no-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://glicanfumo1980.blogspot.no/
Effective URL:
https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee1...
Submission: On December 09 via api (December 9th 2024, 6:20:43 pm UTC) from US — Scanned from NO

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 19 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is no-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.

This is the only time no-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2009	15169 (GOOGLE) (GOOGLE)
1	172.217.18.9 172.217.18.9	15169 (GOOGLE) (GOOGLE)
1 1	212.32.237.101 212.32.237.101	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
1 2	54.82.7.206 54.82.7.206	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3032::ac43:a12e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.125.239.17 3.125.239.17	16509 (AMAZON-02) (AMAZON-02)
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	95.211.116.26 95.211.116.26	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
2	18.66.112.26 18.66.112.26	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	13.224.189.109 13.224.189.109	16509 (AMAZON-02) (AMAZON-02)
1	3.125.247.22 3.125.247.22	16509 (AMAZON-02) (AMAZON-02)
19	11

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

glicanfumo1980.blogspot.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

glicanfumo1980.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.9 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.237.101 (Assen, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

forkinz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.7.206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-7-206.compute-1.amazonaws.com

walhe-dap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ernus-dop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

glicanfumo1980.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a12e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

geotrkclknow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.239.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com

mghnhfvz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clickcanv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com

no-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-26.fra56.r.cloudfront.net

dd.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-109.fra2.r.cloudfront.net

ct.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.247.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com

geo.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	kelkoogroup.net no-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 296022	68 KB
4	blogger.com www.blogger.com — Cisco Umbrella Rank: 12722	58 KB
3	blogspot.com glicanfumo1980.blogspot.com	6 KB
2	captcha-delivery.com ct.captcha-delivery.com — Cisco Umbrella Rank: 30248 geo.captcha-delivery.com — Cisco Umbrella Rank: 23657	11 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	556 B
1	clickcanv.com 1 redirects clickcanv.com	914 B
1	mghnhfvz.com 1 redirects mghnhfvz.com	2 KB
1	geotrkclknow.com 1 redirects geotrkclknow.com	2 KB
1	ernus-dop.com 1 redirects ernus-dop.com	400 B
1	walhe-dap.com walhe-dap.com	3 KB
1	forkinz.com 1 redirects forkinz.com	316 B
1	blogspot.no 1 redirects glicanfumo1980.blogspot.no	506 B
19	12

	Domain	Requested by
5	no-go.kelkoogroup.net	walhe-dap.com no-go.kelkoogroup.net
4	www.blogger.com	glicanfumo1980.blogspot.com
3	glicanfumo1980.blogspot.com	glicanfumo1980.blogspot.com
2	dd.kelkoogroup.net	no-go.kelkoogroup.net dd.kelkoogroup.net
1	geo.captcha-delivery.com	ct.captcha-delivery.com
1	ct.captcha-delivery.com	no-go.kelkoogroup.net
1	www.google-analytics.com	no-go.kelkoogroup.net
1	clickcanv.com	1 redirects
1	mghnhfvz.com	1 redirects
1	geotrkclknow.com	1 redirects
1	ernus-dop.com	1 redirects
1	walhe-dap.com
1	forkinz.com	1 redirects
1	glicanfumo1980.blogspot.no	1 redirects
19	14

This site contains no links.

Subject Issuer	Validity	Valid
misc-sni.blogspot.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.blogger.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
zeropark.com Amazon RSA 2048 M02	`2024-06-11` - `2025-07-09`	a year	crt.sh
*.kelkoogroup.net Thawte TLS RSA CA G1	`2024-09-26` - `2025-10-10`	a year	crt.sh
dd.kelkoogroup.net E6	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.captcha-delivery.com Amazon RSA 2048 M02	`2024-07-25` - `2025-08-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee158d5fb681e70679ff115ba1c63546376f833f839cc4c467ac9849fda525852c28a7ae83866a54eaa1e538360a510a198eea98662b4a8d531a519e08d3ed306ec97f2020f4d56190e8670ccfe60ebcbead95d1211fb2415beb7870e2d4ca67ddf49ec49d03720f9d4a58603787f6d6d7102887d1392aedab40be6340e32abc0e9e994b9a68f4e1ea8a64b02bd833b7aafa8611bf7319bda0b5962032b12f5b3f128a6c942a0bef7dc288226474e7921c7d43ddc43f520f68cf2ee3f0920af9571b9d31ecc541544bd008fdfc8eee019d992e6bec5c46a2965c5c6b83b2d26299f06df50957af6311d30c298142d2d7b79f86b7beb53a7887dc5d3ba&url=https%3A%2F%2Fwww.vpg.no%2FCane-Creek-Hellbender-Visco%2F373736%2F%3Fkk%3Da4c629a-193aca6f1d4-ab2528%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DCane%2BCreek%2BHellbender%2BViscostyrelager%2BSo&initiator=timeout
Frame ID: EEE1F6B716182FC6870D6773ADFD361B
Requests: 17 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMA0xHVZqz_3b8Asv-UrA%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=65_W8NvsvdKwDr_catiZTG9RPveflEnjFdVJJIQ1Y2a3Y7BYHz3hzhvn9iF_z_AORubunquvIvNZM7divKOZ3grAFXGuZ_NQo4Ete5trz3HxSZ8V7ux7E~RT9ZsGDKkI&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee158d5fb681e70679ff115ba1c63546376f833f839cc4c467ac9849fda525852c28a7ae83866a54eaa1e538360a510a198eea98662b4a8d531a519e08d3ed306ec97f2020f4d56190e8670ccfe60ebcbead95d1211fb2415beb7870e2d4ca67ddf49ec49d03720f9d4a58603787f6d6d7102887d1392aedab40be6340e32abc0e9e994b9a68f4e1ea8a64b02bd833b7aafa8611bf7319bda0b5962032b12f5b3f128a6c942a0bef7dc288226474e7921c7d43ddc43f520f68cf2ee3f0920af9571b9d31ecc541544bd008fdfc8eee019d992e6bec5c46a2965c5c6b83b2d26299f06df50957af6311d30c298142d2d7b79f86b7beb53a7887dc5d3ba%26url%3Dhttps%253A%252F%252Fwww.vpg.no%252FCane-Creek-Hellbender-Visco%252F373736%252F%253Fkk%253Da4c629a-193aca6f1d4-ab2528%2526utm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DCane%252BCreek%252BHellbender%252BViscostyrelager%252BSo%26initiator%3Dtimeout&s=35103&e=d09f3fd8f3343e6227c201657623c6b3eec4e2b44846e5c4b90ad40a368fbfb0&dm=cd
Frame ID: 85F29952EFE12C499E372FE73BD082E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

