www.deonlinedrogist.nl Open in urlscan Pro
77.241.85.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ubijpareonline.com/
Effective URL:
https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campa...
Submission: On January 08 via api (January 8th 2022, 9:02:19 am UTC) from JP — Scanned from NL

Summary HTTP 39 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 39 HTTP transactions. The main IP is 77.241.85.123, located in Belgium and belongs to COMBELL-AS, BE. The main domain is www.deonlinedrogist.nl. The Cisco Umbrella rank of the primary domain is 613550.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 12th 2021. Valid for: a year.

This is the only time www.deonlinedrogist.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	78.41.204.29 78.41.204.29	62370 (SNEL) (SNEL)
4	66.165.243.160 66.165.243.160	29802 (HVC-AS) (HVC-AS)
8	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2 5	95.211.116.27 95.211.116.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.66.122.11 18.66.122.11	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	52.57.98.184 52.57.98.184	16509 (AMAZON-02) (AMAZON-02)
15	77.241.85.123 77.241.85.123	34762 (COMBELL-AS) (COMBELL-AS)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
39	12

2 78.41.204.29 (Netherlands) 1 redirects

ASN62370 (SNEL, NL)
PTR: server368.snel.com

ubijpareonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.27 (Den Helder, Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com

nl-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-11.fra60.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.98.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-98-184.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 77.241.85.123 (Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: linweb351.webhosting.be

www.deonlinedrogist.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

metrics.deonlinedrogist.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	deonlinedrogist.nl www.deonlinedrogist.nl — Cisco Umbrella Rank: 613550 metrics.deonlinedrogist.nl — Cisco Umbrella Rank: 804095	149 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	61 KB
5	kelkoogroup.net 2 redirects nl-go.kelkoogroup.net	33 KB
4	redirekted.com r.redirekted.com — Cisco Umbrella Rank: 553834	11 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	168 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 7767 api-js.datadome.co — Cisco Umbrella Rank: 7917	41 KB
2	ubijpareonline.com 1 redirects ubijpareonline.com	1 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 327	725 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 320	13 KB
39	9

	Domain	Requested by
15	www.deonlinedrogist.nl	nl-go.kelkoogroup.net www.deonlinedrogist.nl
8	www.google-analytics.com	r.redirekted.com www.google-analytics.com www.googletagmanager.com
5	nl-go.kelkoogroup.net	2 redirects r.redirekted.com nl-go.kelkoogroup.net
4	r.redirekted.com	ubijpareonline.com r.redirekted.com
3	www.googletagmanager.com	nl-go.kelkoogroup.net www.deonlinedrogist.nl www.googletagmanager.com
2	ubijpareonline.com	1 redirects
1	metrics.deonlinedrogist.nl	www.googletagmanager.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.deonlinedrogist.nl
1	api-js.datadome.co	js.datadome.co
1	js.datadome.co	nl-go.kelkoogroup.net
39	11

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
twitter.com
www.facebook.com
www.instagram.com
www.aanbiedersmedicijnen.nl

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2021-09-07` - `2022-10-07`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2021-10-12` - `2022-10-21`	a year	crt.sh
*.deonlinedrogist.nl Sectigo RSA Domain Validation Secure Server CA	`2021-03-12` - `2022-03-24`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
metrics.deonlinedrogist.nl GTS CA 1D4	`2021-11-24` - `2022-02-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
Frame ID: CD9AC3E8EDFA6BB394AE20B1C592DA47
Requests: 37 HTTP requests in this frame

Frame: http://r.redirekted.com/go?e=04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX4OTsmOKLefQqskaqdxxXYkGLefQqXclB14wsbLPL8gQqt5aq11Gsu13B59Gr-RPX58IA3OKM7cRntcvC9VRA2IaFetPnTAwq9L0XxD2BmR2KUyaCwuTsYOaF-AUrw13F8fRsXglBlfRLTIQXWEHr-D2F1pUrb13Bj5mZbVPL0V2VXSFWjWTs-tUF8gHp6bFW0cHs-taFefmV6j3B8WJs2clF9AKr6fFW90mXmWlK59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Frame ID: 12340656FC88BFFDE7A97979E1D87094
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Testjezelf.nu Drugstest THC Enkel 25ST | voordelig online kopen | De Online Drogist

Page URL History Show full URLs

http://ubijpareonline.com/ Page URL
http://ubijpareonline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MTY... HTTP 302
http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8... Page URL
https://nl-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1641561603697&.sig=KiqOjQ5cUBSMRlPE.9at7PfFXM4-&aff... HTTP 307
https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8... Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437c590656c0bce245e7e7156... HTTP 303
https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

39
Requests

82 %
HTTPS

27 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

475 kB
Transfer

1422 kB
Size

23
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=31613503237
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://twitter.com/deonlinedrogist

Search URL Search Domain Scan URL

URL: https://www.facebook.com/deonlinedrogist/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/deonlinedrogist.nl/

