urlscan.io logo urlscan.io
SecurityTrails logo

dk-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://28909128-29217-ex.hydramaterrep.com/iiRECYE0NQjhZtczvVjFJyNBlNkXvor8L_QfZYLUBNpKdoLKvYJHsI_WBts1LoGYw4gBcfJ4jqq_FLqzFrPoMxWUn_TIvb-J...
Effective URL: https://dk-go.kelkoogroup.net/redirect?country=dk&k=612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367...
Submission: On December 19 via api from US — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 26 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is dk-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.
This is the only time dk-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 88.208.22.3 39572 (ADVANCEDH...)
2 37.114.46.212 58087 (FlorianKo...)
2 13 104.18.22.222 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
1 1 13.56.31.52 16509 (AMAZON-02)
2 2 3.73.249.248 16509 (AMAZON-02)
5 95.211.116.26 60781 (LEASEWEB-...)
2 3.161.82.21 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 65.9.66.86 16509 (AMAZON-02)
1 3.78.137.248 16509 (AMAZON-02)
26 9
1    88.208.22.3 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
PTR: mail.armadaboard.com
28909128-29217-ex.hydramaterrep.com
2    37.114.46.212 (Germany)

ASN58087 (FlorianKolb Florian Kolb, DE)
PTR: 212.46.114.37.in-addr.arpa
redwingshere.xyz
13    104.18.22.222 (None, )

ASN13335 (CLOUDFLARENET, US)
meherdewogoud.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
1    2606:4700:3108::ac42:2b0b (United States)

ASN13335 (CLOUDFLARENET, US)
www.share365.net
1    13.56.31.52 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-31-52.us-west-1.compute.amazonaws.com
www.rewardany.com
2    3.73.249.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
clcktrck.com
5    95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
dk-go.kelkoogroup.net
2    3.161.82.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-21.fra56.r.cloudfront.net
dd.kelkoogroup.net
1    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.66.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-86.fra56.r.cloudfront.net
ct.captcha-delivery.com
1    3.78.137.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-137-248.eu-central-1.compute.amazonaws.com
geo.captcha-delivery.com
Apex Domain
Subdomains		 Transfer
13 meherdewogoud.com
meherdewogoud.com — Cisco Umbrella Rank: 237439
32 KB
7 kelkoogroup.net
dk-go.kelkoogroup.net
dd.kelkoogroup.net — Cisco Umbrella Rank: 296022
69 KB
2 captcha-delivery.com
ct.captcha-delivery.com — Cisco Umbrella Rank: 30248
geo.captcha-delivery.com — Cisco Umbrella Rank: 23657
11 KB
2 clcktrck.com
clcktrck.com — Cisco Umbrella Rank: 159985
1 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
2 KB
2 redwingshere.xyz
redwingshere.xyz — Cisco Umbrella Rank: 220818
943 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
556 B
1 rewardany.com
www.rewardany.com — Cisco Umbrella Rank: 398010
205 B
1 share365.net
www.share365.net — Cisco Umbrella Rank: 481928
2 KB
1 hydramaterrep.com
28909128-29217-ex.hydramaterrep.com
557 B
26 10
Domain Requested by
13 meherdewogoud.com 2 redirects meherdewogoud.com
5 dk-go.kelkoogroup.net dk-go.kelkoogroup.net
2 dd.kelkoogroup.net dk-go.kelkoogroup.net
dd.kelkoogroup.net
2 clcktrck.com 2 redirects
2 my.rtmark.net meherdewogoud.com
2 redwingshere.xyz
1 geo.captcha-delivery.com ct.captcha-delivery.com
1 ct.captcha-delivery.com dk-go.kelkoogroup.net
1 www.google-analytics.com dk-go.kelkoogroup.net
1 www.rewardany.com 1 redirects
1 www.share365.net 1 redirects
1 28909128-29217-ex.hydramaterrep.com 1 redirects
26 12

This site contains no links.