http://glicanfumo1980.blogspot.no/ HTTP 307
https://glicanfumo1980.blogspot.no/ HTTP 302
https://glicanfumo1980.blogspot.com/ Page URL
http://forkinz.com/de.html HTTP 307
https://forkinz.com/de.html HTTP 302
http://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51e... HTTP 307
https://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51e... Page URL
https://ernus-dop.com/zclkredirect?visitid=4b96a355-b65a-11ef-bcad-1228bef7baf9&type=js&browserWid... HTTP 302
https://geotrkclknow.com/rot/CoXC1ug9UP3UrzbI?extid=zr4b96a355b65a11efbcad1228bef7baf93e0b6609c1e648b... HTTP 302
https://mghnhfvz.com/click?trvid=37469&extid=zr4b96a355b65a11efbcad1228bef7baf93e0b6609c1e648bc81... HTTP 302
https://clickcanv.com/offerk?subid=cBuP4bX4P1tX&id=5047723&c=V&merchantUrl=https%3A%2F%2Fwww.vpg.n... HTTP 302
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliatio... Page URL
https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b0... Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

19
Requests

89 %
HTTPS

33 %
IPv6

12
Domains

14
Subdomains

11
IPs

3
Countries

148 kB
Transfer

414 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://glicanfumo1980.blogspot.no/ HTTP 307
https://glicanfumo1980.blogspot.no/ HTTP 302
https://glicanfumo1980.blogspot.com/ Page URL
http://forkinz.com/de.html HTTP 307
https://forkinz.com/de.html HTTP 302
http://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381 HTTP 307
https://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381 Page URL
https://ernus-dop.com/zclkredirect?visitid=4b96a355-b65a-11ef-bcad-1228bef7baf9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FOslo HTTP 302
https://geotrkclknow.com/rot/CoXC1ug9UP3UrzbI?extid=zr4b96a355b65a11efbcad1228bef7baf93e0b6609c1e648bc81a0b479b4059dbe087138ee6b223fd06a&cost=0.005000&targid=alpha-ohm-1jdje3zdqe&sczp=badious-buzzard HTTP 302
https://mghnhfvz.com/click?trvid=37469&extid=zr4b96a355b65a11efbcad1228bef7baf93e0b6609c1e648bc81a0b479b4059dbe087138ee6b223fd06a&cost=0.005000&targid=alpha-ohm-1jdje3zdqe&sczp=badious-buzzard HTTP 302
https://clickcanv.com/offerk?subid=cBuP4bX4P1tX&id=5047723&c=V&merchantUrl=https%3A%2F%2Fwww.vpg.no&vsid={vsid} HTTP 302
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY Page URL
https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee158d5fb681e70679ff115ba1c63546376f833f839cc4c467ac9849fda525852c28a7ae83866a54eaa1e538360a510a198eea98662b4a8d531a519e08d3ed306ec97f2020f4d56190e8670ccfe60ebcbead95d1211fb2415beb7870e2d4ca67ddf49ec49d03720f9d4a58603787f6d6d7102887d1392aedab40be6340e32abc0e9e994b9a68f4e1ea8a64b02bd833b7aafa8611bf7319bda0b5962032b12f5b3f128a6c942a0bef7dc288226474e7921c7d43ddc43f520f68cf2ee3f0920af9571b9d31ecc541544bd008fdfc8eee019d992e6bec5c46a2965c5c6b83b2d26299f06df50957af6311d30c298142d2d7b79f86b7beb53a7887dc5d3ba&url=https%3A%2F%2Fwww.vpg.no%2FCane-Creek-Hellbender-Visco%2F373736%2F%3Fkk%3Da4c629a-193aca6f1d4-ab2528%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DCane%2BCreek%2BHellbender%2BViscostyrelager%2BSo&initiator=timeout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://glicanfumo1980.blogspot.no/ HTTP 307
https://glicanfumo1980.blogspot.no/ HTTP 302
https://glicanfumo1980.blogspot.com/

