nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGK...
Effective URL:
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00f...
Submission: On November 30 via api (November 30th 2024, 9:33:20 am UTC) from US — Scanned from NL

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 6 countries across 14 domains to perform 33 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is nl-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.

This is the only time nl-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	88.208.22.3 88.208.22.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2	45.13.225.41 45.13.225.41	58087 (FlorianKo...) (FlorianKolb Florian Kolb)
5	139.45.196.64 139.45.196.64	9002 (RETN-AS R...) (RETN-AS RETN Limited)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.23.222 104.18.23.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	104.18.22.222 104.18.22.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:310... 2606:4700:3108::ac42:28f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.53.88.18 52.53.88.18	16509 (AMAZON-02) (AMAZON-02)
4 6	3.73.249.248 3.73.249.248	16509 (AMAZON-02) (AMAZON-02)
1 1	3.66.53.110 3.66.53.110	16509 (AMAZON-02) (AMAZON-02)
1 2	18.202.86.139 18.202.86.139	16509 (AMAZON-02) (AMAZON-02)
5	95.211.116.26 95.211.116.26	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
2	3.161.82.116 3.161.82.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.66.83 65.9.66.83	16509 (AMAZON-02) (AMAZON-02)
1	3.125.247.22 3.125.247.22	16509 (AMAZON-02) (AMAZON-02)
33	16

2 88.208.22.3 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
PTR: mail.armadaboard.com

28880283-22554-ex.clibuceant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.13.225.41 (Germany)

ASN58087 (FlorianKolb Florian Kolb, DE)
PTR: 41.225.13.45.in-addr.arpa

redwingshere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)

gribeorlneka.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.23.222 (None, )

ASN13335 (CLOUDFLARENET, US)

taiwoudoastuph.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.22.222 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

taiwoudoastuph.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.share365.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.53.88.18 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-88-18.us-west-1.compute.amazonaws.com

www.shoptastic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.73.249.248 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com

clcktrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.53.110 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: portal-cockpit.noctemque.com

discountheld.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.86.139 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-86-139.eu-west-1.compute.amazonaws.com

r.bestadperf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com

nl-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.161.82.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-116.fra56.r.cloudfront.net

dd.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-83.fra56.r.cloudfront.net

ct.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.247.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com

geo.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	taiwoudoastuph.net 2 redirects taiwoudoastuph.net — Cisco Umbrella Rank: 326918	18 KB
7	kelkoogroup.net nl-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 296022	67 KB
6	clcktrck.com 4 redirects clcktrck.com — Cisco Umbrella Rank: 159985	3 KB
5	gribeorlneka.net gribeorlneka.net — Cisco Umbrella Rank: 634276	16 KB
2	captcha-delivery.com ct.captcha-delivery.com — Cisco Umbrella Rank: 30248 geo.captcha-delivery.com — Cisco Umbrella Rank: 23657	11 KB
2	bestadperf.com 1 redirects r.bestadperf.com — Cisco Umbrella Rank: 414917	3 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	2 KB
2	redwingshere.xyz redwingshere.xyz — Cisco Umbrella Rank: 220818	1 KB
2	clibuceant.com 1 redirects 28880283-22554-ex.clibuceant.com	4 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	556 B
1	discountheld.de 1 redirects discountheld.de — Cisco Umbrella Rank: 408461	2 KB
1	shoptastic.io www.shoptastic.io — Cisco Umbrella Rank: 279931	338 B
1	share365.net 1 redirects www.share365.net — Cisco Umbrella Rank: 481928	2 KB
0	google.com Failed ads.google.com Failed
33	14

	Domain	Requested by
9	taiwoudoastuph.net	2 redirects gribeorlneka.net taiwoudoastuph.net
6	clcktrck.com	4 redirects www.shoptastic.io
5	nl-go.kelkoogroup.net	r.bestadperf.com nl-go.kelkoogroup.net
5	gribeorlneka.net	gribeorlneka.net
2	dd.kelkoogroup.net	nl-go.kelkoogroup.net dd.kelkoogroup.net
2	r.bestadperf.com	1 redirects
2	my.rtmark.net	gribeorlneka.net taiwoudoastuph.net
2	redwingshere.xyz	28880283-22554-ex.clibuceant.com
2	28880283-22554-ex.clibuceant.com	1 redirects
1	geo.captcha-delivery.com	ct.captcha-delivery.com
1	ct.captcha-delivery.com	nl-go.kelkoogroup.net
1	www.google-analytics.com	nl-go.kelkoogroup.net
1	discountheld.de	1 redirects
1	www.shoptastic.io
1	www.share365.net	1 redirects
0	ads.google.com Failed	28880283-22554-ex.clibuceant.com
33	16

This site contains no links.

Subject Issuer	Validity	Valid
*.clibuceant.com R10	`2024-11-25` - `2025-02-23`	3 months	crt.sh
redwingshere.xyz E5	`2024-10-08` - `2025-01-06`	3 months	crt.sh
gribeorlneka.net R10	`2024-09-26` - `2024-12-25`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
taiwoudoastuph.net WE1	`2024-11-12` - `2025-02-10`	3 months	crt.sh
shoptastic.io Amazon RSA 2048 M03	`2024-10-06` - `2025-11-05`	a year	crt.sh
clcktrck.com E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
linksprf.com R11	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.kelkoogroup.net Thawte TLS RSA CA G1	`2024-09-26` - `2025-10-10`	a year	crt.sh
dd.kelkoogroup.net E6	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.captcha-delivery.com Amazon RSA 2048 M02	`2024-07-25` - `2025-08-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00fb40c661296805121a5c1c4dc52254d9a670e14ad3017753b9ce2a2676beb80fde83105c0412735d705e4273081e47af7da85ad01ed5ab3c95ac6b6d6c31facaff28dbecd2dc8cadf13841f6e0674a487f706da751f83cbe1df0bc625d75622d848bfc67e0217f6d02a0b6cad007289fe888b59961cd3c9c9e6c930722bf4b84351feacacf3d70ddaeabb07c154beeb7c8b375ad4040cedac9bd736efb9f4110d69ecae3d50612071886ac2e2820624abecd0f7c8478a3f058e6337fbca5273917daaa60f173402b96806653de4048e77c0506cc284cb59915a3cc39098712b21cd601693559549294a16454412df9064f71979a4389bf40ccbd10c&url=https%3A%2F%2Fpartner.conrad.nl%2Fc%3Fc%3D920%26m%3D1806756%26a%3D321679%26r%3D62A901JDY6NQDQP8WCJJFDEEESWRXG%26u%3Dhttps%253A%252F%252Fwww.conrad.nl%252Fgoto%252F%253Fproduct%253D2354010%2526WT.mc_id%253Daffiliates%253Atradetracker%253Afeed%253A2354010%2526experience%253Db2c&initiator=dd
Frame ID: C48398E71308B62A700AD230E551E5CD
Requests: 31 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMA7Y7g0OVAkUUAH8yWbQ%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=mwm1904DbS2MYIkYTh~Pt~WJzpS23STDj4lQpBgHej2F0H4DlgKKKcRZtIossv_5WBXofKeAxxWWK55DGQJIfF4rCHtCb4GPxGvr3ASICmbmKz27XlWTX6fszr0GmxeW&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00fb40c661296805121a5c1c4dc52254d9a670e14ad3017753b9ce2a2676beb80fde83105c0412735d705e4273081e47af7da85ad01ed5ab3c95ac6b6d6c31facaff28dbecd2dc8cadf13841f6e0674a487f706da751f83cbe1df0bc625d75622d848bfc67e0217f6d02a0b6cad007289fe888b59961cd3c9c9e6c930722bf4b84351feacacf3d70ddaeabb07c154beeb7c8b375ad4040cedac9bd736efb9f4110d69ecae3d50612071886ac2e2820624abecd0f7c8478a3f058e6337fbca5273917daaa60f173402b96806653de4048e77c0506cc284cb59915a3cc39098712b21cd601693559549294a16454412df9064f71979a4389bf40ccbd10c%26url%3Dhttps%253A%252F%252Fpartner.conrad.nl%252Fc%253Fc%253D920%2526m%253D1806756%2526a%253D321679%2526r%253D62A901JDY6NQDQP8WCJJFDEEESWRXG%2526u%253Dhttps%25253A%25252F%25252Fwww.conrad.nl%25252Fgoto%25252F%25253Fproduct%25253D2354010%252526WT.mc_id%25253Daffiliates%25253Atradetracker%25253Afeed%25253A2354010%252526experience%25253Db2c%26initiator%3Ddd&s=35103&e=d808ac5af4790ed8393617dfe35dcc1c3c641776ffcba04b1274a956c1a4821d&dm=cd
Frame ID: 4287C8A8D463AD064F083CF28C70FAF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_Xs... Page URL
https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_Xs... HTTP 307
https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM54fcEAABAAADCjq0nAQEoQIA4H8AkK3anQQAAQ... Page URL
https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083 Page URL
https://taiwoudoastuph.net/?z=7512770&syncedCookie=true&rhd=false HTTP 302
https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=886657730184753498&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/conrad-nl-nl-cpc?pubId=10440&subId=886657730184753498&country=NL&campa... Page URL
https://clcktrck.com/nl/s/red_u_plain.php?uid=277515794&t=direct&s=22235&pub=10440&d=conrad.nl HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2... HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... Page URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://r.bestadperf.com/v1/redirect?url=https%3A%2F%2Fconrad.nl&api_key=526ce45b25e1f6dcb86f05e8f2c9... HTTP 302
https://r.bestadperf.com/v2/go?t=2t8pc%3Aa%2F3l0g3.de5k1o6r2u4.5e3%2Fei%3DeIeurrhhoi.bsp1F3%259o7.2c9... Page URL
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliation... Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

