it-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://correu.fleet-track.co.uk/
Effective URL:
https://it-go.kelkoogroup.net/redirect?country=it&k=612f7a9541cd6ea61eb554c0e4cff43712519afa8a6cb71848bcbe18c81c0189f335d02386...
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2024, 8:39:23 am UTC) — Scanned from IT

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 10 domains to perform 15 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is it-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.

This is the only time it-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.234.192.109 172.234.192.109	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 5	64.190.63.136 64.190.63.136	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	3.209.119.177 3.209.119.177	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.67.161.46 172.67.161.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.126.48.135 3.126.48.135	16509 (AMAZON-02) (AMAZON-02)
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	95.211.116.26 95.211.116.26	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	3.161.82.87 3.161.82.87	16509 (AMAZON-02) (AMAZON-02)
15	6

1 172.234.192.109 (Chicago, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-234-192-109.ip.linodeusercontent.com

correu.fleet-track.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.190.63.136 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

ww1.fleet-track.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.209.119.177 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-119-177.compute-1.amazonaws.com

varun-ysz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.161.46 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

geotrkclknow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.48.135 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com

mghnhfvz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clickcanv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com

it-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-87.fra56.r.cloudfront.net

dd.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	kelkoogroup.net it-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 336585	67 KB
6	fleet-track.co.uk 3 redirects correu.fleet-track.co.uk ww1.fleet-track.co.uk	4 KB
2	varun-ysz.com 1 redirects varun-ysz.com — Cisco Umbrella Rank: 311193	4 KB
1	clickcanv.com 1 redirects clickcanv.com	3 KB
1	mghnhfvz.com 1 redirects mghnhfvz.com	2 KB
1	geotrkclknow.com 1 redirects geotrkclknow.com	2 KB
1	sedodna.com 1 redirects xml.sedodna.com — Cisco Umbrella Rank: 343845	309 B
1	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 68803	15 KB
0	captcha-delivery.com Failed ct.captcha-delivery.com Failed
0	google-analytics.com Failed www.google-analytics.com Failed
15	10

	Domain	Requested by
5	it-go.kelkoogroup.net	varun-ysz.com it-go.kelkoogroup.net
5	ww1.fleet-track.co.uk	2 redirects ww1.fleet-track.co.uk
2	varun-ysz.com	1 redirects ww1.fleet-track.co.uk
1	dd.kelkoogroup.net	it-go.kelkoogroup.net dd.kelkoogroup.net
1	clickcanv.com	1 redirects
1	mghnhfvz.com	1 redirects
1	geotrkclknow.com	1 redirects
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com
1	correu.fleet-track.co.uk	1 redirects
0	ct.captcha-delivery.com Failed	it-go.kelkoogroup.net
0	www.google-analytics.com Failed	it-go.kelkoogroup.net
15	12

This site contains no links.

Subject Issuer	Validity	Valid
ww1.fleet-track.co.uk Encryption Everywhere DV TLS CA - G2	`2024-10-08` - `2025-10-07`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2023-11-13` - `2024-12-14`	a year	crt.sh
varun-ysz.com Amazon RSA 2048 M02	`2024-09-30` - `2025-10-29`	a year	crt.sh
*.kelkoogroup.net Thawte TLS RSA CA G1	`2024-09-26` - `2025-10-10`	a year	crt.sh
dd.kelkoogroup.net E6	`2024-10-07` - `2025-01-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://it-go.kelkoogroup.net/redirect?country=it&k=612f7a9541cd6ea61eb554c0e4cff43712519afa8a6cb71848bcbe18c81c0189f335d02386e562f2b909c42f404d8c73ac9e68828179c1f3a9ab12ab5866ea9fff93e5192e34c6023ed7f848de683a8ad3113f9712fd54e29892d219a91dc92e0265e603b7fb098a1aa5afe413b3ecd1e4e1635ea35f7a945ae524cecf96c021ce8b7d44009802c16f31cc881b313ff7ec64c69e70ea4c40e6db742b8a60879e18c5c5720810067bd96967290ccae9476caff7913c53ba7d24c69be19e4b6005670e9bd3b40ba855e80da587d4ed9dffa7c1f929f5745ad62f02a38a920838e0dcfd8449e7c2c1c78fcabb644631e848b496c3f0c0ccd6c00f0a52ae0a238b85a3ca566ab22283592e3927e43e05427b7c21f89547bfa8b2c154ce3ae1c026052eafc0abd1948a3b&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1816133864%26as%3D1755628018%26t%3D2%26tk%3D1%26epi%3D62A001JA52WVQ2NDEMQ4MH33WJKQKA%26url%3Dhttps%3A%2F%2Fwww.laredoute.it%2Fppdp%2Fprod-350050065.aspx%3Fdim1%3D1%26dim2%3D4%26cod%3DAFF00176742IT&initiator=timeout
Frame ID: 69E8EF51C505ABA2E044641655CA2057
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

