nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://28882574-7740-ex.alumniterist.com/iSZEDIU0NAjaQ8wooFjEKiFBnJMRooyIcqtUM8qZH5oUZJmRp4sE_MmJB9Zjc92ZxI8AIaZxgfrWQumxGvu7YAmUmsLBsbOB...
Effective URL:
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf69926674...
Submission: On December 01 via api (December 1st 2024, 10:26:33 am UTC) from US — Scanned from NL

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 30 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is nl-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.

This is the only time nl-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	88.208.22.3 88.208.22.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2	37.114.46.212 37.114.46.212	58087 (FlorianKo...) (FlorianKolb Florian Kolb)
2 14	139.45.197.243 139.45.197.243	9002 (RETN-AS R...) (RETN-AS RETN Limited)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:310... 2606:4700:3108::ac42:2b0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.176.247.1 54.176.247.1	16509 (AMAZON-02) (AMAZON-02)
4 6	3.73.249.248 3.73.249.248	16509 (AMAZON-02) (AMAZON-02)
1 1	3.66.53.110 3.66.53.110	16509 (AMAZON-02) (AMAZON-02)
5	95.211.116.26 95.211.116.26	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
2	18.66.112.4 18.66.112.4	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	65.9.66.86 65.9.66.86	16509 (AMAZON-02) (AMAZON-02)
1	3.125.247.22 3.125.247.22	16509 (AMAZON-02) (AMAZON-02)
30	11

1 88.208.22.3 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
PTR: mail.armadaboard.com

28882574-7740-ex.alumniterist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.114.46.212 (Germany)

ASN58087 (FlorianKolb Florian Kolb, DE)
PTR: 212.46.114.37.in-addr.arpa

redwingshere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 139.45.197.243 (United Kingdom) 2 redirects

ASN9002 (RETN-AS RETN Limited, GB)

gaimauroogrou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b0b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.share365.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.176.247.1 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-247-1.us-west-1.compute.amazonaws.com

www.shoptastic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.73.249.248 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com

clcktrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.53.110 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: portal-cockpit.noctemque.com

discountheld.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com

nl-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-4.fra56.r.cloudfront.net

dd.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-86.fra56.r.cloudfront.net

ct.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.247.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com

geo.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	gaimauroogrou.net 2 redirects gaimauroogrou.net — Cisco Umbrella Rank: 387853	34 KB
7	kelkoogroup.net nl-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 296022	67 KB
6	clcktrck.com 4 redirects clcktrck.com — Cisco Umbrella Rank: 159985	3 KB
2	captcha-delivery.com ct.captcha-delivery.com — Cisco Umbrella Rank: 30248 geo.captcha-delivery.com — Cisco Umbrella Rank: 23657	11 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	2 KB
2	redwingshere.xyz redwingshere.xyz — Cisco Umbrella Rank: 220818	943 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	556 B
1	discountheld.de 1 redirects discountheld.de — Cisco Umbrella Rank: 408461	2 KB
1	shoptastic.io www.shoptastic.io — Cisco Umbrella Rank: 279931	342 B
1	share365.net 1 redirects www.share365.net — Cisco Umbrella Rank: 481928	3 KB
1	alumniterist.com 1 redirects 28882574-7740-ex.alumniterist.com	557 B
30	11

	Domain	Requested by
14	gaimauroogrou.net	2 redirects gaimauroogrou.net
6	clcktrck.com	4 redirects www.shoptastic.io
5	nl-go.kelkoogroup.net	nl-go.kelkoogroup.net
2	dd.kelkoogroup.net	nl-go.kelkoogroup.net dd.kelkoogroup.net
2	my.rtmark.net	gaimauroogrou.net
2	redwingshere.xyz
1	geo.captcha-delivery.com	ct.captcha-delivery.com
1	ct.captcha-delivery.com	nl-go.kelkoogroup.net
1	www.google-analytics.com	nl-go.kelkoogroup.net
1	discountheld.de	1 redirects
1	www.shoptastic.io
1	www.share365.net	1 redirects
1	28882574-7740-ex.alumniterist.com	1 redirects
30	13

This site contains no links.

