urlscan.io logo urlscan.io
SecurityTrails logo

de-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pltw.com/
Effective URL: https://de-go.kelkoogroup.net/merchantGo?.ts=1701010182750&.sig=7ytW_W4kLmKOOqWNIEMZLWf6fTc-&affiliationId=96966627&comId=1005...
Submission: On November 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 11 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is de-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 14th 2023. Valid for: a year.
This is the only time de-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.53 61969 (TEAMINTER...)
1 18.66.121.69 16509 (AMAZON-02)
2 54.161.245.59 14618 (AMAZON-AES)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 1 217.22.19.197 42567 (MOJHOST-EU)
1 46.166.186.6 43350 (NFORCE)
1 2 52.44.38.103 14618 (AMAZON-AES)
1 2 104.26.13.215 13335 (CLOUDFLAR...)
1 95.211.116.26 60781 (LEASEWEB-...)
11 7
4    185.53.177.53 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
pltw.com
1    18.66.121.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-69.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    54.161.245.59 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-245-59.compute-1.amazonaws.com
vibiu-dau.com
1    173.239.53.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.minutelight-1.online
1    217.22.19.197 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
go1.reacheffecti.work
1    46.166.186.6 (Netherlands)

ASN43350 (NFORCE, NL)
go1.reacheffecti.work
2    52.44.38.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-38-103.compute-1.amazonaws.com
api.apptap.com
api.mplayit.com
2    104.26.13.215 (None, )

ASN13335 (CLOUDFLARENET, US)
r.linksprf.com
1    95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
de-go.kelkoogroup.net
Apex Domain
Subdomains		 Transfer
4 pltw.com
pltw.com
4 KB
2 linksprf.com
r.linksprf.com — Cisco Umbrella Rank: 188969
2 KB
2 reacheffecti.work
go1.reacheffecti.work — Cisco Umbrella Rank: 536172
1 KB
2 vibiu-dau.com
vibiu-dau.com — Cisco Umbrella Rank: 145665
3 KB
1 kelkoogroup.net
de-go.kelkoogroup.net
2 KB
1 mplayit.com
api.mplayit.com — Cisco Umbrella Rank: 480163
648 B
1 apptap.com
api.apptap.com — Cisco Umbrella Rank: 276124
1018 B
1 minutelight-1.online
xml-v4.minutelight-1.online
230 B
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
2 KB
11 9
Domain Requested by
4 pltw.com d38psrni17bvxu.cloudfront.net
pltw.com
2 r.linksprf.com 1 redirects api.mplayit.com
2 go1.reacheffecti.work 1 redirects vibiu-dau.com
2 vibiu-dau.com pltw.com
vibiu-dau.com
1 de-go.kelkoogroup.net r.linksprf.com
1 api.mplayit.com go1.reacheffecti.work
1 api.apptap.com 1 redirects
1 xml-v4.minutelight-1.online 1 redirects
1 d38psrni17bvxu.cloudfront.net pltw.com
11 9

This site contains no links.

Subject Issuer Validity Valid
*.apptap.com
Amazon RSA 2048 M02		 2023-06-12 -
2024-07-10		 a year crt.sh
linksprf.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.kelkoogroup.net
Thawte TLS RSA CA G1		 2023-09-14 -
2024-10-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://de-go.kelkoogroup.net/merchantGo?.ts=1701010182750&.sig=7ytW_W4kLmKOOqWNIEMZLWf6fTc-&affiliationId=96966627&comId=100538070&country=de&cpcId=2073681&merchantName=Sportspar&searchId=1076100341856165_1701010182714_47187709&service=30&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&url=https%253A%252F%252Fwww.sportspar.de%252F&addedParams=true&publisherClickId=v030400013090cd03b798f61348669cb4ee3c692ec7d6&publisherSubId=4b7f805d42114e9280eec0e73a73062e
Frame ID: B8D26580039CD55D49F5FD0CD7E25E9B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://pltw.com/ Page URL
  2. http://vibiu-dau.com/zclkvisitor/ae13a460-8c71-11ee-b64e-125b365cd5a7/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. http://vibiu-dau.com/zclkredirect?visitid=ae13a460-8c71-11ee-b64e-125b365cd5a7&type=js&browserWid... Page URL
  4. http://xml-v4.minutelight-1.online/click?seat=2633453&i=bczjeMIA1ic_0 HTTP 302
    https://go1.reacheffecti.work/redirect.go?pid=2378&spaceid=11502101&sid2=WYOXZYXzIIw&subid=10942173700 HTTP 303
    http://go1.reacheffecti.work/r.go?r=https%3A%2F%2Fapi.apptap.com%2Flink%2Fbuy%2Fandroid%2Ftile.sportspar.... Page URL
  5. https://api.apptap.com/link/buy/android/tile.sportspar.de/e1?clinkID=xKX184O9j-ZqbEGK4885SOz6Y697JT... HTTP 302
    https://api.mplayit.com/link/redirect?data=bJIrEHr2pgR2hXg7nQiKuf8XJGLM78sJm7l1J8nR8phNUVGYMo9ue-0v4... Page URL
  6. https://r.linksprf.com/v1/redirect?api_key=7f492f7e98f9f621f520ab0fb797464f&yk_tag=ORVWWZSFJYZWORLV... HTTP 302
    https://r.linksprf.com/v2/go?t=et6p3%3Aa%2F7e0ge.0e2keo1r2ud.0ef%2Fbe%3DcIautroh.isb1p06070e897c0e.... Page URL
  7. https://de-go.kelkoogroup.net/merchantGo?.ts=1701010182750&.sig=7ytW_W4kLmKOOqWNIEMZLWf6fTc-&affiliationId... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