33
Requests

94 %
HTTPS

12 %
IPv6

14
Domains

16
Subdomains

16
IPs

6
Countries

120 kB
Transfer

284 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGKcAIfSrVONcoD_MUT1nPMsMzaWpsD2g?kws=thisav&abl=0&fsb=0&pageUri=https%3A%2F%2Fcn.tube4.top%2Fv%2Fs%3A%2F%2Fthisav.com%2Fja%2Fvideo%2F130892%2Ft...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Page URL
https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGKcAIfSrVONcoD_MUT1nPMsMzaWpsD2g?kws=thisav&abl=0&fsb=0&pageUri=https%3A%2F%2Fcn.tube4.top%2Fv%2Fs%3A%2F%2Fthisav.com%2Fja%2Fvideo%2F130892%2Ft...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=https%3A%2F%2Fcn.tube4.top%2Fv%2Fs%3A%2F%2Fthisav.com%2Fja%2Fvideo%2F130892%2Ft...+312+...e%22%2C%22%5B%5D%22%5D&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2232%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Sat%20Nov%2030%202024%2010%3A33%3A15%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM54fcEAABAAADCjq0nAQEoQIA4H8AkK3anQQAAQ&subid2=1136039568 Page URL
https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083 Page URL
https://taiwoudoastuph.net/?z=7512770&syncedCookie=true&rhd=false HTTP 302
https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=886657730184753498&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/conrad-nl-nl-cpc?pubId=10440&subId=886657730184753498&country=NL&campaignid=8543943 Page URL
https://clcktrck.com/nl/s/red_u_plain.php?uid=277515794&t=direct&s=22235&pub=10440&d=conrad.nl HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeac8a12d8dfb1fd9b54c1494346672ad7eb59e030908e1aa3e542c1041529e53c36 HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5a7991746ab06a31a9e686e3c0bffadb3dd792229e29451e5ce10f376ded HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDhjMGQ2ZmM0YzUwY2I4N2FkMmY5ZjFjNzc3YjZlZDY2YWI5Y2Q3NzhjZWVjODUyZWI0NDFlYWQxOThmYWMwNmFjMTE5NzFjNTI4NzdjZTFlNjY4ZWNmNWEyMDQzYjg1MjY1MjMyZDQwOTVmNjcyZDAzMDFhMDA0MGY0OWVkZWFjYjU3ZDVhNzk5MTc0NmFiMDZhMzFhOWU2ODZlM2MwYmZmYWRiM2RkNzkyMjI5ZTI5NDUxZTVjZTEwZjM3NmRlZD9tPTE%253D HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5a7991746ab06a31a9e686e3c0bffadb3dd792229e29451e5ce10f376ded?m=1 Page URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5a7991746ab06a31a9e686e3c0bffadb3dd792229e29451e5ce10f376ded?m=2 HTTP 302
https://r.bestadperf.com/v1/redirect?url=https%3A%2F%2Fconrad.nl&api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=aec355e462c64185bda38033aacce8f2&type=url&source=discounthero.org&yk_tag=f9d48da2ccbcc81df36b12f2e8c0e909 HTTP 302
https://r.bestadperf.com/v2/go?t=2t8pc%3Aa%2F3l0g3.de5k1o6r2u4.5e3%2Fei%3DeIeurrhhoi.bsp1F3%259o7.2c9t1c.ci2%3DFe%25V3EsTt.hXrirufWRji5iOoNt-eanfcleayicnfda9T9e6s1l%26uo%26I9%3D20f503c24%26aobn0r4%3Dal7obf2r9dfa202f06040603%3D1Iecalarch1i9bdp4e%26re%3DrmhrdP1e7d1%260b5c6409551a34927-25840b562-6e6e%263e1vdcn%3Dk6t%26o3eeIi%3Dr8s349847d26_-3b94895f2-78_d3e212c3b0a6d0d%3DaIacsatsu4%26fuclfs7e9C6i6kcd4v1384801151a4%3D9I8ebfb%26dncy2t1uec6474e400812dbmpcb7i6h6r6r%3DfIioTtpi%3Dioft%26ns%26grVgNnYeheFe2%3DhtFpm%257A22_%25gFsl%26k3r9k8c5m227%26%3Dutl%3FsGecSabsdtasct5nep6ocg4o8lbkao8-3na%2Fcsetfh&s=https%3A%2F%2Fclcktrck.com%2F&e=1&ai=f9732946fe284c5481e8691045e09c14&sct=1&ct=1732959197447&cu=f9982bbb7dac4201bea647ce00f8229b&cs=f4a4a12046796f05c463d375ae8df308 Page URL
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliationId=96966617&comId=100543424&country=nl&offerId=aa05f1684861341ce6a6a9c71f9cdf44&searchId=107610035262035_1732957829830_52276864&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400012124f9982bbb7dac4201bea647ce00f8229b&publisherTrafficType=content&originReferer=https%3A%2F%2Fclcktrck.com%2F&publisherSubId=aec355e462c64185bda38033aacce8f2 Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00fb40c661296805121a5c1c4dc52254d9a670e14ad3017753b9ce2a2676beb80fde83105c0412735d705e4273081e47af7da85ad01ed5ab3c95ac6b6d6c31facaff28dbecd2dc8cadf13841f6e0674a487f706da751f83cbe1df0bc625d75622d848bfc67e0217f6d02a0b6cad007289fe888b59961cd3c9c9e6c930722bf4b84351feacacf3d70ddaeabb07c154beeb7c8b375ad4040cedac9bd736efb9f4110d69ecae3d50612071886ac2e2820624abecd0f7c8478a3f058e6337fbca5273917daaa60f173402b96806653de4048e77c0506cc284cb59915a3cc39098712b21cd601693559549294a16454412df9064f71979a4389bf40ccbd10c&url=https%3A%2F%2Fpartner.conrad.nl%2Fc%3Fc%3D920%26m%3D1806756%26a%3D321679%26r%3D62A901JDY6NQDQP8WCJJFDEEESWRXG%26u%3Dhttps%253A%252F%252Fwww.conrad.nl%252Fgoto%252F%253Fproduct%253D2354010%2526WT.mc_id%253Daffiliates%253Atradetracker%253Afeed%253A2354010%2526experience%253Db2c&initiator=dd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGKcAIfSrVONcoD_MUT1nPMsMzaWpsD2g?kws=thisav&abl=0&fsb=0&pageUri=https%3A%2F%2Fcn.tube4.top%2Fv%2Fs%3A%2F%2Fthisav.com%2Fja%2Fvideo%2F130892%2Ft...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=https%3A%2F%2Fcn.tube4.top%2Fv%2Fs%3A%2F%2Fthisav.com%2Fja%2Fvideo%2F130892%2Ft...+312+...e%22%2C%22%5B%5D%22%5D&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2232%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Sat%20Nov%2030%202024%2010%3A33%3A15%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM54fcEAABAAADCjq0nAQEoQIA4H8AkK3anQQAAQ&subid2=1136039568