Subject Issuer	Validity	Valid
redwingshere.xyz E5	`2024-10-08` - `2025-01-06`	3 months	crt.sh
gaimauroogrou.net R10	`2024-10-04` - `2025-01-02`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
shoptastic.io Amazon RSA 2048 M03	`2024-10-06` - `2025-11-05`	a year	crt.sh
clcktrck.com E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.kelkoogroup.net Thawte TLS RSA CA G1	`2024-09-26` - `2025-10-10`	a year	crt.sh
dd.kelkoogroup.net E6	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.captcha-delivery.com Amazon RSA 2048 M02	`2024-07-25` - `2025-08-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf6992667440adbdf99243477437f98b13b508d5088f7515b792022637eafa97020576638dd4d7f0dd4cdecd6bead8e7a24502586e204dd7377a8c0ae06922215958e5cdbb0c24e4dd6fc4554b4c597e87b5384e0405fd94628b0abaf4a8e632e3e08bb413e938b6423f92ac469fb8a1dec66d9c9095150cead5c61e8151e72b0b27570df6406b613b7d13e445821068f541736c35d4e18d20dacdbf72635ad027f88ba532fd3001daceab54d47d90e477e2bf5a96f19d91796377af554395c366f51ffb64cb90ebe767e8912e193b0d7a6b19603f9962d97f83d0c8cf473be13f0fa0749285cb2e4c8b2cd55b138d3bb4a9f9f46390ec836bd5b57817fea6a2&url=https%3A%2F%2Fwww.debijenkorf.nl%2Fmos-mosh-mmthora-fijngebreide-pullover-in-alpaca-wolblend-met-v-hals-2923012434-292301645500000%3Fkk%3Da4c6293-19381c1e6d6-68c40e%26utm_medium%3Dvergelijkers%26utm_source%3DKelkoo.nl%26utm_campaign%3Dcpc%26utm_content%3Dbrand_id%26utm_source_platform%3DKelkooGroup&initiator=dd
Frame ID: 7C9D83659D49A38BF3EE08C756CF7CA9
Requests: 28 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAWpB_3yypaxcAH8yWbA%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=ffYUKZpVP0hNY_d_6hqKTiczckt8aopvuNCLyPRNVe6spCGoCeJzITyatahtH8hN8f3UplJvv_uWvkfXhQBM2F~ALW~JvNbbPN4y00E0ag50dBrWN7uIKicXhIj2dwvo&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf6992667440adbdf99243477437f98b13b508d5088f7515b792022637eafa97020576638dd4d7f0dd4cdecd6bead8e7a24502586e204dd7377a8c0ae06922215958e5cdbb0c24e4dd6fc4554b4c597e87b5384e0405fd94628b0abaf4a8e632e3e08bb413e938b6423f92ac469fb8a1dec66d9c9095150cead5c61e8151e72b0b27570df6406b613b7d13e445821068f541736c35d4e18d20dacdbf72635ad027f88ba532fd3001daceab54d47d90e477e2bf5a96f19d91796377af554395c366f51ffb64cb90ebe767e8912e193b0d7a6b19603f9962d97f83d0c8cf473be13f0fa0749285cb2e4c8b2cd55b138d3bb4a9f9f46390ec836bd5b57817fea6a2%26url%3Dhttps%253A%252F%252Fwww.debijenkorf.nl%252Fmos-mosh-mmthora-fijngebreide-pullover-in-alpaca-wolblend-met-v-hals-2923012434-292301645500000%253Fkk%253Da4c6293-19381c1e6d6-68c40e%2526utm_medium%253Dvergelijkers%2526utm_source%253DKelkoo.nl%2526utm_campaign%253Dcpc%2526utm_content%253Dbrand_id%2526utm_source_platform%253DKelkooGroup%26initiator%3Ddd&s=35103&e=6e823d5e184928937506f71a4d5a43fce0c6bfb7ed9a518e8588d9238ed43c7b&dm=cd
Frame ID: D80AE00829C362EAB1B6F9D27311F117
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

https://28882574-7740-ex.alumniterist.com/iSZEDIU0NAjaQ8wooFjEKiFBnJMRooyIcqtUM8qZH5oUZJmRp4sE_MmJB9Zjc92ZxI8AIaZxgfrW... HTTP 307
https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082 Page URL
https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false HTTP 302
https://gaimauroogrou.net/4/7393037/?var=8477354 Page URL
https://gaimauroogrou.net/?z=7393037&syncedCookie=false&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=887033506948190256&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/debijenkorf-nl-nl-cpc?pubId=10439&subId=887033506948190256&country=NL&... Page URL
https://clcktrck.com/nl/s/red_u_plain.php?uid=279365690&t=direct&s=22214&pub=10439&d=debijenkorf.nl HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2... HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... Page URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliation... Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

30
Requests

97 %
HTTPS

15 %
IPv6

11
Domains

13
Subdomains

11
IPs

4
Countries

115 kB
Transfer

274 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://28882574-7740-ex.alumniterist.com/iSZEDIU0NAjaQ8wooFjEKiFBnJMRooyIcqtUM8qZH5oUZJmRp4sE_MmJB9Zjc92ZxI8AIaZxgfrWQumxGvu7YAmUmsLBsbOBdAsWSte6WqD5GdNsF439KWgs-sLy?kws=amour%2Cangels%2Cfree%2Cgallery%2Cpicture%2Camourangels%2Cfrom%2Ccute%2Cbaby%2Ccom&abl=0&fsb=0&pageUri=http...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082 Page URL
https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false HTTP 302
https://gaimauroogrou.net/4/7393037/?var=8477354 Page URL
https://gaimauroogrou.net/?z=7393037&syncedCookie=false&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=887033506948190256&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/debijenkorf-nl-nl-cpc?pubId=10439&subId=887033506948190256&country=NL&campaignid=8543943 Page URL
https://clcktrck.com/nl/s/red_u_plain.php?uid=279365690&t=direct&s=22214&pub=10439&d=debijenkorf.nl HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764e80684cc4d310bc66e131155660ba536090a0f4bf3a243ed6eb07e6ee2037e6f HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764902116f125c0c948c309aec3be08899f60d9c6d7b8bd7782dcd0d62b5d576906 HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNGIzNmNjYzE4YWMyMWRhMTNhYzY2NTkyOTZhNmFhOWExNjlmNDdlYjJmMjRlOWUyNWRhMWRhYTZmZDFhZGVkZTYzYTliYWIyODRjODZjZjU4N2E4MDNmMGFkMzQxOGZjMTFlNzE1MGJjNDVmN2E1MjE3ZDVlYWY0MzIyYTQxNzY0OTAyMTE2ZjEyNWMwYzk0OGMzMDlhZWMzYmUwODg5OWY2MGQ5YzZkN2I4YmQ3NzgyZGNkMGQ2MmI1ZDU3NjkwNj9tPTE%253D HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764902116f125c0c948c309aec3be08899f60d9c6d7b8bd7782dcd0d62b5d576906?m=1 Page URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764902116f125c0c948c309aec3be08899f60d9c6d7b8bd7782dcd0d62b5d576906?m=2 HTTP 302
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf6992667440adbdf99243477437f98b13b508d5088f7515b792022637eafa97020576638dd4d7f0dd4cdecd6bead8e7a24502586e204dd7377a8c0ae06922215958e5cdbb0c24e4dd6fc4554b4c597e87b5384e0405fd94628b0abaf4a8e632e3e08bb413e938b6423f92ac469fb8a1dec66d9c9095150cead5c61e8151e72b0b27570df6406b613b7d13e445821068f541736c35d4e18d20dacdbf72635ad027f88ba532fd3001daceab54d47d90e477e2bf5a96f19d91796377af554395c366f51ffb64cb90ebe767e8912e193b0d7a6b19603f9962d97f83d0c8cf473be13f0fa0749285cb2e4c8b2cd55b138d3bb4a9f9f46390ec836bd5b57817fea6a2&url=https%3A%2F%2Fwww.debijenkorf.nl%2Fmos-mosh-mmthora-fijngebreide-pullover-in-alpaca-wolblend-met-v-hals-2923012434-292301645500000%3Fkk%3Da4c6293-19381c1e6d6-68c40e%26utm_medium%3Dvergelijkers%26utm_source%3DKelkoo.nl%26utm_campaign%3Dcpc%26utm_content%3Dbrand_id%26utm_source_platform%3DKelkooGroup&initiator=dd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://28882574-7740-ex.alumniterist.com/iSZEDIU0NAjaQ8wooFjEKiFBnJMRooyIcqtUM8qZH5oUZJmRp4sE_MmJB9Zjc92ZxI8AIaZxgfrWQumxGvu7YAmUmsLBsbOBdAsWSte6WqD5GdNsF439KWgs-sLy?kws=amour%2Cangels%2Cfree%2Cgallery%2Cpicture%2Camourangels%2Cfrom%2Ccute%2Cbaby%2Ccom&abl=0&fsb=0&pageUri=http...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
https://redwingshere.xyz/go/8286/3?subid2={hostId}

