nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kitelocust.com/
Effective URL:
https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86...
Submission: On February 22 via api (February 22nd 2022, 9:04:02 am UTC) from JP — Scanned from JP

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 95.211.116.27, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is nl-go.kelkoogroup.net.
TLS certificate: Issued by Thawte RSA CA 2018 on September 7th 2021. Valid for: a year.

This is the only time nl-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	103.224.182.242 103.224.182.242	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	103.224.212.246 103.224.212.246	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
4	66.165.243.160 66.165.243.160	29802 (HVC-AS) (HVC-AS)
5	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
2 5	95.211.116.27 95.211.116.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.65.191.10 18.65.191.10	16509 (AMAZON-02) (AMAZON-02)
1	13.113.112.193 13.113.112.193	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:824::2008	15169 (GOOGLE) (GOOGLE)
1	185.40.58.148 185.40.58.148	() ()
19	9

3 103.224.182.242 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-242.above.com

kitelocust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.212.246 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-246.above.com

0redird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.27 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com

nl-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.191.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-191-10.nrt57.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.113.112.193 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-112-193.ap-northeast-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.40.58.148 (None, )

ASN- ()

www.secondhandhp.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	kelkoogroup.net 2 redirects nl-go.kelkoogroup.net	32 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
4	redirekted.com r.redirekted.com — Cisco Umbrella Rank: 523138	11 KB
3	kitelocust.com 1 redirects kitelocust.com	6 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 7924 api-js.datadome.co — Cisco Umbrella Rank: 7782	44 KB
2	0redird.com 1 redirects 0redird.com	2 KB
1	secondhandhp.nl www.secondhandhp.nl
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	41 KB
19	8

	Domain	Requested by
5	nl-go.kelkoogroup.net	2 redirects r.redirekted.com nl-go.kelkoogroup.net
5	www.google-analytics.com	r.redirekted.com www.google-analytics.com www.googletagmanager.com
4	r.redirekted.com	0redird.com r.redirekted.com
3	kitelocust.com	1 redirects kitelocust.com
2	0redird.com	1 redirects kitelocust.com
1	www.secondhandhp.nl	nl-go.kelkoogroup.net
1	www.googletagmanager.com	nl-go.kelkoogroup.net
1	api-js.datadome.co	js.datadome.co
1	js.datadome.co	nl-go.kelkoogroup.net
19	9

This site contains no links.

Subject Issuer	Validity	Valid
xxpim.tube R3	`2022-02-22` - `2022-05-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2021-09-07` - `2022-10-07`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2021-10-12` - `2022-10-21`	a year	crt.sh
www.secondhandhp.nl Sectigo RSA Domain Validation Secure Server CA	`2021-12-24` - `2023-01-19`	a year	crt.sh

This page contains 2 frames:

Frame: https://www.secondhandhp.nl/j6054b.html?utm_source=kelkoo_nl&utm_medium=cpc&utm_term=17757--j6054b-
Frame ID: 8E950EBE080C952C39839A5D4D55CFEB
Requests: 15 HTTP requests in this frame

Frame: http://r.redirekted.com/go?e=04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW1fQsuIKB9IPru1KW49SsmuwL8uPrW5KW8NzsyDUF9M3X50KL55wsbVvL59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78yF8gQsX5KW0fxsyVPM55GsQSPXxO2Z2uxCm8GssEmBsEJsxfFEeZ3WYImq4uzsmEaFdfmV6bFW4AJsucPLetvWVcvC8E2XmWlFd4Gr-0UX5cmXytwLe4Qr-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Frame ID: E64A33D13CAE87673BBC5E690FE81CD6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kitelocust.com/ HTTP 302
https://kitelocust.com/ Page URL
http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKi... HTTP 302
http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKi... Page URL
http://r.redirekted.com/redirect?redirect_id=7c3aa5265240871b19959104fa7bf9d7&request_id=52284451184... Page URL
https://nl-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1645449603775&.sig=fE89Qtr._xymR5TOZWGTNLLsU6o-&aff... HTTP 307
https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d... Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