https://correu.fleet-track.co.uk/ HTTP 302
http://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1 HTTP 307
https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1 Page URL
https://ww1.fleet-track.co.uk/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DZ22Fsvj079... HTTP 302
https://ww1.fleet-track.co.uk/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DZ22Fsvj079... HTTP 302
https://xml.sedodna.com/click?i=Z22Fsvj079U_0 HTTP 302
https://varun-ysz.com/zclkvisitor/c4d78ec3-8a07-11ef-848e-129c7423ac79/9232f590-d991-493f-b95d-d38... Page URL
https://varun-ysz.com/zclkredirect?visitid=c4d78ec3-8a07-11ef-848e-129c7423ac79&type=js&browserWid... HTTP 302
https://geotrkclknow.com/rot/k5qYlA25FNmyRUip?extid=zrc4d78ec38a0711ef848e129c7423ac79f7f5c5a4514b4c1... HTTP 302
https://mghnhfvz.com/click?trvid=40141&extid=zrc4d78ec38a0711ef848e129c7423ac79f7f5c5a4514b4c1eb8... HTTP 302
https://clickcanv.com/offerk?subid=awNjI3TGDPMp&id=100556973&c=V&merchantUrl=https%3A%2F%2Fwww.lar... HTTP 302
https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliatio... Page URL
https://it-go.kelkoogroup.net/redirect?country=it&k=612f7a9541cd6ea61eb554c0e4cff43712519afa8a6cb71848bcbe... Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

15
Requests

73 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

6
IPs

3
Countries

87 kB
Transfer

220 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://correu.fleet-track.co.uk/ HTTP 302
http://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1 HTTP 307
https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1 Page URL
https://ww1.fleet-track.co.uk/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DZ22Fsvj079U_0&v=MWFiZWFlYTNhMWY2NWY4M2ExNDYxNjU4ZDZmZGJmYWIJMQl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhODMxZjkzNC42ODg1NDA0NAl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhODMxZmQ1Mi40MzkxMzk0NgkxNzI4ODk1MTQ0CWFkXzYzXzA%3D&l=ogcFJ3l3GjkfE_CeJHfyYca5srQTgllJK1_iJ7fHpielKyMM1U_GocLVZJoxNSGpu8YfiGeHEuYwymil4iK3J_AIAL5_Z2Tg4VR69iPWG7SeFOm-TOIRJLd5CgwNnFc0ZR16xz8byhz1-tMw4xw_nItUIEFjn7OjpZpl5DdTm_yCEQGplUS6uEXg3R3PpjxCX86dCzF1tr-aF4RhzVp6NKZbknmiVLMLj1V2OshSfKSLFo5D5KfJrwTR8dDHSeC_9H7XE8mSJOXIkowqISGCWjmB1TCr5_tFv6jsdB8bNY_56yKtGLA5UU9vuQJH9Y9G8E_FCs3rzArkapstZwaky2wR5MbrS3e0rhHRyn5cLb0yUpuxaVEOVGOVkX0Psu66OOHJdXj0eVaDGFVjzRJTHeplFrZE9aqV3jEzPKHZ9lmKEMUX3ERoYlE_Cj0S6y7N__NgqtgMjiS_YJ4AvyYQfLSk9VDRwdP4H0zle9jEJ9fHqpsmObFGc-9jx6DhgBKVG6s4yplQuE96y_NecO68N39DhkcKpzx_LmHS6UPHt6zlaf6eXUGnF1V2uzIJGCacqCuNfYdHhB_prpcQeDPpBqTflDyUhJmU7J0oiM6DxKIDLpHV-Q8_-LwN0117YL0V8X_XOKc7yypmzozaGa3SJfrmPddkOVpijEtllKd5liYyBNLiDxeyhK2CrBJ6cBzqqy2uApY3M3HTRPy2j1iqw HTTP 302
https://ww1.fleet-track.co.uk/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DZ22Fsvj079U_0&v=MWFiZWFlYTNhMWY2NWY4M2ExNDYxNjU4ZDZmZGJmYWIJMQl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhODMxZjkzNC42ODg1NDA0NAl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhODMxZmQ1Mi40MzkxMzk0NgkxNzI4ODk1MTQ0CWFkXzYzXzA%3D&l=ogcFJ3l3GjkfE_CeJHfyYca5srQTgllJK1_iJ7fHpielKyMM1U_GocLVZJoxNSGpu8YfiGeHEuYwymil4iK3J_AIAL5_Z2Tg4VR69iPWG7SeFOm-TOIRJLd5CgwNnFc0ZR16xz8byhz1-tMw4xw_nItUIEFjn7OjpZpl5DdTm_yCEQGplUS6uEXg3R3PpjxCX86dCzF1tr-aF4RhzVp6NKZbknmiVLMLj1V2OshSfKSLFo5D5KfJrwTR8dDHSeC_9H7XE8mSJOXIkowqISGCWjmB1TCr5_tFv6jsdB8bNY_56yKtGLA5UU9vuQJH9Y9G8E_FCs3rzArkapstZwaky2wR5MbrS3e0rhHRyn5cLb0yUpuxaVEOVGOVkX0Psu66OOHJdXj0eVaDGFVjzRJTHeplFrZE9aqV3jEzPKHZ9lmKEMUX3ERoYlE_Cj0S6y7N__NgqtgMjiS_YJ4AvyYQfLSk9VDRwdP4H0zle9jEJ9fHqpsmObFGc-9jx6DhgBKVG6s4yplQuE96y_NecO68N39DhkcKpzx_LmHS6UPHt6zlaf6eXUGnF1V2uzIJGCacqCuNfYdHhB_prpcQeDPpBqTflDyUhJmU7J0oiM6DxKIDLpHV-Q8_-LwN0117YL0V8X_XOKc7yypmzozaGa3SJfrmPddkOVpijEtllKd5liYyBNLiDxeyhK2CrBJ6cBzqqy2uApY3M3HTRPy2j1iqw HTTP 302
https://xml.sedodna.com/click?i=Z22Fsvj079U_0 HTTP 302
https://varun-ysz.com/zclkvisitor/c4d78ec3-8a07-11ef-848e-129c7423ac79/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7 Page URL
https://varun-ysz.com/zclkredirect?visitid=c4d78ec3-8a07-11ef-848e-129c7423ac79&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome HTTP 302
https://geotrkclknow.com/rot/k5qYlA25FNmyRUip?extid=zrc4d78ec38a0711ef848e129c7423ac79f7f5c5a4514b4c1eb882434a65dc6155085784343f5044da9a&cost=0.003500&targid=papa-pod-v5wmdm7ye7&sczp=porraceous-llama HTTP 302
https://mghnhfvz.com/click?trvid=40141&extid=zrc4d78ec38a0711ef848e129c7423ac79f7f5c5a4514b4c1eb882434a65dc6155085784343f5044da9a&cost=0.003500&targid=papa-pod-v5wmdm7ye7&sczp=porraceous-llama HTTP 302
https://clickcanv.com/offerk?subid=awNjI3TGDPMp&id=100556973&c=V&merchantUrl=https%3A%2F%2Fwww.laredoute.it&vsid={vsid}&deep= HTTP 302
https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW Page URL
https://it-go.kelkoogroup.net/redirect?country=it&k=612f7a9541cd6ea61eb554c0e4cff43712519afa8a6cb71848bcbe18c81c0189f335d02386e562f2b909c42f404d8c73ac9e68828179c1f3a9ab12ab5866ea9fff93e5192e34c6023ed7f848de683a8ad3113f9712fd54e29892d219a91dc92e0265e603b7fb098a1aa5afe413b3ecd1e4e1635ea35f7a945ae524cecf96c021ce8b7d44009802c16f31cc881b313ff7ec64c69e70ea4c40e6db742b8a60879e18c5c5720810067bd96967290ccae9476caff7913c53ba7d24c69be19e4b6005670e9bd3b40ba855e80da587d4ed9dffa7c1f929f5745ad62f02a38a920838e0dcfd8449e7c2c1c78fcabb644631e848b496c3f0c0ccd6c00f0a52ae0a238b85a3ca566ab22283592e3927e43e05427b7c21f89547bfa8b2c154ce3ae1c026052eafc0abd1948a3b&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1816133864%26as%3D1755628018%26t%3D2%26tk%3D1%26epi%3D62A001JA52WVQ2NDEMQ4MH33WJKQKA%26url%3Dhttps%3A%2F%2Fwww.laredoute.it%2Fppdp%2Fprod-350050065.aspx%3Fdim1%3D1%26dim2%3D4%26cod%3DAFF00176742IT&initiator=timeout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://correu.fleet-track.co.uk/ HTTP 302
http://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1 HTTP 307
https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1