Request Chain 8

https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false HTTP 302
https://gaimauroogrou.net/4/7393037/?var=8477354

Request Chain 15

https://gaimauroogrou.net/?z=7393037&syncedCookie=false&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=887033506948190256&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/debijenkorf-nl-nl-cpc?pubId=10439&subId=887033506948190256&country=NL&campaignid=8543943

Request Chain 17

https://clcktrck.com/nl/s/red_u_plain.php?uid=279365690&t=direct&s=22214&pub=10439&d=debijenkorf.nl HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764e80684cc4d310bc66e131155660ba536090a0f4bf3a243ed6eb07e6ee2037e6f HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764902116f125c0c948c309aec3be08899f60d9c6d7b8bd7782dcd0d62b5d576906 HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNGIzNmNjYzE4YWMyMWRhMTNhYzY2NTkyOTZhNmFhOWExNjlmNDdlYjJmMjRlOWUyNWRhMWRhYTZmZDFhZGVkZTYzYTliYWIyODRjODZjZjU4N2E4MDNmMGFkMzQxOGZjMTFlNzE1MGJjNDVmN2E1MjE3ZDVlYWY0MzIyYTQxNzY0OTAyMTE2ZjEyNWMwYzk0OGMzMDlhZWMzYmUwODg5OWY2MGQ5YzZkN2I4YmQ3NzgyZGNkMGQ2MmI1ZDU3NjkwNj9tPTE%253D HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764902116f125c0c948c309aec3be08899f60d9c6d7b8bd7782dcd0d62b5d576906?m=1

Request Chain 18

https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764902116f125c0c948c309aec3be08899f60d9c6d7b8bd7782dcd0d62b5d576906?m=2 HTTP 302
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

3 Show response
redwingshere.xyz/go/8286/
Redirect Chain

https://28882574-7740-ex.alumniterist.com/iSZEDIU0NAjaQ8wooFjEKiFBnJMRooyIcqtUM8qZH5oUZJmRp4sE_MmJB9Zjc92ZxI8AIaZxgfrWQumxGvu7YAmUmsLBsbOBdAsWSte6WqD5GdNsF439KWgs-sLy?kws=amour%2Cangels%2Cfree%2Cga...
https://redwingshere.xyz/go/8286/3?subid2={hostId}

293 B
773 B

215ms
80ms

Document
text/html

37.114.46.212
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.114.46.212 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 212.46.114.37.in-addr.arpa
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 20a52f94934cd14bfc5e47ddb42a3307fc2b481131d9fefe85f790f10a6b191f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: identity
Content-Length: 293
Content-Type: text/html; charset=utf-8
Date: Sun, 01 Dec 2024 10:26:26 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sun, 01 Dec 2024 10:26:26 GMT
Pragma: no-cache
Server: nginx/1.24.0 (Ubuntu)

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 01 Dec 2024 10:26:26 GMT
expires: Sun, 01 Dec 2024 10:26:26 UTC
last-modified: Sun, 01 Dec 2024 10:26:26 UTC
location: https://redwingshere.xyz/go/8286/3?subid2={hostId}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: no-referrer
server: nginx

GET
H2 200 8477354 Show response
gaimauroogrou.net/4/ 31 KB
15 KB 122ms
39ms Document
text/html 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

7e2883964c49b46f406fb6d36bd96c0ab02b0a9b706408fff80e387836f7ca5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sun, 01 Dec 2024 10:26:27 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 60a8015b13bf575a11990fdc90db7c9e

GET
H/1.1 200
OK favicon.ico
redwingshere.xyz/ 0
170 B 73ms
73ms Other
text/html 37.114.46.212
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.114.46.212 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 212.46.114.37.in-addr.arpa
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Date: Sun, 01 Dec 2024 10:26:26 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx/1.24.0 (Ubuntu)
Connection: keep-alive

GET
H3 200 img.gif
my.rtmark.net/ 43 B
875 B 85ms
53ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00812530e34241d0f7ddf266ea30c131&z=8477354&p_rid=c1d6c4c6-f8c9-4021-8216-af3a9619b6c2&p_src=sf