19
Requests

63 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

171 kB
Transfer

497 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kitelocust.com/ HTTP 302
https://kitelocust.com/ Page URL
http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKisQx%2BQkmgatluULomLIxlxpkt%2F2qLGoGr4LHaeiH%2BCKBmoNBrUm%2FE25QbLW%2Fs5yzJbNJ3C4173oLAFPV4z5h8Hf4VF7l5ZuesR3kppRvD9A6v%2F71Us1iXNtvQFhVmWEJj0ozPtnP5kliXJ%2BwYmw6Ve47uhU%2F%2Bq4ycRc1b3mUK9gXCu5GxcdijexaVU%2BLbF6%2FIhAQ7ldZyKbRewOv0Yh3ZgPkG7SRpV7lsdT5Z4smW7%2FCpOP0wQzFJbJhjJS5SZkUIfbYbDAvAhcqb0eg1hwHj1r%2BK%2BMdq4H0gns2czgOA1xF1eq%2BT7n4OY%2FIH6jQLldnFPvTGppuIb0qYIvD9xP32Evr63JXS0YQ0sguu%2BX7EMnODJzhp2lo1Prxv0eys1hYjlaSGtn32KGHFeYGwCp6S6T0R%2BlYVeeN8SKNLBGs4NGhkqqR7VymBHyzX2q%2BavsqfPkiovEsFyQ4GNudhvzAdte%2F7RftFpQsrXO15Q4UIat8w8hn2iHNAI%2Fir4LdCtDcdcYLyeU93OYlmkWIbpcAj38OUUhXkXwSZb2ug%2FF9HOOEzXFp9vmrXFPA5%2FXWeq7cda9HUN5AmXYugMY%2FXcVirO5PWleG%2FuAUe196lZgV43PKz844J6X6wfUP68RxtWUKq0Lfa6Zo0UIK1jEtrSP0bI3yTl1P0eAUP3%2F%2BeUdxl0QlQRONDmJNCxCmsPD555hOF&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKisQx%2BQkmgatluULomLIxlxpkt%2F2qLGoGr4LHaeiH%2BCKBmoNBrUm%2FE25QbLW%2Fs5yzJbNJ3C4173oLAFPV4z5h8Hf4VF7l5ZuesR3kppRvD9A6v%2F71Us1iXNtvQFhVmWEJj0ozPtnP5kliXJ%2BwYmw6Ve47uhU%2F%2Bq4ycRc1b3mUK9gXCu5GxcdijexaVU%2BLbF6%2FIhAQ7ldZyKbRewOv0Yh3ZgPkG7SRpV7lsdT5Z4smW7%2FCpOP0wQzFJbJhjJS5SZkUIfbYbDAvAhcqb0eg1hwHj1r%2BK%2BMdq4H0gns2czgOA1xF1eq%2BT7n4OY%2FIH6jQLldnFPvTGppuIb0qYIvD9xP32Evr63JXS0YQ0sguu%2BX7EMnODJzhp2lo1Prxv0eys1hYjlaSGtn32KGHFeYGwCp6S6T0R%2BlYVeeN8SKNLBGs4NGhkqqR7VymBHyzX2q%2BavsqfPkiovEsFyQ4GNudhvzAdte%2F7RftFpQsrXO15Q4UIat8w8hn2iHNAI%2Fir4LdCtDcdcYLyeU93OYlmkWIbpcAj38OUUhXkXwSZb2ug%2FF9HOOEzXFp9vmrXFPA5%2FXWeq7cda9HUN5AmXYugMY%2FXcVirO5PWleG%2FuAUe196lZgV43PKz844J6X6wfUP68RxtWUKq0Lfa6Zo0UIK1jEtrSP0bI3yTl1P0eAUP3%2F%2BeUdxl0QlQRONDmJNCxCmsPD555hOF&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1645520637.1877219 Page URL
http://r.redirekted.com/redirect?redirect_id=7c3aa5265240871b19959104fa7bf9d7&request_id=522844511843c433c99d7ac9857c91f3 Page URL
https://nl-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1645449603775&.sig=fE89Qtr._xymR5TOZWGTNLLsU6o-&affiliationId=96965859&comId=100500624&country=nl&offerId=e086ad1ef9168a074c007c6d55c6f995&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPpw13F5pzZu1mKetFFUcvLafHAlE2BmRTLaIPCWqTsYEaE8gQpsg3B09IsxZ2K3ZUqVk3pzNTsmcPM&custom2=jKWjuHsyNUF9gQrsqwqSExZvyxEmpKrUAQB HTTP 307
https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://kitelocust.com/ HTTP 302
https://kitelocust.com/

Request Chain 2

http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKisQx%2BQkmgatluULomLIxlxpkt%2F2qLGoGr4LHaeiH%2BCKBmoNBrUm%2FE25QbLW%2Fs5yzJbNJ3C4173oLAFPV4z5h8Hf4VF7l5ZuesR3kppRvD9A6v%2F71Us1iXNtvQFhVmWEJj0ozPtnP5kliXJ%2BwYmw6Ve47uhU%2F%2Bq4ycRc1b3mUK9gXCu5GxcdijexaVU%2BLbF6%2FIhAQ7ldZyKbRewOv0Yh3ZgPkG7SRpV7lsdT5Z4smW7%2FCpOP0wQzFJbJhjJS5SZkUIfbYbDAvAhcqb0eg1hwHj1r%2BK%2BMdq4H0gns2czgOA1xF1eq%2BT7n4OY%2FIH6jQLldnFPvTGppuIb0qYIvD9xP32Evr63JXS0YQ0sguu%2BX7EMnODJzhp2lo1Prxv0eys1hYjlaSGtn32KGHFeYGwCp6S6T0R%2BlYVeeN8SKNLBGs4NGhkqqR7VymBHyzX2q%2BavsqfPkiovEsFyQ4GNudhvzAdte%2F7RftFpQsrXO15Q4UIat8w8hn2iHNAI%2Fir4LdCtDcdcYLyeU93OYlmkWIbpcAj38OUUhXkXwSZb2ug%2FF9HOOEzXFp9vmrXFPA5%2FXWeq7cda9HUN5AmXYugMY%2FXcVirO5PWleG%2FuAUe196lZgV43PKz844J6X6wfUP68RxtWUKq0Lfa6Zo0UIK1jEtrSP0bI3yTl1P0eAUP3%2F%2BeUdxl0QlQRONDmJNCxCmsPD555hOF&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKisQx%2BQkmgatluULomLIxlxpkt%2F2qLGoGr4LHaeiH%2BCKBmoNBrUm%2FE25QbLW%2Fs5yzJbNJ3C4173oLAFPV4z5h8Hf4VF7l5ZuesR3kppRvD9A6v%2F71Us1iXNtvQFhVmWEJj0ozPtnP5kliXJ%2BwYmw6Ve47uhU%2F%2Bq4ycRc1b3mUK9gXCu5GxcdijexaVU%2BLbF6%2FIhAQ7ldZyKbRewOv0Yh3ZgPkG7SRpV7lsdT5Z4smW7%2FCpOP0wQzFJbJhjJS5SZkUIfbYbDAvAhcqb0eg1hwHj1r%2BK%2BMdq4H0gns2czgOA1xF1eq%2BT7n4OY%2FIH6jQLldnFPvTGppuIb0qYIvD9xP32Evr63JXS0YQ0sguu%2BX7EMnODJzhp2lo1Prxv0eys1hYjlaSGtn32KGHFeYGwCp6S6T0R%2BlYVeeN8SKNLBGs4NGhkqqR7VymBHyzX2q%2BavsqfPkiovEsFyQ4GNudhvzAdte%2F7RftFpQsrXO15Q4UIat8w8hn2iHNAI%2Fir4LdCtDcdcYLyeU93OYlmkWIbpcAj38OUUhXkXwSZb2ug%2FF9HOOEzXFp9vmrXFPA5%2FXWeq7cda9HUN5AmXYugMY%2FXcVirO5PWleG%2FuAUe196lZgV43PKz844J6X6wfUP68RxtWUKq0Lfa6Zo0UIK1jEtrSP0bI3yTl1P0eAUP3%2F%2BeUdxl0QlQRONDmJNCxCmsPD555hOF&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1645520637.1877219

