nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qK...
Effective URL:
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4...
Submission: On November 30 via api (November 30th 2024, 2:22:42 pm UTC) from US — Scanned from NL

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 30 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is nl-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.

This is the only time nl-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	88.208.22.4 88.208.22.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
5	139.45.196.64 139.45.196.64	9002 (RETN-AS R...) (RETN-AS RETN Limited)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	104.18.23.222 104.18.23.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:310... 2606:4700:3108::ac42:28f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.53.88.18 52.53.88.18	16509 (AMAZON-02) (AMAZON-02)
4 6	3.73.249.248 3.73.249.248	16509 (AMAZON-02) (AMAZON-02)
1 1	3.66.53.110 3.66.53.110	16509 (AMAZON-02) (AMAZON-02)
1 1	136.243.50.149 136.243.50.149	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
5	95.211.116.26 95.211.116.26	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
2	18.66.112.35 18.66.112.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.66.86 65.9.66.86	16509 (AMAZON-02) (AMAZON-02)
1	3.125.247.22 3.125.247.22	16509 (AMAZON-02) (AMAZON-02)
30	12

2 88.208.22.4 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

28880591-22554-ex.micerisobane.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)

leikovoleikamarada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.23.222 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

taiwoudoastuph.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.share365.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.53.88.18 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-88-18.us-west-1.compute.amazonaws.com

www.shoptastic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.73.249.248 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com

clcktrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.53.110 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: portal-cockpit.noctemque.com

discountheld.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.50.149 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.149.50.243.136.clients.your-server.de

api.adindex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com

nl-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-35.fra56.r.cloudfront.net

dd.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-86.fra56.r.cloudfront.net

ct.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.247.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com

geo.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	taiwoudoastuph.net 2 redirects taiwoudoastuph.net — Cisco Umbrella Rank: 326918	18 KB
7	kelkoogroup.net nl-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 296022	68 KB
6	clcktrck.com 4 redirects clcktrck.com — Cisco Umbrella Rank: 159985	3 KB
5	leikovoleikamarada.com leikovoleikamarada.com — Cisco Umbrella Rank: 908885	16 KB
2	captcha-delivery.com ct.captcha-delivery.com — Cisco Umbrella Rank: 30248 geo.captcha-delivery.com — Cisco Umbrella Rank: 23657	11 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	2 KB
2	micerisobane.com 1 redirects 28880591-22554-ex.micerisobane.com	4 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	556 B
1	adindex.com 1 redirects api.adindex.com	336 B
1	discountheld.de 1 redirects discountheld.de — Cisco Umbrella Rank: 408461	2 KB
1	shoptastic.io www.shoptastic.io — Cisco Umbrella Rank: 279931	346 B
1	share365.net 1 redirects www.share365.net — Cisco Umbrella Rank: 481928	3 KB
0	google.com Failed ads.google.com Failed
30	13

	Domain	Requested by
9	taiwoudoastuph.net	2 redirects leikovoleikamarada.com taiwoudoastuph.net
6	clcktrck.com	4 redirects www.shoptastic.io
5	nl-go.kelkoogroup.net	nl-go.kelkoogroup.net
5	leikovoleikamarada.com	28880591-22554-ex.micerisobane.com leikovoleikamarada.com
2	dd.kelkoogroup.net	nl-go.kelkoogroup.net dd.kelkoogroup.net
2	my.rtmark.net	leikovoleikamarada.com taiwoudoastuph.net
2	28880591-22554-ex.micerisobane.com	1 redirects
1	geo.captcha-delivery.com	ct.captcha-delivery.com
1	ct.captcha-delivery.com	nl-go.kelkoogroup.net
1	www.google-analytics.com	nl-go.kelkoogroup.net
1	api.adindex.com	1 redirects
1	discountheld.de	1 redirects
1	www.shoptastic.io
1	www.share365.net	1 redirects
0	ads.google.com Failed	28880591-22554-ex.micerisobane.com
30	15

This site contains no links.

Subject Issuer	Validity	Valid
*.micerisobane.com R10	`2024-11-19` - `2025-02-17`	3 months	crt.sh
leikovoleikamarada.com R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
taiwoudoastuph.net WE1	`2024-11-12` - `2025-02-10`	3 months	crt.sh
shoptastic.io Amazon RSA 2048 M03	`2024-10-06` - `2025-11-05`	a year	crt.sh
clcktrck.com E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.kelkoogroup.net Thawte TLS RSA CA G1	`2024-09-26` - `2025-10-10`	a year	crt.sh
dd.kelkoogroup.net E6	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.captcha-delivery.com Amazon RSA 2048 M02	`2024-07-25` - `2025-08-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4a31fe0e0b5749bddb44a695abebbaf286d23d62a0f6673887b738bd275b18dc4490470375cd282f8051d6895dd2c5c84845ab2bea0eda92499ef1f78fef3a7f728132d067d846308df6dede975faa946c97558f6e6b9f7866691d913768e0a30a1cc98f626529db71d573791184d1db3e34c685496380c941b2624b6d869062bd0dbabecd21f1e58dd4a554823da222bfbba636747513a82348d20220a9b50f0eb3a283856c939794a5ce5fb49b0a8b06899383866e9d0f85d134a006d77f6dd99a38fa2f90c11d25b6241ab0a73b9b9f67c8cb88874b6b2534f6a3d554005032edab272dfd18ce330ccd7a38addc95e547682f2de59abb4adffff8f1e6d08a27fab9fefcea277003774cc&url=https%3A%2F%2Fnextdigitalkey.com%2Fproduct%2Fmicrosoft-office-2019-home-business-mac%2F%3Fkk%3Da4c626f-1937d73ad35-3162e4%26attribute_pa_devices%3D1-pc%26currency%3DEUR%26utm_source%3Dkelkoonl%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DMICROSOFT%2BOFFICE%2B2019%2BHOME%2B%2526%2BBUSINESS&initiator=dd
Frame ID: D933819A0DAB7ABBC56CE7167BEED891
Requests: 28 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAM52V58b1z2MAH8yWbA%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=_ssj7npHKmnPQTW1HAgX4SEKvNMAOlqz5qiIk0DbUkvmBToSuwfHTUedV6v3Bvk3uHdH5BT6pSwDHqyusMXYyluJCk3NrJE4VHI5FBsdyTAD_tEe~fXWwAoqS2hYO5M~&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4a31fe0e0b5749bddb44a695abebbaf286d23d62a0f6673887b738bd275b18dc4490470375cd282f8051d6895dd2c5c84845ab2bea0eda92499ef1f78fef3a7f728132d067d846308df6dede975faa946c97558f6e6b9f7866691d913768e0a30a1cc98f626529db71d573791184d1db3e34c685496380c941b2624b6d869062bd0dbabecd21f1e58dd4a554823da222bfbba636747513a82348d20220a9b50f0eb3a283856c939794a5ce5fb49b0a8b06899383866e9d0f85d134a006d77f6dd99a38fa2f90c11d25b6241ab0a73b9b9f67c8cb88874b6b2534f6a3d554005032edab272dfd18ce330ccd7a38addc95e547682f2de59abb4adffff8f1e6d08a27fab9fefcea277003774cc%26url%3Dhttps%253A%252F%252Fnextdigitalkey.com%252Fproduct%252Fmicrosoft-office-2019-home-business-mac%252F%253Fkk%253Da4c626f-1937d73ad35-3162e4%2526attribute_pa_devices%253D1-pc%2526currency%253DEUR%2526utm_source%253Dkelkoonl%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DMICROSOFT%252BOFFICE%252B2019%252BHOME%252B%252526%252BBUSINESS%26initiator%3Ddd&s=35103&e=ed3c7effaea4ec5557aaa538fb0a57a079fa18d7ecb9ca85347f2a5dff00fd02&dm=cd
Frame ID: 30E49D68C4B29E3666E58184EC3CECCD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zr... Page URL
https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zr... HTTP 307
https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=886730525598028221&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/nextdigitalkey-com-cpc-nl?pubId=10439&subId=886730525598028221&country... Page URL
https://clcktrck.com/nl/s/red_u_plain.php?uid=277965830&t=direct&s=22214&pub=10439&d=nextdigitalk... HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2... HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... Page URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://api.adindex.com/v1/redirect?advertiserId=11EEC62E403A845284AA14DDA9D518B0&adspaceId=11EDE4C6... HTTP 302
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliation... Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f5... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