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UNHxJgde5MrPoIAvYPQgplDeUCl33XH6TQ%2FKD0S5ZxKqmeWS3AGgTZ8NAIoacPe%2FPNBl233BxPCgMSpgF3RfKlpZYTKNPu0THpliqls49D%2BcVFTje1bL2ZF3pTlrd0q"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22585&min_rtt=22227&rtt_var=5165&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4096&recv_bytes=4481&delivery_rate=24934&cwnd=12000&unsent_bytes=0&cid=91f7d12a9182b8d1&ts=60&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 10:26:27 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8eb2610799766ec9-CDG
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 200 sftouch
gaimauroogrou.net/ 43 B
651 B 16ms
16ms Image
image/gif 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gaimauroogrou.net/sftouch?userId=00812530e34241d0f7ddf266ea30c131&z=8477354&p_rid=c1d6c4c6-f8c9-4021-8216-af3a9619b6c2&p_src=sf&branchId=0&rb=PaqYrXDFj5z8XxlxS4idBdBGeF2cQ1LNq3LC5oM63rvZwOZbP60Th0QDvkGRUPPIg14Q4__AMjT7mlYv4MGZTsBQuw6XisnM8VqIHwpLq6Ay2kZJDjXCzjqhFyF1rptDdfbA6E3lT4HdNLB3gkcSp4TW8lcZtkxg240p4VJ1j6spe79PyFO9MOGemxm8Dgr_Fmy-9mHm-VyVV0li_LvXF9_N_KnLmW2ktdpz1CuE-6Cs0LjAwRJrCkDnHAhN4cbM7I7qxazxw6tldECKA0dVj83ZKgormpXVi4fWuhowLSlM0pE6haxytNkZkn3uuyhWXCMuWASUgYdNj-7644gHpw==&w_img=1

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082

Response headers

access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Sun, 01 Dec 2024 10:26:27 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 8d812e10ebfc9013eee94c5bf50efaec
access-control-allow-origin: *
content-length: 43
server: nginx

POST
H2 200 add Show response
gaimauroogrou.net/log/ 12 B
386 B 18ms
16ms XHR
application/json 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c1d6c4c6-f8c9-4021-8216-af3a9619b6c2

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gaimauroogrou.net
content-length: 12
date: Sun, 01 Dec 2024 10:26:27 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H2 200 add Show response
gaimauroogrou.net/async_log/ 0
340 B 18ms
17ms XHR
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c1d6c4c6-f8c9-4021-8216-af3a9619b6c2

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gaimauroogrou.net
content-length: 0
date: Sun, 01 Dec 2024 10:26:27 GMT
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 204 favicon.ico
gaimauroogrou.net/ 0
150 B 16ms
16ms Other
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gaimauroogrou.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sun, 01 Dec 2024 10:26:27 GMT
pragma: public
server: nginx

GET
H2

200

/ Show response
gaimauroogrou.net/4/7393037/
Redirect Chain

https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false
https://gaimauroogrou.net/4/7393037/?var=8477354

31 KB
15 KB

19ms
19ms

Document
text/html

139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/4/7393037/?var=8477354

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

bbbc75a44984ff2214d74741431f458775f49dfc954f6334f21f39881ba98d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://gaimauroogrou.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sun, 01 Dec 2024 10:26:27 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 3ff1ed641d02057f73db1965538e9ed6

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gaimauroogrou.net
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sun, 01 Dec 2024 10:26:27 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://gaimauroogrou.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://gaimauroogrou.net/4/7393037/?var=8477354
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 656bc88a8276f88e862453cdd18712ab

GET
H2 204 favicon.ico
gaimauroogrou.net/ 0
0 0ms
0ms Other
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gaimauroogrou.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/afu.php?zoneid=8477354&var=8477354&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sun, 01 Dec 2024 10:26:27 GMT
pragma: public
server: nginx

POST
H3 200 img.gif
my.rtmark.net/ 43 B
862 B 53ms
53ms Ping
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00812530e34241d0f7ddf266ea30c131&z=7393037&p_rid=2d66dc06-40bd-4fc3-ada7-5d50529e675d&p_src=sf

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9WlTw4GLBnjgjs6RXWAM%2FnGyi3GFModrP%2Bsix3CqMxUoFFsjDBz4C1qk0IFRiOQym6rt%2FSBCrJQUxpzC0ad5wuCU8p6EXir5NdTpLEFnRFCzQb7A0CuFmOmoUnfcqmQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23077&min_rtt=22227&rtt_var=4858&sent=12&recv=11&lost=0&retrans=0&sent_bytes=5018&recv_bytes=4943&delivery_rate=34860&cwnd=12000&unsent_bytes=0&cid=91f7d12a9182b8d1&ts=200&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 10:26:27 GMT
content-type: image/gif
priority: u=4,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8eb261087a8a6ec9-CDG
access-control-allow-origin: https://gaimauroogrou.net
content-length: 43
server: cloudflare

GET
H2 200 sftouch
gaimauroogrou.net/ 43 B
652 B 17ms
17ms Image
image/gif 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gaimauroogrou.net/sftouch?userId=00812530e34241d0f7ddf266ea30c131&z=7393037&p_rid=2d66dc06-40bd-4fc3-ada7-5d50529e675d&p_src=sf&branchId=0&rb=qf3G1KSoL4Qys1s3WZhbSnZY18X072BrYJYm0XsYHWpPnmumS-uWbsyzqje5zKyjP49E0CeAs8E4neCOh3sA2kK6eQ51UXcYqxz81Bncy-wwUXY_cU8w6ueW5s9Sp2lMhkn4zHEV-247QF5Bw05rUDjr5D3MNgm9DirpvwdMFfmtnlxFzIM6rDTlNIMmnoy8VoV6aghHVY1SCCuxbcKl7oeOm0OkbCP7ZiMCvf5w07IF7O8ZrFffaFRtC6aSVDSYpN2VJQTs6NVDpFcTvn3dWRTPWWoSEshIW2Sh6uHlbFNUHTZll2L293Yg5-8=&w_img=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Sun, 01 Dec 2024 10:26:27 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 3c602e03972de68604b9aa98bbb341c5
access-control-allow-origin: *
content-length: 43
server: nginx

POST
H2 200 add
gaimauroogrou.net/log/ 12 B
386 B 24ms
23ms XHR
application/json 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=2d66dc06-40bd-4fc3-ada7-5d50529e675d

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gaimauroogrou.net
content-length: 12
date: Sun, 01 Dec 2024 10:26:27 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 204 favicon.ico
gaimauroogrou.net/ 0
0 0ms
0ms Other
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gaimauroogrou.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sun, 01 Dec 2024 10:26:27 GMT
pragma: public
server: nginx