Request Chain 6

http://forkinz.com/de.html HTTP 307
https://forkinz.com/de.html HTTP 302
http://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381 HTTP 307
https://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381

Request Chain 8

https://ernus-dop.com/zclkredirect?visitid=4b96a355-b65a-11ef-bcad-1228bef7baf9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FOslo HTTP 302
https://geotrkclknow.com/rot/CoXC1ug9UP3UrzbI?extid=zr4b96a355b65a11efbcad1228bef7baf93e0b6609c1e648bc81a0b479b4059dbe087138ee6b223fd06a&cost=0.005000&targid=alpha-ohm-1jdje3zdqe&sczp=badious-buzzard HTTP 302
https://mghnhfvz.com/click?trvid=37469&extid=zr4b96a355b65a11efbcad1228bef7baf93e0b6609c1e648bc81a0b479b4059dbe087138ee6b223fd06a&cost=0.005000&targid=alpha-ohm-1jdje3zdqe&sczp=badious-buzzard HTTP 302
https://clickcanv.com/offerk?subid=cBuP4bX4P1tX&id=5047723&c=V&merchantUrl=https%3A%2F%2Fwww.vpg.no&vsid={vsid} HTTP 302
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
glicanfumo1980.blogspot.com/
Redirect Chain

http://glicanfumo1980.blogspot.no/
https://glicanfumo1980.blogspot.no/
https://glicanfumo1980.blogspot.com/

11 KB
4 KB

437ms
292ms

Document
text/html

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://glicanfumo1980.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32c7936793e1ba7231562c51554b2541ad899092e863b9921990bdcbcb1095f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 3422
content-type: text/html; charset=UTF-8
date: Mon, 09 Dec 2024 18:20:39 GMT
etag: W/"e495b1db5307ab73c870a8c5957c1974be645a125f05ca6e7e8af3d8865c2ba3"
expires: Mon, 09 Dec 2024 18:20:39 GMT
last-modified: Thu, 29 Aug 2024 00:42:07 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 203
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Mon, 09 Dec 2024 18:20:39 GMT
expires: Mon, 09 Dec 2024 18:20:39 GMT
location: https://glicanfumo1980.blogspot.com/
server: GSE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
7 KB 177ms
57ms Stylesheet
text/css 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

Requested by

Host: glicanfumo1980.blogspot.com
URL: https://glicanfumo1980.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://glicanfumo1980.blogspot.com/

Response headers

content-encoding: gzip
age: 43599
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options: nosniff
expires: Tue, 09 Dec 2025 06:14:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 09 Dec 2024 06:14:00 GMT
last-modified: Mon, 09 Dec 2024 05:52:14 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
content-length: 6620
x-xss-protection: 0
server: sffe

GET
H2 200 cookienotice.js Show response
glicanfumo1980.blogspot.com/js/ 6 KB
2 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://glicanfumo1980.blogspot.com/js/cookienotice.js

Requested by

Host: glicanfumo1980.blogspot.com
URL: https://glicanfumo1980.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://glicanfumo1980.blogspot.com/

Response headers

content-encoding: gzip
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 18:20:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 09 Dec 2024 18:20:39 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 09 Dec 2024 12:50:38 GMT
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
content-length: 2026
x-xss-protection: 0
server: sffe

GET
H2 200 3704019819-widgets.js Show response
www.blogger.com/static/v1/widgets/ 144 KB
51 KB 182ms
63ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3704019819-widgets.js

Requested by

Host: glicanfumo1980.blogspot.com
URL: https://glicanfumo1980.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2a75bbc8fe9eafaa4322022c2e134a19f2566a197ae57bfff6099d1c7795050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://glicanfumo1980.blogspot.com/

Response headers

content-encoding: gzip
age: 404552
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options: nosniff
expires: Fri, 05 Dec 2025 01:58:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 01:58:07 GMT
last-modified: Wed, 04 Dec 2024 23:51:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
content-length: 51878
x-xss-protection: 0
server: sffe

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 154ms
154ms Stylesheet
text/css 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1885295495898609603&zx=fc25086c-0ba7-4775-a926-9773b9062f21

Requested by

Host: glicanfumo1980.blogspot.com
URL: https://glicanfumo1980.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://glicanfumo1980.blogspot.com/

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-length: 21
date: Mon, 09 Dec 2024 18:20:39 GMT
x-xss-protection: 1; mode=block
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Dec 2024 18:20:39 GMT
server: GSE
x-frame-options: SAMEORIGIN

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 168ms
168ms Stylesheet
text/css 172.217.18.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1885295495898609603&zx=fc25086c-0ba7-4775-a926-9773b9062f21