Request Chain 4

https://ww1.fleet-track.co.uk/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DZ22Fsvj079U_0&v=MWFiZWFlYTNhMWY2NWY4M2ExNDYxNjU4ZDZmZGJmYWIJMQl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhODMxZjkzNC42ODg1NDA0NAl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhODMxZmQ1Mi40MzkxMzk0NgkxNzI4ODk1MTQ0CWFkXzYzXzA%3D&l=ogcFJ3l3GjkfE_CeJHfyYca5srQTgllJK1_iJ7fHpielKyMM1U_GocLVZJoxNSGpu8YfiGeHEuYwymil4iK3J_AIAL5_Z2Tg4VR69iPWG7SeFOm-TOIRJLd5CgwNnFc0ZR16xz8byhz1-tMw4xw_nItUIEFjn7OjpZpl5DdTm_yCEQGplUS6uEXg3R3PpjxCX86dCzF1tr-aF4RhzVp6NKZbknmiVLMLj1V2OshSfKSLFo5D5KfJrwTR8dDHSeC_9H7XE8mSJOXIkowqISGCWjmB1TCr5_tFv6jsdB8bNY_56yKtGLA5UU9vuQJH9Y9G8E_FCs3rzArkapstZwaky2wR5MbrS3e0rhHRyn5cLb0yUpuxaVEOVGOVkX0Psu66OOHJdXj0eVaDGFVjzRJTHeplFrZE9aqV3jEzPKHZ9lmKEMUX3ERoYlE_Cj0S6y7N__NgqtgMjiS_YJ4AvyYQfLSk9VDRwdP4H0zle9jEJ9fHqpsmObFGc-9jx6DhgBKVG6s4yplQuE96y_NecO68N39DhkcKpzx_LmHS6UPHt6zlaf6eXUGnF1V2uzIJGCacqCuNfYdHhB_prpcQeDPpBqTflDyUhJmU7J0oiM6DxKIDLpHV-Q8_-LwN0117YL0V8X_XOKc7yypmzozaGa3SJfrmPddkOVpijEtllKd5liYyBNLiDxeyhK2CrBJ6cBzqqy2uApY3M3HTRPy2j1iqw HTTP 302
https://ww1.fleet-track.co.uk/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DZ22Fsvj079U_0&v=MWFiZWFlYTNhMWY2NWY4M2ExNDYxNjU4ZDZmZGJmYWIJMQl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhODMxZjkzNC42ODg1NDA0NAl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhODMxZmQ1Mi40MzkxMzk0NgkxNzI4ODk1MTQ0CWFkXzYzXzA%3D&l=ogcFJ3l3GjkfE_CeJHfyYca5srQTgllJK1_iJ7fHpielKyMM1U_GocLVZJoxNSGpu8YfiGeHEuYwymil4iK3J_AIAL5_Z2Tg4VR69iPWG7SeFOm-TOIRJLd5CgwNnFc0ZR16xz8byhz1-tMw4xw_nItUIEFjn7OjpZpl5DdTm_yCEQGplUS6uEXg3R3PpjxCX86dCzF1tr-aF4RhzVp6NKZbknmiVLMLj1V2OshSfKSLFo5D5KfJrwTR8dDHSeC_9H7XE8mSJOXIkowqISGCWjmB1TCr5_tFv6jsdB8bNY_56yKtGLA5UU9vuQJH9Y9G8E_FCs3rzArkapstZwaky2wR5MbrS3e0rhHRyn5cLb0yUpuxaVEOVGOVkX0Psu66OOHJdXj0eVaDGFVjzRJTHeplFrZE9aqV3jEzPKHZ9lmKEMUX3ERoYlE_Cj0S6y7N__NgqtgMjiS_YJ4AvyYQfLSk9VDRwdP4H0zle9jEJ9fHqpsmObFGc-9jx6DhgBKVG6s4yplQuE96y_NecO68N39DhkcKpzx_LmHS6UPHt6zlaf6eXUGnF1V2uzIJGCacqCuNfYdHhB_prpcQeDPpBqTflDyUhJmU7J0oiM6DxKIDLpHV-Q8_-LwN0117YL0V8X_XOKc7yypmzozaGa3SJfrmPddkOVpijEtllKd5liYyBNLiDxeyhK2CrBJ6cBzqqy2uApY3M3HTRPy2j1iqw HTTP 302
https://xml.sedodna.com/click?i=Z22Fsvj079U_0 HTTP 302
https://varun-ysz.com/zclkvisitor/c4d78ec3-8a07-11ef-848e-129c7423ac79/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7