Search URL Search Domain Scan URL

URL: https://www.aanbiedersmedicijnen.nl/pharmacie-welzijn-b-v
Title: Medicin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ubijpareonline.com/ Page URL
http://ubijpareonline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MTYzOTczMiwiaWF0IjoxNjQxNjMyNTMyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjQ0MDVwNTJqb21tbzdlZ2sxa2k2aTYiLCJuYmYiOjE2NDE2MzI1MzIsInRzIjoxNjQxNjMyNTMyMzI3MDM0fQ.XyxXL2rCaAbGfSSteI3RnpMUon_zU_XJrLLYr_P9e_U&sid=aae83c52-7061-11ec-81b9-da2d865aef76 HTTP 302
http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579 Page URL
https://nl-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1641561603697&.sig=KiqOjQ5cUBSMRlPE.9at7PfFXM4-&affiliationId=96965859&comId=100511337&country=nl&offerId=ff8cbed9928b9c47111c61a1084069a7&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM1tFrOWmCkyQA-plEm4GFOAwCzLxXuuJE3DUM8qmp8N2r7tKF8ElLW5KW8LRsyjKL3ZUqVk3pz8SsybPL&custom2=jKWjuHsyDKF8gRsvqwqSExZvyxEmpKrUAQB HTTP 307
https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o= Page URL
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437c590656c0bce245e7e715647b63ce568cf44b135e881080d4e4382609fc4da29c3e232d8bc54b0a137bfaae14163cbfdfc3dd8300fe6027da9b1404980866a0cbe0ff3dbda57b89a76b34c00e183a3ebad07dc47583706395a39904825e0e4e6967fa7e4d16e67278b0a5020752006bfe0a991f170f336ea0edc2b528b557bf4933270719983f93437cd88c69141167a5ee1bde911a94279c27b21afa4b420fad1562e1a80c28761ee7010167e904dbb91c69cb64dddd2514e8e1ffaa0a15fd4dc845b65756a05b157f81d031cc51fa2825fd626cd12bcba66dfad86d4c59a8f8754f4d3ae04dda2bcb12744cb394b5bba76cfd055b8ed6980790919064095e83410cef8966b0c8cf918daaad8d7496d&leadId=dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1641632533926_2164575&clickId=107699127_1641632533884_948899&url=https%3A%2F%2Fwww.deonlinedrogist.nl%2Ftestjezelf-nu-drugstest-thc-enkel-25st-p-56713.html%3Futm_source%3Dkelkoonl%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DTestjezelf.nu%2BDrugstest%2BTHC%2BEnkel%2B25st&initiator=timeout HTTP 303
https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://ubijpareonline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MTYzOTczMiwiaWF0IjoxNjQxNjMyNTMyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjQ0MDVwNTJqb21tbzdlZ2sxa2k2aTYiLCJuYmYiOjE2NDE2MzI1MzIsInRzIjoxNjQxNjMyNTMyMzI3MDM0fQ.XyxXL2rCaAbGfSSteI3RnpMUon_zU_XJrLLYr_P9e_U&sid=aae83c52-7061-11ec-81b9-da2d865aef76 HTTP 302
http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579

Request Chain 5

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 7

http://www.google-analytics.com/collect?v=1&_v=j96&a=1051719937&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX4OTsmOKLefQqskaqdxxXYkGLefQqXclB14wsbLPL8gQqt5aq11Gsu13B59Gr-RPX58IA3OKM7cRntcvC9VRA2IaFetPnTAwq9L0XxD2BmR2KUyaCwuTsYOaF-AUrw13F8fRsXglBlfRLTIQXWEHr-D2F1pUrb13Bj5mZbVPL0V2VXSFWjWTs-tUF8gHp6bFW0cHs-taFefmV6j3B8WJs2clF9AKr6fFW90mXmWlK59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1514957453.1641632534&tid=UA-32454353-1&_gid=1681684116.1641632534&cd1=oz9loT58n2kesUk8sT5ipzkhsTgfn3k8sUj%3D&z=1021699779 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j96&a=1051719937&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX4OTsmOKLefQqskaqdxxXYkGLefQqXclB14wsbLPL8gQqt5aq11Gsu13B59Gr-RPX58IA3OKM7cRntcvC9VRA2IaFetPnTAwq9L0XxD2BmR2KUyaCwuTsYOaF-AUrw13F8fRsXglBlfRLTIQXWEHr-D2F1pUrb13Bj5mZbVPL0V2VXSFWjWTs-tUF8gHp6bFW0cHs-taFefmV6j3B8WJs2clF9AKr6fFW90mXmWlK59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1514957453.1641632534&tid=UA-32454353-1&_gid=1681684116.1641632534&cd1=oz9loT58n2kesUk8sT5ipzkhsTgfn3k8sUj%3D&z=1021699779

Request Chain 8

https://nl-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1641561603697&.sig=KiqOjQ5cUBSMRlPE.9at7PfFXM4-&affiliationId=96965859&comId=100511337&country=nl&offerId=ff8cbed9928b9c47111c61a1084069a7&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM1tFrOWmCkyQA-plEm4GFOAwCzLxXuuJE3DUM8qmp8N2r7tKF8ElLW5KW8LRsyjKL3ZUqVk3pz8SsybPL&custom2=jKWjuHsyDKF8gRsvqwqSExZvyxEmpKrUAQB HTTP 307
https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=

39 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
ubijpareonline.com/ 474 B
836 B 49ms
33ms Document
text/html 78.41.204.29
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: http://ubijpareonline.com/
Protocol: HTTP/1.1
Server: 78.41.204.29 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: server368.snel.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 474
content-type: text/html; charset=utf-8
date: Sat, 08 Jan 2022 09:02:11 GMT
server: nginx

GET
H/1.1

200
OK

redirect Show response
r.redirekted.com/
Redirect Chain

http://ubijpareonline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MTYzOTczMiwiaWF0IjoxNjQxNjMyNTMyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjQ0MDVwNTJqb21tbzdlZ2sxa2...
http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579

840 B
1 KB

321ms
161ms

Document
text/html

66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579
Requested by: Host: ubijpareonline.com
URL: http://ubijpareonline.com/
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: c653502cc7ff539e671b1728a2b5c6c6b4c22aa32a16e083ba1aff224ad08f18

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://ubijpareonline.com/

Response headers

Server: nginx/1.21.5
Date: Sat, 08 Jan 2022 09:02:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 08 Jan 2022 09:02:12 GMT
location: http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579
server: nginx

