urlscan.io logo urlscan.io
SecurityTrails logo

gamezone.no Open in urlscan Pro
185.7.138.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vpn.no.libertymutual.de/
Effective URL: https://gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1...
Submission: On August 29 via automatic, source certstream-suspicious — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 20 HTTP transactions. The main IP is 185.7.138.160, located in Norway and belongs to STIM-COMPUTING-AS Peering: peering@visolit.no, NO. The main domain is gamezone.no.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 9th 2024. Valid for: a year.
This is the only time gamezone.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.51 61969 (TEAMINTER...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2 34.201.156.185 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
1 3.127.134.231 16509 (AMAZON-02)
1 2 54.154.136.171 16509 (AMAZON-02)
1 5 95.211.116.26 60781 (LEASEWEB-...)
2 3.161.82.87 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 185.7.138.160 31264 (STIM-COMP...)
20 11
4    185.53.177.51 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
vpn.no.libertymutual.de
1    2600:9000:2250:4e00:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
2    34.201.156.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-156-185.compute-1.amazonaws.com
heimi-lwx.com
bhask-bbh.com
2    2600:9000:223c:c800:19:af0b:1c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
priverautional.com
1    3.127.134.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-134-231.eu-central-1.compute.amazonaws.com
api.shopfinder24.com
2    54.154.136.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
r.linksprf.com
5    95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
no-go.kelkoogroup.net
2    3.161.82.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-87.fra56.r.cloudfront.net
dd.kelkoogroup.net
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    185.7.138.160 (Norway)

ASN31264 (STIM-COMPUTING-AS Peering: peering@visolit.no, NO)
www.gamezone.no
gamezone.no
Apex Domain
Subdomains		 Transfer
7 kelkoogroup.net
no-go.kelkoogroup.net
dd.kelkoogroup.net — Cisco Umbrella Rank: 383318
66 KB
4 libertymutual.de
vpn.no.libertymutual.de
3 KB
3 gamezone.no
www.gamezone.no
gamezone.no
4 KB
2 linksprf.com
r.linksprf.com — Cisco Umbrella Rank: 103090
3 KB
2 priverautional.com
priverautional.com
4 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
258 B
1 shopfinder24.com
api.shopfinder24.com
1 KB
1 bhask-bbh.com
bhask-bbh.com
812 B
1 heimi-lwx.com
heimi-lwx.com — Cisco Umbrella Rank: 312066
3 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
20 10
Domain Requested by
5 no-go.kelkoogroup.net 1 redirects r.linksprf.com
no-go.kelkoogroup.net
4 vpn.no.libertymutual.de d38psrni17bvxu.cloudfront.net
vpn.no.libertymutual.de
2 gamezone.no no-go.kelkoogroup.net
2 dd.kelkoogroup.net no-go.kelkoogroup.net
dd.kelkoogroup.net
2 r.linksprf.com 1 redirects api.shopfinder24.com
2 priverautional.com heimi-lwx.com
priverautional.com
1 www.gamezone.no 1 redirects
1 www.google-analytics.com no-go.kelkoogroup.net
1 api.shopfinder24.com priverautional.com
1 bhask-bbh.com 1 redirects
1 heimi-lwx.com vpn.no.libertymutual.de
1 d38psrni17bvxu.cloudfront.net vpn.no.libertymutual.de
20 12

This site contains no links.

Subject Issuer Validity Valid
vpn.no.libertymutual.de
R11		 2024-08-29 -
2024-11-27		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
zeropark.com
Amazon RSA 2048 M02		 2024-06-11 -
2025-07-09		 a year crt.sh
priverautional.com
Amazon RSA 2048 M03		 2024-02-12 -
2025-03-12		 a year crt.sh
api.shopfinder24.com
E6		 2024-07-05 -
2024-10-03		 3 months crt.sh
linksprf.com
R11		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.kelkoogroup.net
Thawte TLS RSA CA G1		 2023-09-14 -
2024-10-10		 a year crt.sh
dd.kelkoogroup.net
E5		 2024-07-24 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.gamezone.no
Sectigo RSA Domain Validation Secure Server CA		 2024-07-09 -
2025-08-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1397&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_source_platform=KelkooGroup&utm_term=Brettspill+Star+Wars+Armada+Interdictor+
Frame ID: DE57159075E2C1877C7D6941C6264907
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 siden finnes ikke / 404 page not found

Page URL History Show full URLs

  1. https://vpn.no.libertymutual.de/ Page URL
  2. http://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
    https://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://bhask-bbh.com/zclkredirect?visitid=39b172b4-661d-11ef-ae5b-1207979806fd&type=js&browserWid... HTTP 302
    https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0El... Page URL
  4. https://priverautional.com/redirect?target=BASE64aHR0cHM6Ly9hcGkuc2hvcGZpbmRlcjI0LmNvbS9yL2RHODlhSFIwY0... Page URL
  5. https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJT... Page URL
  6. https://r.linksprf.com/v1/redirect?type=linkId&id=d7116d5bda6f45a28eda25142dccc9ca&api_key=adf407fd... HTTP 302
    https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%259o6.225... Page URL
  7. https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliation... Page URL
  8. https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464f0d53e... HTTP 303
    https://www.gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=... HTTP 301
    https://gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns

Page Statistics

20
Requests

90 %
HTTPS

30 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

84 kB
Transfer

214 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vpn.no.libertymutual.de/ Page URL
  2. http://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7 HTTP 307
    https://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7 Page URL
  3. https://bhask-bbh.com/zclkredirect?visitid=39b172b4-661d-11ef-ae5b-1207979806fd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FOslo HTTP 302
    https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9OTIzYjczYzU0MDAzMmI4ZmQzNTIyY2NlOWFiNjljNmU%3D%3Fc%3Dwifap5fjh6q0mvp33eop5g73%26var10%3D&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=39b172b4-661d-11ef-ae5b-1207979806fd&cid=wifap5fjh6q0mvp33eop5g73&rt=DJ&ts=1724946119380&hash=Rh6M4Z45xLHAeAVjy2bip5XWB8MP_HcSWbtsDYWCL9A Page URL
  4. https://priverautional.com/redirect?target=BASE64aHR0cHM6Ly9hcGkuc2hvcGZpbmRlcjI0LmNvbS9yL2RHODlhSFIwY0hNbE0wRWxNa1lsTWtaeUxteHBibXR6Y0hKbUxtTnZiU1V5Um5ZeEpUSkdjbVZrYVhKbFkzUWxNMFowZVhCbEpUTkViR2x1YTBsa0pUSTJhV1FsTTBSa056RXhObVExWW1SaE5tWTBOV0V5T0dWa1lUSTFNVFF5WkdOall6bGpZU1V5Tm1Gd2FWOXJaWGtsTTBSaFpHWTBNRGRtWkRFd09EZGhNV1UxTm1WaFpHUmxZekJtTlRreE5ESTJOeVV5Tm5OcGRHVmZhV1FsTTBReU56QmpaRFV6WldNeU16TTBaakV4T0dObFpERTBZVFJsT0dKak9EUTVaaVV5Tm1SamFDVXpSR1psWldRbE1qWmhaRjkwSlRORVlXUjJaWEowYVhObGNpVXlObmxyWDNSaFp5VXpSQ1UzUW1Oc2FXTnJhV1FsTjBRbWREMHdKbk05T1RJellqY3pZelUwTURBek1tSTRabVF6TlRJeVkyTmxPV0ZpTmpsak5tVT0_Yz13aWZhcDVmamg2cTBtdnAzM2VvcDVnNzMmdmFyMTA9&ts=1724946119778&hash=epEwAnoMyjDQOSB9vpZZ7rvvvt-Jw_jxpIAa3kmeiAg&rm=DJ Page URL
  5. https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9OTIzYjczYzU0MDAzMmI4ZmQzNTIyY2NlOWFiNjljNmU=?c=wifap5fjh6q0mvp33eop5g73&var10= Page URL
  6. https://r.linksprf.com/v1/redirect?type=linkId&id=d7116d5bda6f45a28eda25142dccc9ca&api_key=adf407fd1087a1e56eaddec0f5914267&site_id=270cd53ec2334f118ced14a4e8bc849f&dch=feed&ad_t=advertiser&yk_tag=wifap5fjh6q0mvp33eop5g73 HTTP 302
    https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%259o6.225e7n.fio%3DsQikaW2rFY%25X3qsotkhZrCrAfhR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h1i2b%26pofnfr8%3Daobo3f4r2dc45f474824a2fe7c96221d014c3bv9d9k%26ieCrehsdl1u7%261u0t3s0a5a9d_d7a4b4c110e3d_87-1f89s4rbi-e63d%264o9e3I8%3D1d3neket-66%3Dbc4v5e-%262542a6579542c6b9%262d1e6P9r1m1%3D3r0e6p0b%3DiIhcralsc1I3%3Da0a0b0f0e656979289155f96044b%3DbIce9f4%26an4y2t2u%26cu3l2s5e7Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeNeVel%3DOt7pC%25sAd2i%25LFipD.Jhgpsi%26d7r041c4m427%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=ac996349cbd247a99a758919df072e47&sct=1&ct=1724946120621&cu=772f9a52f46445bcb2c4934baa482f2f&cs=e495b9ec22c4b8ef05e84ec78c474a2c Page URL
  7. https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f Page URL
  8. https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464f0d53e6bc92249832c15e7964e475eebab6aa337fee2968a3ff8f82d4d9c9bb18a88053687ebd4244b5903ab0b24bccdb35deae8a885202ae904e294a59c9d614d845e36493e139d44e78a6b7074c8fca5764e86bf868ead10845d860ac2413831735d096930ae290af218a76013fbca5a88c104061744b56a770879f9a5a4e2f34ef470e4ba54abb8313d03f19d9f2df31f091d6ccd22fae2eb42b69d4fdf260104e2c65ff2ec17832682860a73c12fa71e96ae78c6bab3f7e40fe1d30d67120556fbb6d458b0054eebfd3d611dd86029b55025ecba4cf730f5289efb76218556dc5c5a98a6860dd6c3829157bcb9b7c7e7dac17839307b4941bea863a981424a5ce96c934f5203eb2bf54ee1443421&url=https%3A%2F%2Fwww.gamezone.no%2FWebPages%2FProdukt%2FProduktInfo.aspx%3Fplid%3D61312%26WebSiteMapNodeID%3D1000001%26prdg1%3D88%26prdg2%3D706%26prdg3%3D1397%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DBrettspill%2BStar%2BWars%2BArmada%2BInterdictor%2B&initiator=timeout HTTP 303
    https://www.gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1397&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_source_platform=KelkooGroup&utm_term=Brettspill+Star+Wars+Armada+Interdictor+ HTTP 301
    https://gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1397&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_source_platform=KelkooGroup&utm_term=Brettspill+Star+Wars+Armada+Interdictor+ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7 HTTP 307
  • https://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
Request Chain 6
  • https://bhask-bbh.com/zclkredirect?visitid=39b172b4-661d-11ef-ae5b-1207979806fd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FOslo HTTP 302
  • https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9OTIzYjczYzU0MDAzMmI4ZmQzNTIyY2NlOWFiNjljNmU%3D%3Fc%3Dwifap5fjh6q0mvp33eop5g73%26var10%3D&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=39b172b4-661d-11ef-ae5b-1207979806fd&cid=wifap5fjh6q0mvp33eop5g73&rt=DJ&ts=1724946119380&hash=Rh6M4Z45xLHAeAVjy2bip5XWB8MP_HcSWbtsDYWCL9A
Request Chain 9
  • https://r.linksprf.com/v1/redirect?type=linkId&id=d7116d5bda6f45a28eda25142dccc9ca&api_key=adf407fd1087a1e56eaddec0f5914267&site_id=270cd53ec2334f118ced14a4e8bc849f&dch=feed&ad_t=advertiser&yk_tag=wifap5fjh6q0mvp33eop5g73 HTTP 302
  • https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%259o6.225e7n.fio%3DsQikaW2rFY%25X3qsotkhZrCrAfhR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h1i2b%26pofnfr8%3Daobo3f4r2dc45f474824a2fe7c96221d014c3bv9d9k%26ieCrehsdl1u7%261u0t3s0a5a9d_d7a4b4c110e3d_87-1f89s4rbi-e63d%264o9e3I8%3D1d3neket-66%3Dbc4v5e-%262542a6579542c6b9%262d1e6P9r1m1%3D3r0e6p0b%3DiIhcralsc1I3%3Da0a0b0f0e656979289155f96044b%3DbIce9f4%26an4y2t2u%26cu3l2s5e7Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeNeVel%3DOt7pC%25sAd2i%25LFipD.Jhgpsi%26d7r041c4m427%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=ac996349cbd247a99a758919df072e47&sct=1&ct=1724946120621&cu=772f9a52f46445bcb2c4934baa482f2f&cs=e495b9ec22c4b8ef05e84ec78c474a2c