Request Chain 5

https://varun-ysz.com/zclkredirect?visitid=c4d78ec3-8a07-11ef-848e-129c7423ac79&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome HTTP 302
https://geotrkclknow.com/rot/k5qYlA25FNmyRUip?extid=zrc4d78ec38a0711ef848e129c7423ac79f7f5c5a4514b4c1eb882434a65dc6155085784343f5044da9a&cost=0.003500&targid=papa-pod-v5wmdm7ye7&sczp=porraceous-llama HTTP 302
https://mghnhfvz.com/click?trvid=40141&extid=zrc4d78ec38a0711ef848e129c7423ac79f7f5c5a4514b4c1eb882434a65dc6155085784343f5044da9a&cost=0.003500&targid=papa-pod-v5wmdm7ye7&sczp=porraceous-llama HTTP 302
https://clickcanv.com/offerk?subid=awNjI3TGDPMp&id=100556973&c=V&merchantUrl=https%3A%2F%2Fwww.laredoute.it&vsid={vsid}&deep= HTTP 302
https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
ww1.fleet-track.co.uk/
Redirect Chain

https://correu.fleet-track.co.uk/
http://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1
https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1

3 KB
2 KB

1587ms
874ms

Document
text/html

64.190.63.136
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 14 Oct 2024 08:39:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 14 Oct 2024 08:39:04 GMT
pragma: no-cache
server: Parking/1.0
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_EVOWRiULeDmRLYsIBWZlVAELSmYXnzYAuiUIzv0PjWuO35A+qhikhfdIYg7jWvVpPyTdaOjIpSMdxbIkFZSdZA==
x-cache-miss-from: parking-84cb7b8874-n2jdh

Redirect headers

Location: https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 441 js_preloader.gif
ww1.fleet-track.co.uk/img.sedoparking.com/images/ 0
42 B 333ms
308ms Image
text/plain 64.190.63.136
SEDO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1.fleet-track.co.uk/img.sedoparking.com/images/js_preloader.gif
Requested by: Host: ww1.fleet-track.co.uk
URL: https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1

Response headers

date: Mon, 14 Oct 2024 08:39:05 GMT
server: Parking/1.0
content-length: 0

GET
H2 200 tsc.php
ww1.fleet-track.co.uk/search/ 0
35 B 145ms
76ms XHR
text/html 64.190.63.136
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.fleet-track.co.uk/search/tsc.php?ses=ogcjDD5TQkNyR_vQHU6hSKlZBXzuARy2rBI-IeEFY3KJQPMli5nIKDgJrKR2vqQQTwoRcaU5G-mcegeZFOnFgmC-huiW2kDu6H3yNeu4m0-qNw86zyxXno5l5ahtAqjoKSZLE5Sip_CLi9nKhdm_ixiQnooPH__SHc6ZYOHv0aNxENBDro3Nagc2c_klHnpOl8GkNZ2QYZjsWXT-aIWBMHnulPXw-u0ZtWcmV90tXF0V0ghpvq4AjtoCvwDM7b4l6ba_3ZY13HWdrFofVPm6xz3sN5IxsAduYUfCjYg1dBWN9ETAtyHfRazBa8yZC6Q-faqJDxiaDYCDe6G6kYCNVDU6ib7oLyhwwpSwTZKe6bpDdByp_H-tVyBj5scGeMf&cv=2
Requested by: Host: ww1.fleet-track.co.uk
URL: https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1

Response headers

x-cache-miss-from: parking-84cb7b8874-cmgx5
content-length: 0
date: Mon, 14 Oct 2024 08:39:05 GMT
content-type: text/html; charset=UTF-8
server: Parking/1.0

GET
H2 200 sedo_logo.png
img.sedoparking.com/templates/logos/ 15 KB
15 KB 430ms
136ms Other
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sedoparking.com/templates/logos/sedo_logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ww1.fleet-track.co.uk/