Request Chain 10

https://taiwoudoastuph.net/?z=7512770&syncedCookie=true&rhd=false HTTP 302
https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Request Chain 17

https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=886657730184753498&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/conrad-nl-nl-cpc?pubId=10440&subId=886657730184753498&country=NL&campaignid=8543943

Request Chain 19

https://clcktrck.com/nl/s/red_u_plain.php?uid=277515794&t=direct&s=22235&pub=10440&d=conrad.nl HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeac8a12d8dfb1fd9b54c1494346672ad7eb59e030908e1aa3e542c1041529e53c36 HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5a7991746ab06a31a9e686e3c0bffadb3dd792229e29451e5ce10f376ded HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDhjMGQ2ZmM0YzUwY2I4N2FkMmY5ZjFjNzc3YjZlZDY2YWI5Y2Q3NzhjZWVjODUyZWI0NDFlYWQxOThmYWMwNmFjMTE5NzFjNTI4NzdjZTFlNjY4ZWNmNWEyMDQzYjg1MjY1MjMyZDQwOTVmNjcyZDAzMDFhMDA0MGY0OWVkZWFjYjU3ZDVhNzk5MTc0NmFiMDZhMzFhOWU2ODZlM2MwYmZmYWRiM2RkNzkyMjI5ZTI5NDUxZTVjZTEwZjM3NmRlZD9tPTE%253D HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5a7991746ab06a31a9e686e3c0bffadb3dd792229e29451e5ce10f376ded?m=1

Request Chain 20

https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5a7991746ab06a31a9e686e3c0bffadb3dd792229e29451e5ce10f376ded?m=2 HTTP 302
https://r.bestadperf.com/v1/redirect?url=https%3A%2F%2Fconrad.nl&api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=aec355e462c64185bda38033aacce8f2&type=url&source=discounthero.org&yk_tag=f9d48da2ccbcc81df36b12f2e8c0e909 HTTP 302
https://r.bestadperf.com/v2/go?t=2t8pc%3Aa%2F3l0g3.de5k1o6r2u4.5e3%2Fei%3DeIeurrhhoi.bsp1F3%259o7.2c9t1c.ci2%3DFe%25V3EsTt.hXrirufWRji5iOoNt-eanfcleayicnfda9T9e6s1l%26uo%26I9%3D20f503c24%26aobn0r4%3Dal7obf2r9dfa202f06040603%3D1Iecalarch1i9bdp4e%26re%3DrmhrdP1e7d1%260b5c6409551a34927-25840b562-6e6e%263e1vdcn%3Dk6t%26o3eeIi%3Dr8s349847d26_-3b94895f2-78_d3e212c3b0a6d0d%3DaIacsatsu4%26fuclfs7e9C6i6kcd4v1384801151a4%3D9I8ebfb%26dncy2t1uec6474e400812dbmpcb7i6h6r6r%3DfIioTtpi%3Dioft%26ns%26grVgNnYeheFe2%3DhtFpm%257A22_%25gFsl%26k3r9k8c5m227%26%3Dutl%3FsGecSabsdtasct5nep6ocg4o8lbkao8-3na%2Fcsetfh&s=https%3A%2F%2Fclcktrck.com%2F&e=1&ai=f9732946fe284c5481e8691045e09c14&sct=1&ct=1732959197447&cu=f9982bbb7dac4201bea647ce00f8229b&cs=f4a4a12046796f05c463d375ae8df308

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGKcAIfSrVONcoD_MUT1nPMsMzaWpsD2g
28880283-22554-ex.clibuceant.com/ 8 KB
3 KB 410ms
268ms Document
text/html 88.208.22.3
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGKcAIfSrVONcoD_MUT1nPMsMzaWpsD2g?kws=thisav&abl=0&fsb=0&pageUri=https%3A%2F%2Fcn.tube4.top%2Fv%2Fs%3A%2F%2Fthisav.com%2Fja%2Fvideo%2F130892%2Ft...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.3 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS: mail.armadaboard.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html
date: Sat, 30 Nov 2024 09:33:15 GMT
expires: Sat, 30 Nov 2024 09:33:15 UTC
last-modified: Sat, 30 Nov 2024 09:33:15 UTC
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: unsafe-url
server: nginx
vary: Accept-Encoding

HEAD /
ads.google.com/ 0
0

GET
H/1.1

200
OK

3 Show response
redwingshere.xyz/go/4310/
Redirect Chain

https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGKcAIfSrVONcoD_MUT1nPMsMzaWpsD2g?kws=thisav&abl=0&fsb=0&pageUr...
https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM54fcEAABAAADCjq0nAQEoQIA4H8AkK3anQQAAQ&subid2=1136039568

299 B
821 B

365ms
304ms

Document
text/html

45.13.225.41
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM54fcEAABAAADCjq0nAQEoQIA4H8AkK3anQQAAQ&subid2=1136039568
Requested by: Host: 28880283-22554-ex.clibuceant.com
URL: https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGKcAIfSrVONcoD_MUT1nPMsMzaWpsD2g?kws=thisav&abl=0&fsb=0&pageUri=https%3A%2F%2Fcn.tube4.top%2Fv%2Fs%3A%2F%2Fthisav.com%2Fja%2Fvideo%2F130892%2Ft...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 41.225.13.45.in-addr.arpa
Software: nginx / PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Resource Hash: 9a4f68ae9669d1ceabb083920a95edc5b0c9ea8ffe50efe2166d8fc49b317a49

Request headers

Referer: https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGKcAIfSrVONcoD_MUT1nPMsMzaWpsD2g?kws=thisav&abl=0&fsb=0&pageUri=https%3A%2F%2Fcn.tube4.top%2Fv%2Fs%3A%2F%2Fthisav.com%2Fja%2Fvideo%2F130892%2Ft...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory: 8

Response headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: identity
Content-Length: 299
Content-Type: text/html; charset=utf-8
Date: Sat, 30 Nov 2024 09:33:15 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 30 Nov 2024 09:33:15 GMT
Pragma: no-cache
Server: nginx
X-Powered-By: PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 30 Nov 2024 09:33:15 GMT
expires: Sat, 30 Nov 2024 09:33:15 UTC
last-modified: Sat, 30 Nov 2024 09:33:15 UTC
location: https://redwingshere.xyz/go/4310/3?subid1=.APPsAooDkM4O95sI3pMM54fcEAABAAADCjq0nAQEoQIA4H8AkK3anQQAAQ&subid2=1136039568
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: no-referrer
server: nginx

GET
H2 200 link Show response
gribeorlneka.net/ 31 KB
15 KB 59ms
29ms Document
text/html 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

4b00f5493734388009dfc65b6ed10f6b947708b2035e64750d558604c528888e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 30 Nov 2024 09:33:15 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: f3bae513f258ac7ffe7376d4b7422c6a

GET
H/1.1 200
OK favicon.ico
redwingshere.xyz/ 0
212 B 26ms
26ms Other
text/html 45.13.225.41
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 41.225.13.45.in-addr.arpa
Software: nginx / PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Date: Sat, 30 Nov 2024 09:33:15 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Server: nginx
Connection: keep-alive

GET
H3 200 img.gif
my.rtmark.net/ 43 B
878 B 51ms
30ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00812444645b4d33efcc92f6efa360de&z=7512770&p_rid=26e074bb-73f2-4bed-bf47-c33f1053804d&p_src=sf