GET
H/1.1 200
OK adren.css
r.redirekted.com/css/ 243 B
479 B 159ms
159ms Stylesheet
text/css 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/css/adren.css?n=3028287933
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 08 Jan 2022 09:02:13 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-f3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243

GET
H/1.1 200
OK adren.min.js Show response
r.redirekted.com/js/ 7 KB
8 KB 319ms
159ms Script
application/javascript 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/js/adren.min.js?n=3028287933
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: 55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 08 Jan 2022 09:02:13 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-1d68"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7528

GET
H/1.1 200
OK go Show response
r.redirekted.com/ Frame 1234 2 KB
2 KB 161ms
160ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/go?e=04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX4OTsmOKLefQqskaqdxxXYkGLefQqXclB14wsbLPL8gQqt5aq11Gsu13B59Gr-RPX58IA3OKM7cRntcvC9VRA2IaFetPnTAwq9L0XxD2BmR2KUyaCwuTsYOaF-AUrw13F8fRsXglBlfRLTIQXWEHr-D2F1pUrb13Bj5mZbVPL0V2VXSFWjWTs-tUF8gHp6bFW0cHs-taFefmV6j3B8WJs2clF9AKr6fFW90mXmWlK59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/js/adren.min.js?n=3028287933
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: c1716bfaa188ddc78c1dfac1df29ccfd32087ef4e09dc3255412954fcd767838

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579

Response headers

Server: nginx/1.21.5
Date: Sat, 08 Jan 2022 09:02:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14

GET
H2

200

analytics.js Show response
www.google-analytics.com/ Frame 1234
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

83ms
31ms

Script
text/javascript

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX4OTsmOKLefQqskaqdxxXYkGLefQqXclB14wsbLPL8gQqt5aq11Gsu13B59Gr-RPX58IA3OKM7cRntcvC9VRA2IaFetPnTAwq9L0XxD2BmR2KUyaCwuTsYOaF-AUrw13F8fRsXglBlfRLTIQXWEHr-D2F1pUrb13Bj5mZbVPL0V2VXSFWjWTs-tUF8gHp6bFW0cHs-taFefmV6j3B8WJs2clF9AKr6fFW90mXmWlK59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 67
date: Sat, 08 Jan 2022 09:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 08 Jan 2022 11:01:06 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H2 200 collect
www.google-analytics.com/j/ Frame 1234 2 B
145 B 29ms
29ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1051719937&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX4OTsmOKLefQqskaqdxxXYkGLefQqXclB14wsbLPL8gQqt5aq11Gsu13B59Gr-RPX58IA3OKM7cRntcvC9VRA2IaFetPnTAwq9L0XxD2BmR2KUyaCwuTsYOaF-AUrw13F8fRsXglBlfRLTIQXWEHr-D2F1pUrb13Bj5mZbVPL0V2VXSFWjWTs-tUF8gHp6bFW0cHs-taFefmV6j3B8WJs2clF9AKr6fFW90mXmWlK59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=746044400&gjid=1579566489&cid=1514957453.1641632534&tid=UA-32454353-1&_gid=1681684116.1641632534&_r=1&_slc=1&z=797344986

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jan 2022 09:02:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://r.redirekted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/ Frame 1234
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j96&a=1051719937&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX4...
https://www.google-analytics.com/collect?v=1&_v=j96&a=1051719937&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX...

35 B
194 B

20ms
20ms

Image
image/gif

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1051719937&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX4OTsmOKLefQqskaqdxxXYkGLefQqXclB14wsbLPL8gQqt5aq11Gsu13B59Gr-RPX58IA3OKM7cRntcvC9VRA2IaFetPnTAwq9L0XxD2BmR2KUyaCwuTsYOaF-AUrw13F8fRsXglBlfRLTIQXWEHr-D2F1pUrb13Bj5mZbVPL0V2VXSFWjWTs-tUF8gHp6bFW0cHs-taFefmV6j3B8WJs2clF9AKr6fFW90mXmWlK59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1514957453.1641632534&tid=UA-32454353-1&_gid=1681684116.1641632534&cd1=oz9loT58n2kesUk8sT5ipzkhsTgfn3k8sUj%3D&z=1021699779

Requested by

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jan 2022 01:00:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28913
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j96&a=1051719937&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW8RTs7DQMeZUrv5UX4AzXy0KCeZUBt13B48Is-jaL-AUsvclBebGsyDQM59Gr8RPX4OTsmOKLefQqskaqdxxXYkGLefQqXclB14wsbLPL8gQqt5aq11Gsu13B59Gr-RPX58IA3OKM7cRntcvC9VRA2IaFetPnTAwq9L0XxD2BmR2KUyaCwuTsYOaF-AUrw13F8fRsXglBlfRLTIQXWEHr-D2F1pUrb13Bj5mZbVPL0V2VXSFWjWTs-tUF8gHp6bFW0cHs-taFefmV6j3B8WJs2clF9AKr6fFW90mXmWlK59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1514957453.1641632534&tid=UA-32454353-1&_gid=1681684116.1641632534&cd1=oz9loT58n2kesUk8sT5ipzkhsTgfn3k8sUj%3D&z=1021699779
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

go Show response
nl-go.kelkoogroup.net/
Redirect Chain

https://nl-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1641561603697&.sig=KiqOjQ5cUBSMRlPE.9at7PfFXM4-&affiliationId=96965859&comId=100511337&country=nl&offerId=ff8cbed9928b9c47111c61a1084069a7&ser...
https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb372734...

