Submitted URL: https://vpn.ieka.no/
Effective URL: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2...
Submission: On December 03 via automatic, source certstream-suspicious — Scanned from NO

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 21 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is no-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.
This is the only time no-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.178.73 61969 (TEAMINTER...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2 54.82.7.206 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
1 3.127.134.231 16509 (AMAZON-02)
1 2 18.202.86.139 16509 (AMAZON-02)
5 95.211.116.26 60781 (LEASEWEB-...)
1 18.66.112.4 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 65.9.66.87 16509 (AMAZON-02)
1 18.194.14.91 16509 (AMAZON-02)
21 12
Apex Domain
Subdomains
Transfer
6 kelkoogroup.net
no-go.kelkoogroup.net
dd.kelkoogroup.net — Cisco Umbrella Rank: 296022
67 KB
4 ieka.no
vpn.ieka.no
3 KB
2 captcha-delivery.com
ct.captcha-delivery.com — Cisco Umbrella Rank: 30248
geo.captcha-delivery.com — Cisco Umbrella Rank: 23657
11 KB
2 linksprf.com
r.linksprf.com — Cisco Umbrella Rank: 93266
3 KB
2 priverautional.com
priverautional.com
4 KB
2 ernus-dop.com
ernus-dop.com
4 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
556 B
1 shopfinder24.com
api.shopfinder24.com
1 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
21 9
Domain Requested by
5 no-go.kelkoogroup.net r.linksprf.com
no-go.kelkoogroup.net
4 vpn.ieka.no d38psrni17bvxu.cloudfront.net
vpn.ieka.no
2 r.linksprf.com 1 redirects api.shopfinder24.com
2 priverautional.com ernus-dop.com
priverautional.com
2 ernus-dop.com 1 redirects vpn.ieka.no
1 geo.captcha-delivery.com ct.captcha-delivery.com
1 ct.captcha-delivery.com no-go.kelkoogroup.net
1 www.google-analytics.com no-go.kelkoogroup.net
1 dd.kelkoogroup.net no-go.kelkoogroup.net
dd.kelkoogroup.net
1 api.shopfinder24.com priverautional.com
1 d38psrni17bvxu.cloudfront.net vpn.ieka.no
21 11

This site contains no links.

Subject Issuer Validity Valid
vpn.ieka.no
R10
2024-12-03 -
2025-03-03
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
ernus-dop.com
Amazon RSA 2048 M02
2024-11-22 -
2025-12-22
a year crt.sh
priverautional.com
Amazon RSA 2048 M03
2024-02-12 -
2025-03-12
a year crt.sh
api.shopfinder24.com
E6
2024-11-02 -
2025-01-31
3 months crt.sh
linksprf.com
R11
2024-11-18 -
2025-02-16
3 months crt.sh
*.kelkoogroup.net
Thawte TLS RSA CA G1
2024-09-26 -
2025-10-10
a year crt.sh
dd.kelkoogroup.net
E6
2024-10-07 -
2025-01-05
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.captcha-delivery.com
Amazon RSA 2048 M02
2024-07-25 -
2025-08-22
a year crt.sh

This page contains 2 frames:

Primary Page: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2c8cd5f8a59077a90137a6ab47d71ea577d18170dbfa4095cf0911d855dfee2993b3c62fe02cd714355d9560e514e039c621f73081523c4932c3db4ae821aa6c455c91b0a662b07ed1502db8d7f3284e2977f81f0f0de8e846affcbf8f374591cd47ad5fbcd4b5fa9895b62e6a093c2d8b1d25678495278708b4604f75bc577ccec629ac98f518a1ff3a000ff4b4a61c6e9e39fd0ff4b091a9e46c6a43600b2f7f1f1939cdb92bc279306cc7ada63ecab94ded627604c5255a9eee9ffba71e45e70474df9db23170c424e9a3f55d74d1ea4680e38ca01adb3299b710c942668885f4bf5d5d1c96ef0f3ad90de361cbd4f359e211714d2fb74a1088ffa9e2c4bcdd77cf5&url=https%3A%2F%2Fgullshoppen.no%2Fprodukt%2Fring-gult-gull-0-20-tw-si-diamanter%2F%3Fkk%3Da4c6295-1938a75e3d1-771974%26attribute_pa_st-rrelse%3D52-4%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DGullshoppen%2BRing%2Bgult%2Bgull%2B14k%2B%2528585%2529%2B0%252C2&initiator=timeout
Frame ID: 7C7419A97E451A667782167797C9FB40
Requests: 19 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAJcMZhI_lI2IAsv-UrA%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=gQM0TCTQwvzRrpxJAvE~2aHhNj8UVP~NB93VmKeN5SwTzWRWhSyAa6eAQAzqPssteZKRjIP8gQ22Y8snaalequ_laMTTB4eJq6SgH4KyYgmc46HZfwavzQJv9pUbsTa6&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2c8cd5f8a59077a90137a6ab47d71ea577d18170dbfa4095cf0911d855dfee2993b3c62fe02cd714355d9560e514e039c621f73081523c4932c3db4ae821aa6c455c91b0a662b07ed1502db8d7f3284e2977f81f0f0de8e846affcbf8f374591cd47ad5fbcd4b5fa9895b62e6a093c2d8b1d25678495278708b4604f75bc577ccec629ac98f518a1ff3a000ff4b4a61c6e9e39fd0ff4b091a9e46c6a43600b2f7f1f1939cdb92bc279306cc7ada63ecab94ded627604c5255a9eee9ffba71e45e70474df9db23170c424e9a3f55d74d1ea4680e38ca01adb3299b710c942668885f4bf5d5d1c96ef0f3ad90de361cbd4f359e211714d2fb74a1088ffa9e2c4bcdd77cf5%26url%3Dhttps%253A%252F%252Fgullshoppen.no%252Fprodukt%252Fring-gult-gull-0-20-tw-si-diamanter%252F%253Fkk%253Da4c6295-1938a75e3d1-771974%2526attribute_pa_st-rrelse%253D52-4%2526utm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DGullshoppen%252BRing%252Bgult%252Bgull%252B14k%252B%252528585%252529%252B0%25252C2%26initiator%3Dtimeout&s=35103&e=c3faaba8141a9b57a21d4167aeff3bc55c23b51b39c894477ac9319d1d7890e4&dm=cd
Frame ID: 02B3489584B7F249D339918E42D54B23
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