11
Requests

27 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

13 kB
Transfer

9 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pltw.com/ Page URL
  2. http://vibiu-dau.com/zclkvisitor/ae13a460-8c71-11ee-b64e-125b365cd5a7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae25f3e1-8c71-11ee-b64e-125b365cd5a7 Page URL
  3. http://vibiu-dau.com/zclkredirect?visitid=ae13a460-8c71-11ee-b64e-125b365cd5a7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
  4. http://xml-v4.minutelight-1.online/click?seat=2633453&i=bczjeMIA1ic_0 HTTP 302
    https://go1.reacheffecti.work/redirect.go?pid=2378&spaceid=11502101&sid2=WYOXZYXzIIw&subid=10942173700 HTTP 303
    http://go1.reacheffecti.work/r.go?r=https%3A%2F%2Fapi.apptap.com%2Flink%2Fbuy%2Fandroid%2Ftile.sportspar.de%2Fe1%3FclinkID%3DxKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw%26pubID%3DlaGp89Ptz6FCc0yNz-I6Tu0%26siteID%3Dmvq1pQ%26placementID%3DenNof3FgfHBme3M%3D%26trackingID%3D61e52635-56e8-4387-ab1b-dacaa9a9187b%26loc.country%3DDE%26partnerCampaignID%3D203802%26cost.cpc%3D0.01 Page URL
  5. https://api.apptap.com/link/buy/android/tile.sportspar.de/e1?clinkID=xKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw&pubID=laGp89Ptz6FCc0yNz-I6Tu0&siteID=mvq1pQ&placementID=enNof3FgfHBme3M=&trackingID=61e52635-56e8-4387-ab1b-dacaa9a9187b&loc.country=DE&partnerCampaignID=203802&cost.cpc=0.01 HTTP 302
    https://api.mplayit.com/link/redirect?data=bJIrEHr2pgR2hXg7nQiKuf8XJGLM78sJm7l1J8nR8phNUVGYMo9ue-0v4JDE4ljdGueOHbJG_PbpCoXIskis2fQbtI69Z830Q3AldAJQwVtX22urlp1_VO1gkNU%3D&appID=tile.sportspar.de&stripFragment=false&link=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fapi_key%3D7f492f7e98f9f621f520ab0fb797464f%26yk_tag%3DORVWWZSFJYZWORLVKMWUY33LIJBTCWSBPBTTU2SBPBEE253T_ORUWYZJOONYG64TUONYGC4ROMRSR64TFMFRWOVZNJYYXITJWPF3UYRCNMJJGO5TXD5AVIZDNOJYDKMBQMNRWMY3QNE2HG23GM44XONDDNZRXAXZYN5QWMOLEGN2TGYRRGA_4b7f805d42114e9280eec0e73a73062e%26site_id%3D4b7f805d42114e9280eec0e73a73062e%26source%3D%26type%3Durl%26url%3Dhttps%253A%252F%252Fwww.sportspar.de%252F&clickID=tkkfEN3gEuS-LokBC1ZAxg%3AjAxHMws&js=true Page URL
  6. https://r.linksprf.com/v1/redirect?api_key=7f492f7e98f9f621f520ab0fb797464f&yk_tag=ORVWWZSFJYZWORLVKMWUY33LIJBTCWSBPBTTU2SBPBEE253T_ORUWYZJOONYG64TUONYGC4ROMRSR64TFMFRWOVZNJYYXITJWPF3UYRCNMJJGO5TXD5AVIZDNOJYDKMBQMNRWMY3QNE2HG23GM44XONDDNZRXAXZYN5QWMOLEGN2TGYRRGA_4b7f805d42114e9280eec0e73a73062e&site_id=4b7f805d42114e9280eec0e73a73062e&source=&type=url&url=https%3A%2F%2Fwww.sportspar.de%2F HTTP 302
    https://r.linksprf.com/v2/go?t=et6p3%3Aa%2F7e0ge.0e2keo1r2ud.0ef%2Fbe%3DcIautroh.isb1p06070e897c0e.4ic%3D6y8W3W6k8m7O3qdN0E0Z1W064T3-vadfkliaCiensdl9u9%266u2t%26soaIa%3Dd0d5a8F75%26%25odnrrp%3Dteocscwdw22726F15m%25r3h2nsNtmh%3Dlpurbsca1%26eedr8h-df19741b0-468d6469_3781%3D1I1e2o1%26_37e8i7r9s%26e0v7c1%3D404t7k8n0d01031e5e1-561b34056-02%3D4Iac5a9s4rcpbt%26orS%3Detapt%25a5cAe2%2628%25350F%3DwI.pp%26rdsyat.uec2020%263d0e1Pdrmmc%3D7r6e6p6b%3DiIhortliciIf%3D%260c0f0f0L3M9IcW0ObK9Lf41_4t679gbse%26356221c1d1%267u%3Dlts%3FeGSnbhdr4m7t8n5p4o1g4o9l8keoc-ed3%2F7s0t2h&e=1&ai=2ab45395d2f342d39c51077ecab825f6&sct=1&ct=1701013043660&cu=cd03b798f61348669cb4ee3c692ec7d6&ykuid=e13b7ced1b8f46659fa51b1baac580a2&sc=1&cs=0f276211997c136a63303f3a379f30a0 Page URL