Response headers

x-cf2: H
expires: Mon, 21 Oct 2024 08:39:06 GMT
x-cf1: 11696:fB.mxp1:cf:nom:cacheN.mxp1-01:H
date: Mon, 14 Oct 2024 08:39:06 GMT
cf4ttl: 31518554.000
content-type: image/png
x-cf-reqid: 6936ed9270d84be36f7fff7680d2dc3d
last-modified: Mon, 11 Jan 2021 07:44:34 GMT
x-cff: B
cf4age: 17445
cache-control: max-age=604800
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15086
x-cfhash: "def00c11b1596db4efee6a9fbe64fc27"
x-cf-tsc: 1724963841
server: CFS 1124

GET
H2

200

9232f590-d991-493f-b95d-d38c0c6cdd28
varun-ysz.com/zclkvisitor/c4d78ec3-8a07-11ef-848e-129c7423ac79/
Redirect Chain

https://ww1.fleet-track.co.uk/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DZ22Fsvj079U_0&v=MWFiZWFlYTNhMWY2NWY4M2ExNDYxNjU4ZDZmZGJmYWIJMQl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhO...
https://ww1.fleet-track.co.uk/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DZ22Fsvj079U_0&v=MWFiZWFlYTNhMWY2NWY4M2ExNDYxNjU4ZDZmZGJmYWIJMQl3dzEuZmxlZXQtdHJhY2suY28udWs2NzBjZDhhO...
https://xml.sedodna.com/click?i=Z22Fsvj079U_0
https://varun-ysz.com/zclkvisitor/c4d78ec3-8a07-11ef-848e-129c7423ac79/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7

3 KB
3 KB

765ms
179ms

Document
text/html

3.209.119.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://varun-ysz.com/zclkvisitor/c4d78ec3-8a07-11ef-848e-129c7423ac79/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7

Requested by

Host: ww1.fleet-track.co.uk
URL: https://ww1.fleet-track.co.uk/?usid=101&utid=583930f79d2dbff2191e112fda0b20b1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.209.119.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-119-177.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: https://ww1.fleet-track.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Mon, 14 Oct 2024 08:39:07 GMT

Redirect headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 14 Oct 2024 08:39:06 GMT
Location: https://varun-ysz.com/zclkvisitor/c4d78ec3-8a07-11ef-848e-129c7423ac79/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7
Server: nginx

GET
H/1.1

200
OK

offersearchGo Show response
it-go.kelkoogroup.net/
Redirect Chain

https://varun-ysz.com/zclkredirect?visitid=c4d78ec3-8a07-11ef-848e-129c7423ac79&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
https://geotrkclknow.com/rot/k5qYlA25FNmyRUip?extid=zrc4d78ec38a0711ef848e129c7423ac79f7f5c5a4514b4c1eb882434a65dc6155085784343f5044da9a&cost=0.003500&targid=papa-pod-v5wmdm7ye7&sczp=porraceous-llama
https://mghnhfvz.com/click?trvid=40141&extid=zrc4d78ec38a0711ef848e129c7423ac79f7f5c5a4514b4c1eb882434a65dc6155085784343f5044da9a&cost=0.003500&targid=papa-pod-v5wmdm7ye7&sczp=porraceous-llama
https://clickcanv.com/offerk?subid=awNjI3TGDPMp&id=100556973&c=V&merchantUrl=https%3A%2F%2Fwww.laredoute.it&vsid={vsid}&deep=
https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37...

29 KB
30 KB

545ms
121ms

Document
text/html

95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW

Requested by

Host: varun-ysz.com
URL: https://varun-ysz.com/zclkvisitor/c4d78ec3-8a07-11ef-848e-129c7423ac79/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

9de5431d33610fcf7f914b31302cba55ee0fb47804ef9619321e0ae6556fe4b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://varun-ysz.com/zclkvisitor/c4d78ec3-8a07-11ef-848e-129c7423ac79/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 29879
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Oct 2024 08:39:11 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.044983529S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMAep3Zku59STkAucY-4A==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698147_1728895151821_11554916
country: it
leadId: 62A001JA52WVQ2NDEMQ4MH33WJKQKA

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8d2641e6ca8f1ac5-FRA
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 08:39:11 GMT
location: https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tbZSgWD2EWswlOwqT%2FEZfu1AlMeTa0dpXjxNoVmvoQvw8%2BJOM74R5jzYeRkL3IalBmyhjIXganiuETIUMpzzigFgfDrBYwRIUNWAHz%2FoOg5HdHXjGPFhnCFVYVOqPm%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK p.png
it-go.kelkoogroup.net/assets/images/ 68 B
597 B 209ms
66ms Image
image/png 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://it-go.kelkoogroup.net/assets/images/p.png?country=it&k=612f7a9541cd6ea61eb554c0e4cff43712519afa8a6cb71848bcbe18c81c0189f335d02386e562f2b909c42f404d8c73ac9e68828179c1f3a9ab12ab5866ea9fff93e5192e34c6023ed7f848de683a8ad3113f9712fd54e29892d219a91dc92e0265e603b7fb098a1aa5afe413b3ecd1e4e1635ea35f7a945ae524cecf96c021ce8b7d44009802c16f31cc881b313ff7ec64c69e70ea4c40e6db742b8a60879e18c5c5720810067bd96967290ccae9476caff7913c53ba7d24c69be19e4b6005670e9bd3b40ba855e80da587d4ed9dffa7c1f929f5745ad62f02a38a920838e0dcfd8449e7c2c1c78fcabb644631e848b496c3f0c0ccd6c00f0a52ae0a238b85a3ca566ab22283592e3927e43e05427b7c21f89547bfa8b2c154ce3ae1c026052eafc0abd1948a3b

