urlscan.io logo urlscan.io
SecurityTrails logo

nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyK...
Effective URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff1...
Submission: On November 30 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 30 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is nl-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.
This is the only time nl-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 88.208.22.2 39572 (ADVANCEDH...)
4 139.45.196.64 9002 (RETN-AS R...)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 104.18.23.222 13335 (CLOUDFLAR...)
2 8 104.18.22.222 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 172.66.40.245 13335 (CLOUDFLAR...)
1 54.176.247.1 16509 (AMAZON-02)
5 7 3.73.249.248 16509 (AMAZON-02)
1 1 3.66.53.110 16509 (AMAZON-02)
6 95.211.116.26 60781 (LEASEWEB-...)
2 18.66.112.3 16509 (AMAZON-02)
1 142.250.185.78 15169 (GOOGLE)
1 65.9.66.83 16509 (AMAZON-02)
1 3.125.247.22 16509 (AMAZON-02)
30 14
2    88.208.22.2 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
28880963-32451-ex.preaterioression.com
4    139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
leikovoleikamarada.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
1    104.18.23.222 (None, )

ASN13335 (CLOUDFLARENET, US)
taiwoudoastuph.net
8    104.18.22.222 (None, )

ASN13335 (CLOUDFLARENET, US)
taiwoudoastuph.net
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
1    172.66.40.245 (United States)

ASN13335 (CLOUDFLARENET, US)
www.share365.net
1    54.176.247.1 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-247-1.us-west-1.compute.amazonaws.com
www.shoptastic.io
7    3.73.249.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
clcktrck.com
1    3.66.53.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: portal-cockpit.noctemque.com
discountheld.de
6    95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
nl-go.kelkoogroup.net
2    18.66.112.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-3.fra56.r.cloudfront.net
dd.kelkoogroup.net
1    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
1    65.9.66.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-83.fra56.r.cloudfront.net
ct.captcha-delivery.com
1    3.125.247.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com
geo.captcha-delivery.com
Apex Domain
Subdomains		 Transfer
9 taiwoudoastuph.net
taiwoudoastuph.net — Cisco Umbrella Rank: 326918
18 KB
8 kelkoogroup.net
nl-go.kelkoogroup.net
dd.kelkoogroup.net — Cisco Umbrella Rank: 296022
68 KB
7 clcktrck.com
clcktrck.com — Cisco Umbrella Rank: 159985
4 KB
4 leikovoleikamarada.com
leikovoleikamarada.com — Cisco Umbrella Rank: 908885
16 KB
2 captcha-delivery.com
ct.captcha-delivery.com — Cisco Umbrella Rank: 30248
geo.captcha-delivery.com — Cisco Umbrella Rank: 23657
11 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
2 KB
2 preaterioression.com
28880963-32451-ex.preaterioression.com
4 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
556 B
1 discountheld.de
discountheld.de — Cisco Umbrella Rank: 408461
2 KB
1 shoptastic.io
www.shoptastic.io — Cisco Umbrella Rank: 279931
344 B
1 share365.net
www.share365.net — Cisco Umbrella Rank: 481928
3 KB
0 google.com Failed
ads.google.com Failed
30 12
Domain Requested by
9 taiwoudoastuph.net 2 redirects leikovoleikamarada.com
taiwoudoastuph.net
7 clcktrck.com 5 redirects www.shoptastic.io
6 nl-go.kelkoogroup.net nl-go.kelkoogroup.net
4 leikovoleikamarada.com 28880963-32451-ex.preaterioression.com
leikovoleikamarada.com
2 dd.kelkoogroup.net nl-go.kelkoogroup.net
dd.kelkoogroup.net
2 my.rtmark.net leikovoleikamarada.com
taiwoudoastuph.net
2 28880963-32451-ex.preaterioression.com 1 redirects
1 geo.captcha-delivery.com ct.captcha-delivery.com
1 ct.captcha-delivery.com nl-go.kelkoogroup.net
1 www.google-analytics.com nl-go.kelkoogroup.net
1 discountheld.de 1 redirects
1 www.shoptastic.io
1 www.share365.net 1 redirects
0 ads.google.com Failed 28880963-32451-ex.preaterioression.com
30 14

This site contains no links.