kelkoogroup.net

Page URL History Show full URLs

  1. https://vpn.ieka.no/ Page URL
  2. https://ernus-dop.com/zclkvisitor/af129614-b122-11ef-b7d2-121e9e5b60d3/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=af129614-b122-11ef-b7d2-121e9e5b60d3&type=js&browserWid... HTTP 302
    https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0El... Page URL
  4. https://priverautional.com/redirect?target=BASE64aHR0cHM6Ly9hcGkuc2hvcGZpbmRlcjI0LmNvbS9yL2RHODlhSFIwY0... Page URL
  5. https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJT... Page URL
  6. https://r.linksprf.com/v1/redirect?type=linkId&id=b525661639e1406782da614d807641cd&api_key=adf407fd... HTTP 302
    https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F3%251o4.027... Page URL
  7. https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliation... Page URL
  8. https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

21
Requests

90 %
HTTPS

27 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

94 kB
Transfer

225 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vpn.ieka.no/ Page URL
  2. https://ernus-dop.com/zclkvisitor/af129614-b122-11ef-b7d2-121e9e5b60d3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7 Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=af129614-b122-11ef-b7d2-121e9e5b60d3&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FOslo HTTP 302
    https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9M2YyZjc2NDQ3MTlkMTE1NWI3MjkwOGUyNzIyZTVmZDg%3D%3Fc%3Dwdudk1vqpjir3j16jfcmmf3s%26var10%3Dlateritious-falcon&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=af129614-b122-11ef-b7d2-121e9e5b60d3&cid=wdudk1vqpjir3j16jfcmmf3s&rt=DJ&ts=1733194800665&hash=vvPu5v1wZn5QGk9IyUZ7KFTfsz8BZA7C4KMbosZMtSc Page URL
  4. https://priverautional.com/redirect?target=BASE64aHR0cHM6Ly9hcGkuc2hvcGZpbmRlcjI0LmNvbS9yL2RHODlhSFIwY0hNbE0wRWxNa1lsTWtaeUxteHBibXR6Y0hKbUxtTnZiU1V5Um5ZeEpUSkdjbVZrYVhKbFkzUWxNMFowZVhCbEpUTkViR2x1YTBsa0pUSTJhV1FsTTBSaU5USTFOall4TmpNNVpURTBNRFkzT0RKa1lUWXhOR1E0TURjMk5ERmpaQ1V5Tm1Gd2FWOXJaWGtsTTBSaFpHWTBNRGRtWkRFd09EZGhNV1UxTm1WaFpHUmxZekJtTlRreE5ESTJOeVV5Tm5OcGRHVmZhV1FsTTBReU56QmpaRFV6WldNeU16TTBaakV4T0dObFpERTBZVFJsT0dKak9EUTVaaVV5Tm1SamFDVXpSR1psWldRbE1qWmhaRjkwSlRORVlXUjJaWEowYVhObGNpVXlObmxyWDNSaFp5VXpSQ1UzUW1Oc2FXTnJhV1FsTjBRbWREMHdKbk05TTJZeVpqYzJORFEzTVRsa01URTFOV0kzTWprd09HVXlOekl5WlRWbVpEZz0_Yz13ZHVkazF2cXBqaXIzajE2amZjbW1mM3MmdmFyMTA9bGF0ZXJpdGlvdXMtZmFsY29u&ts=1733194801128&hash=2RRyVbpujRwNgHK2qz-TfNA46LTdrq3U3W9DeQrpOSc&rm=DJ Page URL
  5. https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9M2YyZjc2NDQ3MTlkMTE1NWI3MjkwOGUyNzIyZTVmZDg=?c=wdudk1vqpjir3j16jfcmmf3s&var10=lateritious-falcon Page URL
  6. https://r.linksprf.com/v1/redirect?type=linkId&id=b525661639e1406782da614d807641cd&api_key=adf407fd1087a1e56eaddec0f5914267&site_id=270cd53ec2334f118ced14a4e8bc849f&dch=feed&ad_t=advertiser&yk_tag=wdudk1vqpjir3j16jfcmmf3s HTTP 302
    https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F3%251o4.027e3n.fio%3DsIivaT2VFc%25v3fs8txh2rYrLfjR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h3i2b%26pofn3rf%3D5o2ocfdr2d61c2cc7dc21f34bc952e19044d3ev3d2k%26ieCrehsdl1u7%261u0t3s0a0a9d_d7a3b9c811e6d_82-1f39%264ebv-c6%3Dd64t9k3n8d%3D1I3eeoe%26-36ebi4r5s-82349a7579740c4b1%263d1e3P0r1m1%3D3r0e6p0b%3DiIhcralscfI0%3D5060a0803626080314c2e286246e%3D8Ibe8fd%261n6y2t1u%26cu3l8s4e9Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeyeXea%3DMtqpz%25eAA2Q%25kFBpH.2hgpsi%26d7r148c9m327%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=8aa0676e38a64a90943abf35872d4e1d&sct=1&ct=1733194801819&cu=8b33412c276c4ce682bd8cd2156f231f&cs=e970bc1cfb5c2f0a5c9dd81853130d5b Page URL
  7. https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f Page URL
  8. https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2c8cd5f8a59077a90137a6ab47d71ea577d18170dbfa4095cf0911d855dfee2993b3c62fe02cd714355d9560e514e039c621f73081523c4932c3db4ae821aa6c455c91b0a662b07ed1502db8d7f3284e2977f81f0f0de8e846affcbf8f374591cd47ad5fbcd4b5fa9895b62e6a093c2d8b1d25678495278708b4604f75bc577ccec629ac98f518a1ff3a000ff4b4a61c6e9e39fd0ff4b091a9e46c6a43600b2f7f1f1939cdb92bc279306cc7ada63ecab94ded627604c5255a9eee9ffba71e45e70474df9db23170c424e9a3f55d74d1ea4680e38ca01adb3299b710c942668885f4bf5d5d1c96ef0f3ad90de361cbd4f359e211714d2fb74a1088ffa9e2c4bcdd77cf5&url=https%3A%2F%2Fgullshoppen.no%2Fprodukt%2Fring-gult-gull-0-20-tw-si-diamanter%2F%3Fkk%3Da4c6295-1938a75e3d1-771974%26attribute_pa_st-rrelse%3D52-4%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DGullshoppen%2BRing%2Bgult%2Bgull%2B14k%2B%2528585%2529%2B0%252C2&initiator=timeout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://ernus-dop.com/zclkredirect?visitid=af129614-b122-11ef-b7d2-121e9e5b60d3&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FOslo HTTP 302
  • https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9M2YyZjc2NDQ3MTlkMTE1NWI3MjkwOGUyNzIyZTVmZDg%3D%3Fc%3Dwdudk1vqpjir3j16jfcmmf3s%26var10%3Dlateritious-falcon&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=af129614-b122-11ef-b7d2-121e9e5b60d3&cid=wdudk1vqpjir3j16jfcmmf3s&rt=DJ&ts=1733194800665&hash=vvPu5v1wZn5QGk9IyUZ7KFTfsz8BZA7C4KMbosZMtSc
Request Chain 9
  • https://r.linksprf.com/v1/redirect?type=linkId&id=b525661639e1406782da614d807641cd&api_key=adf407fd1087a1e56eaddec0f5914267&site_id=270cd53ec2334f118ced14a4e8bc849f&dch=feed&ad_t=advertiser&yk_tag=wdudk1vqpjir3j16jfcmmf3s HTTP 302
  • https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F3%251o4.027e3n.fio%3DsIivaT2VFc%25v3fs8txh2rYrLfjR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h3i2b%26pofn3rf%3D5o2ocfdr2d61c2cc7dc21f34bc952e19044d3ev3d2k%26ieCrehsdl1u7%261u0t3s0a0a9d_d7a3b9c811e6d_82-1f39%264ebv-c6%3Dd64t9k3n8d%3D1I3eeoe%26-36ebi4r5s-82349a7579740c4b1%263d1e3P0r1m1%3D3r0e6p0b%3DiIhcralscfI0%3D5060a0803626080314c2e286246e%3D8Ibe8fd%261n6y2t1u%26cu3l8s4e9Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeyeXea%3DMtqpz%25eAA2Q%25kFBpH.2hgpsi%26d7r148c9m327%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=8aa0676e38a64a90943abf35872d4e1d&sct=1&ct=1733194801819&cu=8b33412c276c4ce682bd8cd2156f231f&cs=e970bc1cfb5c2f0a5c9dd81853130d5b