POST
H2 200 add
gaimauroogrou.net/async_log/ 0
340 B 19ms
16ms XHR
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=2d66dc06-40bd-4fc3-ada7-5d50529e675d

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gaimauroogrou.net
content-length: 0
date: Sun, 01 Dec 2024 10:26:27 GMT
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2

200

debijenkorf-nl-nl-cpc
www.shoptastic.io/store/
Redirect Chain

https://gaimauroogrou.net/?z=7393037&syncedCookie=false&rhd=false
https://www.share365.net/vip/rds/nl?subId=887033506948190256&country=NL&campaignid=8543943
https://www.shoptastic.io/store/debijenkorf-nl-nl-cpc?pubId=10439&subId=887033506948190256&country=NL&campaignid=8543943

140 B
342 B

601ms
186ms

Document
text/html

54.176.247.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shoptastic.io/store/debijenkorf-nl-nl-cpc?pubId=10439&subId=887033506948190256&country=NL&campaignid=8543943
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.176.247.1 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-247-1.us-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://gaimauroogrou.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-language: en-US
content-type: text/html;charset=UTF-8
date: Sun, 01 Dec 2024 10:26:28 GMT
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8eb26109bcecb8d0-AMS
content-type: text/html; charset=UTF-8
date: Sun, 01 Dec 2024 10:26:27 GMT
location: https://www.shoptastic.io/store/debijenkorf-nl-nl-cpc?pubId=10439&subId=887033506948190256&country=NL&campaignid=8543943
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9kBGJ8R8HN77W0nAu1AjsIRfzuuehYvigImqKIa3W%2Fp3bYN31I9eG%2FTeq%2FhNekblvAftn4VVIlSGUv0UcTQ6qWTbmaaswzno0LGxgkycMLH9QqKNDCpiUy2pd4ztV7laXcCrP5Yts7kCntcfJc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=14755&min_rtt=14687&rtt_var=2387&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4024&recv_bytes=2337&delivery_rate=262532&cwnd=253&unsent_bytes=0&cid=488c9cb25a51b9d6&ts=76&x=0"
strict-transport-security: max-age=31536000

GET
H2 204 favicon.ico
gaimauroogrou.net/ 0
0 0ms
0ms Other
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gaimauroogrou.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/afu.php?zoneid=7393037&var=7393037&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sun, 01 Dec 2024 10:26:27 GMT
pragma: public
server: nginx

GET
H/1.1

200
OK

69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a4176490211... Show response
clcktrck.com/3340b07f6352b061e0908fa0e76668dc/
Redirect Chain

https://clcktrck.com/nl/s/red_u_plain.php?uid=279365690&t=direct&s=22214&pub=10439&d=debijenkorf.nl
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf5...
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf5...
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNGIzN...
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf5...

552 B
679 B

25ms
25ms

Document
text/html

3.73.249.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764902116f125c0c948c309aec3be08899f60d9c6d7b8bd7782dcd0d62b5d576906?m=1
Requested by: Host: www.shoptastic.io
URL: https://www.shoptastic.io/store/debijenkorf-nl-nl-cpc?pubId=10439&subId=887033506948190256&country=NL&campaignid=8543943
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a526f8e25b224ef165c9bb918f68de4e1d411d7dca114597a9495d7c38c2a4a5

Request headers

Referer: https://www.shoptastic.io/store/debijenkorf-nl-nl-cpc?pubId=10439&subId=887033506948190256&country=NL&campaignid=8543943
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Dec 2024 10:26:28 GMT
Referrer-Policy: origin
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Sun, 01 Dec 2024 10:26:28 GMT
location: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764902116f125c0c948c309aec3be08899f60d9c6d7b8bd7782dcd0d62b5d576906?m=1
referrer-policy: origin
server: nginx/1.18.0 (Ubuntu)

GET
H/1.1

200
OK

sitesearchGo Show response
nl-go.kelkoogroup.net/
Redirect Chain

https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf5...
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=10...

30 KB
31 KB

257ms
78ms

Document
text/html

95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

590299065a7dbf2b1e9733d7414479d913a13126f30dfabdf504e01d76d54348

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf4b36ccc18ac21da13ac6659296a6aa9a169f47eb2f24e9e25da1daa6fd1adede63a9bab284c86cf587a803f0ad3418fc11e7150bc45f7a5217d5eaf4322a41764902116f125c0c948c309aec3be08899f60d9c6d7b8bd7782dcd0d62b5d576906?m=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 30281
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Dec 2024 10:26:27 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.031832858S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMAWpB_3yypaxcAH8yWbA==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698147_1733048788694_58918981
country: nl
leadId: 629D01JE0W3SQBR2A2XX80J6YSR78K

Redirect headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Dec 2024 10:26:28 GMT
Location: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Referrer-Policy: origin
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK favicon.ico
clcktrck.com/ 0
230 B 47ms
22ms Other
image/x-icon 3.73.249.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clcktrck.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://clcktrck.com/

Response headers

ETag: "645a16d2-0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Date: Sun, 01 Dec 2024 10:26:28 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 09 May 2023 09:48:02 GMT
Server: nginx

GET
H/1.1 200
OK p.png
nl-go.kelkoogroup.net/assets/images/ 68 B
597 B 21ms
21ms Image
image/png 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nl-go.kelkoogroup.net/assets/images/p.png?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf6992667440adbdf99243477437f98b13b508d5088f7515b792022637eafa97020576638dd4d7f0dd4cdecd6bead8e7a24502586e204dd7377a8c0ae06922215958e5cdbb0c24e4dd6fc4554b4c597e87b5384e0405fd94628b0abaf4a8e632e3e08bb413e938b6423f92ac469fb8a1dec66d9c9095150cead5c61e8151e72b0b27570df6406b613b7d13e445821068f541736c35d4e18d20dacdbf72635ad027f88ba532fd3001daceab54d47d90e477e2bf5a96f19d91796377af554395c366f51ffb64cb90ebe767e8912e193b0d7a6b19603f9962d97f83d0c8cf473be13f0fa0749285cb2e4c8b2cd55b138d3bb4a9f9f46390ec836bd5b57817fea6a2

