nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://28881453-26278-ex.situnifecal.com/jiNGC4MyPw_hZtczvVvMKy9KltkRvoHRdvwFOc2aEptBP5qV9ttVpszbUNcwL9ycxItVJPFy1f6_euuzHOKnYBWKmK-luLqK...
Effective URL:
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce369...
Submission: On November 30 via api (November 30th 2024, 12:11:29 pm UTC) from US — Scanned from NL

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 30 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is nl-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.

This is the only time nl-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	88.208.22.4 88.208.22.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2	45.13.225.41 45.13.225.41	58087 (FlorianKo...) (FlorianKolb Florian Kolb)
2 14	139.45.197.243 139.45.197.243	9002 (RETN-AS R...) (RETN-AS RETN Limited)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.66.40.245 172.66.40.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.53.88.18 52.53.88.18	16509 (AMAZON-02) (AMAZON-02)
4 6	3.73.249.248 3.73.249.248	16509 (AMAZON-02) (AMAZON-02)
1 1	3.66.53.110 3.66.53.110	16509 (AMAZON-02) (AMAZON-02)
6	95.211.116.26 95.211.116.26	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
1	3.161.82.43 3.161.82.43	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.87 65.9.66.87	16509 (AMAZON-02) (AMAZON-02)
1	18.157.207.8 18.157.207.8	16509 (AMAZON-02) (AMAZON-02)
30	10

1 88.208.22.4 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

28881453-26278-ex.situnifecal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.13.225.41 (Germany)

ASN58087 (FlorianKolb Florian Kolb, DE)
PTR: 41.225.13.45.in-addr.arpa

redwingshere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 139.45.197.243 (United Kingdom) 2 redirects

ASN9002 (RETN-AS RETN Limited, GB)

gaimauroogrou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.40.245 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.share365.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.53.88.18 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-88-18.us-west-1.compute.amazonaws.com

www.shoptastic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.73.249.248 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com

clcktrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.53.110 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: portal-cockpit.noctemque.com

discountheld.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com

nl-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-43.fra56.r.cloudfront.net

dd.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-87.fra56.r.cloudfront.net

ct.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.207.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-207-8.eu-central-1.compute.amazonaws.com

geo.captcha-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	gaimauroogrou.net 2 redirects gaimauroogrou.net — Cisco Umbrella Rank: 387853	34 KB
7	kelkoogroup.net nl-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 296022	68 KB
6	clcktrck.com 4 redirects clcktrck.com — Cisco Umbrella Rank: 159985	3 KB
2	captcha-delivery.com ct.captcha-delivery.com — Cisco Umbrella Rank: 30248 geo.captcha-delivery.com — Cisco Umbrella Rank: 23657	11 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	2 KB
2	redwingshere.xyz redwingshere.xyz — Cisco Umbrella Rank: 220818	1 KB
1	discountheld.de 1 redirects discountheld.de — Cisco Umbrella Rank: 408461	2 KB
1	shoptastic.io www.shoptastic.io — Cisco Umbrella Rank: 279931	341 B
1	share365.net 1 redirects www.share365.net — Cisco Umbrella Rank: 481928	3 KB
1	situnifecal.com 1 redirects 28881453-26278-ex.situnifecal.com	557 B
0	google-analytics.com Failed www.google-analytics.com Failed
30	11

	Domain	Requested by
14	gaimauroogrou.net	2 redirects gaimauroogrou.net
6	nl-go.kelkoogroup.net	nl-go.kelkoogroup.net
6	clcktrck.com	4 redirects www.shoptastic.io
2	my.rtmark.net	gaimauroogrou.net
2	redwingshere.xyz
1	geo.captcha-delivery.com	ct.captcha-delivery.com
1	ct.captcha-delivery.com	nl-go.kelkoogroup.net
1	dd.kelkoogroup.net	nl-go.kelkoogroup.net
1	discountheld.de	1 redirects
1	www.shoptastic.io
1	www.share365.net	1 redirects
1	28881453-26278-ex.situnifecal.com	1 redirects
0	www.google-analytics.com Failed	nl-go.kelkoogroup.net
30	13

This site contains no links.

Subject Issuer	Validity	Valid
redwingshere.xyz E5	`2024-10-08` - `2025-01-06`	3 months	crt.sh
gaimauroogrou.net R10	`2024-10-04` - `2025-01-02`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
shoptastic.io Amazon RSA 2048 M03	`2024-10-06` - `2025-11-05`	a year	crt.sh
clcktrck.com E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.kelkoogroup.net Thawte TLS RSA CA G1	`2024-09-26` - `2025-10-10`	a year	crt.sh
dd.kelkoogroup.net E6	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.captcha-delivery.com Amazon RSA 2048 M02	`2024-07-25` - `2025-08-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce3695a154ceb40a5598f7be5098502935831a2e8cb4494507af4f97502654c59558ee5ad06da47167c2219f0d55462e5869814821965b45081fd9a9c15d0d082b3863e2e9d8007c45bf83401ba5c97167536bb45127de6d1eea3de84719a84043bdf8a6edf1b13c64a926899859bcec2b1946a488250bc980989acbbdf6287b2196e6878413e783b9e3fb7fc24197f0ce05a2f66bfcee1c972857e8f840f7c0bc6daeb1772898963b34fe0698f7f0de92f438033088fc73a1247fcf0fe2a8a9eabd47635383cb25950c1bd845245d772089fc76a8e4edd776f8c7eda38e842a5b21dce4c812cb2ecdcea55c055618d472ab309cd4532557ca340029d42&url=https%3A%2F%2Fds1.nl%2Fc%2F%3Fsi%3D6773%26li%3D1513318%26wi%3D200735%26pid%3D40548cf3c7d059244ca3372b3af779bb%26dl%3Dnl-nl%252Fshop%252F32051-ten-cate-secrets-dames-midi-brief-walnut%252F%26ws%3D62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH&initiator=timeout
Frame ID: 3C3A987CDDC90A2AAB24058144008B7F
Requests: 28 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAXLDF63PI7GsA1AfSqQ%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=GQeyXiCf1taZsWSOd3nuDjW1Z1BLo1ss8VqNjxgejyTkdlTbr07_BICRgd0g8rVuD4QnFmh39bnUQ3uX5Zh30kBOtJv1bL_A80q7wsqky35opTX4UdCvRidDPOBM5gKW&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce3695a154ceb40a5598f7be5098502935831a2e8cb4494507af4f97502654c59558ee5ad06da47167c2219f0d55462e5869814821965b45081fd9a9c15d0d082b3863e2e9d8007c45bf83401ba5c97167536bb45127de6d1eea3de84719a84043bdf8a6edf1b13c64a926899859bcec2b1946a488250bc980989acbbdf6287b2196e6878413e783b9e3fb7fc24197f0ce05a2f66bfcee1c972857e8f840f7c0bc6daeb1772898963b34fe0698f7f0de92f438033088fc73a1247fcf0fe2a8a9eabd47635383cb25950c1bd845245d772089fc76a8e4edd776f8c7eda38e842a5b21dce4c812cb2ecdcea55c055618d472ab309cd4532557ca340029d42%26url%3Dhttps%253A%252F%252Fds1.nl%252Fc%252F%253Fsi%253D6773%2526li%253D1513318%2526wi%253D200735%2526pid%253D40548cf3c7d059244ca3372b3af779bb%2526dl%253Dnl-nl%25252Fshop%25252F32051-ten-cate-secrets-dames-midi-brief-walnut%25252F%2526ws%253D62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH%26initiator%3Dtimeout&s=35103&e=341daeb3bbe228ebaacd6e55bb32f4248d733c4fc8c178d6305a4860b5935f84&dm=cd
Frame ID: B5F40D266465D623B47781A211D77B0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