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
vpn.ieka.no/
2 KB
2 KB
Document
General
Full URL
https://vpn.ieka.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.73 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
fb9a4becf1d6088290e93a5e17e069551a4148d5d9640d9aba642c68765b1d70

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 02:59:59 GMT
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Y8jrrEsicCQkn3xsA5cppqexRPVTJ0/d20ZZqQdnPdCcxTFG7KioSQ7soQTl9fN+mVVGmQJk8LR7M3IFsHeNWA==
x-buckets
bucket011,bucket088,bucket077
x-domain
ieka.no
x-language
norwegian
x-pcrew-blocked-reason
hosting network
x-pcrew-ip-organization
Blix Solutions
x-redirect
zeropark_zeroclick
x-subdomain
vpn
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/
1 KB
1 KB
Script
General
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: vpn.ieka.no
URL: https://vpn.ieka.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6400:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vpn.ieka.no/

Response headers

etag
"65fc1e7b-448"
age
5134
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1096
x-amz-cf-id
FSDBxz-FMormMj2KAgqqXz756cbpIkKfdWK2jFaF8elBUpeEmMqEpA==
date
Tue, 03 Dec 2024 01:34:26 GMT
content-type
application/javascript
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
track.php
vpn.ieka.no/
0
115 B
XHR
General
Full URL
https://vpn.ieka.no/track.php?domain=ieka.no&toggle=browserjs&uid=MTczMzE5NDc5OS40NDU5OjA0ODc4YTdjZjk0M2FlMTE2ZDZhOGE4MjMwNjU2OTA0YTljYzc1ZTA0MTRlZDc1N2NiYTcyZmJhZWZhZjRiNjY6Njc0ZTc0MmY2Y2RmNQ%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.73 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width
1600
ect
4g
Referer
https://vpn.ieka.no/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
50
downlink
10

Response headers

content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
browserjs
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Tue, 03 Dec 2024 03:00:00 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
ls.php
vpn.ieka.no/
16 B
371 B
XHR
General
Full URL
https://vpn.ieka.no/ls.php?t=674e742f&token=83a8515fcf6ae066b010fce586cf701603c09c79
Requested by
Host: vpn.ieka.no
URL: https://vpn.ieka.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.73 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://vpn.ieka.no/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
50
downlink
10

Response headers

access-control-max-age
86400
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods
POST, OPTIONS
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_pIT+wsB27j7jkeH2JGmVBA+6NFUxngB89lhJBVuoT+pRFiEku9QIUQKWN5PAvHZ3R0OkEnkwKzv3t/5XvzrINA==
accept-ch-lifetime
30
x-log-success
674e74304cdbf9661f06c178
access-control-allow-origin
alt-svc
h3=":8443"; ma=2592000
date
Tue, 03 Dec 2024 03:00:00 GMT
charset
utf-8
content-type
text/javascript;charset=UTF-8
server
Caddy, nginx
track.php
vpn.ieka.no/
0
91 B
XHR
General
Full URL
https://vpn.ieka.no/track.php?click=b03d3e0ab9547a7d158c69a3ebdac4fbfa641beb&domain=ieka.no&uid=MTczMzE5NDc5OS40NDU5OjA0ODc4YTdjZjk0M2FlMTE2ZDZhOGE4MjMwNjU2OTA0YTljYzc1ZTA0MTRlZDc1N2NiYTcyZmJhZWZhZjRiNjY6Njc0ZTc0MmY2Y2RmNQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDg4LGJ1Y2tldDA3N3x8fHx8fDY3NGU3NDJmNmNkY2V8fHwxNzMzMTk0Nzk5LjgzODd8Mzg1MDkwNTA0OTE2NWM4ZThiMjNkOTczNjhjYmViZGI4MDU2MDJiMXx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDgzYTg1MTVmY2Y2YWUwNjZiMDEwZmNlNTg2Y2Y3MDE2MDNjMDljNzl8MHx8MHwwfHx8fA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.73 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://vpn.ieka.no/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
50
downlink
10