Requested by

Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gribeorlneka.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Yoka4YXGJ%2B2%2BvIXa1LdT8HCShAzEtU94fQ3kCkholEijMhQ1W5isGl9VJX%2FOw7KBKkA0wLpLpBS%2FvynKpOq3rc4qNp3Ye4APfnC0sdzeBypXUBEzeSDfHupwF7L7dW4"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16638&min_rtt=16574&rtt_var=6261&sent=9&recv=7&lost=0&retrans=0&sent_bytes=4067&recv_bytes=4380&delivery_rate=190809&cwnd=12000&unsent_bytes=0&cid=02ab13816f953ae2&ts=34&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 09:33:15 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8ea9d5bd0a87b8c4-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H2 200 add Show response
gribeorlneka.net/log/ 12 B
385 B 17ms
15ms XHR
application/json 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gribeorlneka.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=26e074bb-73f2-4bed-bf47-c33f1053804d

Requested by

Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gribeorlneka.net
content-length: 12
date: Sat, 30 Nov 2024 09:33:15 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 200 sftouch
taiwoudoastuph.net/ 43 B
662 B 78ms
30ms Image
image/gif 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwoudoastuph.net/sftouch?userId=00812444645b4d33efcc92f6efa360de&z=7512770&p_rid=26e074bb-73f2-4bed-bf47-c33f1053804d&p_src=sf&branchId=0&rb=r-7DpMVGBBYH3f-8o2Ia7e8SPNqh2M6YluOExN9X5opDeuGyD6rdHPXDJbzxtufXl0cwsJWApeaWDZ68PIK4sU_2-0KR2qjHWKBzMLRILsAO6aX7J0WuBAovDxvsZDD_gbTZojD1bBm0md4TwIk4pA_JP5tZBjOqGZgQoJwOmCnuYnCK2W9sh5fUCeYsge8GPKbSCU5uaFZiA6xGlbpRsS6X9Lgf6UKeoB6h9DEGODjd6v9Jw1GlnfY2ucVppUsItAeiXk7bg2KASDI_UgfG--NpHyIuYRFKx1CIbrhb-Dyr812I4i9bGws31QfEo4eEcbd7g1V8uCE9lMnCLDTVMi0dXhIo4mqc&w_img=1

Requested by

Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gribeorlneka.net/

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 09:33:15 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 59958a4a25358022fe71713f3b4dbb51
cf-ray: 8ea9d5bd6ff30a49-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H2 200 add Show response
gribeorlneka.net/async_log/ 0
339 B 17ms
15ms XHR
text/plain 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gribeorlneka.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=26e074bb-73f2-4bed-bf47-c33f1053804d

Requested by

Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gribeorlneka.net
content-length: 0
date: Sat, 30 Nov 2024 09:33:15 GMT
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 204 favicon.ico
gribeorlneka.net/ 0
150 B 15ms
15ms Other
text/plain 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gribeorlneka.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sat, 30 Nov 2024 09:33:15 GMT
pragma: public
server: nginx

GET
H2

200

6118780 Show response
taiwoudoastuph.net/4/
Redirect Chain

https://taiwoudoastuph.net/?z=7512770&syncedCookie=true&rhd=false
https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

31 KB
14 KB

32ms
31ms

Document
text/html

104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb86ffdcd1fc2d47e4b2f05aac586953af88ab94600c2562d7e4368580705e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://gribeorlneka.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8ea9d5be2b83a002-AMS
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 30 Nov 2024 09:33:15 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 20f653dfa9d8082ff0c7d61acd77008d

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gribeorlneka.net
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8ea9d5bdaac3a002-AMS
content-length: 0
date: Sat, 30 Nov 2024 09:33:15 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
location: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: be5c029c5e02581bf358b3b8f5ffe0a5

GET
H2 204 favicon.ico
gribeorlneka.net/ 0
0 0ms
0ms Other
text/plain 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gribeorlneka.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gribeorlneka.net/afu.php?zoneid=7512770&var=7512770&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sat, 30 Nov 2024 09:33:15 GMT
pragma: public
server: nginx

GET
H3 200 img.gif
my.rtmark.net/ 43 B
881 B 53ms
33ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00812486cbad480cec6aad3cee0210d7&z=6118780&p_rid=5fd91da7-f585-451f-bb0c-8055832c0543&p_src=sf

Requested by

Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://taiwoudoastuph.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=voIoraqqch4soHWRknVMbpIKu6AnoPIuMnHF7%2BLr8eNzPLUgO1XSqBIaMBky%2FwDidXBVpuwyd2FBSt%2FaE6C%2BhtHaidg5TVcvYvkC9ynSj9lpOcrPx0A%2F8OJ%2FexmpaQy4"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15369&min_rtt=15303&rtt_var=3300&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4094&recv_bytes=4507&delivery_rate=38094&cwnd=12000&unsent_bytes=0&cid=8b1e8bf167b9b445&ts=36&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 09:33:15 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8ea9d5be985cb918-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H3 200 sftouch
taiwoudoastuph.net/ 43 B
567 B 32ms
31ms Image
image/gif 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwoudoastuph.net/sftouch?userId=00812486cbad480cec6aad3cee0210d7&z=6118780&p_rid=5fd91da7-f585-451f-bb0c-8055832c0543&p_src=sf&branchId=0&rb=6N0kSRKK-Si5_RYfJvshbOV3tfz7W32rbOduGyteyzH3KnvCToamM8nB88z5-529GbO8B8oYZHSolRtTT8NlFfRtuh_DkZelh7Af8V17nqIg9Toalw5hiEZ0KK1rCon3dcOVyxeq9HuUwswU5y8dgZvWKhgpvSAbjc-cpw-F2tgHwCsNqYJZSmp_fHdcm8ePe2SUFTwArg8V9_OarVGO2pPTzkBfzXHrTeTD9OrcTWqcbgCswVoQuDMsLFlFEhwwfUUv-rpwqmrAqxq0BhaHEQGVVDQkDutv7xL2gAVlCshahRBzv5UwsD9HgAo=&w_img=1

Requested by

Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 09:33:15 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 7fbb9882b7b563971d27d2b9e223e6ba
cf-ray: 8ea9d5be8beeb8c7-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
taiwoudoastuph.net/log/ 12 B
306 B 32ms
31ms XHR
application/json 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://taiwoudoastuph.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5fd91da7-f585-451f-bb0c-8055832c0543

Requested by

Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
cf-ray: 8ea9d5beac03b8c7-AMS
access-control-allow-origin: https://taiwoudoastuph.net
alt-svc: h3=":443"; ma=86400
content-length: 12
date: Sat, 30 Nov 2024 09:33:15 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H3 200 add Show response
taiwoudoastuph.net/async_log/ 0
262 B 28ms
27ms XHR
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://taiwoudoastuph.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5fd91da7-f585-451f-bb0c-8055832c0543

Requested by

Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8ea9d5beac05b8c7-AMS
access-control-allow-origin: https://taiwoudoastuph.net
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 30 Nov 2024 09:33:15 GMT
server: cloudflare
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
taiwoudoastuph.net/ 0
182 B 48ms
48ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://taiwoudoastuph.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 362826
cf-ray: 8ea9d5bedc38b8c7-AMS
expires: Tue, 28 Nov 2034 09:33:15 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 09:33:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

conrad-nl-nl-cpc Show response
www.shoptastic.io/store/
Redirect Chain

https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false
https://www.share365.net/vip/rds/nl?subId=886657730184753498&country=NL&campaignid=8543943
https://www.shoptastic.io/store/conrad-nl-nl-cpc?pubId=10440&subId=886657730184753498&country=NL&campaignid=8543943

135 B
338 B

547ms
186ms

Document
text/html

52.53.88.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shoptastic.io/store/conrad-nl-nl-cpc?pubId=10440&subId=886657730184753498&country=NL&campaignid=8543943
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.53.88.18 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-53-88-18.us-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b638ce3939382360242e2a7119ab4b3380200e1a184794e09725cd96146da016