https://28881453-26278-ex.situnifecal.com/jiNGC4MyPw_hZtczvVvMKy9KltkRvoHRdvwFOc2aEptBP5qV9ttVpszbUNcwL9ycxItVJPFy1f6_... HTTP 307
https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083 Page URL
https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false HTTP 302
https://gaimauroogrou.net/4/7393037/?var=8477354 Page URL
https://gaimauroogrou.net/?z=7393037&syncedCookie=false&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=886697520607277496&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/tencate1952-com-nl-cpc?pubId=10439&subId=886697520607277496&country=NL... Page URL
https://clcktrck.com/nl/s/red_u_plain.php?uid=277677774&t=direct&s=22214&pub=10439&d=tencate1952.com HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2... HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... Page URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff216393... HTTP 302
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliation... Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec9... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

30
Requests

93 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

10
IPs

4
Countries

115 kB
Transfer

274 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://28881453-26278-ex.situnifecal.com/jiNGC4MyPw_hZtczvVvMKy9KltkRvoHRdvwFOc2aEptBP5qV9ttVpszbUNcwL9ycxItVJPFy1f6_euuzHOKnYBWKmK-luLqKcwIfSLVOvB2-Gd8ptFs6Gm71q9HWvw?kws=fansteek%2Csite%2Cfor%2Call%2Cyour%2Cnude%2Cinfluencer%2Conlyfans%2Ccontent&abl=0&fsb=0&pageUri=https%3A%...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083 Page URL
https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false HTTP 302
https://gaimauroogrou.net/4/7393037/?var=8477354 Page URL
https://gaimauroogrou.net/?z=7393037&syncedCookie=false&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=886697520607277496&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/tencate1952-com-nl-cpc?pubId=10439&subId=886697520607277496&country=NL&campaignid=8543943 Page URL
https://clcktrck.com/nl/s/red_u_plain.php?uid=277677774&t=direct&s=22214&pub=10439&d=tencate1952.com HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b962475f83c82281022aee378409cab43 HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6b495980182697cccc98eaad321448f39d292c79bc8022de7a676f2d70dd HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDc5ODVlOTAyNTk5ZjYzNzk0NDY1OTU0OTU4MjYzZjAxYzg4ODEyMzE5ZWMyZjE0MzFkM2I3OWI4ZjRhMjhmMzM1MjdmNTMyZTQwMzVlZGEyYmY2ODgxMTNiMGY5NmJhYzk5MDJlNmM3YmZiMWJjMTBjZmYwM2Y1NDkzNDJhMDZiM2U5YjZiNDk1OTgwMTgyNjk3Y2NjYzk4ZWFhZDMyMTQ0OGYzOWQyOTJjNzliYzgwMjJkZTdhNjc2ZjJkNzBkZD9tPTE%253D HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6b495980182697cccc98eaad321448f39d292c79bc8022de7a676f2d70dd?m=1 Page URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6b495980182697cccc98eaad321448f39d292c79bc8022de7a676f2d70dd?m=2 HTTP 302
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce3695a154ceb40a5598f7be5098502935831a2e8cb4494507af4f97502654c59558ee5ad06da47167c2219f0d55462e5869814821965b45081fd9a9c15d0d082b3863e2e9d8007c45bf83401ba5c97167536bb45127de6d1eea3de84719a84043bdf8a6edf1b13c64a926899859bcec2b1946a488250bc980989acbbdf6287b2196e6878413e783b9e3fb7fc24197f0ce05a2f66bfcee1c972857e8f840f7c0bc6daeb1772898963b34fe0698f7f0de92f438033088fc73a1247fcf0fe2a8a9eabd47635383cb25950c1bd845245d772089fc76a8e4edd776f8c7eda38e842a5b21dce4c812cb2ecdcea55c055618d472ab309cd4532557ca340029d42&url=https%3A%2F%2Fds1.nl%2Fc%2F%3Fsi%3D6773%26li%3D1513318%26wi%3D200735%26pid%3D40548cf3c7d059244ca3372b3af779bb%26dl%3Dnl-nl%252Fshop%252F32051-ten-cate-secrets-dames-midi-brief-walnut%252F%26ws%3D62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH&initiator=timeout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://28881453-26278-ex.situnifecal.com/jiNGC4MyPw_hZtczvVvMKy9KltkRvoHRdvwFOc2aEptBP5qV9ttVpszbUNcwL9ycxItVJPFy1f6_euuzHOKnYBWKmK-luLqKcwIfSLVOvB2-Gd8ptFs6Gm71q9HWvw?kws=fansteek%2Csite%2Cfor%2Call%2Cyour%2Cnude%2Cinfluencer%2Conlyfans%2Ccontent&abl=0&fsb=0&pageUri=https%3A%...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
https://redwingshere.xyz/go/8286/3?subid2={hostId}