30
Requests

93 %
HTTPS

14 %
IPv6

13
Domains

15
Subdomains

12
IPs

5
Countries

119 kB
Transfer

283 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qKcQAfSrhOF1NX-LsFfDqQHcRx2hwUbQ?kws=kleine%2Cschwestern%2Cfull%2Cclassic%2Cporn%2Cfree%2Cvidsgator&abl=0&fsb=0&pageUri=https%3A%2F%2Fde.4tub...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Page URL
https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qKcQAfSrhOF1NX-LsFfDqQHcRx2hwUbQ?kws=kleine%2Cschwestern%2Cfull%2Cclassic%2Cporn%2Cfree%2Cvidsgator&abl=0&fsb=0&pageUri=https%3A%2F%2Fde.4tub...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2232%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Sat%20Nov%2030%202024%2015%3A22%3A30%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=886730525598028221&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/nextdigitalkey-com-cpc-nl?pubId=10439&subId=886730525598028221&country=NL&campaignid=8543943 Page URL
https://clcktrck.com/nl/s/red_u_plain.php?uid=277965830&t=direct&s=22214&pub=10439&d=nextdigitalkey.com HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e148fa44f0273d11b1372a3558852c501ed99fb2ab51a06bd0c8b7cee5c41176550 HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db8eaca0bfd7d745457357681afe5879b2fe202a327d7099734f853e9f92e HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDNlMzc2ZDcwZTMxOGU4YzFjZjY3NTE5MGY5ZmJhMmVlYmIzZjY3ZDcxOTE5OTMzMDUzMjU2YTRhZTI4YTNjNjg4ZjM0NWYyMTQ4MDc0NTRkZjdiNGIwMjExYmQ4OTlmYjE4MDUzYjlmZWNiMzBiMjMyODVjNWRjYTE5NjQ5ZTE0ZDc2ZGI4ZWFjYTBiZmQ3ZDc0NTQ1NzM1NzY4MWFmZTU4NzliMmZlMjAyYTMyN2Q3MDk5NzM0Zjg1M2U5ZjkyZT9tPTE%253D HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db8eaca0bfd7d745457357681afe5879b2fe202a327d7099734f853e9f92e?m=1 Page URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db8eaca0bfd7d745457357681afe5879b2fe202a327d7099734f853e9f92e?m=2 HTTP 302
https://api.adindex.com/v1/redirect?advertiserId=11EEC62E403A845284AA14DDA9D518B0&adspaceId=11EDE4C6779F1E30B72514DDA9D518B0&customId=1e4f0d570b87a99955cef962e8ecdc1d HTTP 302
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4a31fe0e0b5749bddb44a695abebbaf286d23d62a0f6673887b738bd275b18dc4490470375cd282f8051d6895dd2c5c84845ab2bea0eda92499ef1f78fef3a7f728132d067d846308df6dede975faa946c97558f6e6b9f7866691d913768e0a30a1cc98f626529db71d573791184d1db3e34c685496380c941b2624b6d869062bd0dbabecd21f1e58dd4a554823da222bfbba636747513a82348d20220a9b50f0eb3a283856c939794a5ce5fb49b0a8b06899383866e9d0f85d134a006d77f6dd99a38fa2f90c11d25b6241ab0a73b9b9f67c8cb88874b6b2534f6a3d554005032edab272dfd18ce330ccd7a38addc95e547682f2de59abb4adffff8f1e6d08a27fab9fefcea277003774cc&url=https%3A%2F%2Fnextdigitalkey.com%2Fproduct%2Fmicrosoft-office-2019-home-business-mac%2F%3Fkk%3Da4c626f-1937d73ad35-3162e4%26attribute_pa_devices%3D1-pc%26currency%3DEUR%26utm_source%3Dkelkoonl%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DMICROSOFT%2BOFFICE%2B2019%2BHOME%2B%2526%2BBUSINESS&initiator=dd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qKcQAfSrhOF1NX-LsFfDqQHcRx2hwUbQ?kws=kleine%2Cschwestern%2Cfull%2Cclassic%2Cporn%2Cfree%2Cvidsgator&abl=0&fsb=0&pageUri=https%3A%2F%2Fde.4tub...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2232%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Sat%20Nov%2030%202024%2015%3A22%3A30%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Request Chain 8

https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Request Chain 15

https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=886730525598028221&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/nextdigitalkey-com-cpc-nl?pubId=10439&subId=886730525598028221&country=NL&campaignid=8543943