  7. https://de-go.kelkoogroup.net/merchantGo?.ts=1701010182750&.sig=7ytW_W4kLmKOOqWNIEMZLWf6fTc-&affiliationId=96966627&comId=100538070&country=de&cpcId=2073681&merchantName=Sportspar&searchId=1076100341856165_1701010182714_47187709&service=30&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&url=https%253A%252F%252Fwww.sportspar.de%252F&addedParams=true&publisherClickId=v030400013090cd03b798f61348669cb4ee3c692ec7d6&publisherSubId=4b7f805d42114e9280eec0e73a73062e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://xml-v4.minutelight-1.online/click?seat=2633453&i=bczjeMIA1ic_0 HTTP 302
  • https://go1.reacheffecti.work/redirect.go?pid=2378&spaceid=11502101&sid2=WYOXZYXzIIw&subid=10942173700 HTTP 303
  • http://go1.reacheffecti.work/r.go?r=https%3A%2F%2Fapi.apptap.com%2Flink%2Fbuy%2Fandroid%2Ftile.sportspar.de%2Fe1%3FclinkID%3DxKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw%26pubID%3DlaGp89Ptz6FCc0yNz-I6Tu0%26siteID%3Dmvq1pQ%26placementID%3DenNof3FgfHBme3M%3D%26trackingID%3D61e52635-56e8-4387-ab1b-dacaa9a9187b%26loc.country%3DDE%26partnerCampaignID%3D203802%26cost.cpc%3D0.01
Request Chain 8
  • https://api.apptap.com/link/buy/android/tile.sportspar.de/e1?clinkID=xKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw&pubID=laGp89Ptz6FCc0yNz-I6Tu0&siteID=mvq1pQ&placementID=enNof3FgfHBme3M=&trackingID=61e52635-56e8-4387-ab1b-dacaa9a9187b&loc.country=DE&partnerCampaignID=203802&cost.cpc=0.01 HTTP 302
  • https://api.mplayit.com/link/redirect?data=bJIrEHr2pgR2hXg7nQiKuf8XJGLM78sJm7l1J8nR8phNUVGYMo9ue-0v4JDE4ljdGueOHbJG_PbpCoXIskis2fQbtI69Z830Q3AldAJQwVtX22urlp1_VO1gkNU%3D&appID=tile.sportspar.de&stripFragment=false&link=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fapi_key%3D7f492f7e98f9f621f520ab0fb797464f%26yk_tag%3DORVWWZSFJYZWORLVKMWUY33LIJBTCWSBPBTTU2SBPBEE253T_ORUWYZJOONYG64TUONYGC4ROMRSR64TFMFRWOVZNJYYXITJWPF3UYRCNMJJGO5TXD5AVIZDNOJYDKMBQMNRWMY3QNE2HG23GM44XONDDNZRXAXZYN5QWMOLEGN2TGYRRGA_4b7f805d42114e9280eec0e73a73062e%26site_id%3D4b7f805d42114e9280eec0e73a73062e%26source%3D%26type%3Durl%26url%3Dhttps%253A%252F%252Fwww.sportspar.de%252F&clickID=tkkfEN3gEuS-LokBC1ZAxg%3AjAxHMws&js=true
Request Chain 9
  • https://r.linksprf.com/v1/redirect?api_key=7f492f7e98f9f621f520ab0fb797464f&yk_tag=ORVWWZSFJYZWORLVKMWUY33LIJBTCWSBPBTTU2SBPBEE253T_ORUWYZJOONYG64TUONYGC4ROMRSR64TFMFRWOVZNJYYXITJWPF3UYRCNMJJGO5TXD5AVIZDNOJYDKMBQMNRWMY3QNE2HG23GM44XONDDNZRXAXZYN5QWMOLEGN2TGYRRGA_4b7f805d42114e9280eec0e73a73062e&site_id=4b7f805d42114e9280eec0e73a73062e&source=&type=url&url=https%3A%2F%2Fwww.sportspar.de%2F HTTP 302
  • https://r.linksprf.com/v2/go?t=et6p3%3Aa%2F7e0ge.0e2keo1r2ud.0ef%2Fbe%3DcIautroh.isb1p06070e897c0e.4ic%3D6y8W3W6k8m7O3qdN0E0Z1W064T3-vadfkliaCiensdl9u9%266u2t%26soaIa%3Dd0d5a8F75%26%25odnrrp%3Dteocscwdw22726F15m%25r3h2nsNtmh%3Dlpurbsca1%26eedr8h-df19741b0-468d6469_3781%3D1I1e2o1%26_37e8i7r9s%26e0v7c1%3D404t7k8n0d01031e5e1-561b34056-02%3D4Iac5a9s4rcpbt%26orS%3Detapt%25a5cAe2%2628%25350F%3DwI.pp%26rdsyat.uec2020%263d0e1Pdrmmc%3D7r6e6p6b%3DiIhortliciIf%3D%260c0f0f0L3M9IcW0ObK9Lf41_4t679gbse%26356221c1d1%267u%3Dlts%3FeGSnbhdr4m7t8n5p4o1g4o9l8keoc-ed3%2F7s0t2h&e=1&ai=2ab45395d2f342d39c51077ecab825f6&sct=1&ct=1701013043660&cu=cd03b798f61348669cb4ee3c692ec7d6&ykuid=e13b7ced1b8f46659fa51b1baac580a2&sc=1&cs=0f276211997c136a63303f3a379f30a0