Request Chain 8

https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false HTTP 302
https://gaimauroogrou.net/4/7393037/?var=8477354

Request Chain 15

https://gaimauroogrou.net/?z=7393037&syncedCookie=false&rhd=false HTTP 302
https://www.share365.net/vip/rds/nl?subId=886697520607277496&country=NL&campaignid=8543943 HTTP 302
https://www.shoptastic.io/store/tencate1952-com-nl-cpc?pubId=10439&subId=886697520607277496&country=NL&campaignid=8543943

Request Chain 17

https://clcktrck.com/nl/s/red_u_plain.php?uid=277677774&t=direct&s=22214&pub=10439&d=tencate1952.com HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b962475f83c82281022aee378409cab43 HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6b495980182697cccc98eaad321448f39d292c79bc8022de7a676f2d70dd HTTP 302
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDc5ODVlOTAyNTk5ZjYzNzk0NDY1OTU0OTU4MjYzZjAxYzg4ODEyMzE5ZWMyZjE0MzFkM2I3OWI4ZjRhMjhmMzM1MjdmNTMyZTQwMzVlZGEyYmY2ODgxMTNiMGY5NmJhYzk5MDJlNmM3YmZiMWJjMTBjZmYwM2Y1NDkzNDJhMDZiM2U5YjZiNDk1OTgwMTgyNjk3Y2NjYzk4ZWFhZDMyMTQ0OGYzOWQyOTJjNzliYzgwMjJkZTdhNjc2ZjJkNzBkZD9tPTE%253D HTTP 302
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6b495980182697cccc98eaad321448f39d292c79bc8022de7a676f2d70dd?m=1

Request Chain 18

https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6b495980182697cccc98eaad321448f39d292c79bc8022de7a676f2d70dd?m=2 HTTP 302
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

3 Show response
redwingshere.xyz/go/8286/
Redirect Chain

https://28881453-26278-ex.situnifecal.com/jiNGC4MyPw_hZtczvVvMKy9KltkRvoHRdvwFOc2aEptBP5qV9ttVpszbUNcwL9ycxItVJPFy1f6_euuzHOKnYBWKmK-luLqKcwIfSLVOvB2-Gd8ptFs6Gm71q9HWvw?kws=fansteek%2Csite%2Cfor%2C...
https://redwingshere.xyz/go/8286/3?subid2={hostId}

293 B
815 B

282ms
125ms

Document
text/html

45.13.225.41
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 41.225.13.45.in-addr.arpa
Software: nginx / PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Resource Hash: b5c4f8b5e450ccd8bdc17fabeadf988bb4dff5f755198657100dc662f1851fe4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: identity
Content-Length: 293
Content-Type: text/html; charset=utf-8
Date: Sat, 30 Nov 2024 12:11:21 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 30 Nov 2024 12:11:21 GMT
Pragma: no-cache
Server: nginx
X-Powered-By: PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 30 Nov 2024 12:11:21 GMT
expires: Sat, 30 Nov 2024 12:11:21 UTC
last-modified: Sat, 30 Nov 2024 12:11:21 UTC
location: https://redwingshere.xyz/go/8286/3?subid2={hostId}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: no-referrer
server: nginx

GET
H2 200 8477354 Show response
gaimauroogrou.net/4/ 31 KB
15 KB 275ms
120ms Document
text/html 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

586534a61d0dbab5afa09b15460c233e37fc42bdd7830e5caca079e6e8bdfd06

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 30 Nov 2024 12:11:21 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 25de18485bcf8b81a0b6b4616fc92c9e

GET
H/1.1 200
OK favicon.ico
redwingshere.xyz/ 0
212 B 104ms
103ms Other
text/html 45.13.225.41
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 41.225.13.45.in-addr.arpa
Software: nginx / PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Date: Sat, 30 Nov 2024 12:11:21 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Server: nginx
Connection: keep-alive

GET
H3 200 img.gif
my.rtmark.net/ 43 B
881 B 203ms
127ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0081243cb6b1482dee0c37e4f8c6d5d3&z=8477354&p_rid=e0196573-0e54-4626-b229-84b908b39ef6&p_src=sf

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bsf974wvrhw62dhKOAghdYLAWqr%2FTOTNeX7t58KkinuCZwLaD7eSXO%2FVHp0vUyShsWk7stVZkGP%2Bq%2B5yoX6naKXahCgGXCsMxGhQOAdCExdC8wJrMjaewnEk3irJVF%2BH"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72886&min_rtt=72788&rtt_var=27365&sent=9&recv=7&lost=0&retrans=0&sent_bytes=4072&recv_bytes=4393&delivery_rate=46176&cwnd=12000&unsent_bytes=0&cid=7db7d2c45ea3c729&ts=105&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 12:11:21 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8eaabd555efd0b6e-AMS
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 200 sftouch
gaimauroogrou.net/ 43 B
652 B 75ms
75ms Image
image/gif 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gaimauroogrou.net/sftouch?userId=0081243cb6b1482dee0c37e4f8c6d5d3&z=8477354&p_rid=e0196573-0e54-4626-b229-84b908b39ef6&p_src=sf&branchId=0&rb=ivJ8XIfhz3WterSa9g6UpmuvA0uLbJ8KFnXZg81W4LZFEIHIZqSBXDsNsccnOvgr0tD-j1IEoYOjvXJGQKQMkYveoU65NOahqdrs8MtPXO370e6CKdDB4b6j-c9ybqv7Py2Ica0CK3SNxwskDsho4ecxjgznnGFlEtvs1IHHa8r_W2pLIvLUQzAFTFUbQL7KwTPVCOKlRCqRvbe0n0eftDIKBz9S32uNSWd2ywb8UZ1WymLvW-Z2Ci1oJvEmmXT2Gj9klSYWUNRUY5UxV4de5pfNR_UDL5Ifq-9zNyOet6dzIiK8eqBLDgxa-FEUb0eFvjNGu2YE_9RG_vRjPzy_fw==&w_img=1