Subject Issuer Validity Valid
redwingshere.xyz
E6		 2024-12-07 -
2025-03-07		 3 months crt.sh
meherdewogoud.com
WE1		 2024-11-24 -
2025-02-22		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.kelkoogroup.net
Thawte TLS RSA CA G1		 2024-09-26 -
2025-10-10		 a year crt.sh
dd.kelkoogroup.net
E6		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.captcha-delivery.com
Amazon RSA 2048 M02		 2024-07-25 -
2025-08-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://dk-go.kelkoogroup.net/redirect?country=dk&k=612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367d2ab903a00fd916f4bb575c512b3a68075540b98b312b6c10b56a6490d0b698eacb532a6aedbd97863c91404e2b6e527baa386b1974d39f094e51fd139db349a8c638762b5160ee7ccc6f5c6100d8d51edb43b6e9d0504c5d40b50f5e43be970c0684438d2eef4d10b8caf0121f8536720a51d91a2fe62146df78bd38827129098c53799252eed4f5ddcc6a46007978525fb4c0c9c304fe04157dfa3cbd7e6e558d154602fd8c9552e04c323b2973003ed897e510386de931db1a526770ae18d3764bdafa8629a05e7c1f3a031408daab2e9d5f5d8d9feb1571c534174bef463b0e556ec94a40c43d7fb7a31f347823321a5edc7d8629896373ee4&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D224396%26p%3D120%26epi%3D62A001JFEYVQEETH7EPSNKS645V6ZF%26url%3Dhttps%253A%252F%252Fcdon.dk&initiator=timeout
Frame ID: 41386ED4BD5887DAB2F9F84D50469DC7
Requests: 24 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAdclReIgq7dwAuezLYw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=AeaBTUfl~JbFAQJfo_AxH0t61sJiUjKB6WX4oYgMOxjUB4XKaD3DgA5NWWvIkFZKxuwH8m3cLqU~_vTn2j_8nGR438UhJ8LOuk4uZPDs8JMLaqv1sD7Felusn9SAOlsC&t=fe&referer=https%3A%2F%2Fdk-go.kelkoogroup.net%2Fredirect%3Fcountry%3Ddk%26k%3D612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367d2ab903a00fd916f4bb575c512b3a68075540b98b312b6c10b56a6490d0b698eacb532a6aedbd97863c91404e2b6e527baa386b1974d39f094e51fd139db349a8c638762b5160ee7ccc6f5c6100d8d51edb43b6e9d0504c5d40b50f5e43be970c0684438d2eef4d10b8caf0121f8536720a51d91a2fe62146df78bd38827129098c53799252eed4f5ddcc6a46007978525fb4c0c9c304fe04157dfa3cbd7e6e558d154602fd8c9552e04c323b2973003ed897e510386de931db1a526770ae18d3764bdafa8629a05e7c1f3a031408daab2e9d5f5d8d9feb1571c534174bef463b0e556ec94a40c43d7fb7a31f347823321a5edc7d8629896373ee4%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D224396%2526p%253D120%2526epi%253D62A001JFEYVQEETH7EPSNKS645V6ZF%2526url%253Dhttps%25253A%25252F%25252Fcdon.dk%26initiator%3Dtimeout&s=35103&e=58294cd75ca1797214b090c88787037c534bb680cce831d8328ce41bbb65e1ec&dm=cd
Frame ID: 7A0DF90B8160DF0B978068FA29CC6C2E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

  1. https://28909128-29217-ex.hydramaterrep.com/iiRECYE0NQjhZtczvVjFJyNBlNkXvor8L_QfZYLUBNpKdoLKvYJHsI_WBts1LoGYw4gBcfJ4jqq_... HTTP 307
    https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2 Page URL
  3. https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x Page URL
  4. https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rdc/dk?subId=893519511532343513_N&country=DK&campaignid=8543931 HTTP 302
    https://www.rewardany.com/store/cdon-dk-cpc?pubId=10449&subId=893519511532343513_N&country=DK&campaign... HTTP 302
    https://clcktrck.com/dk/s/red_u_plain.php?uid=359720138&t=direct&s=22207&pub=10449&d=cdon.dk HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/2738bed44c39d838d319193e92a4cbb2c44cd9b6abb... HTTP 302
    https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId... Page URL
  5. https://dk-go.kelkoogroup.net/redirect?country=dk&k=612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns

Page Statistics

26
Requests

96 %
HTTPS

25 %
IPv6

10
Domains

12
Subdomains

9
IPs

4
Countries

114 kB
Transfer

279 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28909128-29217-ex.hydramaterrep.com/iiRECYE0NQjhZtczvVjFJyNBlNkXvor8L_QfZYLUBNpKdoLKvYJHsI_WBts1LoGYw4gBcfJ4jqq_FLqzFrPoMxWUn_TIvb-JJlQdH4cmLnhhqM9I2bSjJgNUxqo5meD7jcFnbK6RX4E4kVuc2XjkS_c?kws=full%2Cvideo%2Cfree%2Cporn%2Conline%2Cmobile%2Csex%2Cporno%2Cvideos&abl=0&fsb=...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
    https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2 Page URL
  3. https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x Page URL
  4. https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rdc/dk?subId=893519511532343513_N&country=DK&campaignid=8543931 HTTP 302
    https://www.rewardany.com/store/cdon-dk-cpc?pubId=10449&subId=893519511532343513_N&country=DK&campaignid=8543931 HTTP 302
    https://clcktrck.com/dk/s/red_u_plain.php?uid=359720138&t=direct&s=22207&pub=10449&d=cdon.dk HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/2738bed44c39d838d319193e92a4cbb2c44cd9b6abb7953c1eb261df9eff9125b56d1ab4a606f6429da0cec03e2f920d6d286f6ec6c8ee212a437720910fe46699514d6c47374cfc0eef48d6c759c5332387569eef439cf2ff0ff5bce24b73e0a91f19620411656312c55801fb31ac79 HTTP 302
    https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback Page URL
  5. https://dk-go.kelkoogroup.net/redirect?country=dk&k=612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367d2ab903a00fd916f4bb575c512b3a68075540b98b312b6c10b56a6490d0b698eacb532a6aedbd97863c91404e2b6e527baa386b1974d39f094e51fd139db349a8c638762b5160ee7ccc6f5c6100d8d51edb43b6e9d0504c5d40b50f5e43be970c0684438d2eef4d10b8caf0121f8536720a51d91a2fe62146df78bd38827129098c53799252eed4f5ddcc6a46007978525fb4c0c9c304fe04157dfa3cbd7e6e558d154602fd8c9552e04c323b2973003ed897e510386de931db1a526770ae18d3764bdafa8629a05e7c1f3a031408daab2e9d5f5d8d9feb1571c534174bef463b0e556ec94a40c43d7fb7a31f347823321a5edc7d8629896373ee4&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D224396%26p%3D120%26epi%3D62A001JFEYVQEETH7EPSNKS645V6ZF%26url%3Dhttps%253A%252F%252Fcdon.dk&initiator=timeout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://28909128-29217-ex.hydramaterrep.com/iiRECYE0NQjhZtczvVjFJyNBlNkXvor8L_QfZYLUBNpKdoLKvYJHsI_WBts1LoGYw4gBcfJ4jqq_FLqzFrPoMxWUn_TIvb-JJlQdH4cmLnhhqM9I2bSjJgNUxqo5meD7jcFnbK6RX4E4kVuc2XjkS_c?kws=full%2Cvideo%2Cfree%2Cporn%2Conline%2Cmobile%2Csex%2Cporno%2Cvideos&abl=0&fsb=...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
  • https://redwingshere.xyz/go/8286/3?subid2={hostId}
Request Chain 8
  • https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
  • https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x
Request Chain 14
  • https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
  • https://www.share365.net/vip/rdc/dk?subId=893519511532343513_N&country=DK&campaignid=8543931 HTTP 302
  • https://www.rewardany.com/store/cdon-dk-cpc?pubId=10449&subId=893519511532343513_N&country=DK&campaignid=8543931 HTTP 302
  • https://clcktrck.com/dk/s/red_u_plain.php?uid=359720138&t=direct&s=22207&pub=10449&d=cdon.dk HTTP 302
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/2738bed44c39d838d319193e92a4cbb2c44cd9b6abb7953c1eb261df9eff9125b56d1ab4a606f6429da0cec03e2f920d6d286f6ec6c8ee212a437720910fe46699514d6c47374cfc0eef48d6c759c5332387569eef439cf2ff0ff5bce24b73e0a91f19620411656312c55801fb31ac79 HTTP 302
  • https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
3
redwingshere.xyz/go/8286/
Redirect Chain
  • https://28909128-29217-ex.hydramaterrep.com/iiRECYE0NQjhZtczvVjFJyNBlNkXvor8L_QfZYLUBNpKdoLKvYJHsI_WBts1LoGYw4gBcfJ4jqq_FLqzFrPoMxWUn_TIvb-JJlQdH4cmLnhhqM9I2bSjJgNUxqo5meD7jcFnbK6RX4E4kVuc2XjkS_c?k...
  • https://redwingshere.xyz/go/8286/3?subid2={hostId}
293 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.114.46.212 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS
212.46.114.37.in-addr.arpa
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
8f220d54092eb2a208e1dd36262fda508fa27e2622bc6032fe037faa9db2e38c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
identity
Content-Length
293
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Dec 2024 07:59:30 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Thu, 19 Dec 2024 07:59:30 GMT
Pragma
no-cache
Server
nginx/1.24.0 (Ubuntu)