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
vpn.no.libertymutual.de/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vpn.no.libertymutual.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.51 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
680dfad86f4de1f6a38be17d8c7899e1fe3922d78f49612e3c8dd213b0099ce4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 15:41:58 GMT
host
{http.reverse_proxy.upstream.hostport}
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Y7r3DXM0Psfk9W9bxvEHNB9g5VKbUUg9mNDbuCSKXzhmmml4FEK9kzBl+p6AF8YVflN6DnYjREJv6Bdee+jGaQ==
x-buckets
bucket011
x-domain
libertymutual.de
x-forwarded-host
vpn.no.libertymutual.de
x-language
norwegian
x-redirect
zeropark_zeroclick
x-ssl-c
v1
x-ssl-proxy
v3
x-subdomain
vpn.no
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: vpn.no.libertymutual.de
URL: https://vpn.no.libertymutual.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

Referer
https://vpn.no.libertymutual.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 04:36:41 GMT
via
1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
age
39917
etag
"65fc1e7b-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
VlJqvl1uV077KIFtqq13c9nT5Gnsbc9dHrLxQAMI3K-maGHxrelfjQ==
track.php
vpn.no.libertymutual.de/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpn.no.libertymutual.de/track.php?domain=libertymutual.de&toggle=browserjs&uid=MTcyNDk0NjExNy44MTc1OjA1NTU1YTIwMjQyOGFhZmQxODY3NzQ1ZGY1NWFhN2YyMDhiMjk3ZGJiODU5NDFiMjI2YTM1YzE1NWZjMTM1NzU6NjZkMDk2YzVjNzk3ZA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.51 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

device-memory
8
rtt
50
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://vpn.no.libertymutual.de/
dpr
1
downlink
10
ect
4g