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083

Response headers

access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Sat, 30 Nov 2024 12:11:21 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 8d982272ae78edd257c6e4e14bb698dd
access-control-allow-origin: *
content-length: 43
server: nginx

POST
H2 200 add Show response
gaimauroogrou.net/log/ 12 B
386 B 96ms
94ms XHR
application/json 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=e0196573-0e54-4626-b229-84b908b39ef6

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gaimauroogrou.net
content-length: 12
date: Sat, 30 Nov 2024 12:11:21 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H2 200 add Show response
gaimauroogrou.net/async_log/ 0
340 B 95ms
94ms XHR
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=e0196573-0e54-4626-b229-84b908b39ef6

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gaimauroogrou.net
content-length: 0
date: Sat, 30 Nov 2024 12:11:21 GMT
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 204 favicon.ico
gaimauroogrou.net/ 0
150 B 84ms
84ms Other
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gaimauroogrou.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sat, 30 Nov 2024 12:11:21 GMT
pragma: public
server: nginx

GET
H2

200

/ Show response
gaimauroogrou.net/4/7393037/
Redirect Chain

https://gaimauroogrou.net/?z=8477354&syncedCookie=true&rhd=false
https://gaimauroogrou.net/4/7393037/?var=8477354

31 KB
15 KB

59ms
58ms

Document
text/html

139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/4/7393037/?var=8477354

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

660e82d707ba315e7ef217afc1a43f8b26c4cd51ce9294cc8d3929d9bee3ef7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://gaimauroogrou.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 30 Nov 2024 12:11:22 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 475925def14cbb96d905f483b15ccedb

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gaimauroogrou.net
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sat, 30 Nov 2024 12:11:21 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://gaimauroogrou.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://gaimauroogrou.net/4/7393037/?var=8477354
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 3d9556433c4b87c55eaa2b12c0021fdd

GET
H2 204 favicon.ico
gaimauroogrou.net/ 0
0 54ms
54ms Other
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gaimauroogrou.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/afu.php?zoneid=8477354&var=8477354&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sat, 30 Nov 2024 12:11:21 GMT
pragma: public
server: nginx

POST
H3 200 img.gif
my.rtmark.net/ 43 B
865 B 67ms
67ms Ping
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0081243cb6b1482dee0c37e4f8c6d5d3&z=7393037&p_rid=2b169498-45a1-4339-9b27-abfca4e97740&p_src=sf

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zebjV2rS5A7HQNLVGdkdYWO4jucX3amzImIfrybu9vpp2sneG32j9a5vKpdWg%2F5FZIsLlW0MP%2BK9bOHfq0P4zvdW8%2FHNCn1nivc7dZgDrak3hjqT%2Bo%2BM%2FVNl0hyxz6kl"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=84858&min_rtt=72788&rtt_var=24175&sent=12&recv=12&lost=0&retrans=0&sent_bytes=5028&recv_bytes=4990&delivery_rate=8194&cwnd=12000&unsent_bytes=0&cid=7db7d2c45ea3c729&ts=431&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 30 Nov 2024 12:11:22 GMT
content-type: image/gif
priority: u=4,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8eaabd578a620b6e-AMS
access-control-allow-origin: https://gaimauroogrou.net
content-length: 43
server: cloudflare

GET
H2 200 sftouch
gaimauroogrou.net/ 43 B
652 B 62ms
62ms Image
image/gif 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gaimauroogrou.net/sftouch?userId=0081243cb6b1482dee0c37e4f8c6d5d3&z=7393037&p_rid=2b169498-45a1-4339-9b27-abfca4e97740&p_src=sf&branchId=0&rb=9G2s6vi25qdnuJ8xRGOKkM3TgEhvHPEyIG_yJvOZelRAADyLQCqM1-tN5lqFj2TXG_pLpEkOP0ofiezQ0hfOszzwXqirF1V0v3NZeRO2gXxtdNhN0O7V4DrYFBIjNiubQClGvCrbCxkioub0nk3KqUIRlISoKVf5wv9UDu_fMIjTAYYsbitb4Vm9R6f90xm41tEnbvuAr7hwEht4iihIjNqB1iyTzXwyO-Na1-a22eq-_UaTE5gjTCz-ZUAa57tzKRYkt2u4RDh22uvFxSAgXF8VGdIjmly6fsXRG3Z-pmJYOo991F__jg==&w_img=1

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Sat, 30 Nov 2024 12:11:22 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: c3f9ea6f9eeb0a9407b8c58b51c63044
access-control-allow-origin: *
content-length: 43
server: nginx

POST
H2 200 add
gaimauroogrou.net/log/ 12 B
386 B 68ms
67ms XHR
application/json 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=2b169498-45a1-4339-9b27-abfca4e97740

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gaimauroogrou.net
content-length: 12
date: Sat, 30 Nov 2024 12:11:22 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 204 favicon.ico
gaimauroogrou.net/ 0
0 0ms
0ms Other
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gaimauroogrou.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sat, 30 Nov 2024 12:11:21 GMT
pragma: public
server: nginx

POST
H2 200 add
gaimauroogrou.net/async_log/ 0
340 B 69ms
69ms XHR
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://gaimauroogrou.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=2b169498-45a1-4339-9b27-abfca4e97740