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pltw.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pltw.com/
Protocol
HTTP/1.1
Server
185.53.177.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
927222cda71637d4e05f8a5969cc33f741bd47db95daba6076da3d8ee8552d2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 26 Nov 2023 15:37:17 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_UfwzN3NrBqmLEpHQhBODj5r4wvHKDc4qBvBcwq0gULWJh71h2uSjqQRnRIQ5x8UeWTqCX5cUyoLcnkVBwvbjuQ==
X-Buckets
bucket011
X-Domain
pltw.com
X-Language
german
X-Redirect
zeropark_zeroclick
X-Subdomain
X-Template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: pltw.com
URL: http://pltw.com/
Protocol
HTTP/1.1
Server
18.66.121.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-69.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pltw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 04:31:16 GMT
Via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 11:12:07 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
39962
ETag
"63ce6b87-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
hiNDU3Q_G5UY5auHw-m0P8gD50Kzbza2ZSP46bRSU83839BtNCH1zw==
track.php
pltw.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://pltw.com/track.php?domain=pltw.com&toggle=browserjs&uid=MTcwMTAxMzAzNy4zMTkyOjg2NjQxODIzY2I0ZGZhYWRkMjk5MWVkMTdlMDllZWVmNWY5YjBiMzI1N2QzNzY0NWUwYTgyZWI1NjczMjY0YWI6NjU2MzY2MmQ0ZGViYg%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pltw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 15:37:18 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
pltw.com/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://pltw.com/ls.php?t=6563662d&token=8f5ca36d6b6d094dc2aa3d1800e11c08191ab0b1
Requested by
Host: pltw.com
URL: http://pltw.com/
Protocol
HTTP/1.1
Server
185.53.177.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pltw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 15:37:18 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_aCnF3zPyHnhaczHV7ha6JI7I83ighCWcpF+XHlzP1okk3dJ6LYMQ5kbxKYuxctr4WUhJyJzTD1xaJDW6iznsMw==
Connection
keep-alive
X-Log-Success
6563662e2ab4890eb25ebbd1
track.php
pltw.com/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://pltw.com/track.php?click=d49d63c4e4121d86d5839d58711349e1b1ddb357&domain=pltw.com&uid=MTcwMTAxMzAzNy4zMTkyOjg2NjQxODIzY2I0ZGZhYWRkMjk5MWVkMTdlMDllZWVmNWY5YjBiMzI1N2QzNzY0NWUwYTgyZWI1NjczMjY0YWI6NjU2MzY2MmQ0ZGViYg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NTYzNjYyZDRkZTkwfHx8MTcwMTAxMzAzNy42NDkzfGNkODc5YzgxODE2YTNiNGE0MWM3NDRkZDc4ZWYwMTMyOTQzNzdkYWJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw4ZjVjYTM2ZDZiNmQwOTRkYzJhYTNkMTgwMGUxMWMwODE5MWFiMGIxfDB8fDB8MHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pltw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 15:37:18 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
none
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
vibiu-dau.com/zclkvisitor/ae13a460-8c71-11ee-b64e-125b365cd5a7/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vibiu-dau.com/zclkvisitor/ae13a460-8c71-11ee-b64e-125b365cd5a7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae25f3e1-8c71-11ee-b64e-125b365cd5a7
Requested by
Host: pltw.com
URL: http://pltw.com/
Protocol
HTTP/1.1
Server
54.161.245.59 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-245-59.compute-1.amazonaws.com
Software
lFZumLUY /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://pltw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Sun, 26 Nov 2023 15:37:19 GMT
Server
lFZumLUY
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
zclkredirect
vibiu-dau.com/ 		320 B
1007 B 		Document
General
Check archive.org
Download Go to
Full URL
http://vibiu-dau.com/zclkredirect?visitid=ae13a460-8c71-11ee-b64e-125b365cd5a7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Requested by
Host: vibiu-dau.com
URL: http://vibiu-dau.com/zclkvisitor/ae13a460-8c71-11ee-b64e-125b365cd5a7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae25f3e1-8c71-11ee-b64e-125b365cd5a7
Protocol
HTTP/1.1
Server
54.161.245.59 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-245-59.compute-1.amazonaws.com
Software
foJKLfqW /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://vibiu-dau.com/zclkvisitor/ae13a460-8c71-11ee-b64e-125b365cd5a7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae25f3e1-8c71-11ee-b64e-125b365cd5a7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Sun, 26 Nov 2023 15:37:19 GMT
Server
foJKLfqW
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
r.go
go1.reacheffecti.work/
Redirect Chain
  • http://xml-v4.minutelight-1.online/click?seat=2633453&i=bczjeMIA1ic_0
  • https://go1.reacheffecti.work/redirect.go?pid=2378&spaceid=11502101&sid2=WYOXZYXzIIw&subid=10942173700
  • http://go1.reacheffecti.work/r.go?r=https%3A%2F%2Fapi.apptap.com%2Flink%2Fbuy%2Fandroid%2Ftile.sportspar.de%2Fe1%3FclinkID%3DxKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw%26pubID%3DlaGp89P...
857 B
969 B 		Document
General
Check archive.org
Download Go to
Full URL
http://go1.reacheffecti.work/r.go?r=https%3A%2F%2Fapi.apptap.com%2Flink%2Fbuy%2Fandroid%2Ftile.sportspar.de%2Fe1%3FclinkID%3DxKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw%26pubID%3DlaGp89Ptz6FCc0yNz-I6Tu0%26siteID%3Dmvq1pQ%26placementID%3DenNof3FgfHBme3M%3D%26trackingID%3D61e52635-56e8-4387-ab1b-dacaa9a9187b%26loc.country%3DDE%26partnerCampaignID%3D203802%26cost.cpc%3D0.01
Requested by
Host: vibiu-dau.com
URL: http://vibiu-dau.com/zclkredirect?visitid=ae13a460-8c71-11ee-b64e-125b365cd5a7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol
HTTP/1.1
Server
46.166.186.6 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://vibiu-dau.com/zclkredirect?visitid=ae13a460-8c71-11ee-b64e-125b365cd5a7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
562
Content-Type
text/html; charset=utf-8
Date
Sun, 26 Nov 2023 15:37:21 GMT
Expires
Mon, 03 Jul 2001 06:00:00 GMT
Last-Modified
Janon, 26 11 2023 15:37:21 GMT
Pragma
no-cache
Server
nginx
X-Backend-Server
nl1-go-web-12