Requested by

Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: private, must-revalidate
leadId: 629D01JE0W3SQBR2A2XX80J6YSR78K
Request-Time: PT0.001790483S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698147_1733048788694_58918981
country: nl
X-Content-Type-Options: nosniff
Content-Length: 68
X-XSS-Protection: 1; mode=block
Date: Sun, 01 Dec 2024 10:26:28 GMT
Content-Type: image/png
X-Frame-Options: DENY

GET
H2 200 tags.js Show response
dd.kelkoogroup.net/ 169 KB
32 KB 112ms
24ms Script
text/javascript 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-4.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

content-encoding: gzip
x-amz-version-id: srBbjf4IpQWkR6dukRm3KeuXFeESXHnZ
etag: W/"f413de3002ba35101fcc6ab056e87d4b"
age: 547
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 4neERocbe0mgdgGN-KFkUu1N1HJcGR6QJzkmJBVISVtFOmtq-ow-pw==
date: Sun, 01 Dec 2024 10:17:23 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Tue, 19 Nov 2024 10:41:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600, public
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
www.google-analytics.com/g/ 0
556 B 93ms
20ms Ping
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-42767ZEKSC&_p=959759317&sr=1600x1200&ul=nl-nl&cid=620635013.1733048789&uid=a4c6293-19381c1e6d6-68c40e&_fv=1&_s=1&dl=https%3A%2F%2Fnl-go.kelkoogroup.net%2FsitesearchGo%3F.ts%3D1733048429848%26.sig%3D84hcxT9VTbs9JDA_gzPq9lulUDk-%26affiliationId%3D96967162%26comId%3D100522318%26country%3Dnl%26offerId%3D00d8c63c3e93cd02b2813d66179616d8%26searchId%3D107610035262035_1733048429821_58529850%26service%3D36%26tokenId%3D2ce8ff34-60c1-45cc-8742-5d09b81fd7c3%26addedParams%3Dtrue%26publisherClickId%3Dfca588215a3ae01d6a1aa8fd2d6a9a26%26originReferer%3Ddiscounthero.org%26publisherSubId%3D61c38133cdcdc763f37eb6d78c64f295%26publisherTrafficType%3Dcashback&dt=U%20wordt%20doorgestuurd%20naar%20Debijenkorf.nl&dr=https%3A%2F%2Fclcktrck.com%2F&dp=%2F96967162%7C100522318%7C&sid=1733048789&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96967162&ep.cd2=629D01JE0W3SQBR2A2XX80J6YSR78K&ep.cd3=100522318&ep.cd4=a4c6293-19381c1e6d6-68c40e&ep.cd5=&ep.cd6=96967162%7C100522318%7C
Requested by: Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://nl-go.kelkoogroup.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 01 Dec 2024 10:26:29 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 404
Not Found ados.js Show response
nl-go.kelkoogroup.net/ 1 KB
2 KB 22ms
22ms XHR
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/ados.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Request-Time: PT0.000480363S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
Content-Length: 1140
X-XSS-Protection: 1; mode=block
Date: Sun, 01 Dec 2024 10:26:28 GMT
Content-Type: text/html; charset=UTF-8
X-Frame-Options: DENY

POST
H/1.1 200
OK fp
nl-go.kelkoogroup.net/ 0
503 B 23ms
22ms Ping
text/plain 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/fp?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf6992667440adbdf99243477437f98b13b508d5088f7515b792022637eafa97020576638dd4d7f0dd4cdecd6bead8e7a24502586e204dd7377a8c0ae06922215958e5cdbb0c24e4dd6fc4554b4c597e87b5384e0405fd94628b0abaf4a8e632e3e08bb413e938b6423f92ac469fb8a1dec66d9c9095150cead5c61e8151e72b0b27570df6406b613b7d13e445821068f541736c35d4e18d20dacdbf72635ad027f88ba532fd3001daceab54d47d90e477e2bf5a96f19d91796377af554395c366f51ffb64cb90ebe767e8912e193b0d7a6b19603f9962d97f83d0c8cf473be13f0fa0749285cb2e4c8b2cd55b138d3bb4a9f9f46390ec836bd5b57817fea6a2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8
sec-ch-device-memory: 8

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
leadId: 629D01JE0W3SQBR2A2XX80J6YSR78K
Request-Time: PT0.003766237S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698147_1733048788694_58918981
country: nl
X-Content-Type-Options: nosniff
Content-Length: 0
X-XSS-Protection: 1; mode=block
Date: Sun, 01 Dec 2024 10:26:28 GMT
Content-Type: text/plain; charset=UTF-8
X-Frame-Options: DENY

GET 2a7764a3-2291-41df-be7c-d3f041422856
https://nl-go.kelkoogroup.net/ Frame 0
0

POST
H2 200 /
dd.kelkoogroup.net/js/ 236 B
645 B 71ms
27ms XHR
application/json 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/js/

Requested by

Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-4.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://nl-go.kelkoogroup.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
expires: 0
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 236
x-amz-cf-id: 9F0xW2WAAw6lHBsJyfCd_gSbE4S0kreZC3Oc_IOHFXJo33pDjZ6kgQ==
date: Sun, 01 Dec 2024 10:26:29 GMT
content-type: application/json;charset=utf-8
x-amz-cf-pop: FRA56-P5
server: DataDome