Requested by

Host: glicanfumo1980.blogspot.com
URL: https://glicanfumo1980.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://glicanfumo1980.blogspot.com/

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-length: 21
date: Mon, 09 Dec 2024 18:20:40 GMT
x-xss-protection: 1; mode=block
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Dec 2024 18:20:40 GMT
server: GSE
x-frame-options: SAMEORIGIN

GET
H2

200

72092e88-2c53-401c-b988-51ef43ce1034 Show response
walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/
Redirect Chain

http://forkinz.com/de.html
https://forkinz.com/de.html
http://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
https://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381

3 KB
3 KB

362ms
117ms

Document
text/html

54.82.7.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.7.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-7-206.compute-1.amazonaws.com

Software

Resource Hash

5641ec0d819cc64a606c41e5303fe68278c6c40b7f36a777b1ec2df07b5bd167

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: https://glicanfumo1980.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Mon, 09 Dec 2024 18:20:41 GMT

Redirect headers

Location: https://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 favicon.ico
glicanfumo1980.blogspot.com/ 4 KB
432 B 251ms
250ms Other
image/x-icon 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://glicanfumo1980.blogspot.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://glicanfumo1980.blogspot.com/

Response headers

cache-control: private, max-age=86400
content-encoding: gzip
etag: W/"e495b1db5307ab73c870a8c5957c1974be645a125f05ca6e7e8af3d8865c2ba3"
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 18:20:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
date: Mon, 09 Dec 2024 18:20:40 GMT
x-xss-protection: 1; mode=block
content-type: image/x-icon; charset=UTF-8
last-modified: Thu, 29 Aug 2024 00:42:07 GMT
server: GSE

GET
H/1.1

200
OK

offersearchGo Show response
no-go.kelkoogroup.net/
Redirect Chain

https://ernus-dop.com/zclkredirect?visitid=4b96a355-b65a-11ef-bcad-1228bef7baf9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
https://geotrkclknow.com/rot/CoXC1ug9UP3UrzbI?extid=zr4b96a355b65a11efbcad1228bef7baf93e0b6609c1e648bc81a0b479b4059dbe087138ee6b223fd06a&cost=0.005000&targid=alpha-ohm-1jdje3zdqe&sczp=badious-buzzard
https://mghnhfvz.com/click?trvid=37469&extid=zr4b96a355b65a11efbcad1228bef7baf93e0b6609c1e648bc81a0b479b4059dbe087138ee6b223fd06a&cost=0.005000&targid=alpha-ohm-1jdje3zdqe&sczp=badious-buzzard
https://clickcanv.com/offerk?subid=cBuP4bX4P1tX&id=5047723&c=V&merchantUrl=https%3A%2F%2Fwww.vpg.no&vsid={vsid}
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&t...

29 KB
30 KB

242ms
89ms

Document
text/html

95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY

Requested by

Host: walhe-dap.com
URL: https://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

93b0f1749cee3d6bf3a00d2f9ebcfbcfbc11958b6cb8a85cdfef104b30f25977

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 29930
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 Dec 2024 18:20:41 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.040097296S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMA0xHVZqz_3b8Asv-UrA==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698154_1733768442323_92950933
country: no
leadId: 62A901JEPADWF44Z3RFY6VF0Y8NNDE

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8ef702ba993756b4-OSL
content-type: text/html; charset=utf-8
date: Mon, 09 Dec 2024 18:20:42 GMT
location: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UCdUy0aSOTtngnCZQv%2FOkJ5NLkjt0S1DtgXt%2BBB%2Fi6roTFclEe8Ii5ecaB946gvVbyZ4b9DzVnh%2BhkcndkcZIZ0XYKeF2tC0kgZNkJmJgEBKQbv3r2hEek0a5LMvoHn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=24304&min_rtt=24250&rtt_var=3914&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4136&recv_bytes=4565&delivery_rate=565&cwnd=12000&unsent_bytes=0&cid=b100bad3b3f5f778&ts=150&x=1" cfExtPri cfHdrFlush;dur=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK p.png
no-go.kelkoogroup.net/assets/images/ 68 B
597 B 142ms
59ms Image
image/png 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee158d5fb681e70679ff115ba1c63546376f833f839cc4c467ac9849fda525852c28a7ae83866a54eaa1e538360a510a198eea98662b4a8d531a519e08d3ed306ec97f2020f4d56190e8670ccfe60ebcbead95d1211fb2415beb7870e2d4ca67ddf49ec49d03720f9d4a58603787f6d6d7102887d1392aedab40be6340e32abc0e9e994b9a68f4e1ea8a64b02bd833b7aafa8611bf7319bda0b5962032b12f5b3f128a6c942a0bef7dc288226474e7921c7d43ddc43f520f68cf2ee3f0920af9571b9d31ecc541544bd008fdfc8eee019d992e6bec5c46a2965c5c6b83b2d26299f06df50957af6311d30c298142d2d7b79f86b7beb53a7887dc5d3ba