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
content-length
0
date
Sun, 26 Nov 2023 15:37:20 GMT
expires
Mon, 03 Jul 2001 06:00:00 GMT
last-modified
Janon, 26 11 2023 15:37:20 GMT
location
http://go1.reacheffecti.work/r.go?r=https%3A%2F%2Fapi.apptap.com%2Flink%2Fbuy%2Fandroid%2Ftile.sportspar.de%2Fe1%3FclinkID%3DxKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw%26pubID%3DlaGp89Ptz6FCc0yNz-I6Tu0%26siteID%3Dmvq1pQ%26placementID%3DenNof3FgfHBme3M%3D%26trackingID%3D61e52635-56e8-4387-ab1b-dacaa9a9187b%26loc.country%3DDE%26partnerCampaignID%3D203802%26cost.cpc%3D0.01
pragma
no-cache
server
nginx
x-backend-server
nl2-go-web-243
x-frame-options
deny
redirect
api.mplayit.com/link/
Redirect Chain
  • https://api.apptap.com/link/buy/android/tile.sportspar.de/e1?clinkID=xKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw&pubID=laGp89Ptz6FCc0yNz-I6Tu0&siteID=mvq1pQ&placementID=enNof3FgfHBme3M=&...
  • https://api.mplayit.com/link/redirect?data=bJIrEHr2pgR2hXg7nQiKuf8XJGLM78sJm7l1J8nR8phNUVGYMo9ue-0v4JDE4ljdGueOHbJG_PbpCoXIskis2fQbtI69Z830Q3AldAJQwVtX22urlp1_VO1gkNU%3D&appID=tile.sportspar.de&str...
553 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.mplayit.com/link/redirect?data=bJIrEHr2pgR2hXg7nQiKuf8XJGLM78sJm7l1J8nR8phNUVGYMo9ue-0v4JDE4ljdGueOHbJG_PbpCoXIskis2fQbtI69Z830Q3AldAJQwVtX22urlp1_VO1gkNU%3D&appID=tile.sportspar.de&stripFragment=false&link=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fapi_key%3D7f492f7e98f9f621f520ab0fb797464f%26yk_tag%3DORVWWZSFJYZWORLVKMWUY33LIJBTCWSBPBTTU2SBPBEE253T_ORUWYZJOONYG64TUONYGC4ROMRSR64TFMFRWOVZNJYYXITJWPF3UYRCNMJJGO5TXD5AVIZDNOJYDKMBQMNRWMY3QNE2HG23GM44XONDDNZRXAXZYN5QWMOLEGN2TGYRRGA_4b7f805d42114e9280eec0e73a73062e%26site_id%3D4b7f805d42114e9280eec0e73a73062e%26source%3D%26type%3Durl%26url%3Dhttps%253A%252F%252Fwww.sportspar.de%252F&clickID=tkkfEN3gEuS-LokBC1ZAxg%3AjAxHMws&js=true
Requested by
Host: go1.reacheffecti.work
URL: http://go1.reacheffecti.work/r.go?r=https%3A%2F%2Fapi.apptap.com%2Flink%2Fbuy%2Fandroid%2Ftile.sportspar.de%2Fe1%3FclinkID%3DxKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw%26pubID%3DlaGp89Ptz6FCc0yNz-I6Tu0%26siteID%3Dmvq1pQ%26placementID%3DenNof3FgfHBme3M%3D%26trackingID%3D61e52635-56e8-4387-ab1b-dacaa9a9187b%26loc.country%3DDE%26partnerCampaignID%3D203802%26cost.cpc%3D0.01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.38.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-38-103.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash

Request headers

Referer
http://go1.reacheffecti.work/r.go?r=https%3A%2F%2Fapi.apptap.com%2Flink%2Fbuy%2Fandroid%2Ftile.sportspar.de%2Fe1%3FclinkID%3DxKX184O9j-ZqbEGK4885SOz6Y697JT6BjpUNmYZAeOT2rOKflSzraw%26pubID%3DlaGp89Ptz6FCc0yNz-I6Tu0%26siteID%3Dmvq1pQ%26placementID%3DenNof3FgfHBme3M%3D%26trackingID%3D61e52635-56e8-4387-ab1b-dacaa9a9187b%26loc.country%3DDE%26partnerCampaignID%3D203802%26cost.cpc%3D0.01
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
434
Content-Type
text/html;charset=UTF-8
Date
Sun, 26 Nov 2023 15:37:22 GMT
Referrer-Policy
no-referrer
Server
nginx/1.22.1

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 26 Nov 2023 15:37:21 GMT
Location
https://api.mplayit.com/link/redirect?data=bJIrEHr2pgR2hXg7nQiKuf8XJGLM78sJm7l1J8nR8phNUVGYMo9ue-0v4JDE4ljdGueOHbJG_PbpCoXIskis2fQbtI69Z830Q3AldAJQwVtX22urlp1_VO1gkNU%3D&appID=tile.sportspar.de&stripFragment=false&link=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fapi_key%3D7f492f7e98f9f621f520ab0fb797464f%26yk_tag%3DORVWWZSFJYZWORLVKMWUY33LIJBTCWSBPBTTU2SBPBEE253T_ORUWYZJOONYG64TUONYGC4ROMRSR64TFMFRWOVZNJYYXITJWPF3UYRCNMJJGO5TXD5AVIZDNOJYDKMBQMNRWMY3QNE2HG23GM44XONDDNZRXAXZYN5QWMOLEGN2TGYRRGA_4b7f805d42114e9280eec0e73a73062e%26site_id%3D4b7f805d42114e9280eec0e73a73062e%26source%3D%26type%3Durl%26url%3Dhttps%253A%252F%252Fwww.sportspar.de%252F&clickID=tkkfEN3gEuS-LokBC1ZAxg%3AjAxHMws&js=true
Referrer-Policy
origin
Server
nginx/1.22.1
go
r.linksprf.com/v2/
Redirect Chain
  • https://r.linksprf.com/v1/redirect?api_key=7f492f7e98f9f621f520ab0fb797464f&yk_tag=ORVWWZSFJYZWORLVKMWUY33LIJBTCWSBPBTTU2SBPBEE253T_ORUWYZJOONYG64TUONYGC4ROMRSR64TFMFRWOVZNJYYXITJWPF3UYRCNMJJGO5TXD...
  • https://r.linksprf.com/v2/go?t=et6p3%3Aa%2F7e0ge.0e2keo1r2ud.0ef%2Fbe%3DcIautroh.isb1p06070e897c0e.4ic%3D6y8W3W6k8m7O3qdN0E0Z1W064T3-vadfkliaCiensdl9u9%266u2t%26soaIa%3Dd0d5a8F75%26%25odnrrp%3Dteoc...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.linksprf.com/v2/go?t=et6p3%3Aa%2F7e0ge.0e2keo1r2ud.0ef%2Fbe%3DcIautroh.isb1p06070e897c0e.4ic%3D6y8W3W6k8m7O3qdN0E0Z1W064T3-vadfkliaCiensdl9u9%266u2t%26soaIa%3Dd0d5a8F75%26%25odnrrp%3Dteocscwdw22726F15m%25r3h2nsNtmh%3Dlpurbsca1%26eedr8h-df19741b0-468d6469_3781%3D1I1e2o1%26_37e8i7r9s%26e0v7c1%3D404t7k8n0d01031e5e1-561b34056-02%3D4Iac5a9s4rcpbt%26orS%3Detapt%25a5cAe2%2628%25350F%3DwI.pp%26rdsyat.uec2020%263d0e1Pdrmmc%3D7r6e6p6b%3DiIhortliciIf%3D%260c0f0f0L3M9IcW0ObK9Lf41_4t679gbse%26356221c1d1%267u%3Dlts%3FeGSnbhdr4m7t8n5p4o1g4o9l8keoc-ed3%2F7s0t2h&e=1&ai=2ab45395d2f342d39c51077ecab825f6&sct=1&ct=1701013043660&cu=cd03b798f61348669cb4ee3c692ec7d6&ykuid=e13b7ced1b8f46659fa51b1baac580a2&sc=1&cs=0f276211997c136a63303f3a379f30a0
Requested by
Host: api.mplayit.com
URL: https://api.mplayit.com/link/redirect?data=bJIrEHr2pgR2hXg7nQiKuf8XJGLM78sJm7l1J8nR8phNUVGYMo9ue-0v4JDE4ljdGueOHbJG_PbpCoXIskis2fQbtI69Z830Q3AldAJQwVtX22urlp1_VO1gkNU%3D&appID=tile.sportspar.de&stripFragment=false&link=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fapi_key%3D7f492f7e98f9f621f520ab0fb797464f%26yk_tag%3DORVWWZSFJYZWORLVKMWUY33LIJBTCWSBPBTTU2SBPBEE253T_ORUWYZJOONYG64TUONYGC4ROMRSR64TFMFRWOVZNJYYXITJWPF3UYRCNMJJGO5TXD5AVIZDNOJYDKMBQMNRWMY3QNE2HG23GM44XONDDNZRXAXZYN5QWMOLEGN2TGYRRGA_4b7f805d42114e9280eec0e73a73062e%26site_id%3D4b7f805d42114e9280eec0e73a73062e%26source%3D%26type%3Durl%26url%3Dhttps%253A%252F%252Fwww.sportspar.de%252F&clickID=tkkfEN3gEuS-LokBC1ZAxg%3AjAxHMws&js=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://api.mplayit.com/link/redirect?data=bJIrEHr2pgR2hXg7nQiKuf8XJGLM78sJm7l1J8nR8phNUVGYMo9ue-0v4JDE4ljdGueOHbJG_PbpCoXIskis2fQbtI69Z830Q3AldAJQwVtX22urlp1_VO1gkNU%3D&appID=tile.sportspar.de&stripFragment=false&link=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fapi_key%3D7f492f7e98f9f621f520ab0fb797464f%26yk_tag%3DORVWWZSFJYZWORLVKMWUY33LIJBTCWSBPBTTU2SBPBEE253T_ORUWYZJOONYG64TUONYGC4ROMRSR64TFMFRWOVZNJYYXITJWPF3UYRCNMJJGO5TXD5AVIZDNOJYDKMBQMNRWMY3QNE2HG23GM44XONDDNZRXAXZYN5QWMOLEGN2TGYRRGA_4b7f805d42114e9280eec0e73a73062e%26site_id%3D4b7f805d42114e9280eec0e73a73062e%26source%3D%26type%3Durl%26url%3Dhttps%253A%252F%252Fwww.sportspar.de%252F&clickID=tkkfEN3gEuS-LokBC1ZAxg%3AjAxHMws&js=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