28 KB
29 KB

32ms
32ms

Document
text/html

95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

ff67f5889b96d7af82df4459d978ad7df30ab251d17f8365198bd91b8a63429d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=b5006f140f1c96f12b7f9e52158ae7cc&request_id=96279d279b8a3ed856846c7837b6b579

Response headers

Date: Sat, 08 Jan 2022 09:02:13 GMT
leadId: dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1641632533926_2164575
Pragma: no-cache
Charset: utf-8
clickId: 107699127_1641632533884_948899
country: nl
X-DataDome: protected
Request-Time: PT0.015S
X-Robots-Tag: noindex,nofollow
X-Set-Cookie: datadome=MJ~ybM9zL6W_QCpzgRV7rm9N19SoIglb-KWNcPITks8O0aHUQqsM7jx33ZXv4_xTjtg3cy9e8OyrLqBGkPP_ttLpZsJNO00ZFzJi0hDYINN6v8Z6XLjDkBuIucHX90Z; Max-Age=31536000; Domain=.kelkoogroup.net; Path=/; Secure; SameSite=Lax
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMASq8HHmFXhAkAX9PHiA==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 28276
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=55
Connection: Keep-Alive

Redirect headers

Date: Sat, 08 Jan 2022 09:02:13 GMT
Pragma: no-cache
Charset: utf-8
clickId: 107699127_1641632533884_948899
country: nl
Location: /go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=
X-DataDome: protected
Request-Time: PT0.013S
X-Robots-Tag: noindex,nofollow
X-Set-Cookie: datadome=e~cQUE~6NAAb_tOwUCkO_mU1VhmzxdD~iWQcVlQaBJ_M1qClGywI_TVh1h3Ijn8GQLieymVl1r7v~a~MOXV3a9TXP71JQJCDCcz3ItJzpc~4xEqUZLE4b77twtgdMPF; Max-Age=31536000; Domain=.kelkoogroup.net; Path=/; Secure; SameSite=Lax
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMA2l2LrJuN8BwAX9PHiA==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=22
Connection: Keep-Alive
Content-Type: text/plain

GET
H/1.1 200
OK p.png
nl-go.kelkoogroup.net/assets/images/ 68 B
625 B 19ms
18ms Image
image/png 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nl-go.kelkoogroup.net/assets/images/p.png?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437c590656c0bce245e7e715647b63ce568cf44b135e881080d4e4382609fc4da29c3e232d8bc54b0a137bfaae14163cbfdfc3dd8300fe6027da9b1404980866a0cbe0ff3dbda57b89a76b34c00e183a3ebad07dc47583706395a39904825e0e4e6967fa7e4d16e67278b0a5020752006bfe0a991f170f336ea0edc2b528b557bf4933270719983f93437cd88c69141167a5ee1bde911a94279c27b21afa4b420fad1562e1a80c28761ee7010167e904dbb91c69cb64dddd2514e8e1ffaa0a15fd4dc845b65756a05b157f81d031cc51fa2825fd626cd12bcba66dfad86d4c59a8f8754f4d3ae04dda2bcb12744cb394b5bba76cfd055b8ed6980790919064095e83410cef8966b0c8cf918daaad8d7496d&leadId=dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1641632533926_2164575&clickId=107699127_1641632533884_948899

Requested by

Host: nl-go.kelkoogroup.net
URL: https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ApacheTracking: localhost
Date: Sat, 08 Jan 2022 09:02:13 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.001S
P3P: CP="Anything"
Connection: Keep-Alive
Content-Length: 68
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
ETag: "7f9308ead71500e2b56be51e17018e516bb99b41"
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private, must-revalidate
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=40, max=89
Expires: Wed, 04 Jan 2023 09:17:24 GMT

GET
H2 200 tags.js Show response
js.datadome.co/ 223 KB
41 KB 68ms
23ms Script
text/javascript 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-11.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

8642a03ef6a432817b6ca2d403c1e83da2183ce6dac3249b8fb7f971bc6107fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 08:53:07 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 547
x-cache: Hit from cloudfront
content-length: 40975
access-control-allow-origin: *
last-modified: Fri, 07 Jan 2022 09:48:39 GMT
server: Apache
etag: "37cb4-5d4fae43f35a6-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: Bj0IFUKnj26ddf4ma0Ck3YdBk5vDQTish9zrd8XGEYPvIuvp7OFJNA==
expires: Sat, 08 Jan 2022 09:53:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
41 KB 80ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2d6d2ee2bb81e5510b3eee7cc7b2ee4a576002b03ff1146793fc1acbf29c79a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41875
x-xss-protection: 0
expires: Sat, 08 Jan 2022 09:02:14 GMT

POST
H/1.1 200
OK fp
nl-go.kelkoogroup.net/ 0
441 B 30ms
18ms Ping
text/plain 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://nl-go.kelkoogroup.net/fp?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437c590656c0bce245e7e715647b63ce568cf44b135e881080d4e4382609fc4da29c3e232d8bc54b0a137bfaae14163cbfdfc3dd8300fe6027da9b1404980866a0cbe0ff3dbda57b89a76b34c00e183a3ebad07dc47583706395a39904825e0e4e6967fa7e4d16e67278b0a5020752006bfe0a991f170f336ea0edc2b528b557bf4933270719983f93437cd88c69141167a5ee1bde911a94279c27b21afa4b420fad1562e1a80c28761ee7010167e904dbb91c69cb64dddd2514e8e1ffaa0a15fd4dc845b65756a05b157f81d031cc51fa2825fd626cd12bcba66dfad86d4c59a8f8754f4d3ae04dda2bcb12744cb394b5bba76cfd055b8ed6980790919064095e83410cef8966b0c8cf918daaad8d7496d&leadId=dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1641632533926_2164575&clickId=107699127_1641632533884_948899

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

ApacheTracking: localhost
Date: Sat, 08 Jan 2022 09:02:13 GMT
Referrer-Policy: unsafe-url
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
P3P: CP="Anything"
X-Robots-Tag: noindex,nofollow
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Request-Time: PT0.003S
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=40, max=98