Requested by

Host: gaimauroogrou.net
URL: https://gaimauroogrou.net/4/7393037/?var=8477354

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gaimauroogrou.net/4/7393037/?var=8477354

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gaimauroogrou.net
content-length: 0
date: Sat, 30 Nov 2024 12:11:22 GMT
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2

200

tencate1952-com-nl-cpc Show response
www.shoptastic.io/store/
Redirect Chain

https://gaimauroogrou.net/?z=7393037&syncedCookie=false&rhd=false
https://www.share365.net/vip/rds/nl?subId=886697520607277496&country=NL&campaignid=8543943
https://www.shoptastic.io/store/tencate1952-com-nl-cpc?pubId=10439&subId=886697520607277496&country=NL&campaignid=8543943

141 B
341 B

1028ms
471ms

Document
text/html

52.53.88.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shoptastic.io/store/tencate1952-com-nl-cpc?pubId=10439&subId=886697520607277496&country=NL&campaignid=8543943
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.53.88.18 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-53-88-18.us-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 17891894cc0a7f9e11b44d6172a0b6e307f04b214003aa45c0202efd95e03d55

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://gaimauroogrou.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-language: en-US
content-type: text/html;charset=UTF-8
date: Sat, 30 Nov 2024 12:11:23 GMT
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8eaabd5b6bf996ff-AMS
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 12:11:22 GMT
location: https://www.shoptastic.io/store/tencate1952-com-nl-cpc?pubId=10439&subId=886697520607277496&country=NL&campaignid=8543943
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qs%2FRx3M%2Bju156RoLZGb6P1kUxHS7uWUNcbSOwAuSo9TLpqYdjsk8tB5%2FVwuTYsTmKMKs7ZKzT3shfBkjvzvX6jXB5lNGSr3DNiTfqiN%2FvucI3lyvJdGGeGOPHGMbhnHMr4o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=40662&min_rtt=35035&rtt_var=13212&sent=8&recv=10&lost=0&retrans=0&sent_bytes=4045&recv_bytes=2402&delivery_rate=112142&cwnd=251&unsent_bytes=0&cid=bee3b608f892afda&ts=83&x=0"
strict-transport-security: max-age=31536000

GET
H2 204 favicon.ico
gaimauroogrou.net/ 0
0 0ms
0ms Other
text/plain 139.45.197.243
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://gaimauroogrou.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gaimauroogrou.net/afu.php?zoneid=7393037&var=7393037&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Sat, 30 Nov 2024 12:11:21 GMT
pragma: public
server: nginx

GET
H/1.1

200
OK

69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6...
clcktrck.com/3340b07f6352b061e0908fa0e76668dc/
Redirect Chain

https://clcktrck.com/nl/s/red_u_plain.php?uid=277677774&t=direct&s=22214&pub=10439&d=tencate1952.com
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda...
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda...
https://discountheld.de/rdcn/rf?ret=aHR0cHM6Ly9jbGNrdHJjay5jb20vMzM0MGIwN2Y2MzUyYjA2MWUwOTA4ZmEwZTc2NjY4ZGMvNjlmMDcwYjhmY2JmM2JmZTYwYjljZmM0NjIzMTQ0YTAwOTRmZjIxNjM5MzZkNTkyYzc3ZTRiOTZjZTkyNWJmNDc5O...
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda...

553 B
668 B

109ms
108ms

Document
text/html

3.73.249.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6b495980182697cccc98eaad321448f39d292c79bc8022de7a676f2d70dd?m=1
Requested by: Host: www.shoptastic.io
URL: https://www.shoptastic.io/store/tencate1952-com-nl-cpc?pubId=10439&subId=886697520607277496&country=NL&campaignid=8543943
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.shoptastic.io/store/tencate1952-com-nl-cpc?pubId=10439&subId=886697520607277496&country=NL&campaignid=8543943
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 12:11:24 GMT
Referrer-Policy: origin
Server: nginx/1.24.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 12:11:24 GMT
location: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6b495980182697cccc98eaad321448f39d292c79bc8022de7a676f2d70dd?m=1
referrer-policy: origin
server: nginx/1.18.0 (Ubuntu)

GET
H/1.1

200
OK

sitesearchGo Show response
nl-go.kelkoogroup.net/
Redirect Chain

https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda...
https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=10...

29 KB
30 KB

323ms
99ms

Document
text/html

95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

ed0bbbaded39789d698a89cd175a3e5415fa60cba90eeee9a008f5d1067eb5cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/69f070b8fcbf3bfe60b9cfc4623144a0094ff2163936d592c77e4b96ce925bf47985e902599f63794465954958263f01c88812319ec2f1431d3b79b8f4a28f33527f532e4035eda2bf688113b0f96bac9902e6c7bfb1bc10cff03f549342a06b3e9b6b495980182697cccc98eaad321448f39d292c79bc8022de7a676f2d70dd?m=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 29501
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 12:11:24 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.042567391S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMAXLDF63PI7GsA1AfSqQ==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698148_1732968685204_55169505
country: nl
leadId: 62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH

Redirect headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 12:11:24 GMT
Location: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Referrer-Policy: origin
Server: nginx/1.24.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 200
OK favicon.ico
clcktrck.com/ 0
246 B 67ms
66ms Other
image/x-icon 3.73.249.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clcktrck.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://clcktrck.com/

Response headers

ETag: "645a16d2-0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Date: Sat, 30 Nov 2024 12:11:24 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 09 May 2023 09:48:02 GMT
Server: nginx/1.24.0 (Ubuntu)