GET
H/1.1 403
Forbidden Primary Request redirect Show response
nl-go.kelkoogroup.net/ 725 B
2 KB 34ms
34ms Document
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf6992667440adbdf99243477437f98b13b508d5088f7515b792022637eafa97020576638dd4d7f0dd4cdecd6bead8e7a24502586e204dd7377a8c0ae06922215958e5cdbb0c24e4dd6fc4554b4c597e87b5384e0405fd94628b0abaf4a8e632e3e08bb413e938b6423f92ac469fb8a1dec66d9c9095150cead5c61e8151e72b0b27570df6406b613b7d13e445821068f541736c35d4e18d20dacdbf72635ad027f88ba532fd3001daceab54d47d90e477e2bf5a96f19d91796377af554395c366f51ffb64cb90ebe767e8912e193b0d7a6b19603f9962d97f83d0c8cf473be13f0fa0749285cb2e4c8b2cd55b138d3bb4a9f9f46390ec836bd5b57817fea6a2&url=https%3A%2F%2Fwww.debijenkorf.nl%2Fmos-mosh-mmthora-fijngebreide-pullover-in-alpaca-wolblend-met-v-hals-2923012434-292301645500000%3Fkk%3Da4c6293-19381c1e6d6-68c40e%26utm_medium%3Dvergelijkers%26utm_source%3DKelkoo.nl%26utm_campaign%3Dcpc%26utm_content%3Dbrand_id%26utm_source_platform%3DKelkooGroup&initiator=dd

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3b80e700c754c130100b9a8c642387f177ab42b369b4e3540d9b5bcb6a3cf68f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 725
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Dec 2024 10:26:29 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.015243865S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMAWpB_3yypaxcAH8yWbA==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block

GET
H2 200 c.js Show response
ct.captcha-delivery.com/ 11 KB
11 KB 102ms
25ms Script
text/javascript 65.9.66.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.captcha-delivery.com/c.js
Requested by: Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf6992667440adbdf99243477437f98b13b508d5088f7515b792022637eafa97020576638dd4d7f0dd4cdecd6bead8e7a24502586e204dd7377a8c0ae06922215958e5cdbb0c24e4dd6fc4554b4c597e87b5384e0405fd94628b0abaf4a8e632e3e08bb413e938b6423f92ac469fb8a1dec66d9c9095150cead5c61e8151e72b0b27570df6406b613b7d13e445821068f541736c35d4e18d20dacdbf72635ad027f88ba532fd3001daceab54d47d90e477e2bf5a96f19d91796377af554395c366f51ffb64cb90ebe767e8912e193b0d7a6b19603f9962d97f83d0c8cf473be13f0fa0749285cb2e4c8b2cd55b138d3bb4a9f9f46390ec836bd5b57817fea6a2&url=https%3A%2F%2Fwww.debijenkorf.nl%2Fmos-mosh-mmthora-fijngebreide-pullover-in-alpaca-wolblend-met-v-hals-2923012434-292301645500000%3Fkk%3Da4c6293-19381c1e6d6-68c40e%26utm_medium%3Dvergelijkers%26utm_source%3DKelkoo.nl%26utm_campaign%3Dcpc%26utm_content%3Dbrand_id%26utm_source_platform%3DKelkooGroup&initiator=dd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

x-amz-version-id: null
etag: "1fd766ce129c8b2cae0770e023a22682"
age: 1369
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11217
x-amz-cf-id: xtnR4nWpI0cBSTYCnwxcy9TO4qTq6xck83vlewO2Y6ZnKxs2b-28TQ==
date: Sun, 01 Dec 2024 10:03:41 GMT
content-type: text/javascript
last-modified: Fri, 22 Nov 2024 10:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK /
geo.captcha-delivery.com/captcha/ Frame D80A 0
0 100ms
29ms Document
text/html 3.125.247.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAWpB_3yypaxcAH8yWbA%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=ffYUKZpVP0hNY_d_6hqKTiczckt8aopvuNCLyPRNVe6spCGoCeJzITyatahtH8hN8f3UplJvv_uWvkfXhQBM2F~ALW~JvNbbPN4y00E0ag50dBrWN7uIKicXhIj2dwvo&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf6992667440adbdf99243477437f98b13b508d5088f7515b792022637eafa97020576638dd4d7f0dd4cdecd6bead8e7a24502586e204dd7377a8c0ae06922215958e5cdbb0c24e4dd6fc4554b4c597e87b5384e0405fd94628b0abaf4a8e632e3e08bb413e938b6423f92ac469fb8a1dec66d9c9095150cead5c61e8151e72b0b27570df6406b613b7d13e445821068f541736c35d4e18d20dacdbf72635ad027f88ba532fd3001daceab54d47d90e477e2bf5a96f19d91796377af554395c366f51ffb64cb90ebe767e8912e193b0d7a6b19603f9962d97f83d0c8cf473be13f0fa0749285cb2e4c8b2cd55b138d3bb4a9f9f46390ec836bd5b57817fea6a2%26url%3Dhttps%253A%252F%252Fwww.debijenkorf.nl%252Fmos-mosh-mmthora-fijngebreide-pullover-in-alpaca-wolblend-met-v-hals-2923012434-292301645500000%253Fkk%253Da4c6293-19381c1e6d6-68c40e%2526utm_medium%253Dvergelijkers%2526utm_source%253DKelkoo.nl%2526utm_campaign%253Dcpc%2526utm_content%253Dbrand_id%2526utm_source_platform%253DKelkooGroup%26initiator%3Ddd&s=35103&e=6e823d5e184928937506f71a4d5a43fce0c6bfb7ed9a518e8588d9238ed43c7b&dm=cd
Requested by: Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.125.247.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://nl-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sun, 01 Dec 2024 10:26:29 GMT
Transfer-Encoding: chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nl-go.kelkoogroup.net
URL: blob:https://nl-go.kelkoogroup.net/2a7764a3-2291-41df-be7c-d3f041422856