Response headers

date
Thu, 29 Aug 2024 15:41:58 GMT
content-encoding
gzip
x-ssl-proxy
v3
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
browserjs
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
vpn.no.libertymutual.de
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
ls.php
vpn.no.libertymutual.de/ 		16 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpn.no.libertymutual.de/ls.php?t=66d096c6&token=236b6e5fb3574e130d1227f712792ac1db0c9707
Requested by
Host: vpn.no.libertymutual.de
URL: https://vpn.no.libertymutual.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.51 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

device-memory
8
rtt
50
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://vpn.no.libertymutual.de/
dpr
1
downlink
10
ect
4g

Response headers

date
Thu, 29 Aug 2024 15:41:58 GMT
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_NoZwsylu0DZCE6whajANibnM5fi7hM75OvgsYga0F2xIiSOmwqj1Sc1d2JO3IEi6vpAsMcTCm4ki8zvbBQGDeg==
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
x-ssl-proxy
v3
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
accept-ch-lifetime
30
charset
utf-8
x-forwarded-host
vpn.no.libertymutual.de
x-log-success
66d096c6938ac962ac08c72b
track.php
vpn.no.libertymutual.de/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpn.no.libertymutual.de/track.php?click=be040c2a9818d4929be142d49a673c3cd7644887&domain=libertymutual.de&uid=MTcyNDk0NjExNy44MTc1OjA1NTU1YTIwMjQyOGFhZmQxODY3NzQ1ZGY1NWFhN2YyMDhiMjk3ZGJiODU5NDFiMjI2YTM1YzE1NWZjMTM1NzU6NjZkMDk2YzVjNzk3ZA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmQwOTZjNWM3OTQxfHx8MTcyNDk0NjExOC4xMTA2fGIwY2Q2ZGE3MjU1YTE5MzM2MDg3ODJkNGZlNWEyYTQ1NDM1NTczZjB8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyMzZiNmU1ZmIzNTc0ZTEzMGQxMjI3ZjcxMjc5MmFjMWRiMGM5NzA3fDB8fDB8MHx8fA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.51 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

device-memory
8
rtt
50
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://vpn.no.libertymutual.de/
dpr
1
downlink
10
ect
4g

Response headers

date
Thu, 29 Aug 2024 15:41:58 GMT
content-encoding
gzip
x-ssl-proxy
v3
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
none
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
vpn.no.libertymutual.de
x-ssl-c
v1
x-view-match
true
alt-svc
h3=":8443"; ma=2592000
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/
Redirect Chain
  • http://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
  • https://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
Requested by
Host: vpn.no.libertymutual.de
URL: https://vpn.no.libertymutual.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.156.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-156-185.compute-1.amazonaws.com
Software
/
Resource Hash
84aa6af4aededcea1c2426169f7e8b65d698097ae0b31da707c7a1e6d51f9e37
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://vpn.no.libertymutual.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Thu, 29 Aug 2024 15:41:58 GMT

Redirect headers

Location
https://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
Non-Authoritative-Reason
HttpsUpgrades
zp-redirect
priverautional.com/
Redirect Chain
  • https://bhask-bbh.com/zclkredirect?visitid=39b172b4-661d-11ef-ae5b-1207979806fd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNm...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9OTIzYjczYzU0MDAzMmI4ZmQzNTIyY2NlOWFiNjljNmU%3D%3Fc%3Dwifap5fjh6q0mvp33eop5g73%26var10%3D&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=39b172b4-661d-11ef-ae5b-1207979806fd&cid=wifap5fjh6q0mvp33eop5g73&rt=DJ&ts=1724946119380&hash=Rh6M4Z45xLHAeAVjy2bip5XWB8MP_HcSWbtsDYWCL9A
Requested by
Host: heimi-lwx.com
URL: https://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c800:19:af0b:1c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
75d5dc815487ea650ce4b5bf7a05cce11d49bd9f5196c74286db6db3e2049a12