GET
H/1.1 200
OK p.png
nl-go.kelkoogroup.net/assets/images/ 68 B
597 B 86ms
39ms Image
image/png 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nl-go.kelkoogroup.net/assets/images/p.png?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce3695a154ceb40a5598f7be5098502935831a2e8cb4494507af4f97502654c59558ee5ad06da47167c2219f0d55462e5869814821965b45081fd9a9c15d0d082b3863e2e9d8007c45bf83401ba5c97167536bb45127de6d1eea3de84719a84043bdf8a6edf1b13c64a926899859bcec2b1946a488250bc980989acbbdf6287b2196e6878413e783b9e3fb7fc24197f0ce05a2f66bfcee1c972857e8f840f7c0bc6daeb1772898963b34fe0698f7f0de92f438033088fc73a1247fcf0fe2a8a9eabd47635383cb25950c1bd845245d772089fc76a8e4edd776f8c7eda38e842a5b21dce4c812cb2ecdcea55c055618d472ab309cd4532557ca340029d42

Requested by

Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: private, must-revalidate
leadId: 62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH
Request-Time: PT0.002740675S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698148_1732968685204_55169505
country: nl
X-Content-Type-Options: nosniff
Content-Length: 68
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 12:11:24 GMT
Content-Type: image/png
X-Frame-Options: DENY

GET
H2 200 tags.js Show response
dd.kelkoogroup.net/ 169 KB
32 KB 213ms
33ms Script
text/javascript 3.161.82.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-43.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

content-encoding: gzip
x-amz-version-id: srBbjf4IpQWkR6dukRm3KeuXFeESXHnZ
etag: W/"f413de3002ba35101fcc6ab056e87d4b"
age: 3246
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: MLXXgQeQMvRlHZIwyetp1H4QWXHiQYXksYoODf2hnAmN9PK8wm8_fw==
date: Sat, 30 Nov 2024 11:17:19 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Tue, 19 Nov 2024 10:41:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600, public
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

POST collect
www.google-analytics.com/g/ 0
0

GET
H/1.1 404
Not Found ados.js Show response
nl-go.kelkoogroup.net/ 1 KB
2 KB 32ms
31ms XHR
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/ados.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Request-Time: PT0.000477442S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
Content-Length: 1140
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 12:11:24 GMT
Content-Type: text/html; charset=UTF-8
X-Frame-Options: DENY

POST
H/1.1 200
OK fp
nl-go.kelkoogroup.net/ 0
503 B 45ms
43ms Ping
text/plain 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/fp?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce3695a154ceb40a5598f7be5098502935831a2e8cb4494507af4f97502654c59558ee5ad06da47167c2219f0d55462e5869814821965b45081fd9a9c15d0d082b3863e2e9d8007c45bf83401ba5c97167536bb45127de6d1eea3de84719a84043bdf8a6edf1b13c64a926899859bcec2b1946a488250bc980989acbbdf6287b2196e6878413e783b9e3fb7fc24197f0ce05a2f66bfcee1c972857e8f840f7c0bc6daeb1772898963b34fe0698f7f0de92f438033088fc73a1247fcf0fe2a8a9eabd47635383cb25950c1bd845245d772089fc76a8e4edd776f8c7eda38e842a5b21dce4c812cb2ecdcea55c055618d472ab309cd4532557ca340029d42

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8
sec-ch-device-memory: 8

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
leadId: 62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH
Request-Time: PT0.013129022S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
clickId: 107698148_1732968685204_55169505
country: nl
X-Content-Type-Options: nosniff
Content-Length: 0
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 12:11:25 GMT
Content-Type: text/plain; charset=UTF-8
X-Frame-Options: DENY

GET 61ff58ca-c48f-4da0-a86c-925a7cf2333c
https://nl-go.kelkoogroup.net/ Frame 0
0

GET
H/1.1 403
Forbidden Primary Request redirect Show response
nl-go.kelkoogroup.net/ 725 B
2 KB 60ms
60ms Document
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce3695a154ceb40a5598f7be5098502935831a2e8cb4494507af4f97502654c59558ee5ad06da47167c2219f0d55462e5869814821965b45081fd9a9c15d0d082b3863e2e9d8007c45bf83401ba5c97167536bb45127de6d1eea3de84719a84043bdf8a6edf1b13c64a926899859bcec2b1946a488250bc980989acbbdf6287b2196e6878413e783b9e3fb7fc24197f0ce05a2f66bfcee1c972857e8f840f7c0bc6daeb1772898963b34fe0698f7f0de92f438033088fc73a1247fcf0fe2a8a9eabd47635383cb25950c1bd845245d772089fc76a8e4edd776f8c7eda38e842a5b21dce4c812cb2ecdcea55c055618d472ab309cd4532557ca340029d42&url=https%3A%2F%2Fds1.nl%2Fc%2F%3Fsi%3D6773%26li%3D1513318%26wi%3D200735%26pid%3D40548cf3c7d059244ca3372b3af779bb%26dl%3Dnl-nl%252Fshop%252F32051-ten-cate-secrets-dames-midi-brief-walnut%252F%26ws%3D62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH&initiator=timeout

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

ea1eecb1a12fa5d7f865190b27e5f2cf22b13eacb0028f46fa317655e4e346d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Charset: utf-8
Content-Length: 725
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 12:11:25 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.015340776S
X-Content-Type-Options: nosniff
X-DD-B: 1
X-DataDome: protected
X-DataDome-CID: AHrlqAAAAAMAXLDF63PI7GsA1AfSqQ==
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found favicon.ico
nl-go.kelkoogroup.net/ 1 KB
2 KB 40ms
40ms Other
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory: 8
Referer: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: frame-ancestors 'none'
Request-Time: PT0.000506496S
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
Content-Length: 1144
X-XSS-Protection: 1; mode=block
Date: Sat, 30 Nov 2024 12:11:24 GMT
Content-Type: text/html; charset=UTF-8
X-Frame-Options: DENY