Request Chain 7

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 9

http://www.google-analytics.com/collect?v=1&_v=j96&a=1107561346&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW1fQsuIKB9IPru1KW49SsmuwL8uPrW5KW8NzsyDUF9M3X50KL55wsbVvL59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78yF8gQsX5KW0fxsyVPM55GsQSPXxO2Z2uxCm8GssEmBsEJsxfFEeZ3WYImq4uzsmEaFdfmV6bFW4AJsucPLetvWVcvC8E2XmWlFd4Gr-0UX5cmXytwLe4Qr-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=204988400.1645520638&tid=UA-32454353-1&_gid=255164463.1645520638&cd1=oz9loT58n2kesUk8sT5ipzkhsTgfn3k8sUj%3D&z=1701277991 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j96&a=1107561346&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW1fQsuIKB9IPru1KW49SsmuwL8uPrW5KW8NzsyDUF9M3X50KL55wsbVvL59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78yF8gQsX5KW0fxsyVPM55GsQSPXxO2Z2uxCm8GssEmBsEJsxfFEeZ3WYImq4uzsmEaFdfmV6bFW4AJsucPLetvWVcvC8E2XmWlFd4Gr-0UX5cmXytwLe4Qr-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=204988400.1645520638&tid=UA-32454353-1&_gid=255164463.1645520638&cd1=oz9loT58n2kesUk8sT5ipzkhsTgfn3k8sUj%3D&z=1701277991

Request Chain 17

https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437c590656c0bce245eb439e3fd89687b44a537288c542057b7d59ec4e52f9bc2d261756289cb18007cb9ecf30ac0123b91db691d8c1d3dab365670257d04a9eb3437c3f3be876416315554a4c6fbddc06281129d820e1cb4b747d4aae2d2db38cea5ff72e04b6e5378121c468af57db58c94492a858125bd9f34ff2fd1f5dd830779fa0980d393d02665f7cfc91f0529f316ba83a487ceade49454f0caae51bf9e990a5b99ae82dcd02434d0a21f26be21df14d2e09cc5fd63ff6dac60900e463732ee9d4a583ba35ee00aff5445995f0792afc66ca23a42299435794208a9fd6f17f77784d7875ed60846a188e869fd0d0e889eed80b1e4360082d7666f6a717874cab1b5a39e6c15&leadId=dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1645520639475_375123&clickId=107699101_1645520639200_393510&url=https%3A%2F%2Fwww.secondhandhp.nl%2Fj6054b.html%3Futm_source%3Dkelkoo_nl%26utm_medium%3Dcpc%26utm_term%3D17757--j6054b-&initiator=timeout HTTP 303
https://www.secondhandhp.nl/j6054b.html?utm_source=kelkoo_nl&utm_medium=cpc&utm_term=17757--j6054b-

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
kitelocust.com/
Redirect Chain

http://kitelocust.com/
https://kitelocust.com/

3 KB
2 KB

862ms
525ms

Document
text/html

103.224.182.242
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: https://kitelocust.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.224.182.242 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-242.above.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: f74d62135fc4b1fcade3022ba5ffa781216fe02fb16b762b2bae7ab6ec494da0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