Requested by

Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: private, must-revalidate
leadId: 62A901JEPADWF44Z3RFY6VF0Y8NNDE
Request-Time: PT0.006528815S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698154_1733768442323_92950933
country: no
X-Content-Type-Options: nosniff
Content-Length: 68
X-XSS-Protection: 1; mode=block
Date: Mon, 09 Dec 2024 18:20:42 GMT
Content-Type: image/png
X-Frame-Options: DENY

GET
H2 200 tags.js Show response
dd.kelkoogroup.net/ 174 KB
32 KB 174ms
48ms Script
text/javascript 18.66.112.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-26.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7b093cbb49adc2923b6ef6b58ad22f87ba4a008e0ecb27665a76cab5e9deeb40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://no-go.kelkoogroup.net/

Response headers

content-encoding: gzip
x-amz-version-id: fRdxQZTwv7aUXeF3zxmAg.EIiFr7SoNp
etag: W/"b4f2edbea31dcec5c70f4f1bf574b162"
age: 484
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: rk4XYh3PHOQFt2pUw-OxRUT8A328I7YP_g6FdMkeeoXv-7-rj_PyJQ==
date: Mon, 09 Dec 2024 18:12:39 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Wed, 04 Dec 2024 11:03:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600, public
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
www.google-analytics.com/g/ 0
556 B 121ms
41ms Ping
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-08KS908YC5&_p=394107501&sr=1600x1200&ul=no-no&cid=60263712.1733768442&uid=a4c629a-193aca6f1d4-ab2528&_fv=1&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1733768179021%26.sig%3DC3XgAHbS7TsJh2pxMOvjmVsfyAs-%26affiliationId%3D96976299%26comId%3D5047723%26country%3Dno%26offerId%3D831aef9523c1b59a68ddbc6ec4830901%26service%3D37%26tokenId%3D16e2234e-431d-42a4-8898-2b90fd38875e%26wait%3Dtrue%26custom1%3DcBuP4bX4P1tX%26publisherClickId%3DcBuP4bX4P1tX%26custom2%3DVX0BK6AY%26publisherSubId%3DVX0BK6AY&dt=Du%20sendes%20videre%20til%20Vpg.no&dr=https%3A%2F%2Fwalhe-dap.com%2F&dp=%2F96976299%7C5047723%7C&sid=1733768442&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96976299&ep.cd2=62A901JEPADWF44Z3RFY6VF0Y8NNDE&ep.cd3=5047723&ep.cd4=a4c629a-193aca6f1d4-ab2528&ep.cd5=&ep.cd6=96976299%7C5047723%7C
Requested by: Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://no-go.kelkoogroup.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://no-go.kelkoogroup.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 09 Dec 2024 18:20:42 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 404
Not Found ados.js Show response
no-go.kelkoogroup.net/ 1 KB
2 KB 54ms
54ms XHR
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://no-go.kelkoogroup.net/ados.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Request-Time: PT0.000543462S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
Content-Length: 1140
X-XSS-Protection: 1; mode=block
Date: Mon, 09 Dec 2024 18:20:42 GMT
Content-Type: text/html; charset=UTF-8
X-Frame-Options: DENY

POST
H/1.1 200
OK fp
no-go.kelkoogroup.net/ 0
503 B 53ms
52ms Ping
text/plain 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee158d5fb681e70679ff115ba1c63546376f833f839cc4c467ac9849fda525852c28a7ae83866a54eaa1e538360a510a198eea98662b4a8d531a519e08d3ed306ec97f2020f4d56190e8670ccfe60ebcbead95d1211fb2415beb7870e2d4ca67ddf49ec49d03720f9d4a58603787f6d6d7102887d1392aedab40be6340e32abc0e9e994b9a68f4e1ea8a64b02bd833b7aafa8611bf7319bda0b5962032b12f5b3f128a6c942a0bef7dc288226474e7921c7d43ddc43f520f68cf2ee3f0920af9571b9d31ecc541544bd008fdfc8eee019d992e6bec5c46a2965c5c6b83b2d26299f06df50957af6311d30c298142d2d7b79f86b7beb53a7887dc5d3ba

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8
sec-ch-device-memory: 8

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
leadId: 62A901JEPADWF44Z3RFY6VF0Y8NNDE
Request-Time: PT0.003845598S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698154_1733768442323_92950933
country: no
X-Content-Type-Options: nosniff
Content-Length: 0
X-XSS-Protection: 1; mode=block
Date: Mon, 09 Dec 2024 18:20:41 GMT
Content-Type: text/plain; charset=UTF-8
X-Frame-Options: DENY

GET 74e3fea3-0b52-4bad-b315-df4161e77a25
https://no-go.kelkoogroup.net/ Frame 0
0

POST
H2 200 /
dd.kelkoogroup.net/js/ 236 B
647 B 138ms
49ms XHR
application/json 18.66.112.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/js/

Requested by

Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-26.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://no-go.kelkoogroup.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
expires: 0
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 236
x-amz-cf-id: ZKD85buFjiJ4-F_YPFFPa8WGPvhJt1Mx8lgnD_kH5VahkyZ8AGlQ-Q==
date: Mon, 09 Dec 2024 18:20:42 GMT
content-type: application/json;charset=utf-8
x-amz-cf-pop: FRA56-P5
server: DataDome