GET
H2 200 c.js Show response
ct.captcha-delivery.com/ 11 KB
11 KB 142ms
32ms Script
text/javascript 65.9.66.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.captcha-delivery.com/c.js
Requested by: Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce3695a154ceb40a5598f7be5098502935831a2e8cb4494507af4f97502654c59558ee5ad06da47167c2219f0d55462e5869814821965b45081fd9a9c15d0d082b3863e2e9d8007c45bf83401ba5c97167536bb45127de6d1eea3de84719a84043bdf8a6edf1b13c64a926899859bcec2b1946a488250bc980989acbbdf6287b2196e6878413e783b9e3fb7fc24197f0ce05a2f66bfcee1c972857e8f840f7c0bc6daeb1772898963b34fe0698f7f0de92f438033088fc73a1247fcf0fe2a8a9eabd47635383cb25950c1bd845245d772089fc76a8e4edd776f8c7eda38e842a5b21dce4c812cb2ecdcea55c055618d472ab309cd4532557ca340029d42&url=https%3A%2F%2Fds1.nl%2Fc%2F%3Fsi%3D6773%26li%3D1513318%26wi%3D200735%26pid%3D40548cf3c7d059244ca3372b3af779bb%26dl%3Dnl-nl%252Fshop%252F32051-ten-cate-secrets-dames-midi-brief-walnut%252F%26ws%3D62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH&initiator=timeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nl-go.kelkoogroup.net/

Response headers

x-amz-version-id: null
etag: "1fd766ce129c8b2cae0770e023a22682"
age: 7665
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11217
x-amz-cf-id: iaOCIngdpjvkIrjb-vY7KG_edgiLaUyjKIC-UtaD6JEbg8OW14mVBQ==
date: Sat, 30 Nov 2024 10:03:41 GMT
content-type: text/javascript
last-modified: Fri, 22 Nov 2024 10:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK /
geo.captcha-delivery.com/captcha/ Frame B5F4 0
0 413ms
171ms Document
text/html 18.157.207.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAXLDF63PI7GsA1AfSqQ%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=GQeyXiCf1taZsWSOd3nuDjW1Z1BLo1ss8VqNjxgejyTkdlTbr07_BICRgd0g8rVuD4QnFmh39bnUQ3uX5Zh30kBOtJv1bL_A80q7wsqky35opTX4UdCvRidDPOBM5gKW&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce3695a154ceb40a5598f7be5098502935831a2e8cb4494507af4f97502654c59558ee5ad06da47167c2219f0d55462e5869814821965b45081fd9a9c15d0d082b3863e2e9d8007c45bf83401ba5c97167536bb45127de6d1eea3de84719a84043bdf8a6edf1b13c64a926899859bcec2b1946a488250bc980989acbbdf6287b2196e6878413e783b9e3fb7fc24197f0ce05a2f66bfcee1c972857e8f840f7c0bc6daeb1772898963b34fe0698f7f0de92f438033088fc73a1247fcf0fe2a8a9eabd47635383cb25950c1bd845245d772089fc76a8e4edd776f8c7eda38e842a5b21dce4c812cb2ecdcea55c055618d472ab309cd4532557ca340029d42%26url%3Dhttps%253A%252F%252Fds1.nl%252Fc%252F%253Fsi%253D6773%2526li%253D1513318%2526wi%253D200735%2526pid%253D40548cf3c7d059244ca3372b3af779bb%2526dl%253Dnl-nl%25252Fshop%25252F32051-ten-cate-secrets-dames-midi-brief-walnut%25252F%2526ws%253D62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH%26initiator%3Dtimeout&s=35103&e=341daeb3bbe228ebaacd6e55bb32f4248d733c4fc8c178d6305a4860b5935f84&dm=cd
Requested by: Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.207.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-207-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://nl-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sat, 30 Nov 2024 12:11:26 GMT
Transfer-Encoding: chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-42767ZEKSC&_p=50655555&sr=1600x1200&ul=nl-nl&cid=767795587.1732968685&uid=a4c6294-1937cfb9e95-61968f&_fv=1&_s=1&dl=https%3A%2F%2Fnl-go.kelkoogroup.net%2FsitesearchGo%3F.ts%3D1732967418422%26.sig%3DDkjn5GlOnQ2v6L5L3vBqlMnc64w-%26affiliationId%3D96967162%26comId%3D100474056%26country%3Dnl%26offerId%3D8b0a187afd6d6c0d26c944addbd4bb7c%26searchId%3D107610035262035_1732967418382_52915945%26service%3D36%26tokenId%3D2ce8ff34-60c1-45cc-8742-5d09b81fd7c3%26addedParams%3Dtrue%26publisherClickId%3D3b7ae8f12c8587296590cf4ec428df6e%26originReferer%3Ddiscounthero.org%26publisherSubId%3D61c38133cdcdc763f37eb6d78c64f295%26publisherTrafficType%3Dcashback&dt=U%20wordt%20doorgestuurd%20naar%20Tencate1952.com&dr=https%3A%2F%2Fclcktrck.com%2F&dp=%2F96967162%7C100474056%7C&sid=1732968685&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96967162&ep.cd2=62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH&ep.cd3=100474056&ep.cd4=a4c6294-1937cfb9e95-61968f&ep.cd5=&ep.cd6=96967162%7C100474056%7C

Domain: nl-go.kelkoogroup.net
URL: blob:https://nl-go.kelkoogroup.net/61ff58ca-c48f-4da0-a86c-925a7cf2333c