Request Chain 17

https://clcktrck.com/nl/s/red_u_plain.php?uid=277965830&t=direct&s=22214&pub=10439&d=nextdigitalkey.com HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e148fa44f0273d11b1372a3558852c501ed99fb2ab51a06bd0c8b7cee5c41176550 HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db8eaca0bfd7d745457357681afe5879b2fe202a327d7099734f853e9f92e HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDNlMzc2ZDcwZTMxOGU4YzFjZjY3NTE5MGY5ZmJhMmVlYmIzZjY3ZDcxOTE5OTMzMDUzMjU2YTRhZTI4YTNjNjg4ZjM0NWYyMTQ4MDc0NTRkZjdiNGIwMjExYmQ4OTlmYjE4MDUzYjlmZWNiMzBiMjMyODVjNWRjYTE5NjQ5ZTE0ZDc2ZGI4ZWFjYTBiZmQ3ZDc0NTQ1NzM1NzY4MWFmZTU4NzliMmZlMjAyYTMyN2Q3MDk5NzM0Zjg1M2U5ZjkyZT9tPTE%253D HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db8eaca0bfd7d745457357681afe5879b2fe202a327d7099734f853e9f92e?m=1

Request Chain 18

https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db8eaca0bfd7d745457357681afe5879b2fe202a327d7099734f853e9f92e?m=2 HTTP 302
https://api.adindex.com/v1/redirect?advertiserId=11EEC62E403A845284AA14DDA9D518B0&adspaceId=11EDE4C6779F1E30B72514DDA9D518B0&customId=1e4f0d570b87a99955cef962e8ecdc1d HTTP 302
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qKcQAfSrhOF1NX-LsFfDqQHcRx2hwUbQ Show response
28880591-22554-ex.micerisobane.com/ 8 KB
3 KB 57ms
16ms Document
text/html 88.208.22.4
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qKcQAfSrhOF1NX-LsFfDqQHcRx2hwUbQ?kws=kleine%2Cschwestern%2Cfull%2Cclassic%2Cporn%2Cfree%2Cvidsgator&abl=0&fsb=0&pageUri=https%3A%2F%2Fde.4tub...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.4 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 74c83fcb13fb1c2fb038a51a1e4aa15fd88d22a9ebb7911e69cd834f8ce173cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html
date: Sat, 30 Nov 2024 14:22:30 GMT
expires: Sat, 30 Nov 2024 14:22:30 UTC
last-modified: Sat, 30 Nov 2024 14:22:30 UTC
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: unsafe-url
server: nginx
vary: Accept-Encoding

HEAD /
ads.google.com/ 0
0

GET
H2

200

link Show response
leikovoleikamarada.com/
Redirect Chain

https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qKcQAfSrhOF1NX-LsFfDqQHcRx2hwUbQ?kws=kleine%2Cschwestern%2Cf...
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

31 KB
16 KB

74ms
35ms

Document
text/html

139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Requested by

Host: 28880591-22554-ex.micerisobane.com
URL: https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qKcQAfSrhOF1NX-LsFfDqQHcRx2hwUbQ?kws=kleine%2Cschwestern%2Cfull%2Cclassic%2Cporn%2Cfree%2Cvidsgator&abl=0&fsb=0&pageUri=https%3A%2F%2Fde.4tub...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

2324493db611e06918ecc8b284645de3e6d5075c21d75f7e639a7867c49dc1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qKcQAfSrhOF1NX-LsFfDqQHcRx2hwUbQ?kws=kleine%2Cschwestern%2Cfull%2Cclassic%2Cporn%2Cfree%2Cvidsgator&abl=0&fsb=0&pageUri=https%3A%2F%2Fde.4tub...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory: 8

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 30 Nov 2024 14:22:30 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 486501ea562ec2f04852c1a7422ccce4

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 30 Nov 2024 14:22:30 GMT
expires: Sat, 30 Nov 2024 14:22:30 UTC
last-modified: Sat, 30 Nov 2024 14:22:30 UTC
location: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: unsafe-url
server: nginx

GET
H3 200 img.gif
my.rtmark.net/ 43 B
876 B 64ms
45ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=008124b1e45c4dcee56035f0b9d5f23f&z=7205186&p_rid=51113d76-23b6-4dff-88b5-e4dc44d9c5fd&p_src=sf

Requested by

Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://leikovoleikamarada.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAjE8a8X9xJ3fQDAJ0MefnHHomaiXCxzOHaZfp26neCnkowRwSPkyqsSOg4ZaIp%2Bnq4zkyFTbrZrzmvLt%2FG3kUZ89cloJ6QJf3f5kS16uGgl%2FhwHE16WfH1XxFGoUKIc"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14732&min_rtt=14542&rtt_var=3299&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4095&recv_bytes=4481&delivery_rate=40040&cwnd=12000&unsent_bytes=0&cid=275df1456c82219e&ts=41&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:22:30 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8eab7d711fa80b44-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 200 sftouch
taiwoudoastuph.net/ 43 B
661 B 86ms
41ms Image
image/gif 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwoudoastuph.net/sftouch?userId=008124b1e45c4dcee56035f0b9d5f23f&z=7205186&p_rid=51113d76-23b6-4dff-88b5-e4dc44d9c5fd&p_src=sf&branchId=0&rb=j-QqQHv3usVY7epJEtyRjMtHW8x2ur1M5n-bKvn6NT-B9JLFE_i0rqyBMoY7iLXrk1kfAZmkrx4R7a9ZZFPb-aHDO-DRj1C5HkQCg8RKLUWi6guX4s1xvKOdzfc3NosNfLxii80Cux-z-wvr-EqISOsQsSn6g8ol5jLLxJfpnzNkaaCVk-XEVvTwXj2crLo6-gaLF6kOE4WD3ZexXNp5rvX3MUDv6IjEI4J5lHJX1FNGDwXQw1oUEuouIA8InF2gp4NqlRHkrXs4oILo4BakazPRCbCCuqjC79BshBcX3nPYuiQKyGt47HqNDRntG4VdABplEnRJi8b0RMZjmtXC_g4TFq_ghS2Hq1sX34w2X7tEDZaNtEcoCBl89asKIacwAZ0jno810favJqs5EQxgDnxpmSdDiSt7wgqaNmBfbReuuInsMfirHvvPOYrO7h6n--yHvKp7yg2epz9jjK13QYWIFeCfnXAULyhkUVRnK9atgZJ-obq_047x5j1RZ3y-h846KyKbMLOBF6iVJaw75LMK8SGXPGU40gSSclcQYU-RLx68bjhZYpxL5PVDC9XayaTSh7cgN0oQ26z3t3h3-CMPC52R1dvSMIt1C4u0RC8wHhZKF2v59Pj7ROivHpPyR4nV4laCQaL_IpGgjiyAGJye4XeKM6BAFvDEFdwAdjHcgen1TVZM4k0DSGznQKmDPYt8b5F5Kz98Ddws4ocH9CkbtP27cOPaJXWqUSxsWFIVWmvreXpB0AuT1nw4gW12Ooabi56E2dY=&w_img=1