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://taiwoudoastuph.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-language: en-US
content-type: text/html;charset=UTF-8
date: Sat, 30 Nov 2024 09:33:16 GMT
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8ea9d5c138a6b772-AMS
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 09:33:16 GMT
location: https://www.shoptastic.io/store/conrad-nl-nl-cpc?pubId=10440&subId=886657730184753498&country=NL&campaignid=8543943
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7VC9WLRCBTC60pFy46gxxAaI3oSN9m9uxiTk1vNaPZplGWbVhzCuXjfdkpm%2FAJ8LYXt3W9KCUzwwwfn5jMPFT2FcnAhqmsdCuVIy5PWeKEahMPMNUjWDP0QJIBzriCXDCTQYk5VVKdcOS%2BYXZt0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=14690&min_rtt=14405&rtt_var=2636&sent=6&recv=11&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2337&delivery_rate=256003&cwnd=253&unsent_bytes=0&cid=bb7ec77c500d5a28&ts=70&x=0"
strict-transport-security: max-age=31536000

GET
H3 204 favicon.ico
taiwoudoastuph.net/ 0
0 19ms
19ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://taiwoudoastuph.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 362826
cf-ray: 8ea9d5bedc38b8c7-AMS
expires: Tue, 28 Nov 2034 09:33:15 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 09:33:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1

200
OK

69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5... Show response
clcktrck.com/3340b07f6352b061e0908fa0e76668dc/
Redirect Chain

https://clcktrck.com/nl/s/red_u_plain.php?uid=277515794&t=direct&s=22235&pub=10440&d=conrad.nl
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1...
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1...
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDhjM...
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1...

547 B
665 B

27ms
26ms

Document
text/html

3.73.249.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5a7991746ab06a31a9e686e3c0bffadb3dd792229e29451e5ce10f376ded?m=1
Requested by: Host: www.shoptastic.io
URL: https://www.shoptastic.io/store/conrad-nl-nl-cpc?pubId=10440&subId=886657730184753498&country=NL&campaignid=8543943
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: d858e23ddcd9fe0747e0b4e8ebc47c14da599671ccf1f11e22cd9157a83767d9

Request headers

Referer: https://www.shoptastic.io/store/conrad-nl-nl-cpc?pubId=10440&subId=886657730184753498&country=NL&campaignid=8543943
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 09:33:17 GMT
Referrer-Policy: origin
Server: nginx/1.24.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 09:33:17 GMT
location: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5a7991746ab06a31a9e686e3c0bffadb3dd792229e29451e5ce10f376ded?m=1
referrer-policy: origin
server: nginx/1.18.0 (Ubuntu)

GET
H2

200

go
r.bestadperf.com/v2/
Redirect Chain

https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1...
https://r.bestadperf.com/v1/redirect?url=https%3A%2F%2Fconrad.nl&api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=aec355e462c64185bda38033aacce8f2&type=url&source=discounthero.org&yk_tag=f9d48da2cc...
https://r.bestadperf.com/v2/go?t=2t8pc%3Aa%2F3l0g3.de5k1o6r2u4.5e3%2Fei%3DeIeurrhhoi.bsp1F3%259o7.2c9t1c.ci2%3DFe%25V3EsTt.hXrirufWRji5iOoNt-eanfcleayicnfda9T9e6s1l%26uo%26I9%3D20f503c24%26aobn0r4%...

2 KB
3 KB

39ms
39ms

Document
text/html

18.202.86.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.bestadperf.com/v2/go?t=2t8pc%3Aa%2F3l0g3.de5k1o6r2u4.5e3%2Fei%3DeIeurrhhoi.bsp1F3%259o7.2c9t1c.ci2%3DFe%25V3EsTt.hXrirufWRji5iOoNt-eanfcleayicnfda9T9e6s1l%26uo%26I9%3D20f503c24%26aobn0r4%3Dal7obf2r9dfa202f06040603%3D1Iecalarch1i9bdp4e%26re%3DrmhrdP1e7d1%260b5c6409551a34927-25840b562-6e6e%263e1vdcn%3Dk6t%26o3eeIi%3Dr8s349847d26_-3b94895f2-78_d3e212c3b0a6d0d%3DaIacsatsu4%26fuclfs7e9C6i6kcd4v1384801151a4%3D9I8ebfb%26dncy2t1uec6474e400812dbmpcb7i6h6r6r%3DfIioTtpi%3Dioft%26ns%26grVgNnYeheFe2%3DhtFpm%257A22_%25gFsl%26k3r9k8c5m227%26%3Dutl%3FsGecSabsdtasct5nep6ocg4o8lbkao8-3na%2Fcsetfh&s=https%3A%2F%2Fclcktrck.com%2F&e=1&ai=f9732946fe284c5481e8691045e09c14&sct=1&ct=1732959197447&cu=f9982bbb7dac4201bea647ce00f8229b&cs=f4a4a12046796f05c463d375ae8df308

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.86.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-86-139.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf48c0d6fc4c50cb87ad2f9f1c777b6ed66ab9cd778ceec852eb441ead198fac06ac11971c52877ce1e668ecf5a2043b85265232d4095f672d0301a0040f49edeacb57d5a7991746ab06a31a9e686e3c0bffadb3dd792229e29451e5ce10f376ded?m=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 2543
content-type: text/html;charset=UTF-8
date: Sat, 30 Nov 2024 09:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

content-length: 0
date: Sat, 30 Nov 2024 09:33:17 GMT
location: /v2/go?t=2t8pc%3Aa%2F3l0g3.de5k1o6r2u4.5e3%2Fei%3DeIeurrhhoi.bsp1F3%259o7.2c9t1c.ci2%3DFe%25V3EsTt.hXrirufWRji5iOoNt-eanfcleayicnfda9T9e6s1l%26uo%26I9%3D20f503c24%26aobn0r4%3Dal7obf2r9dfa202f06040603%3D1Iecalarch1i9bdp4e%26re%3DrmhrdP1e7d1%260b5c6409551a34927-25840b562-6e6e%263e1vdcn%3Dk6t%26o3eeIi%3Dr8s349847d26_-3b94895f2-78_d3e212c3b0a6d0d%3DaIacsatsu4%26fuclfs7e9C6i6kcd4v1384801151a4%3D9I8ebfb%26dncy2t1uec6474e400812dbmpcb7i6h6r6r%3DfIioTtpi%3Dioft%26ns%26grVgNnYeheFe2%3DhtFpm%257A22_%25gFsl%26k3r9k8c5m227%26%3Dutl%3FsGecSabsdtasct5nep6ocg4o8lbkao8-3na%2Fcsetfh&s=https%3A%2F%2Fclcktrck.com%2F&e=1&ai=f9732946fe284c5481e8691045e09c14&sct=1&ct=1732959197447&cu=f9982bbb7dac4201bea647ce00f8229b&cs=f4a4a12046796f05c463d375ae8df308
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK favicon.ico
clcktrck.com/ 0
246 B 48ms
22ms Other
image/x-icon 3.73.249.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clcktrck.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://clcktrck.com/

Response headers

ETag: "645a16d2-0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Date: Sat, 30 Nov 2024 09:33:17 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 09 May 2023 09:48:02 GMT
Server: nginx/1.24.0 (Ubuntu)

GET
H/1.1 200
OK sitesearchGo Show response
nl-go.kelkoogroup.net/ 29 KB
30 KB 1148ms
74ms Document
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliationId=96966617&comId=100543424&country=nl&offerId=aa05f1684861341ce6a6a9c71f9cdf44&searchId=107610035262035_1732957829830_52276864&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400012124f9982bbb7dac4201bea647ce00f8229b&publisherTrafficType=content&originReferer=https%3A%2F%2Fclcktrck.com%2F&publisherSubId=aec355e462c64185bda38033aacce8f2