Date: Tue, 22 Feb 2022 09:03:56 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1748
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 22 Feb 2022 09:03:55 GMT
Server: Apache/2.4.25 (Debian)
Location: https://kitelocust.com/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK swfobject.js Show response
kitelocust.com/js/ 10 KB
4 KB 320ms
111ms Script
application/javascript 103.224.182.242
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: https://kitelocust.com/js/swfobject.js
Requested by: Host: kitelocust.com
URL: https://kitelocust.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.224.182.242 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-242.above.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://kitelocust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 09:03:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 03:46:00 GMT
Server: Apache/2.4.25 (Debian)
ETag: "27ef-5d82e9ac12e00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1

200
OK

jr.php
0redird.com/
Redirect Chain

http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKisQx%2BQkmgatluULomLIxlxpkt%2F2qLGoGr4LHaeiH%2BCKBmoNBrUm%2FE25QbLW%2Fs5yzJbNJ3C4173oLAFPV4z5h8Hf4VF7l5...
http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKisQx%2BQkmgatluULomLIxlxpkt%2F2qLGoGr4LHaeiH%2BCKBmoNBrUm%2FE25QbLW%2Fs5yzJbNJ3C4173oLAFPV4z5h8Hf4VF7l5...

468 B
496 B

218ms
114ms

Document
text/html

103.224.212.246
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKisQx%2BQkmgatluULomLIxlxpkt%2F2qLGoGr4LHaeiH%2BCKBmoNBrUm%2FE25QbLW%2Fs5yzJbNJ3C4173oLAFPV4z5h8Hf4VF7l5ZuesR3kppRvD9A6v%2F71Us1iXNtvQFhVmWEJj0ozPtnP5kliXJ%2BwYmw6Ve47uhU%2F%2Bq4ycRc1b3mUK9gXCu5GxcdijexaVU%2BLbF6%2FIhAQ7ldZyKbRewOv0Yh3ZgPkG7SRpV7lsdT5Z4smW7%2FCpOP0wQzFJbJhjJS5SZkUIfbYbDAvAhcqb0eg1hwHj1r%2BK%2BMdq4H0gns2czgOA1xF1eq%2BT7n4OY%2FIH6jQLldnFPvTGppuIb0qYIvD9xP32Evr63JXS0YQ0sguu%2BX7EMnODJzhp2lo1Prxv0eys1hYjlaSGtn32KGHFeYGwCp6S6T0R%2BlYVeeN8SKNLBGs4NGhkqqR7VymBHyzX2q%2BavsqfPkiovEsFyQ4GNudhvzAdte%2F7RftFpQsrXO15Q4UIat8w8hn2iHNAI%2Fir4LdCtDcdcYLyeU93OYlmkWIbpcAj38OUUhXkXwSZb2ug%2FF9HOOEzXFp9vmrXFPA5%2FXWeq7cda9HUN5AmXYugMY%2FXcVirO5PWleG%2FuAUe196lZgV43PKz844J6X6wfUP68RxtWUKq0Lfa6Zo0UIK1jEtrSP0bI3yTl1P0eAUP3%2F%2BeUdxl0QlQRONDmJNCxCmsPD555hOF&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1645520637.1877219
Requested by: Host: kitelocust.com
URL: https://kitelocust.com/
Protocol: HTTP/1.1
Server: 103.224.212.246 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-212-246.above.com
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://kitelocust.com/