Request headers

Referer
https://heimi-lwx.com/zclkvisitor/39b172b4-661d-11ef-ae5b-1207979806fd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=2416e6b0-8de2-11ee-bc55-123f4a2b6bb7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Thu, 29 Aug 2024 15:41:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-id
Y-MlrJBuq-gm4nm2qNckIYlmd5VxIY6noHEaejTEq56MNQyJMzGQag==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
date
Thu, 29 Aug 2024 15:41:59 GMT
location
https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9OTIzYjczYzU0MDAzMmI4ZmQzNTIyY2NlOWFiNjljNmU%3D%3Fc%3Dwifap5fjh6q0mvp33eop5g73%26var10%3D&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=39b172b4-661d-11ef-ae5b-1207979806fd&cid=wifap5fjh6q0mvp33eop5g73&rt=DJ&ts=1724946119380&hash=Rh6M4Z45xLHAeAVjy2bip5XWB8MP_HcSWbtsDYWCL9A
redirect
priverautional.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://priverautional.com/redirect?target=BASE64aHR0cHM6Ly9hcGkuc2hvcGZpbmRlcjI0LmNvbS9yL2RHODlhSFIwY0hNbE0wRWxNa1lsTWtaeUxteHBibXR6Y0hKbUxtTnZiU1V5Um5ZeEpUSkdjbVZrYVhKbFkzUWxNMFowZVhCbEpUTkViR2x1YTBsa0pUSTJhV1FsTTBSa056RXhObVExWW1SaE5tWTBOV0V5T0dWa1lUSTFNVFF5WkdOall6bGpZU1V5Tm1Gd2FWOXJaWGtsTTBSaFpHWTBNRGRtWkRFd09EZGhNV1UxTm1WaFpHUmxZekJtTlRreE5ESTJOeVV5Tm5OcGRHVmZhV1FsTTBReU56QmpaRFV6WldNeU16TTBaakV4T0dObFpERTBZVFJsT0dKak9EUTVaaVV5Tm1SamFDVXpSR1psWldRbE1qWmhaRjkwSlRORVlXUjJaWEowYVhObGNpVXlObmxyWDNSaFp5VXpSQ1UzUW1Oc2FXTnJhV1FsTjBRbWREMHdKbk05T1RJellqY3pZelUwTURBek1tSTRabVF6TlRJeVkyTmxPV0ZpTmpsak5tVT0_Yz13aWZhcDVmamg2cTBtdnAzM2VvcDVnNzMmdmFyMTA9&ts=1724946119778&hash=epEwAnoMyjDQOSB9vpZZ7rvvvt-Jw_jxpIAa3kmeiAg&rm=DJ
Requested by
Host: priverautional.com
URL: https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9OTIzYjczYzU0MDAzMmI4ZmQzNTIyY2NlOWFiNjljNmU%3D%3Fc%3Dwifap5fjh6q0mvp33eop5g73%26var10%3D&caid=a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae&zpid=39b172b4-661d-11ef-ae5b-1207979806fd&cid=wifap5fjh6q0mvp33eop5g73&rt=DJ&ts=1724946119380&hash=Rh6M4Z45xLHAeAVjy2bip5XWB8MP_HcSWbtsDYWCL9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c800:19:af0b:1c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ed719d69f3865cf853408aafe74a72d883bf260f8020e959da587f171343e5ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Thu, 29 Aug 2024 15:41:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-id
fGTO7CEofYbyb8gxWHjqRaDv9fz4VjiTPsv1I36M_7L83riqcCuUJQ==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2N...
api.shopfinder24.com/r/ 		807 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9OTIzYjczYzU0MDAzMmI4ZmQzNTIyY2NlOWFiNjljNmU=?c=wifap5fjh6q0mvp33eop5g73&var10=
Requested by
Host: priverautional.com
URL: https://priverautional.com/redirect?target=BASE64aHR0cHM6Ly9hcGkuc2hvcGZpbmRlcjI0LmNvbS9yL2RHODlhSFIwY0hNbE0wRWxNa1lsTWtaeUxteHBibXR6Y0hKbUxtTnZiU1V5Um5ZeEpUSkdjbVZrYVhKbFkzUWxNMFowZVhCbEpUTkViR2x1YTBsa0pUSTJhV1FsTTBSa056RXhObVExWW1SaE5tWTBOV0V5T0dWa1lUSTFNVFF5WkdOall6bGpZU1V5Tm1Gd2FWOXJaWGtsTTBSaFpHWTBNRGRtWkRFd09EZGhNV1UxTm1WaFpHUmxZekJtTlRreE5ESTJOeVV5Tm5OcGRHVmZhV1FsTTBReU56QmpaRFV6WldNeU16TTBaakV4T0dObFpERTBZVFJsT0dKak9EUTVaaVV5Tm1SamFDVXpSR1psWldRbE1qWmhaRjkwSlRORVlXUjJaWEowYVhObGNpVXlObmxyWDNSaFp5VXpSQ1UzUW1Oc2FXTnJhV1FsTjBRbWREMHdKbk05T1RJellqY3pZelUwTURBek1tSTRabVF6TlRJeVkyTmxPV0ZpTmpsak5tVT0_Yz13aWZhcDVmamg2cTBtdnAzM2VvcDVnNzMmdmFyMTA9&ts=1724946119778&hash=epEwAnoMyjDQOSB9vpZZ7rvvvt-Jw_jxpIAa3kmeiAg&rm=DJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.134.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-134-231.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c0cd03730be950b36359918e1b364b495a17a259593b9307f83d8129fa78e147