Response headers

x-view-match
true
content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
none
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Tue, 03 Dec 2024 03:00:00 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
ernus-dop.com/zclkvisitor/af129614-b122-11ef-b7d2-121e9e5b60d3/
3 KB
3 KB
Document
General
Full URL
https://ernus-dop.com/zclkvisitor/af129614-b122-11ef-b7d2-121e9e5b60d3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
Requested by
Host: vpn.ieka.no
URL: https://vpn.ieka.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.7.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-7-206.compute-1.amazonaws.com
Software
/
Resource Hash
58b1ecc60f2a8edfdf7d1b5b4880339e37d300a864b0e2fda7dc416f9c99fd45
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://vpn.ieka.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Tue, 03 Dec 2024 03:00:00 GMT
zp-redirect
priverautional.com/
Redirect Chain
  • https://ernus-dop.com/zclkredirect?visitid=af129614-b122-11ef-b7d2-121e9e5b60d3&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZT...
2 KB
2 KB
Document
General
Full URL
https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9M2YyZjc2NDQ3MTlkMTE1NWI3MjkwOGUyNzIyZTVmZDg%3D%3Fc%3Dwdudk1vqpjir3j16jfcmmf3s%26var10%3Dlateritious-falcon&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=af129614-b122-11ef-b7d2-121e9e5b60d3&cid=wdudk1vqpjir3j16jfcmmf3s&rt=DJ&ts=1733194800665&hash=vvPu5v1wZn5QGk9IyUZ7KFTfsz8BZA7C4KMbosZMtSc
Requested by
Host: ernus-dop.com
URL: https://ernus-dop.com/zclkvisitor/af129614-b122-11ef-b7d2-121e9e5b60d3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:d800:19:af0b:1c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7a50f5069afee4c61820c176bb627930647f88efad3d31f50985680a5bc56298