Requested by

Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://leikovoleikamarada.com/

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 14:22:30 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 2cf1f234c1d25aafc998a25bca572b3e
cf-ray: 8eab7d7148ecb7d3-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H2 200 add Show response
leikovoleikamarada.com/log/ 12 B
390 B 20ms
19ms XHR
application/json 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://leikovoleikamarada.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=51113d76-23b6-4dff-88b5-e4dc44d9c5fd

Requested by

Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://leikovoleikamarada.com
content-length: 12
date: Sat, 30 Nov 2024 14:22:30 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H2 200 add Show response
leikovoleikamarada.com/async_log/ 0
344 B 20ms
18ms XHR
text/plain 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://leikovoleikamarada.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=51113d76-23b6-4dff-88b5-e4dc44d9c5fd

Requested by

Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://leikovoleikamarada.com
content-length: 0
date: Sat, 30 Nov 2024 14:22:30 GMT
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 204 favicon.ico
leikovoleikamarada.com/ 0
150 B 15ms
15ms Other
text/plain 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://leikovoleikamarada.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sat, 30 Nov 2024 14:22:30 GMT
pragma: public
server: nginx

GET
H2

200

6118780 Show response
taiwoudoastuph.net/4/
Redirect Chain

https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

31 KB
14 KB

39ms
38ms

Document
text/html

104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbc2508da84a385c3fbcb4ebf3c4b63115c1409b195ea3923ae0fa89be307226

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://leikovoleikamarada.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8eab7d721e8e9fd8-AMS
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 30 Nov 2024 14:22:30 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 5f63c6bee27a7e8483c557ed77f4d54f

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://leikovoleikamarada.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8eab7d71ce3d9fd8-AMS
content-length: 0
date: Sat, 30 Nov 2024 14:22:30 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://taiwoudoastuph.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 2fed590fc2144d93e4f98070bfaabbbf

GET
H2 204 favicon.ico
leikovoleikamarada.com/ 0
0 0ms
0ms Other
text/plain 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://leikovoleikamarada.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sat, 30 Nov 2024 14:22:30 GMT
pragma: public
server: nginx

GET
H3 200 img.gif
my.rtmark.net/ 43 B
874 B 52ms
31ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=008124ccefba4a59ebb6e450d43c2106&z=6118780&p_rid=ca3f648c-7e6e-4b5e-b564-68eb3e591042&p_src=sf

Requested by

Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://taiwoudoastuph.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ipuOUUQP73leD7W7A9tqh48pm3NFzhD6NNIioFLu9vVrf9Kh1kKADcs2CiKG%2BuGETo4vn52Okw3VbzwE8VrzcadxuCN2jBXwbbX4WdUwB2Zqu9ve%2Bsdfo14vWqxpGqDh"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17546&min_rtt=17341&rtt_var=6649&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4091&recv_bytes=4419&delivery_rate=171157&cwnd=12000&unsent_bytes=0&cid=d72877b10237996f&ts=35&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 14:22:30 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8eab7d728f2d0ea4-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H3 200 sftouch
taiwoudoastuph.net/ 43 B
567 B 40ms
40ms Image
image/gif 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwoudoastuph.net/sftouch?userId=008124ccefba4a59ebb6e450d43c2106&z=6118780&p_rid=ca3f648c-7e6e-4b5e-b564-68eb3e591042&p_src=sf&branchId=0&rb=ES14Mg5oSrve1MMKCc50oeaJJsUBZ4YmGL3GIYDT1r_ljIygLr8zrCpawFl8-MiY_sSLPO80HYmM0UUIEkzBDzFYWLAjee9wBTJlsuoGL94JyY6UWQErudO1dTdCxQBljkpqDw976O2_x513nirr9l8qmjL8mWA5uzc3cs0CA1LvzGnDZwF8ot4Rr9HwCDDgOyYeVTgfSs73ZHZ-RO2EvHQqbaEUBQ3IfFFFecgsVwJzf1gCNEKDosvXJnKxN3U_wqdsxxrKGU4vxoMg1p5IJBzrStE8Rz2MklarxmdCEhEWqEJLEuTjivNVwIs=&w_img=1

Requested by

Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 14:22:30 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 7e7c2255e6d4a3a16863e00e3e50741f
cf-ray: 8eab7d72690893c0-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
taiwoudoastuph.net/log/ 12 B
306 B 34ms
33ms XHR
application/json 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://taiwoudoastuph.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ca3f648c-7e6e-4b5e-b564-68eb3e591042

Requested by

Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
cf-ray: 8eab7d72993593c0-AMS
access-control-allow-origin: https://taiwoudoastuph.net
alt-svc: h3=":443"; ma=86400
content-length: 12
date: Sat, 30 Nov 2024 14:22:30 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H3 200 add Show response
taiwoudoastuph.net/async_log/ 0
262 B 28ms
27ms XHR
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://taiwoudoastuph.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ca3f648c-7e6e-4b5e-b564-68eb3e591042