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 15:42:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
go
r.linksprf.com/v2/
Redirect Chain
  • https://r.linksprf.com/v1/redirect?type=linkId&id=d7116d5bda6f45a28eda25142dccc9ca&api_key=adf407fd1087a1e56eaddec0f5914267&site_id=270cd53ec2334f118ced14a4e8bc849f&dch=feed&ad_t=advertiser&yk_tag=...
  • https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%259o6.225e7n.fio%3DsQikaW2rFY%25X3qsotkhZrCrAfhR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h1i2b%26pofnfr8%3Dao...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%259o6.225e7n.fio%3DsQikaW2rFY%25X3qsotkhZrCrAfhR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h1i2b%26pofnfr8%3Daobo3f4r2dc45f474824a2fe7c96221d014c3bv9d9k%26ieCrehsdl1u7%261u0t3s0a5a9d_d7a4b4c110e3d_87-1f89s4rbi-e63d%264o9e3I8%3D1d3neket-66%3Dbc4v5e-%262542a6579542c6b9%262d1e6P9r1m1%3D3r0e6p0b%3DiIhcralsc1I3%3Da0a0b0f0e656979289155f96044b%3DbIce9f4%26an4y2t2u%26cu3l2s5e7Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeNeVel%3DOt7pC%25sAd2i%25LFipD.Jhgpsi%26d7r041c4m427%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=ac996349cbd247a99a758919df072e47&sct=1&ct=1724946120621&cu=772f9a52f46445bcb2c4934baa482f2f&cs=e495b9ec22c4b8ef05e84ec78c474a2c
Requested by
Host: api.shopfinder24.com
URL: https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9OTIzYjczYzU0MDAzMmI4ZmQzNTIyY2NlOWFiNjljNmU=?c=wifap5fjh6q0mvp33eop5g73&var10=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.154.136.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RkNzExNmQ1YmRhNmY0NWEyOGVkYTI1MTQyZGNjYzljYSUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9OTIzYjczYzU0MDAzMmI4ZmQzNTIyY2NlOWFiNjljNmU=?c=wifap5fjh6q0mvp33eop5g73&var10=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length
2573
content-type
text/html;charset=UTF-8
date
Thu, 29 Aug 2024 15:42:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

content-length
0
date
Thu, 29 Aug 2024 15:42:00 GMT
location
/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%259o6.225e7n.fio%3DsQikaW2rFY%25X3qsotkhZrCrAfhR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h1i2b%26pofnfr8%3Daobo3f4r2dc45f474824a2fe7c96221d014c3bv9d9k%26ieCrehsdl1u7%261u0t3s0a5a9d_d7a4b4c110e3d_87-1f89s4rbi-e63d%264o9e3I8%3D1d3neket-66%3Dbc4v5e-%262542a6579542c6b9%262d1e6P9r1m1%3D3r0e6p0b%3DiIhcralsc1I3%3Da0a0b0f0e656979289155f96044b%3DbIce9f4%26an4y2t2u%26cu3l2s5e7Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeNeVel%3DOt7pC%25sAd2i%25LFipD.Jhgpsi%26d7r041c4m427%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=ac996349cbd247a99a758919df072e47&sct=1&ct=1724946120621&cu=772f9a52f46445bcb2c4934baa482f2f&cs=e495b9ec22c4b8ef05e84ec78c474a2c
strict-transport-security
max-age=31536000; includeSubDomains
sitesearchGo
no-go.kelkoogroup.net/ 		30 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Requested by
Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%259o6.225e7n.fio%3DsQikaW2rFY%25X3qsotkhZrCrAfhR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr4h1i2b%26pofnfr8%3Daobo3f4r2dc45f474824a2fe7c96221d014c3bv9d9k%26ieCrehsdl1u7%261u0t3s0a5a9d_d7a4b4c110e3d_87-1f89s4rbi-e63d%264o9e3I8%3D1d3neket-66%3Dbc4v5e-%262542a6579542c6b9%262d1e6P9r1m1%3D3r0e6p0b%3DiIhcralsc1I3%3Da0a0b0f0e656979289155f96044b%3DbIce9f4%26an4y2t2u%26cu3l2s5e7Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nMeNeVel%3DOt7pC%25sAd2i%25LFipD.Jhgpsi%26d7r041c4m427%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=ac996349cbd247a99a758919df072e47&sct=1&ct=1724946120621&cu=772f9a52f46445bcb2c4934baa482f2f&cs=e495b9ec22c4b8ef05e84ec78c474a2c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
d9a5b3fc4c6b45c6349a0e5e2ca263fc85b9a73780b75a27d3e6fcb6c65fd191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.linksprf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length
30724
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Aug 2024 15:42:01 GMT
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.022939S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-Frame-Options
ALLOWALL
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698147_1724946121020_5645951
country
no
leadId
629D01J6FCT0A5Z5TPK94BD1BTENPK
p.png
no-go.kelkoogroup.net/assets/images/ 		68 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464f0d53e6bc92249832c15e7964e475eebab6aa337fee2968a3ff8f82d4d9c9bb18a88053687ebd4244b5903ab0b24bccdb35deae8a885202ae904e294a59c9d614d845e36493e139d44e78a6b7074c8fca5764e86bf868ead10845d860ac2413831735d096930ae290af218a76013fbca5a88c104061744b56a770879f9a5a4e2f34ef470e4ba54abb8313d03f19d9f2df31f091d6ccd22fae2eb42b69d4fdf260104e2c65ff2ec17832682860a73c12fa71e96ae78c6bab3f7e40fe1d30d67120556fbb6d458b0054eebfd3d611dd86029b55025ecba4cf730f5289efb76218556dc5c5a98a6860dd6c3829157bcb9b7c7e7dac17839307b4941bea863a981424a5ce96c934f5203eb2bf54ee1443421
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