Response headers

Date: Tue, 22 Feb 2022 09:03:57 GMT
Server: Apache/2.4.25 (Debian)
X-JR-Code: s
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 267
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 22 Feb 2022 09:03:57 GMT
Server: Apache/2.4.25 (Debian)
Location: jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKisQx%2BQkmgatluULomLIxlxpkt%2F2qLGoGr4LHaeiH%2BCKBmoNBrUm%2FE25QbLW%2Fs5yzJbNJ3C4173oLAFPV4z5h8Hf4VF7l5ZuesR3kppRvD9A6v%2F71Us1iXNtvQFhVmWEJj0ozPtnP5kliXJ%2BwYmw6Ve47uhU%2F%2Bq4ycRc1b3mUK9gXCu5GxcdijexaVU%2BLbF6%2FIhAQ7ldZyKbRewOv0Yh3ZgPkG7SRpV7lsdT5Z4smW7%2FCpOP0wQzFJbJhjJS5SZkUIfbYbDAvAhcqb0eg1hwHj1r%2BK%2BMdq4H0gns2czgOA1xF1eq%2BT7n4OY%2FIH6jQLldnFPvTGppuIb0qYIvD9xP32Evr63JXS0YQ0sguu%2BX7EMnODJzhp2lo1Prxv0eys1hYjlaSGtn32KGHFeYGwCp6S6T0R%2BlYVeeN8SKNLBGs4NGhkqqR7VymBHyzX2q%2BavsqfPkiovEsFyQ4GNudhvzAdte%2F7RftFpQsrXO15Q4UIat8w8hn2iHNAI%2Fir4LdCtDcdcYLyeU93OYlmkWIbpcAj38OUUhXkXwSZb2ug%2FF9HOOEzXFp9vmrXFPA5%2FXWeq7cda9HUN5AmXYugMY%2FXcVirO5PWleG%2FuAUe196lZgV43PKz844J6X6wfUP68RxtWUKq0Lfa6Zo0UIK1jEtrSP0bI3yTl1P0eAUP3%2F%2BeUdxl0QlQRONDmJNCxCmsPD555hOF&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1645520637.1877219
X-JR-Code: cr
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK redirect Show response
r.redirekted.com/ 833 B
1 KB 353ms
106ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/redirect?redirect_id=7c3aa5265240871b19959104fa7bf9d7&request_id=522844511843c433c99d7ac9857c91f3
Requested by: Host: 0redird.com
URL: http://0redird.com/jr.php?gz=BXR8PsroK68RgqrdoFe4xuahbjeYqyZvPevgaQta9ejl4vd1jZxAiJ5uQ6%2FBZOKisQx%2BQkmgatluULomLIxlxpkt%2F2qLGoGr4LHaeiH%2BCKBmoNBrUm%2FE25QbLW%2Fs5yzJbNJ3C4173oLAFPV4z5h8Hf4VF7l5ZuesR3kppRvD9A6v%2F71Us1iXNtvQFhVmWEJj0ozPtnP5kliXJ%2BwYmw6Ve47uhU%2F%2Bq4ycRc1b3mUK9gXCu5GxcdijexaVU%2BLbF6%2FIhAQ7ldZyKbRewOv0Yh3ZgPkG7SRpV7lsdT5Z4smW7%2FCpOP0wQzFJbJhjJS5SZkUIfbYbDAvAhcqb0eg1hwHj1r%2BK%2BMdq4H0gns2czgOA1xF1eq%2BT7n4OY%2FIH6jQLldnFPvTGppuIb0qYIvD9xP32Evr63JXS0YQ0sguu%2BX7EMnODJzhp2lo1Prxv0eys1hYjlaSGtn32KGHFeYGwCp6S6T0R%2BlYVeeN8SKNLBGs4NGhkqqR7VymBHyzX2q%2BavsqfPkiovEsFyQ4GNudhvzAdte%2F7RftFpQsrXO15Q4UIat8w8hn2iHNAI%2Fir4LdCtDcdcYLyeU93OYlmkWIbpcAj38OUUhXkXwSZb2ug%2FF9HOOEzXFp9vmrXFPA5%2FXWeq7cda9HUN5AmXYugMY%2FXcVirO5PWleG%2FuAUe196lZgV43PKz844J6X6wfUP68RxtWUKq0Lfa6Zo0UIK1jEtrSP0bI3yTl1P0eAUP3%2F%2BeUdxl0QlQRONDmJNCxCmsPD555hOF&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&ckReS=1645520637.1877219
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: 01e9df097377e851bf279098321c11eadb3fb35463f8a514d9105ceff8640958

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://0redird.com/

Response headers

Server: nginx/1.21.5
Date: Tue, 22 Feb 2022 09:03:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14

GET
H/1.1 200
OK adren.css
r.redirekted.com/css/ 243 B
479 B 106ms
106ms Stylesheet
text/css 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/css/adren.css?n=2232973949
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=7c3aa5265240871b19959104fa7bf9d7&request_id=522844511843c433c99d7ac9857c91f3
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=7c3aa5265240871b19959104fa7bf9d7&request_id=522844511843c433c99d7ac9857c91f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 09:03:57 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-f3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243

GET
H/1.1 200
OK adren.min.js Show response
r.redirekted.com/js/ 7 KB
8 KB 208ms
104ms Script
application/javascript 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/js/adren.min.js?n=2232973949
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=7c3aa5265240871b19959104fa7bf9d7&request_id=522844511843c433c99d7ac9857c91f3
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: 55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=7c3aa5265240871b19959104fa7bf9d7&request_id=522844511843c433c99d7ac9857c91f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 09:03:58 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-1d68"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7528

GET
H/1.1 200
OK go Show response
r.redirekted.com/ Frame E64A 2 KB
2 KB 106ms
106ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/go?e=04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW1fQsuIKB9IPru1KW49SsmuwL8uPrW5KW8NzsyDUF9M3X50KL55wsbVvL59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78yF8gQsX5KW0fxsyVPM55GsQSPXxO2Z2uxCm8GssEmBsEJsxfFEeZ3WYImq4uzsmEaFdfmV6bFW4AJsucPLetvWVcvC8E2XmWlFd4Gr-0UX5cmXytwLe4Qr-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/js/adren.min.js?n=2232973949
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: 54ddfa560b55adbb7e765b710ccb18f754923d1094d712e717e06283ae60c24e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=7c3aa5265240871b19959104fa7bf9d7&request_id=522844511843c433c99d7ac9857c91f3

Response headers

Server: nginx/1.21.5
Date: Tue, 22 Feb 2022 09:03:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14

GET
H2

200

analytics.js Show response
www.google-analytics.com/ Frame E64A
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

41ms
2ms

Script
text/javascript

2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW1fQsuIKB9IPru1KW49SsmuwL8uPrW5KW8NzsyDUF9M3X50KL55wsbVvL59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78yF8gQsX5KW0fxsyVPM55GsQSPXxO2Z2uxCm8GssEmBsEJsxfFEeZ3WYImq4uzsmEaFdfmV6bFW4AJsucPLetvWVcvC8E2XmWlFd4Gr-0UX5cmXytwLe4Qr-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW

Protocol

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4193
date: Tue, 22 Feb 2022 07:54:05 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 09:54:05 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H2 200 collect
www.google-analytics.com/j/ Frame E64A 2 B
145 B 39ms
38ms XHR
text/plain 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1107561346&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW1fQsuIKB9IPru1KW49SsmuwL8uPrW5KW8NzsyDUF9M3X50KL55wsbVvL59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78yF8gQsX5KW0fxsyVPM55GsQSPXxO2Z2uxCm8GssEmBsEJsxfFEeZ3WYImq4uzsmEaFdfmV6bFW4AJsucPLetvWVcvC8E2XmWlFd4Gr-0UX5cmXytwLe4Qr-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=227106714&gjid=1790417738&cid=204988400.1645520638&tid=UA-32454353-1&_gid=255164463.1645520638&_r=1&_slc=1&z=1903901996

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 09:03:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://r.redirekted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/ Frame E64A
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j96&a=1107561346&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW1...
https://www.google-analytics.com/collect?v=1&_v=j96&a=1107561346&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW...

35 B
194 B

2ms
2ms

Image
image/gif

2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1107561346&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW1fQsuIKB9IPru1KW49SsmuwL8uPrW5KW8NzsyDUF9M3X50KL55wsbVvL59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78yF8gQsX5KW0fxsyVPM55GsQSPXxO2Z2uxCm8GssEmBsEJsxfFEeZ3WYImq4uzsmEaFdfmV6bFW4AJsucPLetvWVcvC8E2XmWlFd4Gr-0UX5cmXytwLe4Qr-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=204988400.1645520638&tid=UA-32454353-1&_gid=255164463.1645520638&cd1=oz9loT58n2kesUk8sT5ipzkhsTgfn3k8sUj%3D&z=1701277991

Requested by

Protocol

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 23:53:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33016
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j96&a=1107561346&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWzbRs7tmK9AaWWkKW48Ssuk3K8gHs74KW9jGsuI3B-IPBt1KL8ETsbblF59Gr8RFW1fQsuIKB9IPru1KW49SsmuwL8uPrW5KW8NzsyDUF9M3X50KL55wsbVvL59Gr-RPX58IA3OKM7c0MVEwCajwZcxUC75GsUAQWa5mZ78yF8gQsX5KW0fxsyVPM55GsQSPXxO2Z2uxCm8GssEmBsEJsxfFEeZ3WYImq4uzsmEaFdfmV6bFW4AJsucPLetvWVcvC8E2XmWlFd4Gr-0UX5cmXytwLe4Qr-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=204988400.1645520638&tid=UA-32454353-1&_gid=255164463.1645520638&cd1=oz9loT58n2kesUk8sT5ipzkhsTgfn3k8sUj%3D&z=1701277991
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

Primary Request go Show response
nl-go.kelkoogroup.net/
Redirect Chain

https://nl-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1645449603775&.sig=fE89Qtr._xymR5TOZWGTNLLsU6o-&affiliationId=96965859&comId=100500624&country=nl&offerId=e086ad1ef9168a074c007c6d55c6f995&ser...
https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc06...

26 KB
28 KB

265ms
264ms

Document
text/html

95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

2a2db05ab9862d5f89f66d07d3ab163fedefe938b8caddd3b2ee568a4860b62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=7c3aa5265240871b19959104fa7bf9d7&request_id=522844511843c433c99d7ac9857c91f3

Response headers

Date: Tue, 22 Feb 2022 09:03:59 GMT
leadId: dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1645520639475_375123
Pragma: no-cache
Charset: utf-8
clickId: 107699101_1645520639200_393510
country: nl
X-DataDome: protected
Request-Time: PT0.016S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAZgqbop55O7QAH8yRqg==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 26986
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=44
Connection: Keep-Alive

Redirect headers

Date: Tue, 22 Feb 2022 09:03:59 GMT
Pragma: no-cache
Charset: utf-8
clickId: 107699101_1645520639200_393510
country: nl
Location: /go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=
X-DataDome: protected
Request-Time: PT0.013S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAZgqbop55O7QAH8yRqg==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=94
Connection: Keep-Alive
Content-Type: text/plain

GET
H/1.1 200
OK p.png
nl-go.kelkoogroup.net/assets/images/ 68 B
621 B 242ms
242ms Image
image/png 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nl-go.kelkoogroup.net/assets/images/p.png?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437c590656c0bce245eb439e3fd89687b44a537288c542057b7d59ec4e52f9bc2d261756289cb18007cb9ecf30ac0123b91db691d8c1d3dab365670257d04a9eb3437c3f3be876416315554a4c6fbddc06281129d820e1cb4b747d4aae2d2db38cea5ff72e04b6e5378121c468af57db58c94492a858125bd9f34ff2fd1f5dd830779fa0980d393d02665f7cfc91f0529f316ba83a487ceade49454f0caae51bf9e990a5b99ae82dcd02434d0a21f26be21df14d2e09cc5fd63ff6dac60900e463732ee9d4a583ba35ee00aff5445995f0792afc66ca23a42299435794208a9fd6f17f77784d7875ed60846a188e869fd0d0e889eed80b1e4360082d7666f6a717874cab1b5a39e6c15&leadId=dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1645520639475_375123&clickId=107699101_1645520639200_393510

Requested by

Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ApacheTracking: localhost
Date: Tue, 22 Feb 2022 09:03:59 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0S
P3P: CP="Anything"
Connection: Keep-Alive
Content-Length: 68
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
ETag: "1958a569812ddae198cb1dd60abfe29dd56dc273"
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private, must-revalidate
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=40, max=96
Expires: Tue, 21 Feb 2023 08:09:52 GMT