Requested by

Host: it-go.kelkoogroup.net
URL: https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: private, must-revalidate
leadId: 62A001JA52WVQ2NDEMQ4MH33WJKQKA
Request-Time: PT0.003288639S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698147_1728895151821_11554916
country: it
X-Content-Type-Options: nosniff
Content-Length: 68
X-XSS-Protection: 1; mode=block
Date: Mon, 14 Oct 2024 08:39:11 GMT
Content-Type: image/png
X-Frame-Options: DENY

GET
H2 200 tags.js
dd.kelkoogroup.net/ 169 KB
32 KB 326ms
98ms Script
text/javascript 3.161.82.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-87.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://it-go.kelkoogroup.net/

Response headers

content-encoding: gzip
x-amz-version-id: jLG6Ryb6ieb5vWjDjNHEftPWxDZMuF_v
etag: W/"aea4a287e673a3d42a67e1206f77b4cf"
age: 3447
x-cache: Hit from cloudfront
x-amz-cf-id: fkvKUv9taxVPe2TVejx-xY2DLZuHluQPlXVfmeJvqiY_e92IjhqAAQ==
date: Mon, 14 Oct 2024 07:41:45 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 08 Oct 2024 15:43:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600, public
via: 1.1 e161fd49d3d858d9f9d1d337fc91ce8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

POST collect
www.google-analytics.com/g/ 0
0

GET
H/1.1 404
Not Found ados.js
it-go.kelkoogroup.net/ 1 KB
2 KB 78ms
77ms XHR
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://it-go.kelkoogroup.net/ados.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Request-Time: PT0.000402979S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
Content-Length: 1140
X-XSS-Protection: 1; mode=block
Date: Mon, 14 Oct 2024 08:39:11 GMT
Content-Type: text/html; charset=UTF-8
X-Frame-Options: DENY

POST
H/1.1 200
OK fp
it-go.kelkoogroup.net/ 0
502 B 96ms
94ms Ping
text/plain 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://it-go.kelkoogroup.net/fp?country=it&k=612f7a9541cd6ea61eb554c0e4cff43712519afa8a6cb71848bcbe18c81c0189f335d02386e562f2b909c42f404d8c73ac9e68828179c1f3a9ab12ab5866ea9fff93e5192e34c6023ed7f848de683a8ad3113f9712fd54e29892d219a91dc92e0265e603b7fb098a1aa5afe413b3ecd1e4e1635ea35f7a945ae524cecf96c021ce8b7d44009802c16f31cc881b313ff7ec64c69e70ea4c40e6db742b8a60879e18c5c5720810067bd96967290ccae9476caff7913c53ba7d24c69be19e4b6005670e9bd3b40ba855e80da587d4ed9dffa7c1f929f5745ad62f02a38a920838e0dcfd8449e7c2c1c78fcabb644631e848b496c3f0c0ccd6c00f0a52ae0a238b85a3ca566ab22283592e3927e43e05427b7c21f89547bfa8b2c154ce3ae1c026052eafc0abd1948a3b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8
sec-ch-device-memory: 8

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
leadId: 62A001JA52WVQ2NDEMQ4MH33WJKQKA
Request-Time: PT0.01539767S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698147_1728895151821_11554916
country: it
X-Content-Type-Options: nosniff
Content-Length: 0
X-XSS-Protection: 1; mode=block
Date: Mon, 14 Oct 2024 08:39:12 GMT
Content-Type: text/plain; charset=UTF-8
X-Frame-Options: DENY

GET
H/1.1 403
Forbidden Primary Request redirect Show response
it-go.kelkoogroup.net/ 725 B
2 KB 95ms
93ms Document
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://it-go.kelkoogroup.net/redirect?country=it&k=612f7a9541cd6ea61eb554c0e4cff43712519afa8a6cb71848bcbe18c81c0189f335d02386e562f2b909c42f404d8c73ac9e68828179c1f3a9ab12ab5866ea9fff93e5192e34c6023ed7f848de683a8ad3113f9712fd54e29892d219a91dc92e0265e603b7fb098a1aa5afe413b3ecd1e4e1635ea35f7a945ae524cecf96c021ce8b7d44009802c16f31cc881b313ff7ec64c69e70ea4c40e6db742b8a60879e18c5c5720810067bd96967290ccae9476caff7913c53ba7d24c69be19e4b6005670e9bd3b40ba855e80da587d4ed9dffa7c1f929f5745ad62f02a38a920838e0dcfd8449e7c2c1c78fcabb644631e848b496c3f0c0ccd6c00f0a52ae0a238b85a3ca566ab22283592e3927e43e05427b7c21f89547bfa8b2c154ce3ae1c026052eafc0abd1948a3b&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1816133864%26as%3D1755628018%26t%3D2%26tk%3D1%26epi%3D62A001JA52WVQ2NDEMQ4MH33WJKQKA%26url%3Dhttps%3A%2F%2Fwww.laredoute.it%2Fppdp%2Fprod-350050065.aspx%3Fdim1%3D1%26dim2%3D4%26cod%3DAFF00176742IT&initiator=timeout

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

71474f7bdd369fbff7560340d76b60c0808580ab462837244316de84341b8911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 725
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Oct 2024 08:39:12 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.020073197S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMAep3Zku59STkAucY-4A==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block