Subject Issuer Validity Valid
*.preaterioression.com
R11		 2024-09-28 -
2024-12-27		 3 months crt.sh
leikovoleikamarada.com
R11		 2024-10-01 -
2024-12-30		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
taiwoudoastuph.net
WE1		 2024-11-12 -
2025-02-10		 3 months crt.sh
shoptastic.io
Amazon RSA 2048 M03		 2024-10-06 -
2025-11-05		 a year crt.sh
clcktrck.com
E6		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.kelkoogroup.net
Thawte TLS RSA CA G1		 2024-09-26 -
2025-10-10		 a year crt.sh
dd.kelkoogroup.net
E6		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.captcha-delivery.com
Amazon RSA 2048 M02		 2024-07-25 -
2025-08-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff152d55737b3c421dbc7293094b2e8205642225e14c982881d37121ff92015a525e7e569af24e6431555c5d9d9f842de7f7ec8790fe6e21ac406e1a85b4be6a40fdf2df287b01f760e7140cfb4a3d645202c38a7f60c35292018493e52c98d812c35fc01dd6b1122dcfb91c9e50eaef758ce886b31e01952bcaba9aa3d8ac799a55add4c14363ee885dba3ef40a1b6096c86d703cb6990d84389c997cf41598f755aeb9060aab30530716ebd6098ea5a45732aa17f2c4ffb5844b885ea043735f91a1be2f9397a42420596a3151c0464b8b78f234b6f5cdb6e3488407b2c5da2776b8fcd9dea241d41a1ebd5abc66b888d721537d75f4e725feb9af8c4626ab07f9e962da9ea79d8c633b524ddb473fcac96ecae20149f7e03316c47&url=https%3A%2F%2Fwww.marjoleinelisabeth.nl%2Fkleding%2F%3Ftt%3D34499_1953146_321679_62AE01JDY2D542PA569PYBQVS1NT32%26r%3Dhttps%253A%252F%252Fmarjoleinelisabeth.nl&initiator=timeout
Frame ID: 4EA206A78D6E89BFA4D144D93DED8ADF
Requests: 28 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAKXjMKdrRtywAsENQ7A%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=uOLF9EC5~SEnST6Pmrfr~JPFJzcbYLr~O305OEur2Umb7v_x3us9tSkBSKvgz7~INFqA2K_v1an6vKWbZxHclTtVldAayELY3xWHcTvqqt4lfMgwn8rDWFrhWDKK~2FZ&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff152d55737b3c421dbc7293094b2e8205642225e14c982881d37121ff92015a525e7e569af24e6431555c5d9d9f842de7f7ec8790fe6e21ac406e1a85b4be6a40fdf2df287b01f760e7140cfb4a3d645202c38a7f60c35292018493e52c98d812c35fc01dd6b1122dcfb91c9e50eaef758ce886b31e01952bcaba9aa3d8ac799a55add4c14363ee885dba3ef40a1b6096c86d703cb6990d84389c997cf41598f755aeb9060aab30530716ebd6098ea5a45732aa17f2c4ffb5844b885ea043735f91a1be2f9397a42420596a3151c0464b8b78f234b6f5cdb6e3488407b2c5da2776b8fcd9dea241d41a1ebd5abc66b888d721537d75f4e725feb9af8c4626ab07f9e962da9ea79d8c633b524ddb473fcac96ecae20149f7e03316c47%26url%3Dhttps%253A%252F%252Fwww.marjoleinelisabeth.nl%252Fkleding%252F%253Ftt%253D34499_1953146_321679_62AE01JDY2D542PA569PYBQVS1NT32%2526r%253Dhttps%25253A%25252F%25252Fmarjoleinelisabeth.nl%26initiator%3Dtimeout&s=35103&e=6c3701edc5ce9054372c3dcd0cb5ea27aa773bee0fb2608e00de7e459fb8b1eb&dm=cd
Frame ID: 2F27513410B1D0334FAF6B9A42234EAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

  1. https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7v... Page URL
  2. https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7v... HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
  3. https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
  4. https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rds/nl?subId=886638963740381235&country=NL&campaignid=8543943 HTTP 302
    https://www.shoptastic.io/store/marjoleinelisabeth-nl-cpc?pubId=10439&subId=886638963740381235&country... Page URL
  5. https://clcktrck.com/s/red_u_plain.php?uid=277434688&t=direct&s=22259&pub=10439&d=marjoleinelisab... HTTP 302
    https://clcktrck.com/nl/s/red_u_plain.php?uid=277434688&t=direct&s=22259&pub=10439&d=marjoleineli... HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
    https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2... HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... Page URL
  6. https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
    https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId... Page URL
  7. https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350e... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns

Page Statistics

30
Requests

93 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

119 kB
Transfer

283 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyKcgIfT71OY_16wRwMZcM79ka80wLOWQ?kws=beautiful%2Ctamil%2Csex%2Cwith%2Cher%2Cboyfriend%2Cleaked%2Cmms%2Cmydesi%2Cnet&abl=0&fsb=0&pageUri=h...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1 Page URL
  2. https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyKcgIfT71OY_16wRwMZcM79ka80wLOWQ?kws=beautiful%2Ctamil%2Csex%2Cwith%2Cher%2Cboyfriend%2Cleaked%2Cmms%2Cmydesi%2Cnet&abl=0&fsb=0&pageUri=h...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2232%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Sat%20Nov%2030%202024%2009%3A18%3A39%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
  3. https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
  4. https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rds/nl?subId=886638963740381235&country=NL&campaignid=8543943 HTTP 302
    https://www.shoptastic.io/store/marjoleinelisabeth-nl-cpc?pubId=10439&subId=886638963740381235&country=NL&campaignid=8543943 Page URL
  5. https://clcktrck.com/s/red_u_plain.php?uid=277434688&t=direct&s=22259&pub=10439&d=marjoleinelisabeth.nl HTTP 302
    https://clcktrck.com/nl/s/red_u_plain.php?uid=277434688&t=direct&s=22259&pub=10439&d=marjoleinelisabeth.nl HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78c20fa66a036fed15676addc81e2e87345ac2f6f717850ef9399e817d9ee0599e HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9f141fac0350453c352faafba2537d6f9def4c8b44f942a69a7c4e073a48 HTTP 302
    https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDU5YWE0N2E2MWRkMzU2ZjQ1YTZiNjVlZDllMTA5OWI0MDlhNzFiZWUyNTg4OTZiMDU0ZWI1ZjdlY2I2M2RjNThmYzVkZGU3MjNjOTg4MGE0NjgwMjEwNDc5MDM4OTMyOWViM2NkZWU0OGVhNjM0ZmE4NTc0MzBjMTZjMDdiZjc4YWIzYjlmMTQxZmFjMDM1MDQ1M2MzNTJmYWFmYmEyNTM3ZDZmOWRlZjRjOGI0NGY5NDJhNjlhN2M0ZTA3M2E0OD9tPTE%253D HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9f141fac0350453c352faafba2537d6f9def4c8b44f942a69a7c4e073a48?m=1 Page URL
  6. https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9f141fac0350453c352faafba2537d6f9def4c8b44f942a69a7c4e073a48?m=2 HTTP 302
    https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback Page URL
  7. https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff152d55737b3c421dbc7293094b2e8205642225e14c982881d37121ff92015a525e7e569af24e6431555c5d9d9f842de7f7ec8790fe6e21ac406e1a85b4be6a40fdf2df287b01f760e7140cfb4a3d645202c38a7f60c35292018493e52c98d812c35fc01dd6b1122dcfb91c9e50eaef758ce886b31e01952bcaba9aa3d8ac799a55add4c14363ee885dba3ef40a1b6096c86d703cb6990d84389c997cf41598f755aeb9060aab30530716ebd6098ea5a45732aa17f2c4ffb5844b885ea043735f91a1be2f9397a42420596a3151c0464b8b78f234b6f5cdb6e3488407b2c5da2776b8fcd9dea241d41a1ebd5abc66b888d721537d75f4e725feb9af8c4626ab07f9e962da9ea79d8c633b524ddb473fcac96ecae20149f7e03316c47&url=https%3A%2F%2Fwww.marjoleinelisabeth.nl%2Fkleding%2F%3Ftt%3D34499_1953146_321679_62AE01JDY2D542PA569PYBQVS1NT32%26r%3Dhttps%253A%252F%252Fmarjoleinelisabeth.nl&initiator=timeout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyKcgIfT71OY_16wRwMZcM79ka80wLOWQ?kws=beautiful%2Ctamil%2Csex%2Cwith%2Cher%2Cboyfriend%2Cleaked%2Cmms%2Cmydesi%2Cnet&abl=0&fsb=0&pageUri=h...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2232%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Sat%20Nov%2030%202024%2009%3A18%3A39%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Request Chain 6
  • https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
  • https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Request Chain 13
  • https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
  • https://www.share365.net/vip/rds/nl?subId=886638963740381235&country=NL&campaignid=8543943 HTTP 302
  • https://www.shoptastic.io/store/marjoleinelisabeth-nl-cpc?pubId=10439&subId=886638963740381235&country=NL&campaignid=8543943
Request Chain 16
  • https://clcktrck.com/s/red_u_plain.php?uid=277434688&t=direct&s=22259&pub=10439&d=marjoleinelisabeth.nl HTTP 302
  • https://clcktrck.com/nl/s/red_u_plain.php?uid=277434688&t=direct&s=22259&pub=10439&d=marjoleinelisabeth.nl HTTP 302
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78c20fa66a036fed15676addc81e2e87345ac2f6f717850ef9399e817d9ee0599e HTTP 302
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9f141fac0350453c352faafba2537d6f9def4c8b44f942a69a7c4e073a48 HTTP 302
  • https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDU5YWE0N2E2MWRkMzU2ZjQ1YTZiNjVlZDllMTA5OWI0MDlhNzFiZWUyNTg4OTZiMDU0ZWI1ZjdlY2I2M2RjNThmYzVkZGU3MjNjOTg4MGE0NjgwMjEwNDc5MDM4OTMyOWViM2NkZWU0OGVhNjM0ZmE4NTc0MzBjMTZjMDdiZjc4YWIzYjlmMTQxZmFjMDM1MDQ1M2MzNTJmYWFmYmEyNTM3ZDZmOWRlZjRjOGI0NGY5NDJhNjlhN2M0ZTA3M2E0OD9tPTE%253D HTTP 302
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9f141fac0350453c352faafba2537d6f9def4c8b44f942a69a7c4e073a48?m=1
Request Chain 17
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9f141fac0350453c352faafba2537d6f9def4c8b44f942a69a7c4e073a48?m=2 HTTP 302
  • https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyKcgIfT71OY_16wRwMZcM79ka80wLOWQ
28880963-32451-ex.preaterioression.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyKcgIfT71OY_16wRwMZcM79ka80wLOWQ?kws=beautiful%2Ctamil%2Csex%2Cwith%2Cher%2Cboyfriend%2Cleaked%2Cmms%2Cmydesi%2Cnet&abl=0&fsb=0&pageUri=h...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
8a32e09a94725b088b098202810678802ef4afca9e069ac1a86e9751758f6310

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Sat, 30 Nov 2024 08:18:39 GMT
expires
Sat, 30 Nov 2024 08:18:39 UTC
last-modified
Sat, 30 Nov 2024 08:18:39 UTC
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
vary
Accept-Encoding
/
ads.google.com/ 		0
0
link
leikovoleikamarada.com/
Redirect Chain
  • https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyKcgIfT71OY_16wRwMZcM79ka80wLOWQ?kws=beautiful%2Ctamil%2...
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid}
31 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Requested by
Host: 28880963-32451-ex.preaterioression.com
URL: https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyKcgIfT71OY_16wRwMZcM79ka80wLOWQ?kws=beautiful%2Ctamil%2Csex%2Cwith%2Cher%2Cboyfriend%2Cleaked%2Cmms%2Cmydesi%2Cnet&abl=0&fsb=0&pageUri=h...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
90671de166229db6c153ba2225b931bcf517b46de8f9c872b92390826dd963bb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyKcgIfT71OY_16wRwMZcM79ka80wLOWQ?kws=beautiful%2Ctamil%2Csex%2Cwith%2Cher%2Cboyfriend%2Cleaked%2Cmms%2Cmydesi%2Cnet&abl=0&fsb=0&pageUri=h...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sat, 30 Nov 2024 08:18:39 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
c45b9fc9d3e245a274bfaae4f644866e