Request headers

Referer
https://ernus-dop.com/zclkvisitor/af129614-b122-11ef-b7d2-121e9e5b60d3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Tue, 03 Dec 2024 03:00:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-id
Dn3jt6w3RaFOyXbzyPWKX8ri6KPzgD8s74AE2HCSWxjs5B7uSg5hCw==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
date
Tue, 03 Dec 2024 03:00:00 GMT
location
https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9M2YyZjc2NDQ3MTlkMTE1NWI3MjkwOGUyNzIyZTVmZDg%3D%3Fc%3Dwdudk1vqpjir3j16jfcmmf3s%26var10%3Dlateritious-falcon&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=af129614-b122-11ef-b7d2-121e9e5b60d3&cid=wdudk1vqpjir3j16jfcmmf3s&rt=DJ&ts=1733194800665&hash=vvPu5v1wZn5QGk9IyUZ7KFTfsz8BZA7C4KMbosZMtSc
redirect
priverautional.com/
1 KB
2 KB
Document
General
Full URL
https://priverautional.com/redirect?target=BASE64aHR0cHM6Ly9hcGkuc2hvcGZpbmRlcjI0LmNvbS9yL2RHODlhSFIwY0hNbE0wRWxNa1lsTWtaeUxteHBibXR6Y0hKbUxtTnZiU1V5Um5ZeEpUSkdjbVZrYVhKbFkzUWxNMFowZVhCbEpUTkViR2x1YTBsa0pUSTJhV1FsTTBSaU5USTFOall4TmpNNVpURTBNRFkzT0RKa1lUWXhOR1E0TURjMk5ERmpaQ1V5Tm1Gd2FWOXJaWGtsTTBSaFpHWTBNRGRtWkRFd09EZGhNV1UxTm1WaFpHUmxZekJtTlRreE5ESTJOeVV5Tm5OcGRHVmZhV1FsTTBReU56QmpaRFV6WldNeU16TTBaakV4T0dObFpERTBZVFJsT0dKak9EUTVaaVV5Tm1SamFDVXpSR1psWldRbE1qWmhaRjkwSlRORVlXUjJaWEowYVhObGNpVXlObmxyWDNSaFp5VXpSQ1UzUW1Oc2FXTnJhV1FsTjBRbWREMHdKbk05TTJZeVpqYzJORFEzTVRsa01URTFOV0kzTWprd09HVXlOekl5WlRWbVpEZz0_Yz13ZHVkazF2cXBqaXIzajE2amZjbW1mM3MmdmFyMTA9bGF0ZXJpdGlvdXMtZmFsY29u&ts=1733194801128&hash=2RRyVbpujRwNgHK2qz-TfNA46LTdrq3U3W9DeQrpOSc&rm=DJ
Requested by
Host: priverautional.com
URL: https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9M2YyZjc2NDQ3MTlkMTE1NWI3MjkwOGUyNzIyZTVmZDg%3D%3Fc%3Dwdudk1vqpjir3j16jfcmmf3s%26var10%3Dlateritious-falcon&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=af129614-b122-11ef-b7d2-121e9e5b60d3&cid=wdudk1vqpjir3j16jfcmmf3s&rt=DJ&ts=1733194800665&hash=vvPu5v1wZn5QGk9IyUZ7KFTfsz8BZA7C4KMbosZMtSc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:d800:19:af0b:1c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
258a260f7bf0e0b972fb5fb89b738573a9576a511cb4dd01ee29b25dc3b4ad6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Tue, 03 Dec 2024 03:00:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-id
Mf2V4VKNRkumVGP9Sy9VvAwk-cJTAAXIyYlPI6Wp6EWe4WdYv53tzQ==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2N...
api.shopfinder24.com/r/
807 B
1 KB
Document
General
Full URL
https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9M2YyZjc2NDQ3MTlkMTE1NWI3MjkwOGUyNzIyZTVmZDg=?c=wdudk1vqpjir3j16jfcmmf3s&var10=lateritious-falcon
Requested by
Host: priverautional.com
URL: https://priverautional.com/redirect?target=BASE64aHR0cHM6Ly9hcGkuc2hvcGZpbmRlcjI0LmNvbS9yL2RHODlhSFIwY0hNbE0wRWxNa1lsTWtaeUxteHBibXR6Y0hKbUxtTnZiU1V5Um5ZeEpUSkdjbVZrYVhKbFkzUWxNMFowZVhCbEpUTkViR2x1YTBsa0pUSTJhV1FsTTBSaU5USTFOall4TmpNNVpURTBNRFkzT0RKa1lUWXhOR1E0TURjMk5ERmpaQ1V5Tm1Gd2FWOXJaWGtsTTBSaFpHWTBNRGRtWkRFd09EZGhNV1UxTm1WaFpHUmxZekJtTlRreE5ESTJOeVV5Tm5OcGRHVmZhV1FsTTBReU56QmpaRFV6WldNeU16TTBaakV4T0dObFpERTBZVFJsT0dKak9EUTVaaVV5Tm1SamFDVXpSR1psWldRbE1qWmhaRjkwSlRORVlXUjJaWEowYVhObGNpVXlObmxyWDNSaFp5VXpSQ1UzUW1Oc2FXTnJhV1FsTjBRbWREMHdKbk05TTJZeVpqYzJORFEzTVRsa01URTFOV0kzTWprd09HVXlOekl5WlRWbVpEZz0_Yz13ZHVkazF2cXBqaXIzajE2amZjbW1mM3MmdmFyMTA9bGF0ZXJpdGlvdXMtZmFsY29u&ts=1733194801128&hash=2RRyVbpujRwNgHK2qz-TfNA46LTdrq3U3W9DeQrpOSc&rm=DJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.134.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-134-231.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
abb0e15cdea847356827da320d119dcb0d848dc88026a0a736ed8dd16e057b5f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 03:00:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
go
r.linksprf.com/v2/
Redirect Chain
  • https://r.linksprf.com/v1/redirect?type=linkId&id=b525661639e1406782da614d807641cd&api_key=adf407fd1087a1e56eaddec0f5914267&site_id=270cd53ec2334f118ced14a4e8bc849f&dch=feed&ad_t=advertiser&yk_tag=...
  • https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F3%251o4.027e3n.fio%3DsIivaT2VFc%25v3fs8txh2rYrLfjR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h3i2b%26pofn3rf%3D5o...
3 KB
3 KB
Document
General
Full URL
https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F3%251o4.027e3n.fio%3DsIivaT2VFc%25v3fs8txh2rYrLfjR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h3i2b%26pofn3rf%3D5o2ocfdr2d61c2cc7dc21f34bc952e19044d3ev3d2k%26ieCrehsdl1u7%261u0t3s0a0a9d_d7a3b9c811e6d_82-1f39%264ebv-c6%3Dd64t9k3n8d%3D1I3eeoe%26-36ebi4r5s-82349a7579740c4b1%263d1e3P0r1m1%3D3r0e6p0b%3DiIhcralscfI0%3D5060a0803626080314c2e286246e%3D8Ibe8fd%261n6y2t1u%26cu3l8s4e9Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeyeXea%3DMtqpz%25eAA2Q%25kFBpH.2hgpsi%26d7r148c9m327%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=8aa0676e38a64a90943abf35872d4e1d&sct=1&ct=1733194801819&cu=8b33412c276c4ce682bd8cd2156f231f&cs=e970bc1cfb5c2f0a5c9dd81853130d5b
Requested by
Host: api.shopfinder24.com
URL: https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9M2YyZjc2NDQ3MTlkMTE1NWI3MjkwOGUyNzIyZTVmZDg=?c=wdudk1vqpjir3j16jfcmmf3s&var10=lateritious-falcon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.202.86.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-86-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
95ee000068db0955b36591b99fb85ca7961765c19fb41522ced153314ef71ae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiNTI1NjYxNjM5ZTE0MDY3ODJkYTYxNGQ4MDc2NDFjZCUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9M2YyZjc2NDQ3MTlkMTE1NWI3MjkwOGUyNzIyZTVmZDg=?c=wdudk1vqpjir3j16jfcmmf3s&var10=lateritious-falcon
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
2576
content-type
text/html;charset=UTF-8
date
Tue, 03 Dec 2024 03:00:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