Requested by

Host: r.bestadperf.com
URL: https://r.bestadperf.com/v2/go?t=2t8pc%3Aa%2F3l0g3.de5k1o6r2u4.5e3%2Fei%3DeIeurrhhoi.bsp1F3%259o7.2c9t1c.ci2%3DFe%25V3EsTt.hXrirufWRji5iOoNt-eanfcleayicnfda9T9e6s1l%26uo%26I9%3D20f503c24%26aobn0r4%3Dal7obf2r9dfa202f06040603%3D1Iecalarch1i9bdp4e%26re%3DrmhrdP1e7d1%260b5c6409551a34927-25840b562-6e6e%263e1vdcn%3Dk6t%26o3eeIi%3Dr8s349847d26_-3b94895f2-78_d3e212c3b0a6d0d%3DaIacsatsu4%26fuclfs7e9C6i6kcd4v1384801151a4%3D9I8ebfb%26dncy2t1uec6474e400812dbmpcb7i6h6r6r%3DfIioTtpi%3Dioft%26ns%26grVgNnYeheFe2%3DhtFpm%257A22_%25gFsl%26k3r9k8c5m227%26%3Dutl%3FsGecSabsdtasct5nep6ocg4o8lbkao8-3na%2Fcsetfh&s=https%3A%2F%2Fclcktrck.com%2F&e=1&ai=f9732946fe284c5481e8691045e09c14&sct=1&ct=1732959197447&cu=f9982bbb7dac4201bea647ce00f8229b&cs=f4a4a12046796f05c463d375ae8df308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3ebdfb5f266df3fef8e8e460f7e0d65a6140abbe4f6ae4f8d3ad8dc830d7a5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.bestadperf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 29996
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 09:33:18 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.054498424S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMA7Y7g0OVAkUUAH8yWbQ==
X-Frame-Options: ALLOWALL
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698148_1732959198618_54630184
country: nl
leadId: 62A901JDY6NQDQP8WCJJFDEEESWRXG

GET
H/1.1 200
OK p.png
nl-go.kelkoogroup.net/assets/images/ 68 B
552 B 25ms
25ms Image
image/png 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nl-go.kelkoogroup.net/assets/images/p.png?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00fb40c661296805121a5c1c4dc52254d9a670e14ad3017753b9ce2a2676beb80fde83105c0412735d705e4273081e47af7da85ad01ed5ab3c95ac6b6d6c31facaff28dbecd2dc8cadf13841f6e0674a487f706da751f83cbe1df0bc625d75622d848bfc67e0217f6d02a0b6cad007289fe888b59961cd3c9c9e6c930722bf4b84351feacacf3d70ddaeabb07c154beeb7c8b375ad4040cedac9bd736efb9f4110d69ecae3d50612071886ac2e2820624abecd0f7c8478a3f058e6337fbca5273917daaa60f173402b96806653de4048e77c0506cc284cb59915a3cc39098712b21cd601693559549294a16454412df9064f71979a4389bf40ccbd10c

Requested by

Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliationId=96966617&comId=100543424&country=nl&offerId=aa05f1684861341ce6a6a9c71f9cdf44&searchId=107610035262035_1732957829830_52276864&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400012124f9982bbb7dac4201bea647ce00f8229b&publisherTrafficType=content&originReferer=https%3A%2F%2Fclcktrck.com%2F&publisherSubId=aec355e462c64185bda38033aacce8f2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliationId=96966617&comId=100543424&country=nl&offerId=aa05f1684861341ce6a6a9c71f9cdf44&searchId=107610035262035_1732957829830_52276864&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400012124f9982bbb7dac4201bea647ce00f8229b&publisherTrafficType=content&originReferer=https%3A%2F%2Fclcktrck.com%2F&publisherSubId=aec355e462c64185bda38033aacce8f2

Response headers

X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
leadId: 62A901JDY6NQDQP8WCJJFDEEESWRXG
Request-Time: PT0.003843147S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698148_1732959198618_54630184
country: nl
X-Content-Type-Options: nosniff
Content-Length: 68
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 09:33:18 GMT
Content-Type: image/png
X-Frame-Options: ALLOWALL

GET
H2 200 tags.js Show response
dd.kelkoogroup.net/ 169 KB
32 KB 82ms
19ms Script
text/javascript 3.161.82.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-116.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

content-encoding: gzip
x-amz-version-id: srBbjf4IpQWkR6dukRm3KeuXFeESXHnZ
etag: W/"f413de3002ba35101fcc6ab056e87d4b"
age: 959
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: hG1Jnk72zfW2V4sqdb8YSk7vq4Ug8QhStbKfnLCnVTYOqKdyConoGg==
date: Sat, 30 Nov 2024 09:17:19 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Tue, 19 Nov 2024 10:41:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600, public
via: 1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
www.google-analytics.com/g/ 0
556 B 96ms
30ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-42767ZEKSC&_p=610802847&sr=1600x1200&ul=nl-nl&cid=928127849.1732959198&uid=a4c6294-1937c6add9b-608676&_fv=1&_s=1&dl=https%3A%2F%2Fnl-go.kelkoogroup.net%2FsitesearchGo%3F.ts%3D1732957829931%26.sig%3D_e2V7EmTF.hX2iFuhWYjN5VOgNs-%26affiliationId%3D96966617%26comId%3D100543424%26country%3Dnl%26offerId%3Daa05f1684861341ce6a6a9c71f9cdf44%26searchId%3D107610035262035_1732957829830_52276864%26service%3D36%26tokenId%3D1833e9e4-d66b-4b54-92f4-a85d9e41ccbb%26addedParams%3Dtrue%26publisherClickId%3Dv030400012124f9982bbb7dac4201bea647ce00f8229b%26publisherTrafficType%3Dcontent%26originReferer%3Dhttps%253A%252F%252Fclcktrck.com%252F%26publisherSubId%3Daec355e462c64185bda38033aacce8f2&dt=U%20wordt%20doorgestuurd%20naar%20Conrad.nl&dr=https%3A%2F%2Fr.bestadperf.com%2F&dp=%2F96966617%7C100543424%7C&sid=1732959198&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96966617&ep.cd2=62A901JDY6NQDQP8WCJJFDEEESWRXG&ep.cd3=100543424&ep.cd4=a4c6294-1937c6add9b-608676&ep.cd5=&ep.cd6=96966617%7C100543424%7C
Requested by: Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliationId=96966617&comId=100543424&country=nl&offerId=aa05f1684861341ce6a6a9c71f9cdf44&searchId=107610035262035_1732957829830_52276864&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400012124f9982bbb7dac4201bea647ce00f8229b&publisherTrafficType=content&originReferer=https%3A%2F%2Fclcktrck.com%2F&publisherSubId=aec355e462c64185bda38033aacce8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://nl-go.kelkoogroup.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 09:33:18 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 404
Not Found ados.js Show response
nl-go.kelkoogroup.net/ 1 KB
2 KB 22ms
21ms XHR
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/ados.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliationId=96966617&comId=100543424&country=nl&offerId=aa05f1684861341ce6a6a9c71f9cdf44&searchId=107610035262035_1732957829830_52276864&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400012124f9982bbb7dac4201bea647ce00f8229b&publisherTrafficType=content&originReferer=https%3A%2F%2Fclcktrck.com%2F&publisherSubId=aec355e462c64185bda38033aacce8f2

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Request-Time: PT0.000384506S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
Content-Length: 1140
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 09:33:17 GMT
Content-Type: text/html; charset=UTF-8
X-Frame-Options: DENY

POST
H/1.1 200
OK fp
nl-go.kelkoogroup.net/ 0
458 B 41ms
40ms Ping
text/plain 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/fp?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00fb40c661296805121a5c1c4dc52254d9a670e14ad3017753b9ce2a2676beb80fde83105c0412735d705e4273081e47af7da85ad01ed5ab3c95ac6b6d6c31facaff28dbecd2dc8cadf13841f6e0674a487f706da751f83cbe1df0bc625d75622d848bfc67e0217f6d02a0b6cad007289fe888b59961cd3c9c9e6c930722bf4b84351feacacf3d70ddaeabb07c154beeb7c8b375ad4040cedac9bd736efb9f4110d69ecae3d50612071886ac2e2820624abecd0f7c8478a3f058e6337fbca5273917daaa60f173402b96806653de4048e77c0506cc284cb59915a3cc39098712b21cd601693559549294a16454412df9064f71979a4389bf40ccbd10c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliationId=96966617&comId=100543424&country=nl&offerId=aa05f1684861341ce6a6a9c71f9cdf44&searchId=107610035262035_1732957829830_52276864&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400012124f9982bbb7dac4201bea647ce00f8229b&publisherTrafficType=content&originReferer=https%3A%2F%2Fclcktrck.com%2F&publisherSubId=aec355e462c64185bda38033aacce8f2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8
sec-ch-device-memory: 8