POST
H2 200 / Show response
api-js.datadome.co/js/ 50 B
227 B 65ms
21ms XHR
application/json 52.57.98.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.98.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-98-184.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 9e732c0535a0d8501df59c4a7b24861e543f978886ab70ec83ebdf591167cb96

Request headers

Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 08 Jan 2022 09:02:14 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 50
expires: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 68
date: Sat, 08 Jan 2022 09:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 08 Jan 2022 11:01:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
28ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=292337034&t=pageview&_s=1&dl=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fgo%3Fcountry%3Dnl%26k%3Da0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830%26o%3D&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965859%7C100511337%7C&ul=en-us&de=UTF-8&dt=U%20wordt%20doorgestuurd%20naar%20De%20online%20drogist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=599167552&gjid=314849344&cid=1135866077.1641632534&tid=UA-168544891-12&_gid=372265275.1641632534&_r=1&gtm=2wg1505ZS487&cd1=96965859&cd2=dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1641632533926_2164575&cd3=100511337&cd4=a4c6368-17e38ec8d9c-168944&cd5=&cd6=96965859%7C100511337%7C&z=1968716054

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jan 2022 09:02:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nl-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Primary Request testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html Show response
www.deonlinedrogist.nl/
Redirect Chain

https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437c590656c0bce245e7e715647b63ce568cf44b135e881080d4e4382609fc4da29c3e232d8bc54b0a137bfaae14163cbfdfc3dd8300fe6027da...
https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st

118 KB
23 KB

271ms
226ms

Document
text/html

77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

ac492168a50cf32f8a571de9892e83bded7d4b02cf1a7a747e15dd48b4455400

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; report=/violation-report.php

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://nl-go.kelkoogroup.net/go?country=nl&k=a0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830&o=

Response headers

server: nginx
date: Sat, 08 Jan 2022 09:02:14 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-ancestors 'self';
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; report=/violation-report.php
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding,Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: http://www.danonewinkelnl.nl
referrer-policy: strict-origin-when-cross-origin
x-ua-compatible: IE=Edge,chrome=1

Redirect headers

Date: Sat, 08 Jan 2022 09:02:14 GMT
leadId: dc1-kls-prod-srv-02.prod.dc1.kelkoo.net_1641632533926_2164575
Pragma: no-cache
Charset: utf-8
clickId: 107699127_1641632533884_948899
country: nl
Location: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
X-DataDome: protected
Request-Time: PT0.012S
X-Robots-Tag: noindex,nofollow
X-Set-Cookie: datadome=Fa3s_gucU.y8KwJi3c1CjhckLqmHf.qR8IHkTR9g1TxUHsYWZ2wWsTC38Lb2PEoMCPtMlJNu7L6DL41h6PkgWtnZWShIPQ1fgjn62x.AhXA8cI.HHpp5Qsq7fSjAPfZ; Max-Age=31536000; Domain=.kelkoogroup.net; Path=/; Secure; SameSite=Lax
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAM4OE8i1NuwQAX9PHiA==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=45
Connection: Keep-Alive
Content-Type: text/plain

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
66 KB 67ms
38ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHNXPG

Requested by

Host: www.deonlinedrogist.nl
URL: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26cb6630d749ffea7a194b3ca3e3bf1ad47aa9e204e16a55b58ad17dae047bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67624
x-xss-protection: 0
expires: Sat, 08 Jan 2022 09:02:14 GMT

GET
H2 200 general-min.js Show response
www.deonlinedrogist.nl/beryl/public/app/dod/js/ 15 KB
5 KB 21ms
20ms Script
application/javascript 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deonlinedrogist.nl/beryl/public/app/dod/js/general-min.js?v=21363

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

f51efa9664147fa8be63b0c5912887be4fd6bf024f632577c8969c9dafded92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 4714
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 product.critical-min.js Show response
www.deonlinedrogist.nl/beryl/public/app/dod/js/ 77 KB
18 KB 24ms
23ms Script
application/javascript 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deonlinedrogist.nl/beryl/public/app/dod/js/product.critical-min.js?v=21363

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

ccc607947f2d0f41da7d14cf4efaeaa3da0782b5a91dc03e51269945d0d590b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 18362
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 general.css
www.deonlinedrogist.nl/beryl/public/app/dod/css/ 82 KB
15 KB 41ms
40ms Stylesheet
text/css 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deonlinedrogist.nl/beryl/public/app/dod/css/general.css?v=21363

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

b14aba8cfdcbb4fb9c43c0e1c1e120c1fb2db657ab9fe54412f29c8742ec96fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Accept-Encoding,Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 15326
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 product--newnav.css
www.deonlinedrogist.nl/beryl/public/app/dod/css/ 117 KB
16 KB 38ms
38ms Stylesheet
text/css 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deonlinedrogist.nl/beryl/public/app/dod/css/product--newnav.css?v=21363

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

630ca82ddcf48770fd6e7638af1ebbfe3163277bbb74c11377ad99dd62c3debd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Accept-Encoding,Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 16054
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 d.png
www.deonlinedrogist.nl/img/ 70 B
378 B 20ms
20ms Image
image/png 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deonlinedrogist.nl/img/d.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

9c29dc3b33ae13e38fc04ec817e2aa5ce674243f560e994db02d239066f1a155

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 70
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 product.last-min.js Show response
www.deonlinedrogist.nl/beryl/public/app/dod/js/ 5 KB
2 KB 21ms
21ms Script
application/javascript 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deonlinedrogist.nl/beryl/public/app/dod/js/product.last-min.js?v=21363