content-length
0
date
Tue, 03 Dec 2024 03:00:01 GMT
location
/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F3%251o4.027e3n.fio%3DsIivaT2VFc%25v3fs8txh2rYrLfjR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h3i2b%26pofn3rf%3D5o2ocfdr2d61c2cc7dc21f34bc952e19044d3ev3d2k%26ieCrehsdl1u7%261u0t3s0a0a9d_d7a3b9c811e6d_82-1f39%264ebv-c6%3Dd64t9k3n8d%3D1I3eeoe%26-36ebi4r5s-82349a7579740c4b1%263d1e3P0r1m1%3D3r0e6p0b%3DiIhcralscfI0%3D5060a0803626080314c2e286246e%3D8Ibe8fd%261n6y2t1u%26cu3l8s4e9Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeyeXea%3DMtqpz%25eAA2Q%25kFBpH.2hgpsi%26d7r148c9m327%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=8aa0676e38a64a90943abf35872d4e1d&sct=1&ct=1733194801819&cu=8b33412c276c4ce682bd8cd2156f231f&cs=e970bc1cfb5c2f0a5c9dd81853130d5b
strict-transport-security
max-age=31536000; includeSubDomains
sitesearchGo
no-go.kelkoogroup.net/
30 KB
31 KB
Document
General
Full URL
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Requested by
Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F3%251o4.027e3n.fio%3DsIivaT2VFc%25v3fs8txh2rYrLfjR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h3i2b%26pofn3rf%3D5o2ocfdr2d61c2cc7dc21f34bc952e19044d3ev3d2k%26ieCrehsdl1u7%261u0t3s0a0a9d_d7a3b9c811e6d_82-1f39%264ebv-c6%3Dd64t9k3n8d%3D1I3eeoe%26-36ebi4r5s-82349a7579740c4b1%263d1e3P0r1m1%3D3r0e6p0b%3DiIhcralscfI0%3D5060a0803626080314c2e286246e%3D8Ibe8fd%261n6y2t1u%26cu3l8s4e9Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeyeXea%3DMtqpz%25eAA2Q%25kFBpH.2hgpsi%26d7r148c9m327%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=8aa0676e38a64a90943abf35872d4e1d&sct=1&ct=1733194801819&cu=8b33412c276c4ce682bd8cd2156f231f&cs=e970bc1cfb5c2f0a5c9dd81853130d5b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
c4c757cd6ab4c406b9a7cba1b7f772cf50c36499d89c7cfb184b469644f1678c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.linksprf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Charset
utf-8
Content-Length
30757
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Dec 2024 03:00:01 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.036986353S
X-Content-Type-Options
nosniff
X-DD-B
1
X-DataDome
protected
X-DataDome-CID
AHrlqAAAAAMAJcMZhI_lI2IAsv-UrA==
X-Frame-Options
ALLOWALL
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698149_1733194802128_66756266
country
no
leadId
62A901JE57BRYYJ70M71N7P5KGBYN6
p.png
no-go.kelkoogroup.net/assets/images/
68 B
552 B
Image
General
Full URL
https://no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2c8cd5f8a59077a90137a6ab47d71ea577d18170dbfa4095cf0911d855dfee2993b3c62fe02cd714355d9560e514e039c621f73081523c4932c3db4ae821aa6c455c91b0a662b07ed1502db8d7f3284e2977f81f0f0de8e846affcbf8f374591cd47ad5fbcd4b5fa9895b62e6a093c2d8b1d25678495278708b4604f75bc577ccec629ac98f518a1ff3a000ff4b4a61c6e9e39fd0ff4b091a9e46c6a43600b2f7f1f1939cdb92bc279306cc7ada63ecab94ded627604c5255a9eee9ffba71e45e70474df9db23170c424e9a3f55d74d1ea4680e38ca01adb3299b710c942668885f4bf5d5d1c96ef0f3ad90de361cbd4f359e211714d2fb74a1088ffa9e2c4bcdd77cf5
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f

Response headers

X-Robots-Tag
noindex,nofollow
Cache-Control
private, must-revalidate
leadId
62A901JE57BRYYJ70M71N7P5KGBYN6
Request-Time
PT0.004793048S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
clickId
107698149_1733194802128_66756266
country
no
X-Content-Type-Options
nosniff
Content-Length
68
X-XSS-Protection
1; mode=block
Date
Tue, 03 Dec 2024 03:00:01 GMT
Content-Type
image/png
X-Frame-Options
ALLOWALL
tags.js
dd.kelkoogroup.net/
169 KB
32 KB
Script
General
Full URL
https://dd.kelkoogroup.net/tags.js
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-4.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://no-go.kelkoogroup.net/

Response headers

content-encoding
gzip
x-amz-version-id
srBbjf4IpQWkR6dukRm3KeuXFeESXHnZ
etag
W/"f413de3002ba35101fcc6ab056e87d4b"
age
2556
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
YJ9J_7hgTvWaq5kXLuA4k_YsDPTHsrNRZG6s24cgS_Xd2M1w3MctMA==
date
Tue, 03 Dec 2024 02:17:27 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Tue, 19 Nov 2024 10:41:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600, public
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/
0
556 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-08KS908YC5&_p=986866223&sr=1600x1200&ul=no-no&cid=643463437.1733194802&uid=a4c6295-1938a75e3d1-771974&_fv=1&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FsitesearchGo%3F.ts%3D1733194801773%26.sig%3D2IHvBTkVQcAvefz8qxM2aYXLyjM-%26affiliationId%3D96966625%26comId%3D9443823%26country%3Dno%26offerId%3D1622c8de2cf140c052e3984ad6e5302f%26searchId%3D1076100331010093_1733194801767_7291338%26service%3D36%26tokenId%3D1833e9e4-d66b-4b54-92f4-a85d9e41ccbb%26addedParams%3Dtrue%26publisherClickId%3Dv0304000162698b33412c276c4ce682bd8cd2156f231f%26publisherTrafficType%3Dsearchengine%26originReferer%3Dhttps%253A%252F%252Fapi.shopfinder24.com%252F%26publisherSubId%3D270cd53ec2334f118ced14a4e8bc849f&dt=Du%20sendes%20videre%20til%20Gullshoppen.no&dr=https%3A%2F%2Fr.linksprf.com%2F&dp=%2F96966625%7C9443823%7C&sid=1733194802&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96966625&ep.cd2=62A901JE57BRYYJ70M71N7P5KGBYN6&ep.cd3=9443823&ep.cd4=a4c6295-1938a75e3d1-771974&ep.cd5=&ep.cd6=96966625%7C9443823%7C
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://no-go.kelkoogroup.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://no-go.kelkoogroup.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 03:00:02 GMT
content-type
text/plain
server
Golfe2
ados.js
no-go.kelkoogroup.net/
1 KB
2 KB
XHR
General
Full URL
https://no-go.kelkoogroup.net/ados.js
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
Request-Time
PT0.000448102S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
Content-Length
1140
X-XSS-Protection
1; mode=block
Date
Tue, 03 Dec 2024 03:00:02 GMT
Content-Type
text/html; charset=UTF-8
X-Frame-Options
DENY
fp
no-go.kelkoogroup.net/
0
458 B
Ping
General
Full URL
https://no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2c8cd5f8a59077a90137a6ab47d71ea577d18170dbfa4095cf0911d855dfee2993b3c62fe02cd714355d9560e514e039c621f73081523c4932c3db4ae821aa6c455c91b0a662b07ed1502db8d7f3284e2977f81f0f0de8e846affcbf8f374591cd47ad5fbcd4b5fa9895b62e6a093c2d8b1d25678495278708b4604f75bc577ccec629ac98f518a1ff3a000ff4b4a61c6e9e39fd0ff4b091a9e46c6a43600b2f7f1f1939cdb92bc279306cc7ada63ecab94ded627604c5255a9eee9ffba71e45e70474df9db23170c424e9a3f55d74d1ea4680e38ca01adb3299b710c942668885f4bf5d5d1c96ef0f3ad90de361cbd4f359e211714d2fb74a1088ffa9e2c4bcdd77cf5
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=utf-8
sec-ch-device-memory
8