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 19 Dec 2024 07:59:30 GMT
expires
Thu, 19 Dec 2024 07:59:30 UTC
last-modified
Thu, 19 Dec 2024 07:59:30 UTC
location
https://redwingshere.xyz/go/8286/3?subid2={hostId}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
7482447
meherdewogoud.com/4/ 		31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da4887e999b9121165ef61d21c6ee79f5d223f8b2d2402ceb5da7b5dda996a4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8f45da8adba9ebca-CPH
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 19 Dec 2024 07:59:31 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
favicon.ico
redwingshere.xyz/ 		0
170 B 		Other
General
Check archive.org
Download Go to
Full URL
https://redwingshere.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.114.46.212 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS
212.46.114.37.in-addr.arpa
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length
0
Date
Thu, 19 Dec 2024 07:59:30 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.24.0 (Ubuntu)
Connection
keep-alive
img.gif
my.rtmark.net/ 		43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008137ad733d4fd3f2109fc0aec0e068&z=7482447&p_rid=e65e68aa-e847-40dc-b357-6c54dd451308&p_src=sf
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9XONPu%2Byhni%2Bki1%2B31F3pEEyVFKh44mYB2gqFFL6SoteHGQrL2zx8pEl0UAXDKv3sDMSpFdClytS1M4uHIpuO0FQTNad3WpPmIPCsPk03nxPNlSLriG92CnE%2F2k07H8%2FPZrybTAH1oT2zzsd"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30698&min_rtt=30671&rtt_var=8651&sent=10&recv=8&lost=0&retrans=0&sent_bytes=4119&recv_bytes=4368&delivery_rate=16595&cwnd=12000&unsent_bytes=0&cid=b8d9185c96cfb2d0&ts=67&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 07:59:31 GMT
content-type
image/gif
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f45da8b7ec310f3-CPH
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
meherdewogoud.com/ 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meherdewogoud.com/sftouch?userId=008137ad733d4fd3f2109fc0aec0e068&z=7482447&p_rid=e65e68aa-e847-40dc-b357-6c54dd451308&p_src=sf&branchId=0&rb=s4TO1ssVGQs74ZqBz8inZec1F95hD60Q-HKslBLXpGcnPRKUwR3SYHhs1XRs1yxLQTtQwM9jpliO73yYvyAQv381W5czzB1VkK281ZMjcj7I9K1UvA7EBRsaiJtMQai7-7q_sRCeC10zeR_y6I7-xkaH-yC1tDbtrTTen0LEHsc9XTX_MQqBgM4_0AHo4BeZhnk_58gajKV3RFC5bFLKdYy5LLQN7H4Vw-MZq7GUTQZDvibzlPlZYsJMRtGWFyj7wR6sT9RVxcylrYuE7hADESA0T2P_Pj3lhtGF3d4wk1ZLhwFuBozyST14OaMjGlhyrrsZ63qmWDD54ntcSW8qWA==&w_img=1
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 07:59:31 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
77db29abb83ee8ba89aaf3e657aa4de5
cf-ray
8f45da8b4d20ebca-CPH
access-control-allow-origin
*
content-length
43
server
cloudflare
add
meherdewogoud.com/log/ 		12 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=e65e68aa-e847-40dc-b357-6c54dd451308
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8f45da8b6d40ebca-CPH
access-control-allow-origin
https://meherdewogoud.com
alt-svc
h3=":443"; ma=86400
content-length
12
date
Thu, 19 Dec 2024 07:59:31 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
meherdewogoud.com/async_log/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=e65e68aa-e847-40dc-b357-6c54dd451308
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8f45da8b6d4aebca-CPH
access-control-allow-origin
https://meherdewogoud.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 19 Dec 2024 07:59:31 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
meherdewogoud.com/ 		0
248 B 		Other
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
4692164
cf-ray
8f45da8beed992e5-CPH
expires
Sun, 17 Dec 2034 07:59:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:59:31 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
6118780
meherdewogoud.com/4/
Redirect Chain
  • https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false
  • https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x
31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56500a6117e758f665f2e26b3979c024d7e04a4cd17582fd244986928eaa63cb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://meherdewogoud.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8f45da8c6f3a92e5-CPH
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 19 Dec 2024 07:59:31 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://meherdewogoud.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8f45da8c1ef292e5-CPH
content-length
0
date
Thu, 19 Dec 2024 07:59:31 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://meherdewogoud.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x
pragma
no-cache
priority
u=0,i
referrer-policy
no-referrer
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
e4bde9b980d3ce4901ffe01f0e5db4d8
favicon.ico
meherdewogoud.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
4692164
cf-ray
8f45da8beed992e5-CPH
expires
Sun, 17 Dec 2034 07:59:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:59:31 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
sftouch
meherdewogoud.com/ 		43 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meherdewogoud.com/sftouch?userId=008137008c2c4e6fe960fd0ff6a32cb4&z=6118780&p_rid=aedbd1ea-864f-4859-9aee-bd2099fedc95&p_src=sf&branchId=0&rb=L17WHnFQnBayPxcDuBaZdUvze-YONbSynIdWUvy8vU2C6bCo_BAvYt1XNxkRhVDZVN9O2LumHi1g_VgXzne7xIWw7UKAZFhFA-seA2UwFmJ6teFJE3PynUvSalijEMMNESIYU-ODXr9zo-m3pVKO5AwTqZul_g2u4K3Y_fO_aAswoSh4I8UoolKQUiRPtj6fqXNGadNMPzA21FRTw5gfoHYQ4u40b8X9YRHYtTRR33NHHergCAogfCPJGR3JM4rFQbVyK2TaNtPs_MRdZCCdKFCMoEvwQiSBceI6Jwz3ojd-vr_XRHRdQl9l0jM=&w_img=1
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:59:31 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
05b38fdad2565fe3390b3b067e91297b
cf-ray
8f45da8d6fed92e5-CPH
access-control-allow-origin
*
content-length
43
server
cloudflare
add
meherdewogoud.com/log/ 		12 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=aedbd1ea-864f-4859-9aee-bd2099fedc95
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x