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

a554a143b734c9ee4b46ef692ce011692a4242d83c9de08500fec7b3fa29978d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 1877
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 logo-thuiswinkel.svg
www.deonlinedrogist.nl/img/ 1 KB
862 B 20ms
20ms Image
image/svg+xml 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deonlinedrogist.nl/img/logo-thuiswinkel.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

fc26d8ab9125d2471b2c97345bd5bc6f8fabf3e6a255d185a121502dc4081e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Accept-Encoding,Origin
content-type: image/svg+xml
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 521
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 logo-dod.svg
www.deonlinedrogist.nl/img/logos/ 29 KB
7 KB 23ms
23ms Image
image/svg+xml 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deonlinedrogist.nl/img/logos/logo-dod.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

c0d77febb7c6cb5a954fb464ee4d450d3dd5fa9b91ef238cdbe85f5981154929

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Accept-Encoding,Origin
content-type: image/svg+xml
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 7313
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 testjezelf-nu-drugstest-thc-enkel-25st.jpeg
www.deonlinedrogist.nl/res/pr56713/wowm/270-270/ 5 KB
5 KB 26ms
26ms Image
image/jpeg 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deonlinedrogist.nl/res/pr56713/wowm/270-270/testjezelf-nu-drugstest-thc-enkel-25st.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

8550b187e03126a891a2955706c658d8ef56c9f06882d6f0bbc83babdee39f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Dec 2021 16:52:39 GMT
server: nginx
vary: Origin
content-type: image/jpeg
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 5102
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 testjezelf-nu-drugstest-thc-enkel-25st.jpeg
www.deonlinedrogist.nl/res/pr56713/wowm/78-78/ 1 KB
1 KB 26ms
25ms Image
image/jpeg 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deonlinedrogist.nl/res/pr56713/wowm/78-78/testjezelf-nu-drugstest-thc-enkel-25st.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

7fc86749ffed430d786411024b711febfa0daae8e88609ffc11c6dde61b2d8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Dec 2021 16:52:39 GMT
server: nginx
vary: Origin
content-type: image/jpeg
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 1031
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 activ-supreme-anti-rimpel-en-verstevigende-verzorging-spf30-50ml-overlay.png
www.deonlinedrogist.nl/res/pr92891/wowm/50-32/ 1 KB
2 KB 21ms
20ms Image
image/png 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deonlinedrogist.nl/res/pr92891/wowm/50-32/activ-supreme-anti-rimpel-en-verstevigende-verzorging-spf30-50ml-overlay.png?v=1639584255

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

f067f0c8667609f6ef5a5654fec0ff21341e2d1b56598250e16fb9eca0dfff72

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Dec 2021 16:04:15 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 1256
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 dod-icons_19.woff
www.deonlinedrogist.nl/fonts/ 38 KB
39 KB 21ms
21ms Font
application/x-font-woff 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deonlinedrogist.nl/fonts/dod-icons_19.woff?v=3.b3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

15be84bdb00164f85d3fed97d2b34a70c38b1cf27025bbea3dc1c18886cfd231

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
Origin: https://www.deonlinedrogist.nl
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: https://www.deonlinedrogist.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 39404
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e3d382db4dd83d59aa5742793ad6b7903409e865c83bcbc54835049f043bc15

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d0c3e951c854c13ea63d105269c4464a5260af5832114b7fcb3728cc3d37007

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ema.png
www.deonlinedrogist.nl/img/ 4 KB
4 KB 21ms
21ms Image
image/png 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deonlinedrogist.nl/img/ema.png

Requested by

Host: www.deonlinedrogist.nl
URL: https://www.deonlinedrogist.nl/beryl/public/app/dod/css/general.css?v=21363

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

92b10cfab1851ac8d9dfc0b207344c5b4d667a35620c3350a06d023ba7932a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/beryl/public/app/dod/css/general.css?v=21363
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 3669
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H2 200 nr-1212.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 50ms
14ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1212.min.js
Requested by: Host: www.deonlinedrogist.nl
URL: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding: gzip
etag: "9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id: J9F6ZWXBG8FD91WM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12828
x-amz-id-2: Po04EWZLlZ2xKnyxIMJm4qkPMUbiBRD7e5yU7RwZmv4OcX/HtOSPUoajsfaJKvRMluzCGC5JIpY=
x-served-by: cache-ams21059-AMS
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1641632535.770084,VS0,VE0
date: Sat, 08 Jan 2022 09:02:14 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 14090

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EVLQN9754L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHNXPG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdc8d91e40932ed992f2e11af3febbf311f6edd8aab88d21c70df1517239e2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62316
x-xss-protection: 0
expires: Sat, 08 Jan 2022 09:02:14 GMT

GET
H2 200 shopping-awards-persoonlijke-verzorging-2021.png
www.deonlinedrogist.nl/img/header/ 9 KB
9 KB 23ms
23ms Image
image/png 77.241.85.123
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deonlinedrogist.nl/img/header/shopping-awards-persoonlijke-verzorging-2021.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.241.85.123 , Belgium, ASN34762 (COMBELL-AS, BE),

Reverse DNS

linweb351.webhosting.be

Software

nginx /

Resource Hash

c9a72934933bd28c398f255b29bce0661d3b36432b30a754522195b9e44817ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:14 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Dec 2021 18:00:09 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: http://www.danonewinkelnl.nl
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 9311
expires: Mon, 07 Feb 2022 09:02:14 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHNXPG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 68
date: Sat, 08 Jan 2022 09:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 08 Jan 2022 11:01:06 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 08:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Jan 2022 09:11:47 GMT