GET
H2 200 tags.js Show response
js.datadome.co/ 239 KB
43 KB 17ms
3ms Script
text/javascript 18.65.191.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.191.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-191-10.nrt57.r.cloudfront.net

Software

Apache /

Resource Hash

0b7d60b018d1f4b698eb03a41a23e23abb641be2dd5f2c79e54d6b4e816d721f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 08:35:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1738
x-cache: Hit from cloudfront
content-length: 43957
access-control-allow-origin: *
last-modified: Fri, 18 Feb 2022 16:33:20 GMT
server: Apache
etag: "3bb7f-5d84d70d609e7-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 360cdb248de2ad362090d67754f85dba.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: NRT57-P2
accept-ranges: bytes
x-amz-cf-id: b_fvjYMUPWTcyYQzjBs5-MIVCw476MibjtsF_1JSCg_hu3MiZS7ZeQ==
expires: Tue, 22 Feb 2022 09:35:01 GMT

POST
H2 200 / Show response
api-js.datadome.co/js/ 50 B
227 B 91ms
5ms XHR
application/json 13.113.112.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.112.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-112-193.ap-northeast-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 9e732c0535a0d8501df59c4a7b24861e543f978886ab70ec83ebdf591167cb96

Request headers

Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 09:04:00 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 50
expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
41 KB 101ms
55ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ba2e9382cd1aef78f8c5f1151b354ad17ed5d949d72db7429b04c3971d05912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 09:04:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41786
x-xss-protection: 0
expires: Tue, 22 Feb 2022 09:04:00 GMT

POST
H/1.1 200
OK fp
nl-go.kelkoogroup.net/ 0
441 B 250ms
250ms Ping
text/plain 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/fp?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437c590656c0bce245eb439e3fd89687b44a537288c542057b7d59ec4e52f9bc2d261756289cb18007cb9ecf30ac0123b91db691d8c1d3dab365670257d04a9eb3437c3f3be876416315554a4c6fbddc06281129d820e1cb4b747d4aae2d2db38cea5ff72e04b6e5378121c468af57db58c94492a858125bd9f34ff2fd1f5dd830779fa0980d393d02665f7cfc91f0529f316ba83a487ceade49454f0caae51bf9e990a5b99ae82dcd02434d0a21f26be21df14d2e09cc5fd63ff6dac60900e463732ee9d4a583ba35ee00aff5445995f0792afc66ca23a42299435794208a9fd6f17f77784d7875ed60846a188e869fd0d0e889eed80b1e4360082d7666f6a717874cab1b5a39e6c15&leadId=dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1645520639475_375123&clickId=107699101_1645520639200_393510

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

ApacheTracking: localhost
Date: Tue, 22 Feb 2022 09:04:00 GMT
Referrer-Policy: unsafe-url
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
P3P: CP="Anything"
X-Robots-Tag: noindex,nofollow
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Request-Time: PT0.002S
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=40, max=93

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4195
date: Tue, 22 Feb 2022 07:54:05 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 09:54:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 37ms
36ms XHR
text/plain 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1349596762&t=pageview&_s=1&dl=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fgo%3Fcountry%3Dnl%26k%3D7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff%26o%3D&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965859%7C100500624%7C&ul=en-us&de=UTF-8&dt=U%20wordt%20doorgestuurd%20naar%20Tcop%20B.V&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=273430789&gjid=1960142185&cid=869724061.1645520640&tid=UA-168544891-12&_gid=1320994194.1645520640&_r=1&gtm=2wg2g05ZS487&cd1=96965859&cd2=dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1645520639475_375123&cd3=100500624&cd4=a4c6368-17f20ac55e8-373ad&cd5=&cd6=96965859%7C100500624%7C&z=1699177367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 09:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nl-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j6054b.html
www.secondhandhp.nl/
Redirect Chain

https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437c590656c0bce245eb439e3fd89687b44a537288c542057b7d59ec4e52f9bc2d261756289cb18007cb9ecf30ac0123b91db691d8c1d3dab365...
https://www.secondhandhp.nl/j6054b.html?utm_source=kelkoo_nl&utm_medium=cpc&utm_term=17757--j6054b-

0
0

1996ms
865ms

Document
text/html

185.40.58.148

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secondhandhp.nl/j6054b.html?utm_source=kelkoo_nl&utm_medium=cpc&utm_term=17757--j6054b-