82c336635a8b2c2a-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sun, 26 Nov 2023 15:37:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wO9Lvnptoitia4nNZA4BKtA4%2BE2sQZUJeUoqruoLoTwj%2FzCyI790CEN%2B8XK5TXuuXV14fZrjgSVuF%2BFDOd%2BoQ%2B2FhgX9T0xzVlZlkO7r7TT4P6VhFulEOd3NaTqRlOP"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
82c3366289502c2a-FRA
content-length
0
date
Sun, 26 Nov 2023 15:37:23 GMT
location
/v2/go?t=et6p3%3Aa%2F7e0ge.0e2keo1r2ud.0ef%2Fbe%3DcIautroh.isb1p06070e897c0e.4ic%3D6y8W3W6k8m7O3qdN0E0Z1W064T3-vadfkliaCiensdl9u9%266u2t%26soaIa%3Dd0d5a8F75%26%25odnrrp%3Dteocscwdw22726F15m%25r3h2nsNtmh%3Dlpurbsca1%26eedr8h-df19741b0-468d6469_3781%3D1I1e2o1%26_37e8i7r9s%26e0v7c1%3D404t7k8n0d01031e5e1-561b34056-02%3D4Iac5a9s4rcpbt%26orS%3Detapt%25a5cAe2%2628%25350F%3DwI.pp%26rdsyat.uec2020%263d0e1Pdrmmc%3D7r6e6p6b%3DiIhortliciIf%3D%260c0f0f0L3M9IcW0ObK9Lf41_4t679gbse%26356221c1d1%267u%3Dlts%3FeGSnbhdr4m7t8n5p4o1g4o9l8keoc-ed3%2F7s0t2h&e=1&ai=2ab45395d2f342d39c51077ecab825f6&sct=1&ct=1701013043660&cu=cd03b798f61348669cb4ee3c692ec7d6&ykuid=e13b7ced1b8f46659fa51b1baac580a2&sc=1&cs=0f276211997c136a63303f3a379f30a0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obXouiBiCzVis%2FdZmUR7hTDT14DNpkNE0iLtjmgSWWE1QV%2BClUkncgM%2F7NOn32SPzrh79%2BhSRKyRAvI80HDJcPLnrBoi8vojxs%2FnkltwLh8%2FqMCUXB6esbB0%2B8x4ZGh6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request merchantGo
de-go.kelkoogroup.net/ 		822 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de-go.kelkoogroup.net/merchantGo?.ts=1701010182750&.sig=7ytW_W4kLmKOOqWNIEMZLWf6fTc-&affiliationId=96966627&comId=100538070&country=de&cpcId=2073681&merchantName=Sportspar&searchId=1076100341856165_1701010182714_47187709&service=30&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&url=https%253A%252F%252Fwww.sportspar.de%252F&addedParams=true&publisherClickId=v030400013090cd03b798f61348669cb4ee3c692ec7d6&publisherSubId=4b7f805d42114e9280eec0e73a73062e
Requested by
Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?t=et6p3%3Aa%2F7e0ge.0e2keo1r2ud.0ef%2Fbe%3DcIautroh.isb1p06070e897c0e.4ic%3D6y8W3W6k8m7O3qdN0E0Z1W064T3-vadfkliaCiensdl9u9%266u2t%26soaIa%3Dd0d5a8F75%26%25odnrrp%3Dteocscwdw22726F15m%25r3h2nsNtmh%3Dlpurbsca1%26eedr8h-df19741b0-468d6469_3781%3D1I1e2o1%26_37e8i7r9s%26e0v7c1%3D404t7k8n0d01031e5e1-561b34056-02%3D4Iac5a9s4rcpbt%26orS%3Detapt%25a5cAe2%2628%25350F%3DwI.pp%26rdsyat.uec2020%263d0e1Pdrmmc%3D7r6e6p6b%3DiIhortliciIf%3D%260c0f0f0L3M9IcW0ObK9Lf41_4t679gbse%26356221c1d1%267u%3Dlts%3FeGSnbhdr4m7t8n5p4o1g4o9l8keoc-ed3%2F7s0t2h&e=1&ai=2ab45395d2f342d39c51077ecab825f6&sct=1&ct=1701013043660&cu=cd03b798f61348669cb4ee3c692ec7d6&ykuid=e13b7ced1b8f46659fa51b1baac580a2&sc=1&cs=0f276211997c136a63303f3a379f30a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
18f9d3fcd8b247ddd787d8d29bd498b3847e4b91b4c37e2db0c48014f0c2aec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.linksprf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length
822
Content-Type
text/html; charset=UTF-8
Date
Sun, 26 Nov 2023 15:37:24 GMT
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.01021S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-Frame-Options
ALLOWALL
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698148_1701013044224_64600179