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 30 Nov 2024 08:18:39 GMT
expires
Sat, 30 Nov 2024 08:18:39 UTC
last-modified
Sat, 30 Nov 2024 08:18:39 UTC
location
https://leikovoleikamarada.com/link?z=7205185&var={hostid}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
img.gif
my.rtmark.net/ 		43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008124c4a525458bfa337dd23bcbda2d&z=7205186&p_rid=61656931-fe80-4247-b0bc-62bc5cd3f7d3&p_src=sf
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zDWiJ%2BRj4Y2LT%2BnnOPLheoFcpbgIxLv0zD1ouOzAo7wgFDg%2BDQyzx2nUSGYNiDwN8O1ZK7qoPLPyibFyDV%2FR78h8b7uU425r3G23SFcxSndd8fkICCWr4s8ZaN00G0N"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12192&min_rtt=12034&rtt_var=2632&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4171&recv_bytes=4522&delivery_rate=48360&cwnd=12000&unsent_bytes=0&cid=9552ceca591cd6c1&ts=82&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 08:18:40 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8ea968797ef6d5a1-AMS
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
taiwoudoastuph.net/ 		43 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taiwoudoastuph.net/sftouch?userId=008124c4a525458bfa337dd23bcbda2d&z=7205186&p_rid=61656931-fe80-4247-b0bc-62bc5cd3f7d3&p_src=sf&branchId=0&rb=qeRLJOh2pF2Yf_olR-crdOpOTU3zbic7seBUlSGrQVqqHLBdfHpuhOTI63_eHRXWVvhBV_APd8KXaBMHhWG5pBRMsyK_FUjSGYE8xRVtm69YQItA9FLRcpTR8_mWvP4bX-pNPpNhD4uwLYmXL24ZBZrlp7K-wboMhYU3Ps1c54c_ROXzLGZOom-9wHH0P2Lchebgq17rgr-RTdEz6ZKRpxjkVoyfCtmHpGS6qBvKuel3woNyXVSWSYIH6YFZ7ldG1eeAoOD80dH7QXIQf-OeEa4zPi_6ImH35GooXUaXBYaK9EyPiun8vc-r0uHbSJMGLo6b66DQK5yr-Kr_PsHKbsy3sh8eGAFItlFcTDuIpBY_69-l6FyAo0HjCEUb22rAWE9et8Kls7lmAA5TerzgNo0P9zdeQjob4u8cPp1ei4k-hdAVJXA9YqmKvN2YVisMDvO7-y2JEHW-Z2meDKl0o1nWgnYTjUqpsqwjzu3S07aE0wv7JtsgC19RyMEc0Pmkqyt8agwOJMdH3iJ9KLAUC_LJEbz_FHthXrtOq8yJJ4g_zvIk0cwEoBlK5yketVXCyhMA3n14u3fGncL6ZMUnDLClkGVjM6qPUpfuNTNWaxrnnxzVIoMDwMRAz4FUeCVDqxO1j-0VUJDqaFVu2H4yWIx4Gmik-4TnPaS_J1ymCRYt502kpXcaGeMfAn5m22a_8Ggru5_vTqF_xdB6SgfBFh2L8oFnCohcNH8CwTz4iTTJP_4X4Y00RSs0twgg9zGcRGeTNx9ayk0=&w_img=1
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 08:18:40 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
e985b2db6a9482d1d83df3610863de16
cf-ray
8ea9687a3c560c33-AMS
access-control-allow-origin
*
content-length
43
server
cloudflare
add
leikovoleikamarada.com/log/ 		12 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=61656931-fe80-4247-b0bc-62bc5cd3f7d3
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
12
date
Sat, 30 Nov 2024 08:18:40 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
6118780
taiwoudoastuph.net/4/
Redirect Chain
  • https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false
  • https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44f3ecf1f9837e48e7ff072d406128eef6586a99d5e30d694d37789b41e38d4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://leikovoleikamarada.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8ea9687aec390b3a-AMS
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sat, 30 Nov 2024 08:18:40 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
aace10a6764694b298b6f56e30434c20