GET
H/1.1 403
Forbidden Primary Request redirect Show response
no-go.kelkoogroup.net/ 725 B
2 KB 63ms
63ms Document
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee158d5fb681e70679ff115ba1c63546376f833f839cc4c467ac9849fda525852c28a7ae83866a54eaa1e538360a510a198eea98662b4a8d531a519e08d3ed306ec97f2020f4d56190e8670ccfe60ebcbead95d1211fb2415beb7870e2d4ca67ddf49ec49d03720f9d4a58603787f6d6d7102887d1392aedab40be6340e32abc0e9e994b9a68f4e1ea8a64b02bd833b7aafa8611bf7319bda0b5962032b12f5b3f128a6c942a0bef7dc288226474e7921c7d43ddc43f520f68cf2ee3f0920af9571b9d31ecc541544bd008fdfc8eee019d992e6bec5c46a2965c5c6b83b2d26299f06df50957af6311d30c298142d2d7b79f86b7beb53a7887dc5d3ba&url=https%3A%2F%2Fwww.vpg.no%2FCane-Creek-Hellbender-Visco%2F373736%2F%3Fkk%3Da4c629a-193aca6f1d4-ab2528%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DCane%2BCreek%2BHellbender%2BViscostyrelager%2BSo&initiator=timeout

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

f8f56d9c8c6ed8b664183228bc8971e365e2c2983711c3d3bb47cc47ddf7ac68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 725
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 Dec 2024 18:20:42 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.014252336S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMA0xHVZqz_3b8Asv-UrA==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block

GET
H2 200 c.js Show response
ct.captcha-delivery.com/ 11 KB
11 KB 153ms
49ms Script
text/javascript 13.224.189.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.captcha-delivery.com/c.js
Requested by: Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee158d5fb681e70679ff115ba1c63546376f833f839cc4c467ac9849fda525852c28a7ae83866a54eaa1e538360a510a198eea98662b4a8d531a519e08d3ed306ec97f2020f4d56190e8670ccfe60ebcbead95d1211fb2415beb7870e2d4ca67ddf49ec49d03720f9d4a58603787f6d6d7102887d1392aedab40be6340e32abc0e9e994b9a68f4e1ea8a64b02bd833b7aafa8611bf7319bda0b5962032b12f5b3f128a6c942a0bef7dc288226474e7921c7d43ddc43f520f68cf2ee3f0920af9571b9d31ecc541544bd008fdfc8eee019d992e6bec5c46a2965c5c6b83b2d26299f06df50957af6311d30c298142d2d7b79f86b7beb53a7887dc5d3ba&url=https%3A%2F%2Fwww.vpg.no%2FCane-Creek-Hellbender-Visco%2F373736%2F%3Fkk%3Da4c629a-193aca6f1d4-ab2528%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DCane%2BCreek%2BHellbender%2BViscostyrelager%2BSo&initiator=timeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a204b54fa725aebdcf6ba228b9a1835a021f099b80b80c83530a075f636b771d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://no-go.kelkoogroup.net/

Response headers

x-amz-version-id: null
etag: "3a3c083f22fcdf0ca6709d4e4df331aa"
age: 15970
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11176
x-amz-cf-id: qBX6xvb25PcbQ-5U13U6ZWQRblAmN0pj1nAegkCiGhVt_3XwSOBiYg==
date: Mon, 09 Dec 2024 13:54:33 GMT
content-type: text/javascript
last-modified: Mon, 09 Dec 2024 13:54:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK /
geo.captcha-delivery.com/captcha/ Frame 85F2 0
0 188ms
57ms Document
text/html 3.125.247.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMA0xHVZqz_3b8Asv-UrA%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=65_W8NvsvdKwDr_catiZTG9RPveflEnjFdVJJIQ1Y2a3Y7BYHz3hzhvn9iF_z_AORubunquvIvNZM7divKOZ3grAFXGuZ_NQo4Ete5trz3HxSZ8V7ux7E~RT9ZsGDKkI&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee158d5fb681e70679ff115ba1c63546376f833f839cc4c467ac9849fda525852c28a7ae83866a54eaa1e538360a510a198eea98662b4a8d531a519e08d3ed306ec97f2020f4d56190e8670ccfe60ebcbead95d1211fb2415beb7870e2d4ca67ddf49ec49d03720f9d4a58603787f6d6d7102887d1392aedab40be6340e32abc0e9e994b9a68f4e1ea8a64b02bd833b7aafa8611bf7319bda0b5962032b12f5b3f128a6c942a0bef7dc288226474e7921c7d43ddc43f520f68cf2ee3f0920af9571b9d31ecc541544bd008fdfc8eee019d992e6bec5c46a2965c5c6b83b2d26299f06df50957af6311d30c298142d2d7b79f86b7beb53a7887dc5d3ba%26url%3Dhttps%253A%252F%252Fwww.vpg.no%252FCane-Creek-Hellbender-Visco%252F373736%252F%253Fkk%253Da4c629a-193aca6f1d4-ab2528%2526utm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DCane%252BCreek%252BHellbender%252BViscostyrelager%252BSo%26initiator%3Dtimeout&s=35103&e=d09f3fd8f3343e6227c201657623c6b3eec4e2b44846e5c4b90ad40a368fbfb0&dm=cd
Requested by: Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.125.247.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 09 Dec 2024 18:20:43 GMT
Transfer-Encoding: chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: no-go.kelkoogroup.net
URL: blob:https://no-go.kelkoogroup.net/74e3fea3-0b52-4bad-b315-df4161e77a25