Response headers

cf-cache-status
DYNAMIC
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:59:31 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
cf-ray
8f45da8d6ff692e5-CPH
access-control-allow-origin
https://meherdewogoud.com
content-length
12
server
cloudflare
img.gif
my.rtmark.net/ 		43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008137008c2c4e6fe960fd0ff6a32cb4&z=6118780&p_rid=aedbd1ea-864f-4859-9aee-bd2099fedc95&p_src=sf
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGmg%2Bi7yAJmCb4KB6KGIZ0DoF0NstmHmcFlw2G5TmHyVbxuu7mBlpAHilYmtz1qhgnc%2FLoK6TQ8njlWSnY%2BPc6SEa91e5axWyh1u7V1MLcqgDOzI11sOUbx4NHByb3zQcHwbC1VmUHS%2F04Hn"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30844&min_rtt=30671&rtt_var=5126&sent=12&recv=11&lost=0&retrans=0&sent_bytes=5068&recv_bytes=4897&delivery_rate=16588&cwnd=12000&unsent_bytes=0&cid=b8d9185c96cfb2d0&ts=384&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 07:59:31 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f45da8d681710f3-CPH
access-control-allow-origin
*
content-length
43
server
cloudflare
add
meherdewogoud.com/async_log/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=aedbd1ea-864f-4859-9aee-bd2099fedc95
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8f45da8d7ffa92e5-CPH
access-control-allow-origin
https://meherdewogoud.com
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:59:31 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
merchantGo
dk-go.kelkoogroup.net/
Redirect Chain
  • https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false
  • https://www.share365.net/vip/rdc/dk?subId=893519511532343513_N&country=DK&campaignid=8543931
  • https://www.rewardany.com/store/cdon-dk-cpc?pubId=10449&subId=893519511532343513_N&country=DK&campaignid=8543931
  • https://clcktrck.com/dk/s/red_u_plain.php?uid=359720138&t=direct&s=22207&pub=10449&d=cdon.dk
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/2738bed44c39d838d319193e92a4cbb2c44cd9b6abb7953c1eb261df9eff9125b56d1ab4a606f6429da0cec03e2f920d6d286f6ec6c8ee212a437720910fe46699514d6c47374cf...
  • https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=10761003614...
28 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
686b3cf9a409f1ff70f37f91fdf70afec25de3c42f7d609cda5b84ec31c6b1a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://meherdewogoud.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Charset
utf-8
Content-Length
28615
Content-Security-Policy
frame-ancestors 'none'
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Dec 2024 07:59:33 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.02207628S
X-Content-Type-Options
nosniff
X-DD-B
1
X-DataDome
protected
X-DataDome-CID
AHrlqAAAAAMAdclReIgq7dwAuezLYw==
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698148_1734595173832_4977080
country
dk
leadId
62A001JFEYVQEETH7EPSNKS645V6ZF

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Dec 2024 07:59:33 GMT
Location
https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
Referrer-Policy
origin
Server
nginx
Transfer-Encoding
chunked
favicon.ico
meherdewogoud.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
4692164
cf-ray
8f45da8beed992e5-CPH
expires
Sun, 17 Dec 2034 07:59:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:59:31 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
p.png
dk-go.kelkoogroup.net/assets/images/ 		68 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk-go.kelkoogroup.net/assets/images/p.png?country=dk&k=612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367d2ab903a00fd916f4bb575c512b3a68075540b98b312b6c10b56a6490d0b698eacb532a6aedbd97863c91404e2b6e527baa386b1974d39f094e51fd139db349a8c638762b5160ee7ccc6f5c6100d8d51edb43b6e9d0504c5d40b50f5e43be970c0684438d2eef4d10b8caf0121f8536720a51d91a2fe62146df78bd38827129098c53799252eed4f5ddcc6a46007978525fb4c0c9c304fe04157dfa3cbd7e6e558d154602fd8c9552e04c323b2973003ed897e510386de931db1a526770ae18d3764bdafa8629a05e7c1f3a031408daab2e9d5f5d8d9feb1571c534174bef463b0e556ec94a40c43d7fb7a31f347823321a5edc7d8629896373ee4
Requested by
Host: dk-go.kelkoogroup.net
URL: https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer
https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
Cache-Control
private, must-revalidate
leadId
62A001JFEYVQEETH7EPSNKS645V6ZF
Request-Time
PT0.001366765S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
clickId
107698148_1734595173832_4977080
country
dk
X-Content-Type-Options
nosniff
Content-Length
68
X-XSS-Protection
1; mode=block
Date
Thu, 19 Dec 2024 07:59:33 GMT
Content-Type
image/png
X-Frame-Options
DENY
tags.js
dd.kelkoogroup.net/ 		176 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/tags.js
Requested by
Host: dk-go.kelkoogroup.net
URL: https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d56750f319ff862ed72f5413c56d9bcb79e8cd1ef827444c9e469c76f6050dbe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dk-go.kelkoogroup.net/