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://leikovoleikamarada.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8ea9687a5b7e0b3a-AMS
content-length
0
date
Sat, 30 Nov 2024 08:18:40 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://taiwoudoastuph.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
69e3dab77fcd03be4509bfe2eefffdab
add
leikovoleikamarada.com/async_log/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=61656931-fe80-4247-b0bc-62bc5cd3f7d3
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
0
date
Sat, 30 Nov 2024 08:18:40 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
leikovoleikamarada.com/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Sat, 30 Nov 2024 08:18:40 GMT
pragma
public
server
nginx
img.gif
my.rtmark.net/ 		43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008124178f1b4e56fbe1ca9d542e01e6&z=6118780&p_rid=6798f28b-c228-426a-8057-d869d544f7d5&p_src=sf
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ek9KCSsdcm2fPQ6HpZgX2k6GPruqwvNaev67q3EUPTUKEIB9PvCm3FjMBeZx09%2FBqWuD3P0icW7QEN7%2FSiHckGXVpVuH%2Fkj5lA4XzFBIz9zlxsLe2OWlchhWvupX%2B1s%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11685&min_rtt=11583&rtt_var=2525&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4094&recv_bytes=4501&delivery_rate=50328&cwnd=12000&unsent_bytes=0&cid=2f3d69f380af4888&ts=28&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 08:18:40 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8ea9687c7e35f5d9-AMS
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
taiwoudoastuph.net/ 		43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taiwoudoastuph.net/sftouch?userId=008124178f1b4e56fbe1ca9d542e01e6&z=6118780&p_rid=6798f28b-c228-426a-8057-d869d544f7d5&p_src=sf&branchId=0&rb=t9GK34tKD8pkpWc3jYyr77Aai0AdmHMQ8xZsnFznekRJ7KcpI94_X5vCNoon2QW6r-MK9yn3tkYMspEdNLpCMVotph9SErZNieICY3ME2kqeZW7vuSZlb_Z33XG0swUeMS_igdgFxN5B7EvOSR-V-TBj5mrtE4fmIvU0rJtjL6VKtXWfcBHmFqRZgo8FUmzL-uQKS2iH3PRBPbUvxlg0OWne85K-aTURUfzEZAWecUEv3rwLlNREqxBCtZER9mCkEPCuUOZCToIoiDt9HatZVvOERBwt4oIVBiAS8hHlABP4MYXycDx4bw==&w_img=1
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 08:18:40 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
62b98da30cb89e39b9e2ed079ffdb35e
cf-ray
8ea9687ceb041ca5-AMS
access-control-allow-origin
*
content-length
43
server
cloudflare
add
taiwoudoastuph.net/log/ 		12 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6798f28b-c228-426a-8057-d869d544f7d5
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8ea9687cfb121ca5-AMS
access-control-allow-origin
https://taiwoudoastuph.net
alt-svc
h3=":443"; ma=86400
content-length
12
date
Sat, 30 Nov 2024 08:18:40 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
taiwoudoastuph.net/async_log/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6798f28b-c228-426a-8057-d869d544f7d5
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8ea9687cfb1c1ca5-AMS
access-control-allow-origin
https://taiwoudoastuph.net
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 30 Nov 2024 08:18:40 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
marjoleinelisabeth-nl-cpc
www.shoptastic.io/store/
Redirect Chain
  • https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false
  • https://www.share365.net/vip/rds/nl?subId=886638963740381235&country=NL&campaignid=8543943
  • https://www.shoptastic.io/store/marjoleinelisabeth-nl-cpc?pubId=10439&subId=886638963740381235&country=NL&campaignid=8543943
144 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shoptastic.io/store/marjoleinelisabeth-nl-cpc?pubId=10439&subId=886638963740381235&country=NL&campaignid=8543943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.176.247.1 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-247-1.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://taiwoudoastuph.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-language
en-US
content-type
text/html;charset=UTF-8
date
Sat, 30 Nov 2024 08:18:41 GMT
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8ea9687f281c8b40-AMS
content-type
text/html; charset=UTF-8
date
Sat, 30 Nov 2024 08:18:41 GMT
location
https://www.shoptastic.io/store/marjoleinelisabeth-nl-cpc?pubId=10439&subId=886638963740381235&country=NL&campaignid=8543943
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yWxco0TD9%2FZ519o9ySd3VqIyKLK93UozOr9HRuhGiLRmJ0DjT4LJsAY4DcCYwDjtk%2F5Q7Wj7BJaTe9A276b37z%2B6VvhGYOlzB2OLEylxu8KaZLOmWjzZSbGxg7NAg1hhZ1A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=11893&min_rtt=11736&rtt_var=2023&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4024&recv_bytes=2337&delivery_rate=348667&cwnd=253&unsent_bytes=0&cid=897ee4af02ec8de9&ts=70&x=0"
strict-transport-security
max-age=31536000
favicon.ico
taiwoudoastuph.net/ 		0
181 B 		Other
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
358351
cf-ray
8ea9687d2b5a1ca5-AMS
expires
Tue, 28 Nov 2034 08:18:40 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 08:18:40 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
taiwoudoastuph.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
358351
cf-ray
8ea9687d2b5a1ca5-AMS
expires
Tue, 28 Nov 2034 08:18:40 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 08:18:40 GMT
vary
Accept-Encoding
server
cloudflare
69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9...
clcktrck.com/3340b07f6352b061e0908fa0e76668dc/
Redirect Chain
  • https://clcktrck.com/s/red_u_plain.php?uid=277434688&t=direct&s=22259&pub=10439&d=marjoleinelisabeth.nl
  • https://clcktrck.com/nl/s/red_u_plain.php?uid=277434688&t=direct&s=22259&pub=10439&d=marjoleinelisabeth.nl
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a...
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a...
  • https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDU5Y...
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a...
559 B
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9f141fac0350453c352faafba2537d6f9def4c8b44f942a69a7c4e073a48?m=1
Requested by
Host: www.shoptastic.io
URL: https://www.shoptastic.io/store/marjoleinelisabeth-nl-cpc?pubId=10439&subId=886638963740381235&country=NL&campaignid=8543943
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.shoptastic.io/store/marjoleinelisabeth-nl-cpc?pubId=10439&subId=886638963740381235&country=NL&campaignid=8543943
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Nov 2024 08:18:43 GMT
Referrer-Policy
origin
Server
nginx/1.24.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 30 Nov 2024 08:18:43 GMT
location
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9f141fac0350453c352faafba2537d6f9def4c8b44f942a69a7c4e073a48?m=1
referrer-policy
origin
server
nginx/1.18.0 (Ubuntu)
merchantGo
nl-go.kelkoogroup.net/
Redirect Chain
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a...
  • https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searc...
29 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
69f459405e4fcba974f8700ee5541503437abd1dd743e420f5405b2883394266
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf459aa47a61dd356f45a6b65ed9e1099b409a71bee258896b054eb5f7ecb63dc58fc5dde723c9880a46802104790389329eb3cdee48ea634fa857430c16c07bf78ab3b9f141fac0350453c352faafba2537d6f9def4c8b44f942a69a7c4e073a48?m=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length
29576
Content-Security-Policy
frame-ancestors 'none'
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Nov 2024 08:18:42 GMT
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.017793333S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698149_1732954723454_54443135
country
nl
leadId
62AE01JDY2D542PA569PYBQVS1NT32

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Nov 2024 08:18:43 GMT
Location
https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Referrer-Policy
origin
Server
nginx/1.24.0 (Ubuntu)
Transfer-Encoding
chunked
favicon.ico
clcktrck.com/ 		0
246 B 		Other
General
Check archive.org
Download Go to
Full URL
https://clcktrck.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://clcktrck.com/

Response headers

ETag
"645a16d2-0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Date
Sat, 30 Nov 2024 08:18:43 GMT
Content-Type
image/x-icon
Last-Modified
Tue, 09 May 2023 09:48:02 GMT
Server
nginx/1.24.0 (Ubuntu)
p.png
nl-go.kelkoogroup.net/assets/images/ 		68 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nl-go.kelkoogroup.net/assets/images/p.png?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff152d55737b3c421dbc7293094b2e8205642225e14c982881d37121ff92015a525e7e569af24e6431555c5d9d9f842de7f7ec8790fe6e21ac406e1a85b4be6a40fdf2df287b01f760e7140cfb4a3d645202c38a7f60c35292018493e52c98d812c35fc01dd6b1122dcfb91c9e50eaef758ce886b31e01952bcaba9aa3d8ac799a55add4c14363ee885dba3ef40a1b6096c86d703cb6990d84389c997cf41598f755aeb9060aab30530716ebd6098ea5a45732aa17f2c4ffb5844b885ea043735f91a1be2f9397a42420596a3151c0464b8b78f234b6f5cdb6e3488407b2c5da2776b8fcd9dea241d41a1ebd5abc66b888d721537d75f4e725feb9af8c4626ab07f9e962da9ea79d8c633b524ddb473fcac96ecae20149f7e03316c47
Requested by
Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer
https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
Cache-Control
private, must-revalidate
leadId
62AE01JDY2D542PA569PYBQVS1NT32
Request-Time
PT0.003499243S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
clickId
107698149_1732954723454_54443135
country
nl
X-Content-Type-Options
nosniff
Content-Length
68
X-XSS-Protection
1; mode=block
Date
Sat, 30 Nov 2024 08:18:42 GMT
Content-Type
image/png
X-Frame-Options
DENY
tags.js
dd.kelkoogroup.net/ 		169 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/tags.js
Requested by
Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-3.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nl-go.kelkoogroup.net/