GET 63f2ce22-221c-42cb-957c-b53d9906635e
https://it-go.kelkoogroup.net/ 0
0

POST /
dd.kelkoogroup.net/js/ 0
0

GET c.js
ct.captcha-delivery.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FRRS5YKZYZ&_p=458270545&sr=1600x1200&ul=it-it&cid=882732540.1728895152&uid=a4c6293-1928a2e6ecd-150504&_fv=1&_s=1&dl=https%3A%2F%2Fit-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1728889287954%26.sig%3Dlp6rZxAZeNwbmU4Lbg2d9T3hgys-%26affiliationId%3D96966422%26comId%3D100556973%26country%3Dit%26offerId%3D42de02b9fc78abf6aab3bcd28ae8ccdc%26service%3D37%26tokenId%3D16e2234e-431d-42a4-8898-2b90fd38875e%26wait%3Dtrue%26custom1%3DawNjI3TGDPMp%26publisherClickId%3DawNjI3TGDPMp%26custom2%3DVGLRVPYW%26publisherSubId%3DVGLRVPYW&dt=Reindirizzato%20a%20Laredoute.it&dr=https%3A%2F%2Fvarun-ysz.com%2F&dp=%2F96966422%7C100556973%7C&sid=1728895152&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96966422&ep.cd2=62A001JA52WVQ2NDEMQ4MH33WJKQKA&ep.cd3=100556973&ep.cd4=a4c6293-1928a2e6ecd-150504&ep.cd5=&ep.cd6=96966422%7C100556973%7C

Domain: it-go.kelkoogroup.net
URL: blob:https://it-go.kelkoogroup.net/63f2ce22-221c-42cb-957c-b53d9906635e

Domain: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/js/

Domain: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dd

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mghnhfvz.com/	1970-01-21 00:58:07	Name: ClickDataNG Value: H4sIAAAAAAAA_7SUbW_bNhDHv4pwQIEWUGTqyXoYhCJL0CxoXBSL0-3FgIEmTzYXihRISo6T5rsPlNTMwPZ2b0zx7s-H__F3foERjRVaQQ1xRCICIbhTj1CTEOyw2_74ZlqNaBxyqFsqLYbApGCPtxxqoMcvf92m25vrr5seQuDUIdRxkZRllcdZFQKjXU_FXnl1RuIsDkHYq6-Xb3sZ7agTehLESVWWIZhBop-SEAxyYZC5DbqD5lAnIVg9GDbl0zQESRUXar_Il9mDkVADhKDbFs20c5rEVQg7QxU7LOIpOUsPzvW2Xq0mY4yqMWK6W02Cx4922AnenDv9YyAkWQvexITk-boq0jnCmm_zR4eGHahyD0Y2097v0st3yad3yafj8RhJapDrwWEk3KwfreDNi_99nQMcsW_A1946qElESJr7aoyohvlVenrSg_vHyNVgDCp2ghoe7q8hhMGIM2fd_qAO7fg8GZtsfnRmFLyZHmU-FJ-c4M2zYRkvSmRpSUkRx9iWWYlxUrEiS1LKiqot2pzlNMvjbJexGHdlmWRpRtc5Z-s4z0mZF2WWZmmbkyzjtKJLebR1zeyFkDnkqNkL3vS0pxe95hdjfux4V5ywmPOWPfdNr42hDPVgL6SkHYUQRH_JuUFrPbxlHsVVGa2TKEmy8-R6pmCwaC73qBzUsNHPQkq6yiMSvP89jn8K7oQanoKncv3nOvsQXPa9xN9w91m4VZ4WUboO3n_-Zbu5CwMpHjG4QfaoPwRXB6M7XMVJ5TsnIsE9bakRyxLwT9WiQQM1jNQM6uJkp9L7HsFRMHzrLu0tTHfwvNpvbz0JHld9tNMm83lvq382VPFZMwc2mqM8D3yhHc5zNh8FV3QncXV9f-crZHuo4UbqHZXBrx5FM8E2KGc8QbfbycJ-vsnt9vv3O93tqOEnLxPutEQ3QlIFHkaDyl15rJbGM2Iv1F1_FnKGKkvZ3OsWajVIGQIbrNMd1C8L6vCDDwgBnxwaReX0T_N_YAkhjGS-3RhDDf-BoU8liyT1kn-zOGZLPl_GBbuxWMZyGSs_vr7-HQAA___8IDcZeQUAAA==
mghnhfvz.com/	1970-01-21 00:58:07	Name: ClickDataNgFall Value: H4sIAAAAAAAA_7SUbW_bNhDHv4pwQIEWUGTqyXoYhCJL0CxoXBSL0-3FgIEmTzYXihRISo6T5rsPlNTMwPZ2b0zx7s-H__F3foERjRVaQQ1xRCICIbhTj1CTEOyw2_74ZlqNaBxyqFsqLYbApGCPtxxqoMcvf92m25vrr5seQuDUIdRxkZRllcdZFQKjXU_FXnl1RuIsDkHYq6-Xb3sZ7agTehLESVWWIZhBop-SEAxyYZC5DbqD5lAnIVg9GDbl0zQESRUXar_Il9mDkVADhKDbFs20c5rEVQg7QxU7LOIpOUsPzvW2Xq0mY4yqMWK6W02Cx4922AnenDv9YyAkWQvexITk-boq0jnCmm_zR4eGHahyD0Y2097v0st3yad3yafj8RhJapDrwWEk3KwfreDNi_99nQMcsW_A1946qElESJr7aoyohvlVenrSg_vHyNVgDCp2ghoe7q8hhMGIM2fd_qAO7fg8GZtsfnRmFLyZHmU-FJ-c4M2zYRkvSmRpSUkRx9iWWYlxUrEiS1LKiqot2pzlNMvjbJexGHdlmWRpRtc5Z-s4z0mZF2WWZmmbkyzjtKJLebR1zeyFkDnkqNkL3vS0pxe95hdjfux4V5ywmPOWPfdNr42hDPVgL6SkHYUQRH_JuUFrPbxlHsVVGa2TKEmy8-R6pmCwaC73qBzUsNHPQkq6yiMSvP89jn8K7oQanoKncv3nOvsQXPa9xN9w91m4VZ4WUboO3n_-Zbu5CwMpHjG4QfaoPwRXB6M7XMVJ5TsnIsE9bakRyxLwT9WiQQM1jNQM6uJkp9L7HsFRMHzrLu0tTHfwvNpvbz0JHld9tNMm83lvq382VPFZMwc2mqM8D3yhHc5zNh8FV3QncXV9f-crZHuo4UbqHZXBrx5FM8E2KGc8QbfbycJ-vsnt9vv3O93tqOEnLxPutEQ3QlIFHkaDyl15rJbGM2Iv1F1_FnKGKkvZ3OsWajVIGQIbrNMd1C8L6vCDDwgBnxwaReX0T_N_YAkhjGS-3RhDDf-BoU8liyT1kn-zOGZLPl_GBbuxWMZyGSs_vr7-HQAA___8IDcZeQUAAA==
.kelkoogroup.net/	1970-01-21 09:00:31	Name: kelkooID Value: a4c6293-1928a2e6ecd-150504
.kelkoogroup.net/	1970-01-21 08:53:19	Name: datadome Value: MtEPccLfNbwbGdcs0kCiH7XY2WgcvpN4ax46oXFuM8VNRub6FhR960GfqVKPp7SkbbLRcgHn0d2rNpeXCedxzRIQVK7L2LcbrZfFIPJ3oymMaKaZ8FN~lIb5D9lbTwzh