Response headers

content-encoding
br
x-amz-version-id
GViQDoqYyZcLOBGZgqhbp0LoRPvGDrAM
etag
W/"1dc8e31226cdaf246fe01ee48923829c"
age
3574
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Ti3BRahIhuOsEr90vVC_d-CB1pgAUaC22i6u5_qSLljCw7UuUWsKAw==
date
Thu, 19 Dec 2024 07:00:00 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Wed, 18 Dec 2024 14:30:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600, public
via
1.1 87b9fb3f8157b5916fbe1d11149c4f3a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/ 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-J119MQD04L&_p=177330322&sr=1600x1200&ul=da-dk&cid=970152647.1734595173&uid=a4c6294-193ddedddc9-8d697&_fv=1&_s=1&dl=https%3A%2F%2Fdk-go.kelkoogroup.net%2FmerchantGo%3F.ts%3D1734595172887%26.sig%3DAOHToGCFifPLJnwlT9v4tepqLW4-%26affiliationId%3D96967173%26comId%3D12999413%26country%3Ddk%26cpcId%3D6417356%26merchantName%3DCdon.dk%26searchId%3D107610036145395_1734595172857_8820183%26service%3D30%26tokenId%3D2ce8ff34-60c1-45cc-8742-5d09b81fd7c3%26url%3Dhttps%253A%252F%252Fcdon.dk%26addedParams%3Dtrue%26publisherClickId%3D60553454ce28046eaa2aab097b5d7094%26originReferer%3Ddiscounthero.org%26publisherSubId%3DD626FB04E01EEA54FDAB9C75DC19AFEB%26publisherTrafficType%3Dcashback&dt=Du%20er%20p%C3%A5%20vej%20til%20Cdon.dk&dp=%2F96967173%7C12999413%7C&sid=1734595173&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96967173&ep.cd2=62A001JFEYVQEETH7EPSNKS645V6ZF&ep.cd3=12999413&ep.cd4=a4c6294-193ddedddc9-8d697&ep.cd5=&ep.cd6=96967173%7C12999413%7C
Requested by
Host: dk-go.kelkoogroup.net
URL: https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dk-go.kelkoogroup.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dk-go.kelkoogroup.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 07:59:33 GMT
content-type
text/plain
server
Golfe2
ados.js
dk-go.kelkoogroup.net/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dk-go.kelkoogroup.net/ados.js
Requested by
Host: dk-go.kelkoogroup.net
URL: https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer
https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
Request-Time
PT0.000730037S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
Content-Length
1140
X-XSS-Protection
1; mode=block
Date
Thu, 19 Dec 2024 07:59:33 GMT
Content-Type
text/html; charset=UTF-8
X-Frame-Options
DENY
fp
dk-go.kelkoogroup.net/ 		0
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dk-go.kelkoogroup.net/fp?country=dk&k=612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367d2ab903a00fd916f4bb575c512b3a68075540b98b312b6c10b56a6490d0b698eacb532a6aedbd97863c91404e2b6e527baa386b1974d39f094e51fd139db349a8c638762b5160ee7ccc6f5c6100d8d51edb43b6e9d0504c5d40b50f5e43be970c0684438d2eef4d10b8caf0121f8536720a51d91a2fe62146df78bd38827129098c53799252eed4f5ddcc6a46007978525fb4c0c9c304fe04157dfa3cbd7e6e558d154602fd8c9552e04c323b2973003ed897e510386de931db1a526770ae18d3764bdafa8629a05e7c1f3a031408daab2e9d5f5d8d9feb1571c534174bef463b0e556ec94a40c43d7fb7a31f347823321a5edc7d8629896373ee4
Requested by
Host: dk-go.kelkoogroup.net
URL: https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=utf-8
sec-ch-device-memory
8

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
leadId
62A001JFEYVQEETH7EPSNKS645V6ZF
Request-Time
PT0.007576489S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
clickId
107698148_1734595173832_4977080
country
dk
X-Content-Type-Options
nosniff
Content-Length
0
X-XSS-Protection
1; mode=block
Date
Thu, 19 Dec 2024 07:59:33 GMT
Content-Type
text/plain; charset=UTF-8
X-Frame-Options
DENY
2bd28c14-7ace-49cc-a52a-5b322f7b4107
https://dk-go.kelkoogroup.net/ Frame 		0
0
/
dd.kelkoogroup.net/js/ 		236 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/js/
Requested by
Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
DataDome /
Resource Hash
9ab9d7f8120d542531660e8c653b02ac037bec859ad3b68903298684d6e1730b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://dk-go.kelkoogroup.net/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
via
1.1 54458302557dcee9766f255184a02288.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
236
x-amz-cf-id
v9gJXCg8M6CRsOUau_qe41SlBNp2_LBzvpFkkzpYfFl2crnC6otVgQ==
date
Thu, 19 Dec 2024 07:59:34 GMT
content-type
application/json;charset=utf-8
x-amz-cf-pop
FRA56-P10
server
DataDome
Primary Request redirect
dk-go.kelkoogroup.net/ 		735 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dk-go.kelkoogroup.net/redirect?country=dk&k=612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367d2ab903a00fd916f4bb575c512b3a68075540b98b312b6c10b56a6490d0b698eacb532a6aedbd97863c91404e2b6e527baa386b1974d39f094e51fd139db349a8c638762b5160ee7ccc6f5c6100d8d51edb43b6e9d0504c5d40b50f5e43be970c0684438d2eef4d10b8caf0121f8536720a51d91a2fe62146df78bd38827129098c53799252eed4f5ddcc6a46007978525fb4c0c9c304fe04157dfa3cbd7e6e558d154602fd8c9552e04c323b2973003ed897e510386de931db1a526770ae18d3764bdafa8629a05e7c1f3a031408daab2e9d5f5d8d9feb1571c534174bef463b0e556ec94a40c43d7fb7a31f347823321a5edc7d8629896373ee4&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D224396%26p%3D120%26epi%3D62A001JFEYVQEETH7EPSNKS645V6ZF%26url%3Dhttps%253A%252F%252Fcdon.dk&initiator=timeout
Requested by
Host: dk-go.kelkoogroup.net
URL: https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
21ea263b80f6675e3ebb3e70d99a89d4b179d8817951459a06273ed79fd8c158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Charset
utf-8
Content-Length
735
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Dec 2024 07:59:33 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.013480517S
X-Content-Type-Options
nosniff
X-DD-B
1
X-DataDome
protected
X-DataDome-CID
AHrlqAAAAAMAdclReIgq7dwAuezLYw==
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-XSS-Protection
1; mode=block
c.js
ct.captcha-delivery.com/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.captcha-delivery.com/c.js
Requested by
Host: dk-go.kelkoogroup.net
URL: https://dk-go.kelkoogroup.net/redirect?country=dk&k=612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367d2ab903a00fd916f4bb575c512b3a68075540b98b312b6c10b56a6490d0b698eacb532a6aedbd97863c91404e2b6e527baa386b1974d39f094e51fd139db349a8c638762b5160ee7ccc6f5c6100d8d51edb43b6e9d0504c5d40b50f5e43be970c0684438d2eef4d10b8caf0121f8536720a51d91a2fe62146df78bd38827129098c53799252eed4f5ddcc6a46007978525fb4c0c9c304fe04157dfa3cbd7e6e558d154602fd8c9552e04c323b2973003ed897e510386de931db1a526770ae18d3764bdafa8629a05e7c1f3a031408daab2e9d5f5d8d9feb1571c534174bef463b0e556ec94a40c43d7fb7a31f347823321a5edc7d8629896373ee4&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D224396%26p%3D120%26epi%3D62A001JFEYVQEETH7EPSNKS645V6ZF%26url%3Dhttps%253A%252F%252Fcdon.dk&initiator=timeout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-86.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71a405f5bab79137aabe36acea206ff5551310ac3eda1d966a55ef19cc412be3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dk-go.kelkoogroup.net/