Date
Thu, 29 Aug 2024 15:42:01 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
leadId
629D01J6FCT0A5Z5TPK94BD1BTENPK
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.00339S
X-Frame-Options
ALLOWALL
Content-Type
image/png
Cache-Control
private, must-revalidate
clickId
107698147_1724946121020_5645951
country
no
X-Robots-Tag
noindex,nofollow
Content-Length
68
X-XSS-Protection
1; mode=block
tags.js
dd.kelkoogroup.net/ 		167 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/tags.js
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87d2a29a07c3938f83d3ca5b6644e5c2d905aecc8d468fd4022054d9cda084a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://no-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Sh06.dAMGcNBmDmzILHWpSn6GQOzZvpg
content-encoding
gzip
via
1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
date
Thu, 29 Aug 2024 15:38:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P10
age
206
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 27 Aug 2024 09:21:30 GMT
server
AmazonS3
etag
W/"795e04e25153b8d6172037f854354ca6"
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
max-age=3600, public
x-amz-cf-id
HviW-iTpOdRJ3pKV5xoR7HXIatTx4FlttTUG7i0llCxvyLp3Orl0Rg==
collect
www.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-08KS908YC5&_p=478601533&sr=1600x1200&ul=no-no&cid=57306435.1724946121&uid=a4c6293-1919ecd013d-a6136&_fv=1&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FsitesearchGo%3F.ts%3D1724946120577%26.sig%3DJQDkiWLriYdXsqCo7kOZlCVANhM-%26affiliationId%3D96966625%26comId%3D7451223%26country%3Dno%26offerId%3D44f079854128e9c9652edf1bcaba9391%26searchId%3D1076100331015996_1724946120537_672158%26service%3D36%26tokenId%3D1833e9e4-d66b-4b54-92f4-a85d9e41ccbb%26addedParams%3Dtrue%26publisherClickId%3Dv030400016269772f9a52f46445bcb2c4934baa482f2f%26publisherTrafficType%3Dsearchengine%26originReferer%3Dhttps%253A%252F%252Fapi.shopfinder24.com%252F%26publisherSubId%3D270cd53ec2334f118ced14a4e8bc849f&dt=Du%20sendes%20videre%20til%20Gamezone.no&dr=https%3A%2F%2Fr.linksprf.com%2F&dp=%2F96966625%7C7451223%7C&sid=1724946121&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96966625&ep.cd2=629D01J6FCT0A5Z5TPK94BD1BTENPK&ep.cd3=7451223&ep.cd4=a4c6293-1919ecd013d-a6136&ep.cd5=&ep.cd6=96966625%7C7451223%7C
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://no-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 15:42:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://no-go.kelkoogroup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ados.js
no-go.kelkoogroup.net/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://no-go.kelkoogroup.net/ados.js
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

Content-Security-Policy
frame-ancestors 'none'
Date
Thu, 29 Aug 2024 15:42:01 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.000769S
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
X-Robots-Tag
noindex,nofollow
Content-Length
1140
X-XSS-Protection
1; mode=block
fp
no-go.kelkoogroup.net/ 		0
454 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464f0d53e6bc92249832c15e7964e475eebab6aa337fee2968a3ff8f82d4d9c9bb18a88053687ebd4244b5903ab0b24bccdb35deae8a885202ae904e294a59c9d614d845e36493e139d44e78a6b7074c8fca5764e86bf868ead10845d860ac2413831735d096930ae290af218a76013fbca5a88c104061744b56a770879f9a5a4e2f34ef470e4ba54abb8313d03f19d9f2df31f091d6ccd22fae2eb42b69d4fdf260104e2c65ff2ec17832682860a73c12fa71e96ae78c6bab3f7e40fe1d30d67120556fbb6d458b0054eebfd3d611dd86029b55025ecba4cf730f5289efb76218556dc5c5a98a6860dd6c3829157bcb9b7c7e7dac17839307b4941bea863a981424a5ce96c934f5203eb2bf54ee1443421
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-device-memory
8
Content-Type
text/plain;charset=utf-8