GET
H/1.1 200
OK bbd50c2377 Show response
bam-cell.nr-data.net/1/ 49 B
725 B 660ms
611ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/bbd50c2377?a=202576680&v=1212.e95d35c&to=NgBbYRZYXEVZUEQLCg9KekAXTV1bF2NRBQBOJlhBBVVdURdjQg0BFAZNGg1XVlNAHA%3D%3D&rst=540&ck=1&ref=https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html&ap=199&be=322&fe=475&dc=469&perf=%7B%22timing%22:%7B%22of%22:1641632534251,%22n%22:0,%22f%22:31,%22dn%22:31,%22dne%22:37,%22c%22:37,%22s%22:55,%22ce%22:75,%22rq%22:75,%22rp%22:302,%22rpe%22:320,%22dl%22:306,%22di%22:469,%22ds%22:469,%22de%22:470,%22dc%22:475,%22l%22:475,%22le%22:476%7D,%22navigation%22:%7B%7D%7D&fp=458&fcp=458&at=GkdMF15CTxoaUhJYHhwY&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1212.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 08 Jan 2022 09:02:15 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6ca43eeede452bd6-FRA

GET
H2 200 collect Show response
metrics.deonlinedrogist.nl/g/ 65 B
611 B 372ms
315ms XHR
text/plain 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.deonlinedrogist.nl/g/collect?v=2&tid=G-EVLQN9754L&gtm=2oe150&_p=1266312009&sr=1600x1200&ul=en-us&cid=1841116067.1641632535&_fplc=0&_s=1&dl=https%3A%2F%2Fwww.deonlinedrogist.nl%2Ftestjezelf-nu-drugstest-thc-enkel-25st-p-56713.html%3Futm_source%3Dkelkoonl%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DTestjezelf.nu%2BDrugstest%2BTHC%2BEnkel%2B25st&dr=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fgo%3Fcountry%3Dnl%26k%3Da0c673feaaea9627e907b065e85e0b84002c2ecb189190a8a1feb4c290f8dee133a594b7d2e3915beccad56d889e1b54feb1c77dbe0ebf46f7c942db622f4bc3234d46744be943ddb37273427e6dd6620bcdbd85262d9ac87162f3f4339646b4bebcc8163c2ba498d35b378bdfc6b5aeb9e1fa6fb47824fd71aa433c8e1ac369b7140b7c647f81a43758448480faa88143d595f209cfcea6c7214b0de12c626b52c995cc780100f523f7647edc711c806adcb6e66264a2452d4dd3157a1cab12019fbd0c72837e512c42aa8ed3cc62aa873e9b5515a6f29fc1892af14875f5d587b43ee4273f54f00b177cf110772ad74f9094f6258cc6dad6cb4edbf032c091e112dc0ce3000547b12695bd9e443a132195e53e7ec23e782ef3c5e939dc52e09f981834e1073e7fa5380829d70870564a79dcfc425499412a6a1bd2797ea76ecd9642251f4e918b90548c3190449557619acf71c0c134d295271309c37307e9117baae1695d352310c56138d113a15cd4fcbfdcdd626d387a5d09374168c8bea335e6e1fde906eb60ff7ca8892f9190dfbabb46dda7e01dd0c5887548f510c138dc6000e19fa55287b2ca6113ef68db2fa2c9bbd528555fed64a867af1bf4e3b68d80fff0e1b06305e839749ac33aee9a3acd1f28b822418b16214521bd590a9335619ded80ee3ae25f1d3ac48ca1c8b9de0a68f953e2c5a533a3db9ea2a20cc97f392fe48a9830%26o%3D&dt=Testjezelf.nu%20Drugstest%20THC%20Enkel%2025ST%20%7C%20voordelig%20online%20kopen%20%7C%20De%20Online%20Drogist&sid=1641632534&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.allow_ad_features=false&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EVLQN9754L&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.deonlinedrogist.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 09:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Google Frontend
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.deonlinedrogist.nl
x-cloud-trace-context: 79edd5771d2af60d1861d1a17e5fe624
cache-control: no-cache
access-control-allow-credentials: true
content-length: 90
expires: Sat, 08 Jan 2022 09:02:15 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Ping
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.deonlinedrogist.nl/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 08 Jan 2022 09:02:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.deonlinedrogist.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ubijpareonline.com/	1970-02-13 20:31:56	Name: sid Value: aae83c52-7061-11ec-81b9-da2d865aef76
r.redirekted.com/	1970-01-20 00:01:58	Name: uuid Value: 902968122408082560
.redirekted.com/	1970-01-20 17:31:44	Name: _ga Value: GA1.2.1514957453.1641632534
.redirekted.com/	1970-01-20 00:01:58	Name: _gid Value: GA1.2.1681684116.1641632534
.redirekted.com/	1970-01-20 00:00:32	Name: _gat Value: 1
.kelkoogroup.net/	1970-01-20 08:46:08	Name: referer Value: http%3A%2F%2Fr.redirekted.com%2F
.kelkoogroup.net/	1970-01-20 08:46:08	Name: kelkooID Value: a4c6368-17e38ec8d9c-168944
.kelkoogroup.net/	1970-01-20 08:46:08	Name: lastSearchedKeyword Value: a3dkPVRlc3RqZXplbGYgbnUgRHJ1Z3N0ZXN0IFRIQyBFbmtlbHx0cz0xNjQxNjMyNTMzOTMwfGNhdElkPTEzMzYwMXxjb21JZD0xMDA1MTEzMzc=
.nl-go.kelkoogroup.net/	1970-01-20 17:31:44	Name: _ga Value: GA1.3.1135866077.1641632534
.nl-go.kelkoogroup.net/	1970-01-20 00:01:58	Name: _gid Value: GA1.3.372265275.1641632534
.nl-go.kelkoogroup.net/	1970-01-20 00:00:32	Name: _gat_UA-168544891-12 Value: 1
.www.deonlinedrogist.nl/	1970-01-20 04:19:44	Name: osCsid Value: a8681420d203007baaa895efc58d7fbd
www.deonlinedrogist.nl/	1970-01-20 08:46:08	Name: Loop54User Value: CgrfxXXrEI
.www.deonlinedrogist.nl/	1970-01-20 00:01:58	Name: warning_message Value: 0
www.deonlinedrogist.nl/	1970-01-20 00:43:44	Name: cookie-warning Value: 1
.www.deonlinedrogist.nl/	1970-01-20 00:43:44	Name: cookie-warning Value: 1
.deonlinedrogist.nl/	1970-01-20 02:10:08	Name: _gcl_au Value: 1.1.2043628074.1641632535
.deonlinedrogist.nl/	1970-01-20 00:01:58	Name: _gid Value: GA1.2.35898295.1641632535
.deonlinedrogist.nl/	1970-01-20 17:31:44	Name: _ga_EVLQN9754L Value: GS1.1.1641632534.1.0.1641632534.0
.deonlinedrogist.nl/	1970-01-20 17:31:44	Name: _ga Value: GA1.1.1841116067.1641632535
.deonlinedrogist.nl/	1970-01-20 00:01:44	Name: FPLC Value: mT9afvhCGw27htAhqO76IMzXVQUNtLyxAYy12O6k36PxoI4JdKZ%2BT%2F%2BzAsTcTPj4z2elhD4VPAC%2FqTgg1tqebhnH2Aw1u6gYSwv4%2F9w2yNrr7lVKrTb6SWwpTsc61w%3D%3D
.deonlinedrogist.nl/	1970-01-20 17:31:44	Name: FPID Value: FPID2.2.r0fp8Ff4sYK0x1QSXeVTZ3iqQ2Y46aBa8zMoieE0t1Q%3D.1641632535
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4ea6497a25fccf27