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ww1.fleet-track.co.uk/img.sedoparking.com/images/js_preloader.gif Message: Failed to load resource: the server responded with a status of 441 ()
network	error	URL: https://it-go.kelkoogroup.net/offersearchGo?.ts=1728889287954&.sig=lp6rZxAZeNwbmU4Lbg2d9T3hgys-&affiliationId=96966422&comId=100556973&country=it&offerId=42de02b9fc78abf6aab3bcd28ae8ccdc&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=awNjI3TGDPMp&publisherClickId=awNjI3TGDPMp&custom2=VGLRVPYW&publisherSubId=VGLRVPYW(Line 28) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-go.kelkoogroup.net/redirect?country=it&k=612f7a9541cd6ea61eb554c0e4cff43712519afa8a6cb71848bcbe18c81c0189f335d02386e562f2b909c42f404d8c73ac9e68828179c1f3a9ab12ab5866ea9fff93e5192e34c6023ed7f848de683a8ad3113f9712fd54e29892d219a91dc92e0265e603b7fb098a1aa5afe413b3ecd1e4e1635ea35f7a945ae524cecf96c021ce8b7d44009802c16f31cc881b313ff7ec64c69e70ea4c40e6db742b8a60879e18c5c5720810067bd96967290ccae9476caff7913c53ba7d24c69be19e4b6005670e9bd3b40ba855e80da587d4ed9dffa7c1f929f5745ad62f02a38a920838e0dcfd8449e7c2c1c78fcabb644631e848b496c3f0c0ccd6c00f0a52ae0a238b85a3ca566ab22283592e3927e43e05427b7c21f89547bfa8b2c154ce3ae1c026052eafc0abd1948a3b&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1816133864%26as%3D1755628018%26t%3D2%26tk%3D1%26epi%3D62A001JA52WVQ2NDEMQ4MH33WJKQKA%26url%3Dhttps%3A%2F%2Fwww.laredoute.it%2Fppdp%2Fprod-350050065.aspx%3Fdim1%3D1%26dim2%3D4%26cod%3DAFF00176742IT&initiator=timeout Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clickcanv.com
correu.fleet-track.co.uk
ct.captcha-delivery.com
dd.kelkoogroup.net
geotrkclknow.com
img.sedoparking.com
it-go.kelkoogroup.net
mghnhfvz.com
varun-ysz.com
ww1.fleet-track.co.uk
www.google-analytics.com
xml.sedodna.com
ct.captcha-delivery.com
dd.kelkoogroup.net
it-go.kelkoogroup.net
www.google-analytics.com
172.234.192.109
172.67.161.46
173.239.53.32
188.114.97.3
205.234.175.175
3.126.48.135
3.161.82.87
3.209.119.177
64.190.63.136
95.211.116.26
71474f7bdd369fbff7560340d76b60c0808580ab462837244316de84341b8911
9de5431d33610fcf7f914b31302cba55ee0fb47804ef9619321e0ae6556fe4b5

it-go.kelkoogroup.net Open in urlscan Pro 95.211.116.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

73 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

6 IPs

3 Countries

87 kBTransfer

220 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

4 Cookies

3 Console Messages

Indicators

it-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

73 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

6
IPs

3
Countries

87 kB
Transfer

220 kB
Size

4
Cookies

15 HTTP transactions
0 data transactions