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dd

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.forkinz.com/	1970-01-21 11:12:08	Name: sid Value: 4b8d8b65-b65a-11ef-86a3-19310a80e350
mghnhfvz.com/	1970-01-21 02:19:20	Name: ClickDataNG Value: H4sIAAAAAAAA_7RUf2vkNhD9KmYgcAeOV_7tdTFHkvbackkukEuaQqHI0nitW6_kSrJ3s7l89yLbly60__aflTXzNJqneW9fYERthJJQQhiQgIAP9rlHKIkPZqi_fP9mSo6oLXIoG9oZ9IF1gm1_5VACuxzukvopuQvtE_jAqUUowzyO86xIktAHRnc9FRvp0HGeZGsfhLm6u3irpZWlVqgJEJIiTnzQQ4duS3zQyIVGZm_QtopDGflg1KDZlI9jHzoquZCbBb7sHnQHJYAPqmlQT5XTeB35UGsqWbuAp-QMba3tTblaTcQYlWPA1G41AbYfzFALXp0y_WMgJMoEr1KS5HkUz3tWPc4fO9SspdI-6K6aKp_FF2fRx7Po436_D8Z-E0g1I0cjePXifl_BPbSxUJKAkNQxH1EO8wR6-qwG-0_TV4PWKNkzlPBw_yP4MGhxwmK3aWXbjMeJxETpg9Wj4NU0gPlmPFjBq6NO6nVG4zSts5SGITY1ozyMoqLGJq9ps46R1FlG1izELClqVoSU1Em-rhOSrnmNpMjDuEDM6iiKG04yujyGMraaqBBC5pCleiN4Rbu-peeq3Z2HX_lXjI_8L5wBhh37qqZcqMGc18PxSDUHH0R_wblGY5xQ8yKI0jQIkyII8-g0m80jHwzqiw1KCyXcqKPoOrpKA-K9ewrDH7xrIYeDdyiyP7PkvXfR9x3-hvUnYVdpnAdx5r379MuXm2vf68QWvZ-RbdV776rVaoerMJ5sEhDvnjZUi-UIuFk1qFFDCXvatXjOae_e3hkCR8HwzUrKcZh6cOI0j28GBKdNtTdTkfm-t9OXmko-Y-bAjeLYnQZu6Q7nPZuvgiule6WdG53feijhshMH7151gzObmdQ2SKudhm4_Txw2cyu3n799exRblA4j7PMS-t1q9H6SWNPtFpwkNUp75cS1WE2LjZDX_UnIaioNZbO7DZRy6Dof2GCs2kH5sugdvqsEfMCDRS1pN_23_B_iBB9GMnc3hlDCf4nR5aIFE0MJ_1bkmCzpdFkX7Y35shbLunbr6-vfAQAA__8SN77zawUAAA==
mghnhfvz.com/	1970-01-21 02:19:20	Name: ClickDataNgFall Value: H4sIAAAAAAAA_7RUf2vkNhD9KmYgcAeOV_7tdTFHkvbackkukEuaQqHI0nitW6_kSrJ3s7l89yLbly60__aflTXzNJqneW9fYERthJJQQhiQgIAP9rlHKIkPZqi_fP9mSo6oLXIoG9oZ9IF1gm1_5VACuxzukvopuQvtE_jAqUUowzyO86xIktAHRnc9FRvp0HGeZGsfhLm6u3irpZWlVqgJEJIiTnzQQ4duS3zQyIVGZm_QtopDGflg1KDZlI9jHzoquZCbBb7sHnQHJYAPqmlQT5XTeB35UGsqWbuAp-QMba3tTblaTcQYlWPA1G41AbYfzFALXp0y_WMgJMoEr1KS5HkUz3tWPc4fO9SspdI-6K6aKp_FF2fRx7Po436_D8Z-E0g1I0cjePXifl_BPbSxUJKAkNQxH1EO8wR6-qwG-0_TV4PWKNkzlPBw_yP4MGhxwmK3aWXbjMeJxETpg9Wj4NU0gPlmPFjBq6NO6nVG4zSts5SGITY1ozyMoqLGJq9ps46R1FlG1izELClqVoSU1Em-rhOSrnmNpMjDuEDM6iiKG04yujyGMraaqBBC5pCleiN4Rbu-peeq3Z2HX_lXjI_8L5wBhh37qqZcqMGc18PxSDUHH0R_wblGY5xQ8yKI0jQIkyII8-g0m80jHwzqiw1KCyXcqKPoOrpKA-K9ewrDH7xrIYeDdyiyP7PkvXfR9x3-hvUnYVdpnAdx5r379MuXm2vf68QWvZ-RbdV776rVaoerMJ5sEhDvnjZUi-UIuFk1qFFDCXvatXjOae_e3hkCR8HwzUrKcZh6cOI0j28GBKdNtTdTkfm-t9OXmko-Y-bAjeLYnQZu6Q7nPZuvgiule6WdG53feijhshMH7151gzObmdQ2SKudhm4_Txw2cyu3n799exRblA4j7PMS-t1q9H6SWNPtFpwkNUp75cS1WE2LjZDX_UnIaioNZbO7DZRy6Dof2GCs2kH5sugdvqsEfMCDRS1pN_23_B_iBB9GMnc3hlDCf4nR5aIFE0MJ_1bkmCzpdFkX7Y35shbLunbr6-vfAQAA__8SN77zawUAAA==
.kelkoogroup.net/	1970-01-21 10:21:44	Name: kelkooID Value: a4c629a-193aca6f1d4-ab2528
.kelkoogroup.net/	1970-01-21 10:14:32	Name: datadome Value: 65_W8NvsvdKwDr_catiZTG9RPveflEnjFdVJJIQ1Y2a3Y7BYHz3hzhvn9iF_z_AORubunquvIvNZM7divKOZ3grAFXGuZ_NQo4Ete5trz3HxSZ8V7ux7E~RT9ZsGDKkI