Response headers

content-encoding
gzip
x-amz-version-id
srBbjf4IpQWkR6dukRm3KeuXFeESXHnZ
etag
W/"f413de3002ba35101fcc6ab056e87d4b"
age
84
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
QZhoTYPxdMpTAeyH-dGsxhDBnt8eP7uJHiSzqqP-RoiJHOqe2Kbhjg==
date
Sat, 30 Nov 2024 08:17:20 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Tue, 19 Nov 2024 10:41:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600, public
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/ 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-42767ZEKSC&_p=590909143&sr=1600x1200&ul=nl-nl&cid=980659184.1732954723&uid=a4c6295-1937c26947e-604b2d&_fv=1&_s=1&dl=https%3A%2F%2Fnl-go.kelkoogroup.net%2FmerchantGo%3F.ts%3D1732954722177%26.sig%3DOVTIz2okU3QxNXEc2Xbd9Ih6pco-%26affiliationId%3D96967162%26comId%3D100526498%26country%3Dnl%26cpcId%3D5147287%26merchantName%3DMarjoleinelisabeth.nl%26searchId%3D107610034276217_1732954722169_38172911%26service%3D30%26tokenId%3D2ce8ff34-60c1-45cc-8742-5d09b81fd7c3%26url%3Dhttps%253A%252F%252Fmarjoleinelisabeth.nl%26addedParams%3Dtrue%26publisherClickId%3D8144494a596b5d0beba07523a9baafd3%26originReferer%3Ddiscounthero.org%26publisherSubId%3D61c38133cdcdc763f37eb6d78c64f295%26publisherTrafficType%3Dcashback&dt=U%20wordt%20doorgestuurd%20naar%20Marjoleinelisabeth.nl&dr=https%3A%2F%2Fclcktrck.com%2F&dp=%2F96967162%7C100526498%7C&sid=1732954723&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96967162&ep.cd2=62AE01JDY2D542PA569PYBQVS1NT32&ep.cd3=100526498&ep.cd4=a4c6295-1937c26947e-604b2d&ep.cd5=&ep.cd6=96967162%7C100526498%7C
Requested by
Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nl-go.kelkoogroup.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nl-go.kelkoogroup.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 08:18:43 GMT
content-type
text/plain
server
Golfe2
ados.js
nl-go.kelkoogroup.net/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nl-go.kelkoogroup.net/ados.js
Requested by
Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer
https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
Request-Time
PT0.000787301S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
Content-Length
1140
X-XSS-Protection
1; mode=block
Date
Sat, 30 Nov 2024 08:18:43 GMT
Content-Type
text/html; charset=UTF-8
X-Frame-Options
DENY
fp
nl-go.kelkoogroup.net/ 		0
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nl-go.kelkoogroup.net/fp?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff152d55737b3c421dbc7293094b2e8205642225e14c982881d37121ff92015a525e7e569af24e6431555c5d9d9f842de7f7ec8790fe6e21ac406e1a85b4be6a40fdf2df287b01f760e7140cfb4a3d645202c38a7f60c35292018493e52c98d812c35fc01dd6b1122dcfb91c9e50eaef758ce886b31e01952bcaba9aa3d8ac799a55add4c14363ee885dba3ef40a1b6096c86d703cb6990d84389c997cf41598f755aeb9060aab30530716ebd6098ea5a45732aa17f2c4ffb5844b885ea043735f91a1be2f9397a42420596a3151c0464b8b78f234b6f5cdb6e3488407b2c5da2776b8fcd9dea241d41a1ebd5abc66b888d721537d75f4e725feb9af8c4626ab07f9e962da9ea79d8c633b524ddb473fcac96ecae20149f7e03316c47
Requested by
Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=utf-8
sec-ch-device-memory
8