Requested by

Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8eab7d72993993c0-AMS
access-control-allow-origin: https://taiwoudoastuph.net
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 30 Nov 2024 14:22:30 GMT
server: cloudflare
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
taiwoudoastuph.net/ 0
181 B 31ms
31ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://taiwoudoastuph.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 380181
cf-ray: 8eab7d72c97993c0-AMS
expires: Tue, 28 Nov 2034 14:22:30 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 14:22:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

nextdigitalkey-com-cpc-nl Show response
www.shoptastic.io/store/
Redirect Chain

https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false
https://www.share365.net/vip/rds/nl?subId=886730525598028221&country=NL&campaignid=8543943
https://www.shoptastic.io/store/nextdigitalkey-com-cpc-nl?pubId=10439&subId=886730525598028221&country=NL&campaignid=8543943

144 B
346 B

531ms
187ms

Document
text/html

52.53.88.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shoptastic.io/store/nextdigitalkey-com-cpc-nl?pubId=10439&subId=886730525598028221&country=NL&campaignid=8543943
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.53.88.18 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-53-88-18.us-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 011c98aaf5d375cd1e92f04a13df9909feaa565d3400fe5f0219e673aff4dd3c

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://taiwoudoastuph.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-language: en-US
content-type: text/html;charset=UTF-8
date: Sat, 30 Nov 2024 14:22:31 GMT
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8eab7d743ba11c95-AMS
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 14:22:31 GMT
location: https://www.shoptastic.io/store/nextdigitalkey-com-cpc-nl?pubId=10439&subId=886730525598028221&country=NL&campaignid=8543943
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZVu%2F9rv2AM04AwwHGf3VDoYcRFrXvp0daFyx%2F4old6bWvHtjGuNADERecbh%2BMR5fJOJ9Cz7TzoIo5fnb%2F0gK4znFU0Ham46SBtrJw5cwD%2F7fU8uyn6FfrDrKke66iC9gewPSqNQJ7XJzsZxnws%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=14284&min_rtt=14233&rtt_var=2314&sent=6&recv=11&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2400&delivery_rate=270095&cwnd=253&unsent_bytes=0&cid=da1ac9366ca5c753&ts=68&x=0"
strict-transport-security: max-age=31536000

GET
H3 204 favicon.ico
taiwoudoastuph.net/ 0
0 3ms
3ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://taiwoudoastuph.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 380181
cf-ray: 8eab7d72c97993c0-AMS
expires: Tue, 28 Nov 2034 14:22:30 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 14:22:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1

200
OK

69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db... Show response
clcktrck.com/3340b07f6352b061e0908fa0e76668dc/
Redirect Chain

https://clcktrck.com/nl/s/red_u_plain.php?uid=277965830&t=direct&s=22214&pub=10439&d=nextdigitalkey.com
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454...
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454...
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDNlM...
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454...

556 B
672 B

25ms
25ms

Document
text/html

3.73.249.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db8eaca0bfd7d745457357681afe5879b2fe202a327d7099734f853e9f92e?m=1
Requested by: Host: www.shoptastic.io
URL: https://www.shoptastic.io/store/nextdigitalkey-com-cpc-nl?pubId=10439&subId=886730525598028221&country=NL&campaignid=8543943
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: f1d5c9e0b77cd532c3fb33ff0a32a12b69cbd4da9439a95ce602b9b645a809ac

Request headers

Referer: https://www.shoptastic.io/store/nextdigitalkey-com-cpc-nl?pubId=10439&subId=886730525598028221&country=NL&campaignid=8543943
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 14:22:32 GMT
Referrer-Policy: origin
Server: nginx/1.24.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 14:22:32 GMT
location: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db8eaca0bfd7d745457357681afe5879b2fe202a327d7099734f853e9f92e?m=1
referrer-policy: origin
server: nginx/1.18.0 (Ubuntu)

GET
H/1.1

200
OK

sitesearchGo Show response
nl-go.kelkoogroup.net/
Redirect Chain

https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454...
https://api.adindex.com/v1/redirect?advertiserId=11EEC62E403A845284AA14DDA9D518B0&adspaceId=11EDE4C6779F1E30B72514DDA9D518B0&customId=1e4f0d570b87a99955cef962e8ecdc1d
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=10...

30 KB
32 KB

139ms
84ms

Document
text/html

95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

740869cb2c6ce9427e3537772b0eb0e602804881afb9c18a0b4e5e3d41eba39c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf43e376d70e318e8c1cf675190f9fba2eebb3f67d71919933053256a4ae28a3c688f345f214807454df7b4b0211bd899fb18053b9fecb30b23285c5dca19649e14d76db8eaca0bfd7d745457357681afe5879b2fe202a327d7099734f853e9f92e?m=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 31079
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 14:22:32 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.039782012S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMAM52V58b1z2MAH8yWbA==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698111_1732976553268_28165303
country: nl
leadId: 62A001JDYQ7BAF947TCJ2SVJDRWD5R

Redirect headers

content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 14:22:33 GMT
location: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F
server: nginx/1.18.0

GET
H/1.1 200
OK favicon.ico
clcktrck.com/ 0
246 B 21ms
21ms Other
image/x-icon 3.73.249.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clcktrck.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://clcktrck.com/

Response headers

ETag: "645a16d2-0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Date: Sat, 30 Nov 2024 14:22:32 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 09 May 2023 09:48:02 GMT
Server: nginx/1.24.0 (Ubuntu)

GET
H/1.1 200
OK p.png
nl-go.kelkoogroup.net/assets/images/ 68 B
597 B 30ms
20ms Image
image/png 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nl-go.kelkoogroup.net/assets/images/p.png?country=nl&k=612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4a31fe0e0b5749bddb44a695abebbaf286d23d62a0f6673887b738bd275b18dc4490470375cd282f8051d6895dd2c5c84845ab2bea0eda92499ef1f78fef3a7f728132d067d846308df6dede975faa946c97558f6e6b9f7866691d913768e0a30a1cc98f626529db71d573791184d1db3e34c685496380c941b2624b6d869062bd0dbabecd21f1e58dd4a554823da222bfbba636747513a82348d20220a9b50f0eb3a283856c939794a5ce5fb49b0a8b06899383866e9d0f85d134a006d77f6dd99a38fa2f90c11d25b6241ab0a73b9b9f67c8cb88874b6b2534f6a3d554005032edab272dfd18ce330ccd7a38addc95e547682f2de59abb4adffff8f1e6d08a27fab9fefcea277003774cc