Response headers

X-Robots-Tag: noindex,nofollow
leadId: 62A901JDY6NQDQP8WCJJFDEEESWRXG
Request-Time: PT0.015330072S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698148_1732959198618_54630184
country: nl
X-Content-Type-Options: nosniff
Content-Length: 0
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 09:33:18 GMT
Content-Type: text/plain; charset=UTF-8
X-Frame-Options: ALLOWALL

GET 16b3b762-cb1e-49f8-98de-ecdd3bfcf109
https://nl-go.kelkoogroup.net/ Frame 0
0

POST
H2 200 /
dd.kelkoogroup.net/js/ 236 B
645 B 72ms
27ms XHR
application/json 3.161.82.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/js/

Requested by

Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-116.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://nl-go.kelkoogroup.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
expires: 0
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 236
x-amz-cf-id: QkTD17PrBxz6hj6E7KRiTgyRVIrsopM6262-W0Kr7M-TwV4_J6yFzw==
date: Sat, 30 Nov 2024 09:33:18 GMT
content-type: application/json;charset=utf-8
x-amz-cf-pop: FRA56-P10
server: DataDome

GET
H/1.1 403
Forbidden Primary Request redirect Show response
nl-go.kelkoogroup.net/ 725 B
2 KB 32ms
31ms Document
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00fb40c661296805121a5c1c4dc52254d9a670e14ad3017753b9ce2a2676beb80fde83105c0412735d705e4273081e47af7da85ad01ed5ab3c95ac6b6d6c31facaff28dbecd2dc8cadf13841f6e0674a487f706da751f83cbe1df0bc625d75622d848bfc67e0217f6d02a0b6cad007289fe888b59961cd3c9c9e6c930722bf4b84351feacacf3d70ddaeabb07c154beeb7c8b375ad4040cedac9bd736efb9f4110d69ecae3d50612071886ac2e2820624abecd0f7c8478a3f058e6337fbca5273917daaa60f173402b96806653de4048e77c0506cc284cb59915a3cc39098712b21cd601693559549294a16454412df9064f71979a4389bf40ccbd10c&url=https%3A%2F%2Fpartner.conrad.nl%2Fc%3Fc%3D920%26m%3D1806756%26a%3D321679%26r%3D62A901JDY6NQDQP8WCJJFDEEESWRXG%26u%3Dhttps%253A%252F%252Fwww.conrad.nl%252Fgoto%252F%253Fproduct%253D2354010%2526WT.mc_id%253Daffiliates%253Atradetracker%253Afeed%253A2354010%2526experience%253Db2c&initiator=dd

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

f604bfea407727d6b28980b047c20fc16138c409162537a00372b37a95e8e734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliationId=96966617&comId=100543424&country=nl&offerId=aa05f1684861341ce6a6a9c71f9cdf44&searchId=107610035262035_1732957829830_52276864&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400012124f9982bbb7dac4201bea647ce00f8229b&publisherTrafficType=content&originReferer=https%3A%2F%2Fclcktrck.com%2F&publisherSubId=aec355e462c64185bda38033aacce8f2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 725
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 09:33:18 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.012861515S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMA7Y7g0OVAkUUAH8yWbQ==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block

GET
H2 200 c.js Show response
ct.captcha-delivery.com/ 11 KB
11 KB 79ms
27ms Script
text/javascript 65.9.66.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.captcha-delivery.com/c.js
Requested by: Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00fb40c661296805121a5c1c4dc52254d9a670e14ad3017753b9ce2a2676beb80fde83105c0412735d705e4273081e47af7da85ad01ed5ab3c95ac6b6d6c31facaff28dbecd2dc8cadf13841f6e0674a487f706da751f83cbe1df0bc625d75622d848bfc67e0217f6d02a0b6cad007289fe888b59961cd3c9c9e6c930722bf4b84351feacacf3d70ddaeabb07c154beeb7c8b375ad4040cedac9bd736efb9f4110d69ecae3d50612071886ac2e2820624abecd0f7c8478a3f058e6337fbca5273917daaa60f173402b96806653de4048e77c0506cc284cb59915a3cc39098712b21cd601693559549294a16454412df9064f71979a4389bf40ccbd10c&url=https%3A%2F%2Fpartner.conrad.nl%2Fc%3Fc%3D920%26m%3D1806756%26a%3D321679%26r%3D62A901JDY6NQDQP8WCJJFDEEESWRXG%26u%3Dhttps%253A%252F%252Fwww.conrad.nl%252Fgoto%252F%253Fproduct%253D2354010%2526WT.mc_id%253Daffiliates%253Atradetracker%253Afeed%253A2354010%2526experience%253Db2c&initiator=dd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

x-amz-version-id: null
etag: "1fd766ce129c8b2cae0770e023a22682"
age: 84579
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11217
x-amz-cf-id: 6rtPqQzWIij6qYvCEPKGDcI42Ro5OmHzHwm2jDzIeaCCkN9ySeaXrQ==
date: Fri, 29 Nov 2024 10:03:41 GMT
content-type: text/javascript
last-modified: Fri, 22 Nov 2024 10:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK /
geo.captcha-delivery.com/captcha/ Frame 4287 0
0 80ms
32ms Document
text/html 3.125.247.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMA7Y7g0OVAkUUAH8yWbQ%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=mwm1904DbS2MYIkYTh~Pt~WJzpS23STDj4lQpBgHej2F0H4DlgKKKcRZtIossv_5WBXofKeAxxWWK55DGQJIfF4rCHtCb4GPxGvr3ASICmbmKz27XlWTX6fszr0GmxeW&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00fb40c661296805121a5c1c4dc52254d9a670e14ad3017753b9ce2a2676beb80fde83105c0412735d705e4273081e47af7da85ad01ed5ab3c95ac6b6d6c31facaff28dbecd2dc8cadf13841f6e0674a487f706da751f83cbe1df0bc625d75622d848bfc67e0217f6d02a0b6cad007289fe888b59961cd3c9c9e6c930722bf4b84351feacacf3d70ddaeabb07c154beeb7c8b375ad4040cedac9bd736efb9f4110d69ecae3d50612071886ac2e2820624abecd0f7c8478a3f058e6337fbca5273917daaa60f173402b96806653de4048e77c0506cc284cb59915a3cc39098712b21cd601693559549294a16454412df9064f71979a4389bf40ccbd10c%26url%3Dhttps%253A%252F%252Fpartner.conrad.nl%252Fc%253Fc%253D920%2526m%253D1806756%2526a%253D321679%2526r%253D62A901JDY6NQDQP8WCJJFDEEESWRXG%2526u%253Dhttps%25253A%25252F%25252Fwww.conrad.nl%25252Fgoto%25252F%25253Fproduct%25253D2354010%252526WT.mc_id%25253Daffiliates%25253Atradetracker%25253Afeed%25253A2354010%252526experience%25253Db2c%26initiator%3Ddd&s=35103&e=d808ac5af4790ed8393617dfe35dcc1c3c641776ffcba04b1274a956c1a4821d&dm=cd
Requested by: Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.125.247.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://nl-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sat, 30 Nov 2024 09:33:19 GMT
Transfer-Encoding: chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.google.com
URL: https://ads.google.com/

Domain: nl-go.kelkoogroup.net
URL: blob:https://nl-go.kelkoogroup.net/16b3b762-cb1e-49f8-98de-ecdd3bfcf109