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
leadId
62AE01JDY2D542PA569PYBQVS1NT32
Request-Time
PT0.008684053S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
clickId
107698149_1732954723454_54443135
country
nl
X-Content-Type-Options
nosniff
Content-Length
0
X-XSS-Protection
1; mode=block
Date
Sat, 30 Nov 2024 08:18:42 GMT
Content-Type
text/plain; charset=UTF-8
X-Frame-Options
DENY
20b70c8e-ab7b-41fc-b06f-6da5f8124f6c
https://nl-go.kelkoogroup.net/ Frame 		0
0
favicon.ico
nl-go.kelkoogroup.net/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nl-go.kelkoogroup.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer
https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
Request-Time
PT0.000922814S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
Content-Length
1144
X-XSS-Protection
1; mode=block
Date
Sat, 30 Nov 2024 08:18:43 GMT
Content-Type
text/html; charset=UTF-8
X-Frame-Options
DENY
/
dd.kelkoogroup.net/js/ 		236 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/js/
Requested by
Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-3.fra56.r.cloudfront.net
Software
DataDome /
Resource Hash
e8d8c8e4661a826c609c6b394e3bcd77d134387e6ae7310d6acbfd4f8f26ba8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://nl-go.kelkoogroup.net/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
236
x-amz-cf-id
aSlucune87B52ebzoBd22lYqm-Zd43V71YP2XcIsuiIc7qPRnvPBDg==
date
Sat, 30 Nov 2024 08:18:43 GMT
content-type
application/json;charset=utf-8
x-amz-cf-pop
FRA56-P5
server
DataDome
Primary Request redirect
nl-go.kelkoogroup.net/ 		725 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff152d55737b3c421dbc7293094b2e8205642225e14c982881d37121ff92015a525e7e569af24e6431555c5d9d9f842de7f7ec8790fe6e21ac406e1a85b4be6a40fdf2df287b01f760e7140cfb4a3d645202c38a7f60c35292018493e52c98d812c35fc01dd6b1122dcfb91c9e50eaef758ce886b31e01952bcaba9aa3d8ac799a55add4c14363ee885dba3ef40a1b6096c86d703cb6990d84389c997cf41598f755aeb9060aab30530716ebd6098ea5a45732aa17f2c4ffb5844b885ea043735f91a1be2f9397a42420596a3151c0464b8b78f234b6f5cdb6e3488407b2c5da2776b8fcd9dea241d41a1ebd5abc66b888d721537d75f4e725feb9af8c4626ab07f9e962da9ea79d8c633b524ddb473fcac96ecae20149f7e03316c47&url=https%3A%2F%2Fwww.marjoleinelisabeth.nl%2Fkleding%2F%3Ftt%3D34499_1953146_321679_62AE01JDY2D542PA569PYBQVS1NT32%26r%3Dhttps%253A%252F%252Fmarjoleinelisabeth.nl&initiator=timeout
Requested by
Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
9af3fb613904ce1f27e1ab1420718133ca4b674285832acf23b7c6dfc0e3a634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Charset
utf-8
Content-Length
725
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Nov 2024 08:18:43 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.030523325S
X-Content-Type-Options
nosniff
X-DD-B
1
X-DataDome
protected
X-DataDome-CID
AHrlqAAAAAMAKXjMKdrRtywAsENQ7A==
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-XSS-Protection
1; mode=block
c.js
ct.captcha-delivery.com/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.captcha-delivery.com/c.js
Requested by
Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff152d55737b3c421dbc7293094b2e8205642225e14c982881d37121ff92015a525e7e569af24e6431555c5d9d9f842de7f7ec8790fe6e21ac406e1a85b4be6a40fdf2df287b01f760e7140cfb4a3d645202c38a7f60c35292018493e52c98d812c35fc01dd6b1122dcfb91c9e50eaef758ce886b31e01952bcaba9aa3d8ac799a55add4c14363ee885dba3ef40a1b6096c86d703cb6990d84389c997cf41598f755aeb9060aab30530716ebd6098ea5a45732aa17f2c4ffb5844b885ea043735f91a1be2f9397a42420596a3151c0464b8b78f234b6f5cdb6e3488407b2c5da2776b8fcd9dea241d41a1ebd5abc66b888d721537d75f4e725feb9af8c4626ab07f9e962da9ea79d8c633b524ddb473fcac96ecae20149f7e03316c47&url=https%3A%2F%2Fwww.marjoleinelisabeth.nl%2Fkleding%2F%3Ftt%3D34499_1953146_321679_62AE01JDY2D542PA569PYBQVS1NT32%26r%3Dhttps%253A%252F%252Fmarjoleinelisabeth.nl&initiator=timeout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nl-go.kelkoogroup.net/

Response headers

x-amz-version-id
null
etag
"1fd766ce129c8b2cae0770e023a22682"
age
80103
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
11217
x-amz-cf-id
efcK_ujIZJGJ-XU843MX1EooyzBqjcCetn2KAY_TYAZiJ7Bfrc0E3w==
date
Fri, 29 Nov 2024 10:03:41 GMT
content-type
text/javascript
last-modified
Fri, 22 Nov 2024 10:03:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
/
geo.captcha-delivery.com/captcha/ Frame 2F27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAKXjMKdrRtywAsENQ7A%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=uOLF9EC5~SEnST6Pmrfr~JPFJzcbYLr~O305OEur2Umb7v_x3us9tSkBSKvgz7~INFqA2K_v1an6vKWbZxHclTtVldAayELY3xWHcTvqqt4lfMgwn8rDWFrhWDKK~2FZ&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff152d55737b3c421dbc7293094b2e8205642225e14c982881d37121ff92015a525e7e569af24e6431555c5d9d9f842de7f7ec8790fe6e21ac406e1a85b4be6a40fdf2df287b01f760e7140cfb4a3d645202c38a7f60c35292018493e52c98d812c35fc01dd6b1122dcfb91c9e50eaef758ce886b31e01952bcaba9aa3d8ac799a55add4c14363ee885dba3ef40a1b6096c86d703cb6990d84389c997cf41598f755aeb9060aab30530716ebd6098ea5a45732aa17f2c4ffb5844b885ea043735f91a1be2f9397a42420596a3151c0464b8b78f234b6f5cdb6e3488407b2c5da2776b8fcd9dea241d41a1ebd5abc66b888d721537d75f4e725feb9af8c4626ab07f9e962da9ea79d8c633b524ddb473fcac96ecae20149f7e03316c47%26url%3Dhttps%253A%252F%252Fwww.marjoleinelisabeth.nl%252Fkleding%252F%253Ftt%253D34499_1953146_321679_62AE01JDY2D542PA569PYBQVS1NT32%2526r%253Dhttps%25253A%25252F%25252Fmarjoleinelisabeth.nl%26initiator%3Dtimeout&s=35103&e=6c3701edc5ce9054372c3dcd0cb5ea27aa773bee0fb2608e00de7e459fb8b1eb&dm=cd
Requested by
Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.125.247.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-247-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://nl-go.kelkoogroup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 30 Nov 2024 08:18:44 GMT
Transfer-Encoding
chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.google.com
URL
https://ads.google.com/
Domain
nl-go.kelkoogroup.net
URL
blob:https://nl-go.kelkoogroup.net/20b70c8e-ab7b-41fc-b06f-6da5f8124f6c