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dd

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
redwingshere.xyz/	1970-01-21 01:23:31	Name: mobitck Value: 1
gaimauroogrou.net/	1970-01-21 10:08:24	Name: OAID Value: 0081243cb6b1482dee0c37e4f8c6d5d3
gaimauroogrou.net/	1970-01-21 10:08:24	Name: oaidts Value: 1732968681
my.rtmark.net/	1970-01-21 10:08:24	Name: ID Value: 0081243cb6b1482dee0c37e4f8c6d5d3
gaimauroogrou.net/	1970-01-21 01:32:53	Name: syncedCookie Value: true
www.share365.net/	1970-01-21 01:22:55	Name: XSRF-TOKEN Value: eyJpdiI6IlpRb1NnYllaanpJbXN0a0hNUEpjc1E9PSIsInZhbHVlIjoiempEUko5XC9mNjZWRVFXaHpoTXozRlRNc1RMYURKdEw2d3BNXC9COEV3UXpXWDJLeGhWdVlJSXlJb0lBQWZucHROIiwibWFjIjoiMDA1OTMwN2NiOTM5MWJiZGJmMjA1ZDVlOWY3N2ViODA3OWFhZmM3ODBkMjFlNjJhOTcxNDlhYmNlZDUzYTY3OCJ9
www.share365.net/	1970-01-21 01:22:55	Name: laravel_session Value: eyJpdiI6IlJHRGFoZTVGZHhCZFNvYkM5Nk1cL1Z3PT0iLCJ2YWx1ZSI6IlBTK3BEUkIwMTl1VWxVNHFqdFlYWGtNZFFKOVdTZHQ4NWM4Y0thVVVuNFwvRVF2YmtvWlNORkg2RnpSRnloTFVWIiwibWFjIjoiMTBkMzYxYmY1ODRjMzU5Zjc4NjIwZGI5ZDFiYmRmM2ZhMjIzZTJkM2I1MTI0YzU4NzdkMDEyMGJhNDZkNWYxMSJ9
www.share365.net/	1970-01-21 01:22:52	Name: __cflb Value: 0H28vVobGc6Cutkxgoy8727QHweqWPjkZVURirsB9ib
.kelkoogroup.net/	1970-01-21 10:08:24	Name: kelkooID Value: a4c6294-1937cfb9e95-61968f
.kelkoogroup.net/	1970-01-21 10:01:12	Name: datadome Value: GQeyXiCf1taZsWSOd3nuDjW1Z1BLo1ss8VqNjxgejyTkdlTbr07_BICRgd0g8rVuD4QnFmh39bnUQ3uX5Zh30kBOtJv1bL_A80q7wsqky35opTX4UdCvRidDPOBM5gKW

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://gaimauroogrou.net/4/8477354?var=8286_%7BhostId%7D&ymid=159jit4f00083 Message: [GroupMarkerNotSet(crbug.com/242999)!:A00033013C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://gaimauroogrou.net/afu.php?zoneid=8477354&var=8477354&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A032013C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://gaimauroogrou.net/4/7393037/?var=8477354 Message: [GroupMarkerNotSet(crbug.com/242999)!:A00033013C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://gaimauroogrou.net/afu.php?zoneid=7393037&var=7393037&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A032013C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://nl-go.kelkoogroup.net/sitesearchGo?.ts=1732967418422&.sig=Dkjn5GlOnQ2v6L5L3vBqlMnc64w-&affiliationId=96967162&comId=100474056&country=nl&offerId=8b0a187afd6d6c0d26c944addbd4bb7c&searchId=107610035262035_1732967418382_52915945&service=36&tokenId=2ce8ff34-60c1-45cc-8742-5d09b81fd7c3&addedParams=true&publisherClickId=3b7ae8f12c8587296590cf4ec428df6e&originReferer=discounthero.org&publisherSubId=61c38133cdcdc763f37eb6d78c64f295&publisherTrafficType=cashback(Line 28) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://nl-go.kelkoogroup.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437e34e6eac5bdb212b40cec91df7d751db54532ce3695a154ceb40a5598f7be5098502935831a2e8cb4494507af4f97502654c59558ee5ad06da47167c2219f0d55462e5869814821965b45081fd9a9c15d0d082b3863e2e9d8007c45bf83401ba5c97167536bb45127de6d1eea3de84719a84043bdf8a6edf1b13c64a926899859bcec2b1946a488250bc980989acbbdf6287b2196e6878413e783b9e3fb7fc24197f0ce05a2f66bfcee1c972857e8f840f7c0bc6daeb1772898963b34fe0698f7f0de92f438033088fc73a1247fcf0fe2a8a9eabd47635383cb25950c1bd845245d772089fc76a8e4edd776f8c7eda38e842a5b21dce4c812cb2ecdcea55c055618d472ab309cd4532557ca340029d42&url=https%3A%2F%2Fds1.nl%2Fc%2F%3Fsi%3D6773%26li%3D1513318%26wi%3D200735%26pid%3D40548cf3c7d059244ca3372b3af779bb%26dl%3Dnl-nl%252Fshop%252F32051-ten-cate-secrets-dames-midi-brief-walnut%252F%26ws%3D62AE01JDYFQ7NC8QRPJJBQ5ZCV4HSH&initiator=timeout Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28881453-26278-ex.situnifecal.com
clcktrck.com
ct.captcha-delivery.com
dd.kelkoogroup.net
discountheld.de
gaimauroogrou.net
geo.captcha-delivery.com
my.rtmark.net
nl-go.kelkoogroup.net
redwingshere.xyz
www.google-analytics.com
www.share365.net
www.shoptastic.io
nl-go.kelkoogroup.net
www.google-analytics.com
139.45.197.243
172.66.40.245
18.157.207.8
188.114.96.3
3.161.82.43
3.66.53.110
3.73.249.248
45.13.225.41
52.53.88.18
65.9.66.87
88.208.22.4
95.211.116.26
0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0
17891894cc0a7f9e11b44d6172a0b6e307f04b214003aa45c0202efd95e03d55
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
586534a61d0dbab5afa09b15460c233e37fc42bdd7830e5caca079e6e8bdfd06
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
660e82d707ba315e7ef217afc1a43f8b26c4cd51ce9294cc8d3929d9bee3ef7b
b5c4f8b5e450ccd8bdc17fabeadf988bb4dff5f755198657100dc662f1851fe4
b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1eecb1a12fa5d7f865190b27e5f2cf22b13eacb0028f46fa317655e4e346d1
ed0bbbaded39789d698a89cd175a3e5415fa60cba90eeee9a008f5d1067eb5cb
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

nl-go.kelkoogroup.net Open in urlscan Pro 95.211.116.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

93 %HTTPS

0 %IPv6

11 Domains

13 Subdomains

10 IPs

4 Countries

115 kBTransfer

274 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nl-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

10
IPs

4
Countries

115 kB
Transfer

274 kB
Size

10
Cookies

30 HTTP transactions
0 data transactions