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

4 Cookies

Domain/Path Name / Value
.apptap.com/ Name: apt
Value: a418fc608dfc4b6da0eac10405798786
.apptap.com/ Name: fv
Value: 1
.linksprf.com/ Name: ykuid
Value: e13b7ced1b8f46659fa51b1baac580a2
.kelkoogroup.net/ Name: datadome
Value: 6LkPksMk2y3W9v8Eqj9rzz5vACAXj9Bgn_mryn0MKuO4RDAnX9lszntCrx8ZJCEFT9~BrxKylG5RvTjaG_EPWUrceZUu1ysBeXck1sRwHihsPknTP8PIHclgHnTklDre

1 Console Messages

Source Level URL
Text
network error URL: https://de-go.kelkoogroup.net/merchantGo?.ts=1701010182750&.sig=7ytW_W4kLmKOOqWNIEMZLWf6fTc-&affiliationId=96966627&comId=100538070&country=de&cpcId=2073681&merchantName=Sportspar&searchId=1076100341856165_1701010182714_47187709&service=30&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&url=https%253A%252F%252Fwww.sportspar.de%252F&addedParams=true&publisherClickId=v030400013090cd03b798f61348669cb4ee3c692ec7d6&publisherSubId=4b7f805d42114e9280eec0e73a73062e
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)