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://walhe-dap.com/zclkvisitor/4b96a355-b65a-11ef-bcad-1228bef7baf9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A06002642F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733768179021&.sig=C3XgAHbS7TsJh2pxMOvjmVsfyAs-&affiliationId=96976299&comId=5047723&country=no&offerId=831aef9523c1b59a68ddbc6ec4830901&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cBuP4bX4P1tX&publisherClickId=cBuP4bX4P1tX&custom2=VX0BK6AY&publisherSubId=VX0BK6AY(Line 28) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e3cc94b04c1a308998973c44dee158d5fb681e70679ff115ba1c63546376f833f839cc4c467ac9849fda525852c28a7ae83866a54eaa1e538360a510a198eea98662b4a8d531a519e08d3ed306ec97f2020f4d56190e8670ccfe60ebcbead95d1211fb2415beb7870e2d4ca67ddf49ec49d03720f9d4a58603787f6d6d7102887d1392aedab40be6340e32abc0e9e994b9a68f4e1ea8a64b02bd833b7aafa8611bf7319bda0b5962032b12f5b3f128a6c942a0bef7dc288226474e7921c7d43ddc43f520f68cf2ee3f0920af9571b9d31ecc541544bd008fdfc8eee019d992e6bec5c46a2965c5c6b83b2d26299f06df50957af6311d30c298142d2d7b79f86b7beb53a7887dc5d3ba&url=https%3A%2F%2Fwww.vpg.no%2FCane-Creek-Hellbender-Visco%2F373736%2F%3Fkk%3Da4c629a-193aca6f1d4-ab2528%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DCane%2BCreek%2BHellbender%2BViscostyrelager%2BSo&initiator=timeout Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clickcanv.com
ct.captcha-delivery.com
dd.kelkoogroup.net
ernus-dop.com
forkinz.com
geo.captcha-delivery.com
geotrkclknow.com
glicanfumo1980.blogspot.com
glicanfumo1980.blogspot.no
mghnhfvz.com
no-go.kelkoogroup.net
walhe-dap.com
www.blogger.com
www.google-analytics.com
no-go.kelkoogroup.net
13.224.189.109
142.250.186.65
172.217.18.9
18.66.112.26
188.114.97.3
2001:4860:4802:34::178
212.32.237.101
2606:4700:3032::ac43:a12e
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2009
2a00:1450:4001:830::2001
3.125.239.17
3.125.247.22
54.82.7.206
95.211.116.26
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
32c7936793e1ba7231562c51554b2541ad899092e863b9921990bdcbcb1095f5
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
5641ec0d819cc64a606c41e5303fe68278c6c40b7f36a777b1ec2df07b5bd167
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
7b093cbb49adc2923b6ef6b58ad22f87ba4a008e0ecb27665a76cab5e9deeb40
93b0f1749cee3d6bf3a00d2f9ebcfbcfbc11958b6cb8a85cdfef104b30f25977
a204b54fa725aebdcf6ba228b9a1835a021f099b80b80c83530a075f636b771d
b2a75bbc8fe9eafaa4322022c2e134a19f2566a197ae57bfff6099d1c7795050
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8f56d9c8c6ed8b664183228bc8971e365e2c2983711c3d3bb47cc47ddf7ac68

no-go.kelkoogroup.net Open in urlscan Pro 95.211.116.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

33 %IPv6

12 Domains

14 Subdomains

11 IPs

3 Countries

148 kBTransfer

414 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

5 Cookies

3 Console Messages

Security Headers

Indicators

no-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

33 %
IPv6

12
Domains

14
Subdomains

11
IPs

3
Countries

148 kB
Transfer

414 kB
Size

5
Cookies

19 HTTP transactions
0 data transactions