Requested by

Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: private, must-revalidate
leadId: 62A001JDYQ7BAF947TCJ2SVJDRWD5R
Request-Time: PT0.001510802S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698111_1732976553268_28165303
country: nl
X-Content-Type-Options: nosniff
Content-Length: 68
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 14:22:32 GMT
Content-Type: image/png
X-Frame-Options: DENY

GET
H2 200 tags.js Show response
dd.kelkoogroup.net/ 169 KB
32 KB 97ms
25ms Script
text/javascript 18.66.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-35.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

content-encoding: gzip
x-amz-version-id: srBbjf4IpQWkR6dukRm3KeuXFeESXHnZ
etag: W/"f413de3002ba35101fcc6ab056e87d4b"
age: 314
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: tqRJXSOQCRk1MJjinXRoW-dZNTE2o772tjFqSas8RpYTglN59e5B-w==
date: Sat, 30 Nov 2024 14:17:20 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Tue, 19 Nov 2024 10:41:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600, public
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
www.google-analytics.com/g/ 0
556 B 83ms
30ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-42767ZEKSC&_p=492569160&sr=1600x1200&ul=nl-nl&cid=785444091.1732976553&uid=a4c626f-1937d73ad35-3162e4&_fv=1&_s=1&dl=https%3A%2F%2Fnl-go.kelkoogroup.net%2FsitesearchGo%3F.ts%3D1732976553153%26.sig%3DW1BixL8xDxA72aOqULTbAcRpHWI-%26affiliationId%3D96976769%26comId%3D100565538%26country%3Dnl%26offerId%3D13261cc20a709177ceb8d58c52cc3dee%26searchId%3D107610034276217_1732976553145_39275563%26service%3D36%26tokenId%3Dce0da76d-bde8-4c00-a7a8-227e56d781a3%26custom1%3D29680385%26originReferer%3Dhttps%253A%252F%252Fdixplore.com%252F&dt=U%20wordt%20doorgestuurd%20naar%20Nextdigitalkey.com&dr=https%3A%2F%2Fclcktrck.com%2F&dp=%2F96976769%7C100565538%7C&sid=1732976553&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96976769&ep.cd2=62A001JDYQ7BAF947TCJ2SVJDRWD5R&ep.cd3=100565538&ep.cd4=a4c626f-1937d73ad35-3162e4&ep.cd5=&ep.cd6=96976769%7C100565538%7C
Requested by: Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://nl-go.kelkoogroup.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 14:22:33 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 404
Not Found ados.js Show response
nl-go.kelkoogroup.net/ 1 KB
2 KB 32ms
21ms XHR
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/ados.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Request-Time: PT0.000314116S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
Content-Length: 1140
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 14:22:32 GMT
Content-Type: text/html; charset=UTF-8
X-Frame-Options: DENY

POST
H/1.1 200
OK fp
nl-go.kelkoogroup.net/ 0
503 B 23ms
21ms Ping
text/plain 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/fp?country=nl&k=612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4a31fe0e0b5749bddb44a695abebbaf286d23d62a0f6673887b738bd275b18dc4490470375cd282f8051d6895dd2c5c84845ab2bea0eda92499ef1f78fef3a7f728132d067d846308df6dede975faa946c97558f6e6b9f7866691d913768e0a30a1cc98f626529db71d573791184d1db3e34c685496380c941b2624b6d869062bd0dbabecd21f1e58dd4a554823da222bfbba636747513a82348d20220a9b50f0eb3a283856c939794a5ce5fb49b0a8b06899383866e9d0f85d134a006d77f6dd99a38fa2f90c11d25b6241ab0a73b9b9f67c8cb88874b6b2534f6a3d554005032edab272dfd18ce330ccd7a38addc95e547682f2de59abb4adffff8f1e6d08a27fab9fefcea277003774cc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8
sec-ch-device-memory: 8

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
leadId: 62A001JDYQ7BAF947TCJ2SVJDRWD5R
Request-Time: PT0.004124889S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698111_1732976553268_28165303
country: nl
X-Content-Type-Options: nosniff
Content-Length: 0
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 14:22:32 GMT
Content-Type: text/plain; charset=UTF-8
X-Frame-Options: DENY

GET 52d49729-5042-4ac5-a61a-fba99cccd5ec
https://nl-go.kelkoogroup.net/ Frame 0
0

POST
H2 200 /
dd.kelkoogroup.net/js/ 236 B
644 B 74ms
28ms XHR
application/json 18.66.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/js/

Requested by

Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-35.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://nl-go.kelkoogroup.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
expires: 0
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 236
x-amz-cf-id: xzQDxto1figB99O2z7RCMfFjPmTfdEFyFfF7tsVF1a07tl_cTS38XA==
date: Sat, 30 Nov 2024 14:22:33 GMT
content-type: application/json;charset=utf-8
x-amz-cf-pop: FRA56-P5
server: DataDome

GET
H/1.1 403
Forbidden Primary Request redirect Show response
nl-go.kelkoogroup.net/ 725 B
2 KB 32ms
32ms Document
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4a31fe0e0b5749bddb44a695abebbaf286d23d62a0f6673887b738bd275b18dc4490470375cd282f8051d6895dd2c5c84845ab2bea0eda92499ef1f78fef3a7f728132d067d846308df6dede975faa946c97558f6e6b9f7866691d913768e0a30a1cc98f626529db71d573791184d1db3e34c685496380c941b2624b6d869062bd0dbabecd21f1e58dd4a554823da222bfbba636747513a82348d20220a9b50f0eb3a283856c939794a5ce5fb49b0a8b06899383866e9d0f85d134a006d77f6dd99a38fa2f90c11d25b6241ab0a73b9b9f67c8cb88874b6b2534f6a3d554005032edab272dfd18ce330ccd7a38addc95e547682f2de59abb4adffff8f1e6d08a27fab9fefcea277003774cc&url=https%3A%2F%2Fnextdigitalkey.com%2Fproduct%2Fmicrosoft-office-2019-home-business-mac%2F%3Fkk%3Da4c626f-1937d73ad35-3162e4%26attribute_pa_devices%3D1-pc%26currency%3DEUR%26utm_source%3Dkelkoonl%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DMICROSOFT%2BOFFICE%2B2019%2BHOME%2B%2526%2BBUSINESS&initiator=dd