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.40.58.148 -, , ASN (),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=7439a5a91dd653463a3b48f954c447408c1f1f3e39851f68440d1da07e5d924f104ccd4a35c9ca86f717673011682bad55ad11a1349ce461c15d26f9a77d5cbd0363910637e525919b9bc067a357d35a6388297946831d2fb8020342e644dc99cf5d4a9e042d737188086929434b8ebed40247f7b8ac3946515ebe9372065e9778c81765dde8b725929978b223a92d27c0b02be6585450c294130c3f326e93667a1e1703e7b08520e8a314a8dd008f994939a0050d50bebd705b1a833b142c3ce00fe9b6e246f8bec069354295b4ef61f3c8d684d3edce413e89e5bdeca0ccb586b323575129058915016b50980a3269134ce33ffa701700c2511a1989095bae37aefd1a9b56c7c3ba109ab176e720e84841df555c70af5c2ba8f2bdb548f353490ec9d6d7f2a555bc8c245a7a5f9a894f24de4020e667bbcd4b99e271ca6b95c9f67d650fb8cc364a36c3acb23d6cf0baecfc460b913c45d36d94c2a2aa9174174209991527ee49c9a45780592379daf5a856d90745bc44924179bf7777bacd3fb6df11a046ab40ffe6a93cb288cff71b740ee711081166734b12cc0ab75dfd27a05f5a5870d550ec7617e45757a9344bfd22b7eb6ad187f6cb99584885ae5964303feb67cbbd57aa92640d470d21b71b2aa091decdfdb03350af24fcd3536bf9db30d5ee60f42c969d6844ea20c07f0a3ed68a1cf116b55ee9a23d17f26eff&o=

Response headers

server: nginx/1.20.1
date: Tue, 22 Feb 2022 09:04:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
content-encoding: gzip

Redirect headers

Date: Tue, 22 Feb 2022 09:04:00 GMT
leadId: dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1645520639475_375123
Pragma: no-cache
Charset: utf-8
clickId: 107699101_1645520639200_393510
country: nl
Location: https://www.secondhandhp.nl/j6054b.html?utm_source=kelkoo_nl&utm_medium=cpc&utm_term=17757--j6054b-
X-DataDome: protected
Request-Time: PT0.013S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAZgqbop55O7QAH8yRqg==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=85
Connection: Keep-Alive
Content-Type: text/plain

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kitelocust.com/	1970-01-23 16:41:20	Name: __tad Value: 1645520635.5195991
0redird.com/	1970-01-23 16:41:20	Name: __tad Value: 1645520637.1877219
r.redirekted.com/	1970-01-20 01:06:47	Name: uuid Value: 7511514186814529536
.redirekted.com/	1970-01-20 18:36:32	Name: _ga Value: GA1.2.204988400.1645520638
.redirekted.com/	1970-01-20 01:06:47	Name: _gid Value: GA1.2.255164463.1645520638
.redirekted.com/	1970-01-20 01:05:20	Name: _gat Value: 1
.kelkoogroup.net/	1970-01-20 09:50:56	Name: referer Value: http%3A%2F%2Fr.redirekted.com%2F
.kelkoogroup.net/	1970-01-20 09:50:56	Name: kelkooID Value: a4c6368-17f20ac55e8-373ad
.kelkoogroup.net/	1970-01-20 09:50:56	Name: lastSearchedKeyword Value: a3dkPUhQIChqNjA1NGIpICAgUmVmdXJiaXNoZWR8dHM9MTY0NTUyMDYzOTQ3OXxjYXRJZD0xMDAwMDU2MTN8Y29tSWQ9MTAwNTAwNjI0
.nl-go.kelkoogroup.net/	1970-01-20 18:36:32	Name: _ga Value: GA1.3.869724061.1645520640
.nl-go.kelkoogroup.net/	1970-01-20 01:06:47	Name: _gid Value: GA1.3.1320994194.1645520640
.nl-go.kelkoogroup.net/	1970-01-20 01:05:20	Name: _gat_UA-168544891-12 Value: 1
.kelkoogroup.net/	1970-01-20 09:50:56	Name: datadome Value: .CyLoYfLnRYE32iLn9hefxxp_rX22lW9IrJZmCjCSS_FgpBmKCkK~PYBccUyi_tAOE-oBHN2YB1aO9-sms_EzjXd-G8QzHREJcUdSUlWi6QWGr9Q2GWwk.35aOkfHUfK

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0redird.com
api-js.datadome.co
js.datadome.co
kitelocust.com
nl-go.kelkoogroup.net
r.redirekted.com
www.google-analytics.com
www.googletagmanager.com
www.secondhandhp.nl
103.224.182.242
103.224.212.246
13.113.112.193
18.65.191.10
185.40.58.148
2404:6800:4004:820::200e
2404:6800:4004:824::2008
66.165.243.160
95.211.116.27
01e9df097377e851bf279098321c11eadb3fb35463f8a514d9105ceff8640958
0b7d60b018d1f4b698eb03a41a23e23abb641be2dd5f2c79e54d6b4e816d721f
0ba2e9382cd1aef78f8c5f1151b354ad17ed5d949d72db7429b04c3971d05912
2a2db05ab9862d5f89f66d07d3ab163fedefe938b8caddd3b2ee568a4860b62d
54ddfa560b55adbb7e765b710ccb18f754923d1094d712e717e06283ae60c24e
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9e732c0535a0d8501df59c4a7b24861e543f978886ab70ec83ebdf591167cb96
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f74d62135fc4b1fcade3022ba5ffa781216fe02fb16b762b2bae7ab6ec494da0

nl-go.kelkoogroup.net Open in urlscan Pro 95.211.116.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

63 %HTTPS

22 %IPv6

8 Domains

9 Subdomains

9 IPs

4 Countries

171 kBTransfer

497 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

13 Cookies

Indicators

nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.27 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

63 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

171 kB
Transfer

497 kB
Size

13
Cookies

19 HTTP transactions
0 data transactions