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dd

12 Cookies

Domain/Path Name / Value
leikovoleikamarada.com/ Name: OAID
Value: 008124c4a525458bfa337dd23bcbda2d
leikovoleikamarada.com/ Name: oaidts
Value: 1732954719
leikovoleikamarada.com/ Name: allcnt
Value: 1
my.rtmark.net/ Name: ID
Value: 008124c4a525458bfa337dd23bcbda2d
taiwoudoastuph.net/ Name: oaidts
Value: 1732954720
taiwoudoastuph.net/ Name: OAID
Value: 008124c4a525458bfa337dd23bcbda2d
taiwoudoastuph.net/ Name: syncedCookie
Value: true
www.share365.net/ Name: XSRF-TOKEN
Value: eyJpdiI6ImhjSHFSZ05jNTdEbys0UWhMb1RmbVE9PSIsInZhbHVlIjoiUlJOK3UxY1wvNTB4YkNJcmdSdEtESHJyUmNVYkkyeXZYZFB6bGNZU0VGbEdPSWRZeUw3TUI4TkVjUnZZQUM5WGgiLCJtYWMiOiIzMjk0MDYxNjdhYzQ2ODJhMTlkMjVkNjMzZjg2Zjc5OGQxNjQwYzYwNWYzODk1MTJhYWIzMTg2MTc3ODhiOGJhIn0%3D
www.share365.net/ Name: laravel_session
Value: eyJpdiI6IlRFcG9QN0d0ZVwvVFJhYXppcnJXXC9wUT09IiwidmFsdWUiOiJNSis3QWdxMGg4TzI3RVwvV2JVNm1qNys5S1V2TUY3Rm9HZTJheXVcLzNrNVZrNnNOVmdcL1kyYmZCWUdrNXJiRUV1IiwibWFjIjoiMTA3NjY1NTgzZDEzNTAxZDcxMzU5NjUyY2MyZTMyYzlhMjA4NjBjZDFjNDE2NWI5NDExZjZmMTVlNmViYzljYyJ9
www.share365.net/ Name: __cflb
Value: 0H28vVobGc6CutkxgoxsgvcCKNChyMYDzpYfzxZTVLo
.kelkoogroup.net/ Name: kelkooID
Value: a4c6295-1937c26947e-604b2d
.kelkoogroup.net/ Name: datadome
Value: uOLF9EC5~SEnST6Pmrfr~JPFJzcbYLr~O305OEur2Umb7v_x3us9tSkBSKvgz7~INFqA2K_v1an6vKWbZxHclTtVldAayELY3xWHcTvqqt4lfMgwn8rDWFrhWDKK~2FZ

8 Console Messages

Source Level URL
Text
rendering warning URL: https://28880963-32451-ex.preaterioression.com/hiVGCYA4Pw7kZtczvVjGLC9NmtkRvoHRdvpUapyUTMlBMJvCqo9QoMraVdBgKdeakNgEK_Mk1v7veuuzHOKnYBWKmK-lubyKcgIfT71OY_16wRwMZcM79ka80wLOWQ?kws=beautiful%2Ctamil%2Csex%2Cwith%2Cher%2Cboyfriend%2Cleaked%2Cmms%2Cmydesi%2Cnet&abl=0&fsb=0&pageUri=h...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=1
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0709C04E42A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0002105E42A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0302105E42A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D00E42A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0D09C04E42A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://nl-go.kelkoogroup.net/merchantGo?.ts=1732954722177&.sig=OVTIz2okU3QxNXEc2Xbd9Ih6pco-&affiliationId=96967162&comId=100526498&country=nl&cpcId=5147287&merchantName=Marjoleinelisabeth.nl&searchId=107610034276217_1732954722169_38172911&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fmarjoleinelisabeth.nl&addedParams=true&publisherClickId=8144494a596b5d0beba07523a9baafd3&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback(Line 28)
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://nl-go.kelkoogroup.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437218039ec71a5c4dca2350eacd94f72fce143958ff152d55737b3c421dbc7293094b2e8205642225e14c982881d37121ff92015a525e7e569af24e6431555c5d9d9f842de7f7ec8790fe6e21ac406e1a85b4be6a40fdf2df287b01f760e7140cfb4a3d645202c38a7f60c35292018493e52c98d812c35fc01dd6b1122dcfb91c9e50eaef758ce886b31e01952bcaba9aa3d8ac799a55add4c14363ee885dba3ef40a1b6096c86d703cb6990d84389c997cf41598f755aeb9060aab30530716ebd6098ea5a45732aa17f2c4ffb5844b885ea043735f91a1be2f9397a42420596a3151c0464b8b78f234b6f5cdb6e3488407b2c5da2776b8fcd9dea241d41a1ebd5abc66b888d721537d75f4e725feb9af8c4626ab07f9e962da9ea79d8c633b524ddb473fcac96ecae20149f7e03316c47&url=https%3A%2F%2Fwww.marjoleinelisabeth.nl%2Fkleding%2F%3Ftt%3D34499_1953146_321679_62AE01JDY2D542PA569PYBQVS1NT32%26r%3Dhttps%253A%252F%252Fmarjoleinelisabeth.nl&initiator=timeout
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28880963-32451-ex.preaterioression.com
ads.google.com
clcktrck.com
ct.captcha-delivery.com
dd.kelkoogroup.net
discountheld.de
geo.captcha-delivery.com
leikovoleikamarada.com
my.rtmark.net
nl-go.kelkoogroup.net
taiwoudoastuph.net
www.google-analytics.com
www.share365.net
www.shoptastic.io
ads.google.com
nl-go.kelkoogroup.net
104.18.22.222
104.18.23.222
139.45.196.64
142.250.185.78
172.66.40.245
18.66.112.3
188.114.96.3
188.114.97.3
3.125.247.22
3.66.53.110
3.73.249.248
54.176.247.1
65.9.66.83
88.208.22.2
95.211.116.26
0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
69f459405e4fcba974f8700ee5541503437abd1dd743e420f5405b2883394266
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620
8a32e09a94725b088b098202810678802ef4afca9e069ac1a86e9751758f6310
90671de166229db6c153ba2225b931bcf517b46de8f9c872b92390826dd963bb
9af3fb613904ce1f27e1ab1420718133ca4b674285832acf23b7c6dfc0e3a634
b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430
c44f3ecf1f9837e48e7ff072d406128eef6586a99d5e30d694d37789b41e38d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d8c8e4661a826c609c6b394e3bcd77d134387e6ae7310d6acbfd4f8f26ba8c