Response headers

X-Robots-Tag
noindex,nofollow
leadId
62A901JE57BRYYJ70M71N7P5KGBYN6
Request-Time
PT0.012396029S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
clickId
107698149_1733194802128_66756266
country
no
X-Content-Type-Options
nosniff
Content-Length
0
X-XSS-Protection
1; mode=block
Date
Tue, 03 Dec 2024 03:00:02 GMT
Content-Type
text/plain; charset=UTF-8
X-Frame-Options
ALLOWALL
27594e35-b9e9-4664-a92e-fab0f2d883d7
https://no-go.kelkoogroup.net/ Frame
0
0

/
dd.kelkoogroup.net/js/
0
0

Primary Request redirect
no-go.kelkoogroup.net/
725 B
2 KB
Document
General
Full URL
https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2c8cd5f8a59077a90137a6ab47d71ea577d18170dbfa4095cf0911d855dfee2993b3c62fe02cd714355d9560e514e039c621f73081523c4932c3db4ae821aa6c455c91b0a662b07ed1502db8d7f3284e2977f81f0f0de8e846affcbf8f374591cd47ad5fbcd4b5fa9895b62e6a093c2d8b1d25678495278708b4604f75bc577ccec629ac98f518a1ff3a000ff4b4a61c6e9e39fd0ff4b091a9e46c6a43600b2f7f1f1939cdb92bc279306cc7ada63ecab94ded627604c5255a9eee9ffba71e45e70474df9db23170c424e9a3f55d74d1ea4680e38ca01adb3299b710c942668885f4bf5d5d1c96ef0f3ad90de361cbd4f359e211714d2fb74a1088ffa9e2c4bcdd77cf5&url=https%3A%2F%2Fgullshoppen.no%2Fprodukt%2Fring-gult-gull-0-20-tw-si-diamanter%2F%3Fkk%3Da4c6295-1938a75e3d1-771974%26attribute_pa_st-rrelse%3D52-4%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DGullshoppen%2BRing%2Bgult%2Bgull%2B14k%2B%2528585%2529%2B0%252C2&initiator=timeout
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
bd5d3e5038062ec1cadddc6ae8bfbe399fdacff1460cfa606b4d1139dc9b70ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Charset
utf-8
Content-Length
725
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Dec 2024 03:00:01 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.0137474S
X-Content-Type-Options
nosniff
X-DD-B
1
X-DataDome
protected
X-DataDome-CID
AHrlqAAAAAMAJcMZhI_lI2IAsv-UrA==
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-XSS-Protection
1; mode=block
c.js
ct.captcha-delivery.com/
11 KB
11 KB
Script
General
Full URL
https://ct.captcha-delivery.com/c.js
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2c8cd5f8a59077a90137a6ab47d71ea577d18170dbfa4095cf0911d855dfee2993b3c62fe02cd714355d9560e514e039c621f73081523c4932c3db4ae821aa6c455c91b0a662b07ed1502db8d7f3284e2977f81f0f0de8e846affcbf8f374591cd47ad5fbcd4b5fa9895b62e6a093c2d8b1d25678495278708b4604f75bc577ccec629ac98f518a1ff3a000ff4b4a61c6e9e39fd0ff4b091a9e46c6a43600b2f7f1f1939cdb92bc279306cc7ada63ecab94ded627604c5255a9eee9ffba71e45e70474df9db23170c424e9a3f55d74d1ea4680e38ca01adb3299b710c942668885f4bf5d5d1c96ef0f3ad90de361cbd4f359e211714d2fb74a1088ffa9e2c4bcdd77cf5&url=https%3A%2F%2Fgullshoppen.no%2Fprodukt%2Fring-gult-gull-0-20-tw-si-diamanter%2F%3Fkk%3Da4c6295-1938a75e3d1-771974%26attribute_pa_st-rrelse%3D52-4%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DGullshoppen%2BRing%2Bgult%2Bgull%2B14k%2B%2528585%2529%2B0%252C2&initiator=timeout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://no-go.kelkoogroup.net/