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dd

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
redwingshere.xyz/	1970-01-21 01:24:57	Name: mobitck Value: 1
gaimauroogrou.net/	1970-01-21 10:09:44	Name: OAID Value: 00812530e34241d0f7ddf266ea30c131
gaimauroogrou.net/	1970-01-21 10:09:44	Name: oaidts Value: 1733048787
my.rtmark.net/	1970-01-21 10:09:44	Name: ID Value: 00812530e34241d0f7ddf266ea30c131
gaimauroogrou.net/	1970-01-21 01:34:13	Name: syncedCookie Value: true
www.share365.net/	1970-01-21 01:24:15	Name: XSRF-TOKEN Value: eyJpdiI6IjNpSHFxTHcyeWlQNWhtWFJcL282REt3PT0iLCJ2YWx1ZSI6Im1QQktkVkIycGRmVEZTSHdtd3ZCQU9mN0VOZ2M2NDhaWlBiSVhwcG55S3Juc3dIdUd1QktCbStWNnhcL2M2THBDIiwibWFjIjoiN2JhY2FjYzk3ZGQyYjkyNmQ4YzMzMmE0MzMxYmMzMGJjYmU0NzQzODAyMDJhNWFhM2ZlOGIxZDFkZjQ2NWMwYyJ9
www.share365.net/	1970-01-21 01:24:15	Name: laravel_session Value: eyJpdiI6Ilc1K213NU03WDUxb0F1dFBwZU5IMnc9PSIsInZhbHVlIjoiSVNCT3FnUkNoRmszUUwwSkNRT1l2eVBGMkkyZnFrUEVIdzdQa2thYkZ6NnFiYzRTZ0k0ZTIxaEpJMStOZ1BzUSIsIm1hYyI6ImRmZTMyMjFiMmM2Y2FmNjg2NmFmMDAxMTYxODg2YmZhMjM4ZDMzMzUzYzIwYjkwMDE3NTUwNjdiODFlOWE3OWEifQ%3D%3D
www.share365.net/	1970-01-21 01:24:12	Name: __cflb Value: 04dToYdiiqmwtkSqN2gkCjonAdP7MKkLJMQk7smMrs
.kelkoogroup.net/	1970-01-21 10:09:44	Name: kelkooID Value: a4c6293-19381c1e6d6-68c40e
.kelkoogroup.net/	1970-01-21 10:02:32	Name: datadome Value: ffYUKZpVP0hNY_d_6hqKTiczckt8aopvuNCLyPRNVe6spCGoCeJzITyatahtH8hN8f3UplJvv_uWvkfXhQBM2F~ALW~JvNbbPN4y00E0ag50dBrWN7uIKicXhIj2dwvo

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159tbq9c00082 Message: [GroupMarkerNotSet(crbug.com/242999)!:A060410C2C3B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://gaimauroogrou.net/afu.php?zoneid=8477354&var=8477354&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D043012C3B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://gaimauroogrou.net/4/7393037/?var=8477354 Message: [GroupMarkerNotSet(crbug.com/242999)!:A07043012C3B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://gaimauroogrou.net/afu.php?zoneid=7393037&var=7393037&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D043012C3B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1733048429848&.sig=84hcxT9VTbs9JDA_gzPq9lulUDk-&affiliationId=96967162&comId=100522318&country=nl&offerId=00d8c63c3e93cd02b2813d66179616d8&searchId=107610035262035_1733048429821_58529850&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=fca588215a3ae01d6a1aa8fd2d6a9a26&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback(Line 28) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212bec6211b6fe22c3c7bf6992667440adbdf99243477437f98b13b508d5088f7515b792022637eafa97020576638dd4d7f0dd4cdecd6bead8e7a24502586e204dd7377a8c0ae06922215958e5cdbb0c24e4dd6fc4554b4c597e87b5384e0405fd94628b0abaf4a8e632e3e08bb413e938b6423f92ac469fb8a1dec66d9c9095150cead5c61e8151e72b0b27570df6406b613b7d13e445821068f541736c35d4e18d20dacdbf72635ad027f88ba532fd3001daceab54d47d90e477e2bf5a96f19d91796377af554395c366f51ffb64cb90ebe767e8912e193b0d7a6b19603f9962d97f83d0c8cf473be13f0fa0749285cb2e4c8b2cd55b138d3bb4a9f9f46390ec836bd5b57817fea6a2&url=https%3A%2F%2Fwww.debijenkorf.nl%2Fmos-mosh-mmthora-fijngebreide-pullover-in-alpaca-wolblend-met-v-hals-2923012434-292301645500000%3Fkk%3Da4c6293-19381c1e6d6-68c40e%26utm_medium%3Dvergelijkers%26utm_source%3DKelkoo.nl%26utm_campaign%3Dcpc%26utm_content%3Dbrand_id%26utm_source_platform%3DKelkooGroup&initiator=dd Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28882574-7740-ex.alumniterist.com
clcktrck.com
ct.captcha-delivery.com
dd.kelkoogroup.net
discountheld.de
gaimauroogrou.net
geo.captcha-delivery.com
my.rtmark.net
nl-go.kelkoogroup.net
redwingshere.xyz
www.google-analytics.com
www.share365.net
www.shoptastic.io
nl-go.kelkoogroup.net
139.45.197.243
18.66.112.4
188.114.97.3
2001:4860:4802:34::178
2606:4700:3108::ac42:2b0b
3.125.247.22
3.66.53.110
3.73.249.248
37.114.46.212
54.176.247.1
65.9.66.86
88.208.22.3
95.211.116.26
0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0
20a52f94934cd14bfc5e47ddb42a3307fc2b481131d9fefe85f790f10a6b191f
3b80e700c754c130100b9a8c642387f177ab42b369b4e3540d9b5bcb6a3cf68f
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
590299065a7dbf2b1e9733d7414479d913a13126f30dfabdf504e01d76d54348
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
7e2883964c49b46f406fb6d36bd96c0ab02b0a9b706408fff80e387836f7ca5e
a526f8e25b224ef165c9bb918f68de4e1d411d7dca114597a9495d7c38c2a4a5
b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430
bbbc75a44984ff2214d74741431f458775f49dfc954f6334f21f39881ba98d60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

nl-go.kelkoogroup.net Open in urlscan Pro 95.211.116.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

15 %IPv6

11 Domains

13 Subdomains

11 IPs

4 Countries

115 kBTransfer

274 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

15 %
IPv6

11
Domains

13
Subdomains

11
IPs

4
Countries

115 kB
Transfer

274 kB
Size

10
Cookies

30 HTTP transactions
0 data transactions