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

2aaae52fc45fc2c39e937bdf92e759de8ecf71751bfd6e8c00f8ae15e7eb16d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 725
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 14:22:32 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.014179062S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMAM52V58b1z2MAH8yWbA==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block

GET
H2 200 c.js Show response
ct.captcha-delivery.com/ 11 KB
11 KB 79ms
24ms Script
text/javascript 65.9.66.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.captcha-delivery.com/c.js
Requested by: Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4a31fe0e0b5749bddb44a695abebbaf286d23d62a0f6673887b738bd275b18dc4490470375cd282f8051d6895dd2c5c84845ab2bea0eda92499ef1f78fef3a7f728132d067d846308df6dede975faa946c97558f6e6b9f7866691d913768e0a30a1cc98f626529db71d573791184d1db3e34c685496380c941b2624b6d869062bd0dbabecd21f1e58dd4a554823da222bfbba636747513a82348d20220a9b50f0eb3a283856c939794a5ce5fb49b0a8b06899383866e9d0f85d134a006d77f6dd99a38fa2f90c11d25b6241ab0a73b9b9f67c8cb88874b6b2534f6a3d554005032edab272dfd18ce330ccd7a38addc95e547682f2de59abb4adffff8f1e6d08a27fab9fefcea277003774cc&url=https%3A%2F%2Fnextdigitalkey.com%2Fproduct%2Fmicrosoft-office-2019-home-business-mac%2F%3Fkk%3Da4c626f-1937d73ad35-3162e4%26attribute_pa_devices%3D1-pc%26currency%3DEUR%26utm_source%3Dkelkoonl%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DMICROSOFT%2BOFFICE%2B2019%2BHOME%2B%2526%2BBUSINESS&initiator=dd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

x-amz-version-id: null
etag: "1fd766ce129c8b2cae0770e023a22682"
age: 15533
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11217
x-amz-cf-id: jdCCcNs_rYdP7XMSl02ypzZhQrs6IeUEhSXJulGlh5qWmnAudBX6rg==
date: Sat, 30 Nov 2024 10:03:41 GMT
content-type: text/javascript
last-modified: Fri, 22 Nov 2024 10:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK /
geo.captcha-delivery.com/captcha/ Frame 30E4 0
0 90ms
31ms Document
text/html 3.125.247.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAM52V58b1z2MAH8yWbA%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=_ssj7npHKmnPQTW1HAgX4SEKvNMAOlqz5qiIk0DbUkvmBToSuwfHTUedV6v3Bvk3uHdH5BT6pSwDHqyusMXYyluJCk3NrJE4VHI5FBsdyTAD_tEe~fXWwAoqS2hYO5M~&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4a31fe0e0b5749bddb44a695abebbaf286d23d62a0f6673887b738bd275b18dc4490470375cd282f8051d6895dd2c5c84845ab2bea0eda92499ef1f78fef3a7f728132d067d846308df6dede975faa946c97558f6e6b9f7866691d913768e0a30a1cc98f626529db71d573791184d1db3e34c685496380c941b2624b6d869062bd0dbabecd21f1e58dd4a554823da222bfbba636747513a82348d20220a9b50f0eb3a283856c939794a5ce5fb49b0a8b06899383866e9d0f85d134a006d77f6dd99a38fa2f90c11d25b6241ab0a73b9b9f67c8cb88874b6b2534f6a3d554005032edab272dfd18ce330ccd7a38addc95e547682f2de59abb4adffff8f1e6d08a27fab9fefcea277003774cc%26url%3Dhttps%253A%252F%252Fnextdigitalkey.com%252Fproduct%252Fmicrosoft-office-2019-home-business-mac%252F%253Fkk%253Da4c626f-1937d73ad35-3162e4%2526attribute_pa_devices%253D1-pc%2526currency%253DEUR%2526utm_source%253Dkelkoonl%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DMICROSOFT%252BOFFICE%252B2019%252BHOME%252B%252526%252BBUSINESS%26initiator%3Ddd&s=35103&e=ed3c7effaea4ec5557aaa538fb0a57a079fa18d7ecb9ca85347f2a5dff00fd02&dm=cd
Requested by: Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.125.247.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://nl-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sat, 30 Nov 2024 14:22:33 GMT
Transfer-Encoding: chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.google.com
URL: https://ads.google.com/

Domain: nl-go.kelkoogroup.net
URL: blob:https://nl-go.kelkoogroup.net/52d49729-5042-4ac5-a61a-fba99cccd5ec

