
XHR
General
Full URL
https://www.meds.se/cdn-cgi/challenge-platform/generate/ov1/0.03948765520368832:1597658830:6e238abf4796ed5761b95e134a6706afaec8df0d6647694e730a87755637e7dd/5c42d43c0c431782/73e1efd7f727851
Requested by
Host: www.meds.se
URL: https://www.meds.se/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3af0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be9c611487331be2b08cb181626f41f5f7ddf7bab672bd6821c5ddc5a18f82

Request headers

Referer
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
73e1efd7f727851
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 17 Aug 2020 10:49:33 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5c42d441bbed1782-FRA
cf-request-id
049da2fd15000017827d1e7200000001
hcaptcha-challenge.html
assets.hcaptcha.com/captcha/v1/558182b/static/ Frame 6F0B
0
0
Document
General
Full URL
https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/558182b/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml

Response headers

status
200
date
Mon, 17 Aug 2020 10:49:34 GMT
content-type
text/html
set-cookie
__cfduid=d7b4bc7428627a193e428dcbaad95a2231597661374; expires=Wed, 16-Sep-20 10:49:34 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
iNFCjL7ihbisTfKEDPYuGE2VFvKY4bI0kcszlpEZhTR5gMw2B8pPXvBso0zmW495uOtKhTEbZ9A=
x-amz-request-id
3DC023E55D0613A1
cache-control
max-age=1209600
last-modified
Mon, 10 Aug 2020 20:32:01 GMT
cf-cache-status
DYNAMIC
cf-request-id
049da2fe7a0000169d5b2a3200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5c42d443fe52169d-ARN
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.html
assets.hcaptcha.com/captcha/v1/558182b/static/ Frame 736F
0
0
Document
General
Full URL
https://assets.hcaptcha.com/captcha/v1/558182b/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/558182b/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.meds.se/pixi-clarity-cleanser-135-ml?utm_source=kelkoose&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Pixi+Clarity+Cleanser+135+ml

Response headers

status
200
date
Mon, 17 Aug 2020 10:49:34 GMT
content-type
text/html
set-cookie
__cfduid=d7b4bc7428627a193e428dcbaad95a2231597661374; expires=Wed, 16-Sep-20 10:49:34 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
Nqgxfk/wxFp97wC4LOWBPVVHQ6kHLSFOgBQn48ZHjVyA8TiX0lJSVA4x0elqN3T5i/stsEf0PuE=
x-amz-request-id
020C21EB5F420CA8
cache-control
max-age=1209600
last-modified
Mon, 10 Aug 2020 20:32:02 GMT
cf-cache-status
DYNAMIC
cf-request-id
049da2fe7b0000169d5b2a4200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5c42d443fe5a169d-ARN
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _cf_chl_opt function| _cf_chl_enter function| a function| b function| sendRequest function| SHA256 function| _cf_chl_hload boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx function| _ number| rqvpmwm object| hcaptcha object| grecaptcha boolean| _cf_chl_hloaded

2 Cookies

Domain/Path Name / Value
www.meds.se/ Name: cf_chl_prog
Value: a17
.meds.se/ Name: __cfduid
Value: d4b4ae2a0c1c8e13b317b74c14c030be01597661372