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dd

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
redwingshere.xyz/	1970-01-21 01:23:31	Name: mobitck Value: 1
gribeorlneka.net/	1970-01-21 10:08:15	Name: OAID Value: 00812444645b4d33efcc92f6efa360de
gribeorlneka.net/	1970-01-21 10:08:15	Name: oaidts Value: 1732959195
gribeorlneka.net/	1970-01-21 10:08:15	Name: allcnt Value: 1
my.rtmark.net/	1970-01-21 10:08:15	Name: ID Value: 00812444645b4d33efcc92f6efa360de
taiwoudoastuph.net/	1970-01-21 10:08:15	Name: oaidts Value: 1732959195
taiwoudoastuph.net/	1970-01-21 10:08:15	Name: OAID Value: 00812444645b4d33efcc92f6efa360de
taiwoudoastuph.net/	1970-01-21 01:32:43	Name: syncedCookie Value: true
www.share365.net/	1970-01-21 01:22:46	Name: XSRF-TOKEN Value: eyJpdiI6InZhXC9pMXREUnhnUWFrR3dKTlJyUmdnPT0iLCJ2YWx1ZSI6ImJHckxaTXpzblc4bWpXYm1OdG9EaXF6M0RVSnRmVlwvdnRlWTVQOW9RRjM1ckVCOWxsZWRtUFlJNk9EYXlvVm9VIiwibWFjIjoiNjRjZGQxNTExMjYzZjZiMjQyOGFkYmRjY2Q4NTgzNWFmYTcwZDA5ODY4NjUzNWExZjYxZjY0Y2RkNWZiYTgzNyJ9
www.share365.net/	1970-01-21 01:22:46	Name: laravel_session Value: eyJpdiI6IktqVndZSExiTHV1MUJ5SVhwSlZFN2c9PSIsInZhbHVlIjoidUlBZnptSHZUS1V5Q0txc042XC9GNFNibzJrSkkxcjBcLzk2VHdGMXU0QkVZYzlxT1hySURwZzAyTW03aEdVM2hPIiwibWFjIjoiNjg3NWNjYzBhMzZlYzFiMGMyNmRjMzFkODdkMjZhNjY0YjFlZjk0NDBjOWY4NDQ2OWMyYTg4MDY4NDQ1N2Q1YiJ9
www.share365.net/	1970-01-21 01:22:42	Name: __cflb Value: 0H28vVobGc6CutkxgoxsgvcCKNChyMYDz1NEkPFuXNb
.bestadperf.com/	1970-01-21 10:08:15	Name: ykuid Value: 3a18d066d13646c4a14a9cf2d099d7ad
r.bestadperf.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: AF3CCB8771BBBEF28A0B12FB35CD3BE3
.kelkoogroup.net/	1970-01-21 10:08:15	Name: kelkooID Value: a4c6294-1937c6add9b-608676
.kelkoogroup.net/	1970-01-21 10:01:03	Name: datadome Value: mwm1904DbS2MYIkYTh~Pt~WJzpS23STDj4lQpBgHej2F0H4DlgKKKcRZtIossv_5WBXofKeAxxWWK55DGQJIfF4rCHtCb4GPxGvr3ASICmbmKz27XlWTX6fszr0GmxeW

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://28880283-22554-ex.clibuceant.com/hyJGCo0zPAvjZtczvVjGJyVPldkRvoHRdqsCOJieHJ0WN5SWpYpR9ZnbBtVjfIedltxXdvEhh_XseuuzHOKnYBWKmK6luLGKcAIfSrVONcoD_MUT1nPMsMzaWpsD2g?kws=thisav&abl=0&fsb=0&pageUri=https%3A%2F%2Fcn.tube4.top%2Fv%2Fs%3A%2F%2Fthisav.com%2Fja%2Fvideo%2F130892%2Ft...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F08603CC2B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://gribeorlneka.net/link?z=7512769&var=4310_1136039568&ymid=159idrcdg0083 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E09402CC2B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://gribeorlneka.net/afu.php?zoneid=7512770&var=7512770&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C09001CC2B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://taiwoudoastuph.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-60&bar=x Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B03310CC2B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B09402CC2B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732957829931&.sig=_e2V7EmTF.hX2iFuhWYjN5VOgNs-&affiliationId=96966617&comId=100543424&country=nl&offerId=aa05f1684861341ce6a6a9c71f9cdf44&searchId=107610035262035_1732957829830_52276864&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400012124f9982bbb7dac4201bea647ce00f8229b&publisherTrafficType=content&originReferer=https%3A%2F%2Fclcktrck.com%2F&publisherSubId=aec355e462c64185bda38033aacce8f2(Line 28) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437cb13071f84fb10e578cd46dcaa97cc520bbe93d00fb40c661296805121a5c1c4dc52254d9a670e14ad3017753b9ce2a2676beb80fde83105c0412735d705e4273081e47af7da85ad01ed5ab3c95ac6b6d6c31facaff28dbecd2dc8cadf13841f6e0674a487f706da751f83cbe1df0bc625d75622d848bfc67e0217f6d02a0b6cad007289fe888b59961cd3c9c9e6c930722bf4b84351feacacf3d70ddaeabb07c154beeb7c8b375ad4040cedac9bd736efb9f4110d69ecae3d50612071886ac2e2820624abecd0f7c8478a3f058e6337fbca5273917daaa60f173402b96806653de4048e77c0506cc284cb59915a3cc39098712b21cd601693559549294a16454412df9064f71979a4389bf40ccbd10c&url=https%3A%2F%2Fpartner.conrad.nl%2Fc%3Fc%3D920%26m%3D1806756%26a%3D321679%26r%3D62A901JDY6NQDQP8WCJJFDEEESWRXG%26u%3Dhttps%253A%252F%252Fwww.conrad.nl%252Fgoto%252F%253Fproduct%253D2354010%2526WT.mc_id%253Daffiliates%253Atradetracker%253Afeed%253A2354010%2526experience%253Db2c&initiator=dd Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28880283-22554-ex.clibuceant.com
ads.google.com
clcktrck.com
ct.captcha-delivery.com
dd.kelkoogroup.net
discountheld.de
geo.captcha-delivery.com
gribeorlneka.net
my.rtmark.net
nl-go.kelkoogroup.net
r.bestadperf.com
redwingshere.xyz
taiwoudoastuph.net
www.google-analytics.com
www.share365.net
www.shoptastic.io
ads.google.com
nl-go.kelkoogroup.net
104.18.22.222
104.18.23.222
139.45.196.64
18.202.86.139
188.114.96.3
188.114.97.3
2606:4700:3108::ac42:28f5
2a00:1450:4001:830::200e
3.125.247.22
3.161.82.116
3.66.53.110
3.73.249.248
45.13.225.41
52.53.88.18
65.9.66.83
88.208.22.3
95.211.116.26
0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
3ebdfb5f266df3fef8e8e460f7e0d65a6140abbe4f6ae4f8d3ad8dc830d7a5d1
4b00f5493734388009dfc65b6ed10f6b947708b2035e64750d558604c528888e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
9a4f68ae9669d1ceabb083920a95edc5b0c9ea8ffe50efe2166d8fc49b317a49
b638ce3939382360242e2a7119ab4b3380200e1a184794e09725cd96146da016
b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430
d858e23ddcd9fe0747e0b4e8ebc47c14da599671ccf1f11e22cd9157a83767d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f604bfea407727d6b28980b047c20fc16138c409162537a00372b37a95e8e734
fb86ffdcd1fc2d47e4b2f05aac586953af88ab94600c2562d7e4368580705e08
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

nl-go.kelkoogroup.net Open in urlscan Pro 95.211.116.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

94 %HTTPS

12 %IPv6

14 Domains

16 Subdomains

16 IPs

6 Countries

120 kBTransfer

284 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

94 %
HTTPS

12 %
IPv6

14
Domains

16
Subdomains

16
IPs

6
Countries

120 kB
Transfer

284 kB
Size

15
Cookies

33 HTTP transactions
0 data transactions