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dd

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
leikovoleikamarada.com/	1970-01-21 10:08:32	Name: OAID Value: 008124b1e45c4dcee56035f0b9d5f23f
leikovoleikamarada.com/	1970-01-21 10:08:32	Name: oaidts Value: 1732976550
leikovoleikamarada.com/	1970-01-21 10:08:32	Name: allcnt Value: 1
my.rtmark.net/	1970-01-21 10:08:32	Name: ID Value: 008124b1e45c4dcee56035f0b9d5f23f
taiwoudoastuph.net/	1970-01-21 10:08:32	Name: oaidts Value: 1732976550
taiwoudoastuph.net/	1970-01-21 10:08:32	Name: OAID Value: 008124b1e45c4dcee56035f0b9d5f23f
taiwoudoastuph.net/	1970-01-21 01:33:01	Name: syncedCookie Value: true
www.share365.net/	1970-01-21 01:23:03	Name: XSRF-TOKEN Value: eyJpdiI6Ink1RHpzNmpFZXhIZFNHbXFOaG1UaVE9PSIsInZhbHVlIjoiOGNEeUJPZ3g5RWFNYkN1bGN3VnJLQnJ6aUNOMnFzZURiekVPMmRYUmYwanBSa0VzRUI4cHlDd2tqSksyK083VCIsIm1hYyI6ImIwNzEyYjdhOThlYmI3NDc4NGYzZmEwNGQ5YmFiNzZhZDViYjM2OGEyODgyNTMyMzhlNGVlMjA0YmI5NmI3YzkifQ%3D%3D
www.share365.net/	1970-01-21 01:23:03	Name: laravel_session Value: eyJpdiI6Im1PMkRIOExUWHdYSlRGaFpyTmlqU3c9PSIsInZhbHVlIjoiVjAwakw0em5sNzJNSU5uYkZiQUtvWjhwV2ZtTEdUeEhyaXJLQTVFVFJKdmtsNVBnV1V4dDVlTk1VVmc4ckxIUiIsIm1hYyI6ImNhYmYxNDE2Nzg0ZGI1Mjc3NWRlMGZhYWU0YmI5N2I4ODgxY2NlOWVkY2NiZjY0NGZiZjY1MzEzZWE3NjkxZDIifQ%3D%3D
www.share365.net/	1970-01-21 01:23:00	Name: __cflb Value: 0H28vVobGc6CutkxgoxsgvcCKNChyMYDq9WBMSsT7wy
.kelkoogroup.net/	1970-01-21 10:08:32	Name: kelkooID Value: a4c626f-1937d73ad35-3162e4
.kelkoogroup.net/	1970-01-21 10:01:20	Name: datadome Value: _ssj7npHKmnPQTW1HAgX4SEKvNMAOlqz5qiIk0DbUkvmBToSuwfHTUedV6v3Bvk3uHdH5BT6pSwDHqyusMXYyluJCk3NrJE4VHI5FBsdyTAD_tEe~fXWwAoqS2hYO5M~

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://28880591-22554-ex.micerisobane.com/hiJBBoUxPQnoZtczvVjGJyVPldkRvoHRdq8EM5_JHJpEMc7A8dZX8MLcUd9jc9KcwthUIPEih_zreuuzHOKnYBWKmK6lu7qKcQAfSrhOF1NX-LsFfDqQHcRx2hwUbQ?kws=kleine%2Cschwestern%2Cfull%2Cclassic%2Cporn%2Cfree%2Cvidsgator&abl=0&fsb=0&pageUri=https%3A%2F%2Fde.4tub...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0209209EC020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid} Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D00EC020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0209209EC020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D00EC020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A010B201EC020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732976553153&.sig=W1BixL8xDxA72aOqULTbAcRpHWI-&affiliationId=96976769&comId=100565538&country=nl&offerId=13261cc20a709177ceb8d58c52cc3dee&searchId=107610034276217_1732976553145_39275563&service=36&tokenId=ce0da76d-bde8-4c00-a7a8-227e56d781a3&custom1=29680385&originReferer=https%3A%2F%2Fdixplore.com%2F(Line 28) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff43700cfc0e7f2c13f6dd171f59a946caa76eb2367fde4a31fe0e0b5749bddb44a695abebbaf286d23d62a0f6673887b738bd275b18dc4490470375cd282f8051d6895dd2c5c84845ab2bea0eda92499ef1f78fef3a7f728132d067d846308df6dede975faa946c97558f6e6b9f7866691d913768e0a30a1cc98f626529db71d573791184d1db3e34c685496380c941b2624b6d869062bd0dbabecd21f1e58dd4a554823da222bfbba636747513a82348d20220a9b50f0eb3a283856c939794a5ce5fb49b0a8b06899383866e9d0f85d134a006d77f6dd99a38fa2f90c11d25b6241ab0a73b9b9f67c8cb88874b6b2534f6a3d554005032edab272dfd18ce330ccd7a38addc95e547682f2de59abb4adffff8f1e6d08a27fab9fefcea277003774cc&url=https%3A%2F%2Fnextdigitalkey.com%2Fproduct%2Fmicrosoft-office-2019-home-business-mac%2F%3Fkk%3Da4c626f-1937d73ad35-3162e4%26attribute_pa_devices%3D1-pc%26currency%3DEUR%26utm_source%3Dkelkoonl%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DMICROSOFT%2BOFFICE%2B2019%2BHOME%2B%2526%2BBUSINESS&initiator=dd Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28880591-22554-ex.micerisobane.com
ads.google.com
api.adindex.com
clcktrck.com
ct.captcha-delivery.com
dd.kelkoogroup.net
discountheld.de
geo.captcha-delivery.com
leikovoleikamarada.com
my.rtmark.net
nl-go.kelkoogroup.net
taiwoudoastuph.net
www.google-analytics.com
www.share365.net
www.shoptastic.io
ads.google.com
nl-go.kelkoogroup.net
104.18.23.222
136.243.50.149
139.45.196.64
18.66.112.35
188.114.96.3
2606:4700:3108::ac42:28f5
2a00:1450:4001:829::200e
3.125.247.22
3.66.53.110
3.73.249.248
52.53.88.18
65.9.66.86
88.208.22.4
95.211.116.26
011c98aaf5d375cd1e92f04a13df9909feaa565d3400fe5f0219e673aff4dd3c
0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0
2324493db611e06918ecc8b284645de3e6d5075c21d75f7e639a7867c49dc1d7
2aaae52fc45fc2c39e937bdf92e759de8ecf71751bfd6e8c00f8ae15e7eb16d2
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
740869cb2c6ce9427e3537772b0eb0e602804881afb9c18a0b4e5e3d41eba39c
74c83fcb13fb1c2fb038a51a1e4aa15fd88d22a9ebb7911e69cd834f8ce173cb
b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430
cbc2508da84a385c3fbcb4ebf3c4b63115c1409b195ea3923ae0fa89be307226
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1d5c9e0b77cd532c3fb33ff0a32a12b69cbd4da9439a95ce602b9b645a809ac
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

nl-go.kelkoogroup.net Open in urlscan Pro 95.211.116.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

93 %HTTPS

14 %IPv6

13 Domains

15 Subdomains

12 IPs

5 Countries

119 kBTransfer

283 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

14 %
IPv6

13
Domains

15
Subdomains

12
IPs

5
Countries

119 kB
Transfer

283 kB
Size

12
Cookies

30 HTTP transactions
0 data transactions