Response headers

x-amz-version-id
null
etag
"3712c68cb3b66654eb5f6967076d5899"
age
80341
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
11314
x-amz-cf-id
zhlQI3Mkk56gg9zbam0hMlr22pD_kxWN13_Qe8MCyEGWuumug15vHA==
date
Wed, 18 Dec 2024 09:40:34 GMT
content-type
text/javascript
last-modified
Wed, 18 Dec 2024 09:40:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
/
geo.captcha-delivery.com/captcha/ Frame 7A0D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAdclReIgq7dwAuezLYw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=AeaBTUfl~JbFAQJfo_AxH0t61sJiUjKB6WX4oYgMOxjUB4XKaD3DgA5NWWvIkFZKxuwH8m3cLqU~_vTn2j_8nGR438UhJ8LOuk4uZPDs8JMLaqv1sD7Felusn9SAOlsC&t=fe&referer=https%3A%2F%2Fdk-go.kelkoogroup.net%2Fredirect%3Fcountry%3Ddk%26k%3D612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367d2ab903a00fd916f4bb575c512b3a68075540b98b312b6c10b56a6490d0b698eacb532a6aedbd97863c91404e2b6e527baa386b1974d39f094e51fd139db349a8c638762b5160ee7ccc6f5c6100d8d51edb43b6e9d0504c5d40b50f5e43be970c0684438d2eef4d10b8caf0121f8536720a51d91a2fe62146df78bd38827129098c53799252eed4f5ddcc6a46007978525fb4c0c9c304fe04157dfa3cbd7e6e558d154602fd8c9552e04c323b2973003ed897e510386de931db1a526770ae18d3764bdafa8629a05e7c1f3a031408daab2e9d5f5d8d9feb1571c534174bef463b0e556ec94a40c43d7fb7a31f347823321a5edc7d8629896373ee4%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D224396%2526p%253D120%2526epi%253D62A001JFEYVQEETH7EPSNKS645V6ZF%2526url%253Dhttps%25253A%25252F%25252Fcdon.dk%26initiator%3Dtimeout&s=35103&e=58294cd75ca1797214b090c88787037c534bb680cce831d8328ce41bbb65e1ec&dm=cd
Requested by
Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.78.137.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-137-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://dk-go.kelkoogroup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 19 Dec 2024 07:59:34 GMT
Transfer-Encoding
chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dk-go.kelkoogroup.net
URL
blob:https://dk-go.kelkoogroup.net/2bd28c14-7ace-49cc-a52a-5b322f7b4107