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.deonlinedrogist.nl/testjezelf-nu-drugstest-thc-enkel-25st-p-56713.html?utm_source=kelkoonl&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Testjezelf.nu+Drugstest+THC+Enkel+25st Message: The resource https://www.deonlinedrogist.nl/img/d.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
bam-cell.nr-data.net
js-agent.newrelic.com
js.datadome.co
metrics.deonlinedrogist.nl
nl-go.kelkoogroup.net
r.redirekted.com
ubijpareonline.com
www.deonlinedrogist.nl
www.google-analytics.com
www.googletagmanager.com
151.101.66.137
162.247.243.147
18.66.122.11
2001:4860:4802:36::15
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
52.57.98.184
66.165.243.160
77.241.85.123
78.41.204.29
95.211.116.27
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
15be84bdb00164f85d3fed97d2b34a70c38b1cf27025bbea3dc1c18886cfd231
26cb6630d749ffea7a194b3ca3e3bf1ad47aa9e204e16a55b58ad17dae047bbd
2d0c3e951c854c13ea63d105269c4464a5260af5832114b7fcb3728cc3d37007
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
5e3d382db4dd83d59aa5742793ad6b7903409e865c83bcbc54835049f043bc15
630ca82ddcf48770fd6e7638af1ebbfe3163277bbb74c11377ad99dd62c3debd
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7fc86749ffed430d786411024b711febfa0daae8e88609ffc11c6dde61b2d8f7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8550b187e03126a891a2955706c658d8ef56c9f06882d6f0bbc83babdee39f5d
8642a03ef6a432817b6ca2d403c1e83da2183ce6dac3249b8fb7f971bc6107fb
92b10cfab1851ac8d9dfc0b207344c5b4d667a35620c3350a06d023ba7932a6b
9c29dc3b33ae13e38fc04ec817e2aa5ce674243f560e994db02d239066f1a155
9e732c0535a0d8501df59c4a7b24861e543f978886ab70ec83ebdf591167cb96
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a554a143b734c9ee4b46ef692ce011692a4242d83c9de08500fec7b3fa29978d
ac492168a50cf32f8a571de9892e83bded7d4b02cf1a7a747e15dd48b4455400
b14aba8cfdcbb4fb9c43c0e1c1e120c1fb2db657ab9fe54412f29c8742ec96fe
c0d77febb7c6cb5a954fb464ee4d450d3dd5fa9b91ef238cdbe85f5981154929
c1716bfaa188ddc78c1dfac1df29ccfd32087ef4e09dc3255412954fcd767838
c653502cc7ff539e671b1728a2b5c6c6b4c22aa32a16e083ba1aff224ad08f18
c9a72934933bd28c398f255b29bce0661d3b36432b30a754522195b9e44817ca
ccc607947f2d0f41da7d14cf4efaeaa3da0782b5a91dc03e51269945d0d590b4
cdc8d91e40932ed992f2e11af3febbf311f6edd8aab88d21c70df1517239e2ea
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
f067f0c8667609f6ef5a5654fec0ff21341e2d1b56598250e16fb9eca0dfff72
f2d6d2ee2bb81e5510b3eee7cc7b2ee4a576002b03ff1146793fc1acbf29c79a
f51efa9664147fa8be63b0c5912887be4fd6bf024f632577c8969c9dafded92b
fc26d8ab9125d2471b2c97345bd5bc6f8fabf3e6a255d185a121502dc4081e2a
ff67f5889b96d7af82df4459d978ad7df30ab251d17f8365198bd91b8a63429d

www.deonlinedrogist.nl Open in urlscan Pro 77.241.85.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

82 %HTTPS

27 %IPv6

9 Domains

11 Subdomains

12 IPs

4 Countries

475 kBTransfer

1422 kBSize

23 Cookies

5 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.deonlinedrogist.nl Open in urlscan Pro
77.241.85.123 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

82 %
HTTPS

27 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

475 kB
Transfer

1422 kB
Size

23
Cookies

39 HTTP transactions
2 data transactions