Response headers

x-amz-version-id
null
etag
"1fd766ce129c8b2cae0770e023a22682"
age
60982
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
11217
x-amz-cf-id
7DvCOibqXcpZApgDsWmmWNzmbHYGMPNZ4O4EA5YxoFx-bx2BAjhxgg==
date
Mon, 02 Dec 2024 10:03:41 GMT
content-type
text/javascript
last-modified
Fri, 22 Nov 2024 10:03:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
/
geo.captcha-delivery.com/captcha/ Frame 02B3
0
0
Document
General
Full URL
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAJcMZhI_lI2IAsv-UrA%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=gQM0TCTQwvzRrpxJAvE~2aHhNj8UVP~NB93VmKeN5SwTzWRWhSyAa6eAQAzqPssteZKRjIP8gQ22Y8snaalequ_laMTTB4eJq6SgH4KyYgmc46HZfwavzQJv9pUbsTa6&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2c8cd5f8a59077a90137a6ab47d71ea577d18170dbfa4095cf0911d855dfee2993b3c62fe02cd714355d9560e514e039c621f73081523c4932c3db4ae821aa6c455c91b0a662b07ed1502db8d7f3284e2977f81f0f0de8e846affcbf8f374591cd47ad5fbcd4b5fa9895b62e6a093c2d8b1d25678495278708b4604f75bc577ccec629ac98f518a1ff3a000ff4b4a61c6e9e39fd0ff4b091a9e46c6a43600b2f7f1f1939cdb92bc279306cc7ada63ecab94ded627604c5255a9eee9ffba71e45e70474df9db23170c424e9a3f55d74d1ea4680e38ca01adb3299b710c942668885f4bf5d5d1c96ef0f3ad90de361cbd4f359e211714d2fb74a1088ffa9e2c4bcdd77cf5%26url%3Dhttps%253A%252F%252Fgullshoppen.no%252Fprodukt%252Fring-gult-gull-0-20-tw-si-diamanter%252F%253Fkk%253Da4c6295-1938a75e3d1-771974%2526attribute_pa_st-rrelse%253D52-4%2526utm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DGullshoppen%252BRing%252Bgult%252Bgull%252B14k%252B%252528585%252529%252B0%25252C2%26initiator%3Dtimeout&s=35103&e=c3faaba8141a9b57a21d4167aeff3bc55c23b51b39c894477ac9319d1d7890e4&dm=cd
Requested by
Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.194.14.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-14-91.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 03 Dec 2024 03:00:02 GMT
Transfer-Encoding
chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
no-go.kelkoogroup.net
URL
blob:https://no-go.kelkoogroup.net/27594e35-b9e9-4664-a92e-fab0f2d883d7
Domain
dd.kelkoogroup.net
URL
https://dd.kelkoogroup.net/js/

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dd

5 Cookies

Domain/Path Name / Value
.priverautional.com/ Name: cc-v4
Value: HeEo%2BdEx1vmP5sv8K8TmAOHtI5zqyp3lGfUqJ8lVtQJzKvu9Ir5a%2FxvcCDN4zo1ZGXpUOkzTuz2LtRV9S6jpIIIOlD089QYghCwY%2FfMrtw82wp%2BUVyo%2BkAps%2BG4L9sTp5oZDgeEzikVaJnQXV276tg%3D%3D
.linksprf.com/ Name: ykuid
Value: 2ac224f0fa4d4f40b4a018434f5eb72f
r.linksprf.com/ Name: JSESSIONID
Value: CA48E4B2C3B09316C0C4916FA2966F92
.kelkoogroup.net/ Name: kelkooID
Value: a4c6295-1938a75e3d1-771974
.kelkoogroup.net/ Name: datadome
Value: gQM0TCTQwvzRrpxJAvE~2aHhNj8UVP~NB93VmKeN5SwTzWRWhSyAa6eAQAzqPssteZKRjIP8gQ22Y8snaalequ_laMTTB4eJq6SgH4KyYgmc46HZfwavzQJv9pUbsTa6

3 Console Messages

Source Level URL
Text
rendering warning URL: https://ernus-dop.com/zclkvisitor/af129614-b122-11ef-b7d2-121e9e5b60d3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A030221614310000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1733194801773&.sig=2IHvBTkVQcAvefz8qxM2aYXLyjM-&affiliationId=96966625&comId=9443823&country=no&offerId=1622c8de2cf140c052e3984ad6e5302f&searchId=1076100331010093_1733194801767_7291338&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000162698b33412c276c4ce682bd8cd2156f231f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f(Line 28)
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed4644bb21c184ea9effb283065f8b2c8cd5f8a59077a90137a6ab47d71ea577d18170dbfa4095cf0911d855dfee2993b3c62fe02cd714355d9560e514e039c621f73081523c4932c3db4ae821aa6c455c91b0a662b07ed1502db8d7f3284e2977f81f0f0de8e846affcbf8f374591cd47ad5fbcd4b5fa9895b62e6a093c2d8b1d25678495278708b4604f75bc577ccec629ac98f518a1ff3a000ff4b4a61c6e9e39fd0ff4b091a9e46c6a43600b2f7f1f1939cdb92bc279306cc7ada63ecab94ded627604c5255a9eee9ffba71e45e70474df9db23170c424e9a3f55d74d1ea4680e38ca01adb3299b710c942668885f4bf5d5d1c96ef0f3ad90de361cbd4f359e211714d2fb74a1088ffa9e2c4bcdd77cf5&url=https%3A%2F%2Fgullshoppen.no%2Fprodukt%2Fring-gult-gull-0-20-tw-si-diamanter%2F%3Fkk%3Da4c6295-1938a75e3d1-771974%26attribute_pa_st-rrelse%3D52-4%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DGullshoppen%2BRing%2Bgult%2Bgull%2B14k%2B%2528585%2529%2B0%252C2&initiator=timeout
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.shopfinder24.com
ct.captcha-delivery.com
d38psrni17bvxu.cloudfront.net
dd.kelkoogroup.net
ernus-dop.com
geo.captcha-delivery.com
no-go.kelkoogroup.net
priverautional.com
r.linksprf.com
vpn.ieka.no
www.google-analytics.com
dd.kelkoogroup.net
no-go.kelkoogroup.net
18.194.14.91
18.202.86.139
18.66.112.4
185.53.178.73
2001:4860:4802:36::178
2600:9000:223c:d800:19:af0b:1c80:93a1
2600:9000:2250:6400:1d:4618:5c80:21
3.127.134.231
54.82.7.206
65.9.66.87
95.211.116.26
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0
258a260f7bf0e0b972fb5fb89b738573a9576a511cb4dd01ee29b25dc3b4ad6a
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
58b1ecc60f2a8edfdf7d1b5b4880339e37d300a864b0e2fda7dc416f9c99fd45
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
7a50f5069afee4c61820c176bb627930647f88efad3d31f50985680a5bc56298
95ee000068db0955b36591b99fb85ca7961765c19fb41522ced153314ef71ae7
abb0e15cdea847356827da320d119dcb0d848dc88026a0a736ed8dd16e057b5f
b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430
bd5d3e5038062ec1cadddc6ae8bfbe399fdacff1460cfa606b4d1139dc9b70ef
c4c757cd6ab4c406b9a7cba1b7f772cf50c36499d89c7cfb184b469644f1678c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb9a4becf1d6088290e93a5e17e069551a4148d5d9640d9aba642c68765b1d70