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dd

10 Cookies

Domain/Path Name / Value
redwingshere.xyz/ Name: mobitck
Value: 1
my.rtmark.net/ Name: ID
Value: 008137ad733d4fd3f2109fc0aec0e068
meherdewogoud.com/ Name: oaidts
Value: 1734595171
meherdewogoud.com/ Name: OAID
Value: 008137ad733d4fd3f2109fc0aec0e068
meherdewogoud.com/ Name: syncedCookie
Value: true
www.share365.net/ Name: XSRF-TOKEN
Value: eyJpdiI6IjlRa3Q4bDV2eVUzMzM4R2R4bldvNVE9PSIsInZhbHVlIjoiMHN1disySnBcLzNON1ZranRwWXdXazRGVmpZUUlCRXd6NmJVWEp5cjF5blNKZDNsejVOelFLQlpiSGR1XC80NUswIiwibWFjIjoiMjU4ZDcyMzRkNTYyMzEzN2EzM2ViZjAyOWRjZWZhMGZhOGVkZjQ5MGVlN2ZmMGNlMGNhYzI3Yjg0YmUzM2ViMSJ9
www.share365.net/ Name: laravel_session
Value: eyJpdiI6ImZJRkhsYlVyK1JDY082R3R2NnZyYkE9PSIsInZhbHVlIjoiXC8wRGQyd2tzY2NKYzZmVzlnRW5UQ1cwOHFqc2FYQWtKTUVuNkgwTWhWZGZla1prZysrRmFDN3NmVEdTbjFOMDAiLCJtYWMiOiJlOTExN2ZhOGYzMTYzZGYzYmYxNjQwMGVkNDk4OGVhNWI1MjMwODRkNjE2NWQ1YjVhZTQwM2ZiMjRhYjNkYWI1In0%3D
www.share365.net/ Name: __cflb
Value: 0H28vVobGc6CutkxgoxsgvcCKNChyMYE1AYwmuZ2Rh5
.kelkoogroup.net/ Name: kelkooID
Value: a4c6294-193ddedddc9-8d697
.kelkoogroup.net/ Name: datadome
Value: AeaBTUfl~JbFAQJfo_AxH0t61sJiUjKB6WX4oYgMOxjUB4XKaD3DgA5NWWvIkFZKxuwH8m3cLqU~_vTn2j_8nGR438UhJ8LOuk4uZPDs8JMLaqv1sD7Felusn9SAOlsC

6 Console Messages

Source Level URL
Text
rendering warning URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fq4c9c000g2
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F03804AC1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://meherdewogoud.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C03804AC1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Copenhagen&bto=-60&bar=x(Line 81)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F03804AC1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://meherdewogoud.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0203904AC1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://dk-go.kelkoogroup.net/merchantGo?.ts=1734595172887&.sig=AOHToGCFifPLJnwlT9v4tepqLW4-&affiliationId=96967173&comId=12999413&country=dk&cpcId=6417356&merchantName=Cdon.dk&searchId=107610036145395_1734595172857_8820183&service=30&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&url=https%3A%2F%2Fcdon.dk&addedParams=true&publisherClickId=60553454ce28046eaa2aab097b5d7094&originReferer=discounthero.org&publisherSubId=D626FB04E01EEA54FDAB9C75DC19AFEB&publisherTrafficType=cashback(Line 28)
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://dk-go.kelkoogroup.net/redirect?country=dk&k=612f7a9541cd6ea61eb554c0e4cff4371baabd0aed0050b103f882b22c96d0b17bba302367d2ab903a00fd916f4bb575c512b3a68075540b98b312b6c10b56a6490d0b698eacb532a6aedbd97863c91404e2b6e527baa386b1974d39f094e51fd139db349a8c638762b5160ee7ccc6f5c6100d8d51edb43b6e9d0504c5d40b50f5e43be970c0684438d2eef4d10b8caf0121f8536720a51d91a2fe62146df78bd38827129098c53799252eed4f5ddcc6a46007978525fb4c0c9c304fe04157dfa3cbd7e6e558d154602fd8c9552e04c323b2973003ed897e510386de931db1a526770ae18d3764bdafa8629a05e7c1f3a031408daab2e9d5f5d8d9feb1571c534174bef463b0e556ec94a40c43d7fb7a31f347823321a5edc7d8629896373ee4&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D224396%26p%3D120%26epi%3D62A001JFEYVQEETH7EPSNKS645V6ZF%26url%3Dhttps%253A%252F%252Fcdon.dk&initiator=timeout
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28909128-29217-ex.hydramaterrep.com
clcktrck.com
ct.captcha-delivery.com
dd.kelkoogroup.net
dk-go.kelkoogroup.net
geo.captcha-delivery.com
meherdewogoud.com
my.rtmark.net
redwingshere.xyz
www.google-analytics.com
www.rewardany.com
www.share365.net
dk-go.kelkoogroup.net
104.18.22.222
13.56.31.52
2001:4860:4802:32::178
2606:4700:3108::ac42:2b0b
2a06:98c1:3120::3
3.161.82.21
3.73.249.248
3.78.137.248
37.114.46.212
65.9.66.86
88.208.22.3
95.211.116.26
21ea263b80f6675e3ebb3e70d99a89d4b179d8817951459a06273ed79fd8c158
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56500a6117e758f665f2e26b3979c024d7e04a4cd17582fd244986928eaa63cb
5da4887e999b9121165ef61d21c6ee79f5d223f8b2d2402ceb5da7b5dda996a4
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
686b3cf9a409f1ff70f37f91fdf70afec25de3c42f7d609cda5b84ec31c6b1a5
71a405f5bab79137aabe36acea206ff5551310ac3eda1d966a55ef19cc412be3
8f220d54092eb2a208e1dd36262fda508fa27e2622bc6032fe037faa9db2e38c
9ab9d7f8120d542531660e8c653b02ac037bec859ad3b68903298684d6e1730b
d56750f319ff862ed72f5413c56d9bcb79e8cd1ef827444c9e469c76f6050dbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7