Response headers

Date
Thu, 29 Aug 2024 15:42:01 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
leadId
629D01J6FCT0A5Z5TPK94BD1BTENPK
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.008297S
X-Frame-Options
ALLOWALL
Content-Type
text/plain; charset=UTF-8
clickId
107698147_1724946121020_5645951
country
no
X-Robots-Tag
noindex,nofollow
Content-Length
0
X-XSS-Protection
1; mode=block
1d404504-3e68-4298-9321-2cb26deec37a
https://no-go.kelkoogroup.net/ 		0
0
/
dd.kelkoogroup.net/js/ 		236 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/js/
Requested by
Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-87.fra56.r.cloudfront.net
Software
DataDome /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://no-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 15:42:01 GMT
via
1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
DataDome
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
236
x-amz-cf-id
C2nuYe-0NL9svtFUz7WmbzbjqecBCdISRvwfqgkehRhoW22AD1LRfg==
expires
0
Primary Request ProduktInfo.aspx
gamezone.no/WebPages/Produkt/
Redirect Chain
  • https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464f0d53e6bc92249832c15e7964e475eebab6aa337fee2968a3ff8f82d4d9c9bb18a88053687ebd4244b5903ab0b24bccdb...
  • https://www.gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1397&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_source_pl...
  • https://gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1397&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_source_platfo...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1397&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_source_platform=KelkooGroup&utm_term=Brettspill+Star+Wars+Armada+Interdictor+
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.7.138.160 , Norway, ASN31264 (STIM-COMPUTING-AS Peering: peering@visolit.no, NO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ec720804e8b8321db4bdfae8b2016b0c294666a224ae6187fa1aa5e3f5fc4d44

Request headers

Referer
https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

cache-control
private
content-length
1869
content-type
text/html; charset=utf-8
date
Thu, 29 Aug 2024 15:42:01 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge

Redirect headers

content-length
420
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 15:42:01 GMT
location
https://gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1397&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_source_platform=KelkooGroup&utm_term=Brettspill+Star+Wars+Armada+Interdictor+
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
favicon.ico
gamezone.no/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gamezone.no/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.7.138.160 , Norway, ASN31264 (STIM-COMPUTING-AS Peering: peering@visolit.no, NO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b4bdba4efe9f3e080c563dad37628e375dd5ba610d4a3e405c8ed7520a787bc2

Request headers

Referer
https://gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1397&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_source_platform=KelkooGroup&utm_term=Brettspill+Star+Wars+Armada+Interdictor+
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 15:42:01 GMT
last-modified
Mon, 23 Jan 2017 21:32:45 GMT
server
Microsoft-IIS/10.0
etag
"9bb66a3cc075d21:0"
x-powered-by
ASP.NET
content-type
image/x-icon
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
1406
x-ua-compatible
IE=Edge

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
no-go.kelkoogroup.net
URL
blob:https://no-go.kelkoogroup.net/1d404504-3e68-4298-9321-2cb26deec37a

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
.priverautional.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22wifap5fjh6q0mvp33eop5g73%22%2C%22caid%22%3A%22a63ab35d-6b08-4335-9dbb-cbf3f7ad26ae%22%7D
.linksprf.com/ Name: ykuid
Value: 6defa4f89c3a4920885cf22d4bbb4457
r.linksprf.com/ Name: JSESSIONID
Value: 39D8546A09F1A2E8FC3CD0407AA0B8C1
.kelkoogroup.net/ Name: kelkooID
Value: a4c6293-1919ecd013d-a6136
.kelkoogroup.net/ Name: datadome
Value: hfRh0MBJqPpLyqYw9fogRz7jKxV~yIoiQBUCYRvgnDjpNNjw_Af5Lh8azfAIBoTQreb8rVQndzEo7i5da923gW8MQC7Ex~qkXW0nLpAIWJDyYplHzNed1y97gclJh~jv
gamezone.no/ Name: .ASPXANONYMOUS
Value: oGhp1Lsw2wEkAAAAODNlYzM1MmUtNjMwOC00ZmY4LTg3MjMtMjZmNzgyNGJiNTRmicDIiX86BdvmBVeAYpGCKe5FJs01
gamezone.no/ Name: ASP.NET_SessionId
Value: zvyno2hlxx0n5dopojmoagk2

2 Console Messages

Source Level URL
Text
network error URL: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1724946120577&.sig=JQDkiWLriYdXsqCo7kOZlCVANhM-&affiliationId=96966625&comId=7451223&country=no&offerId=44f079854128e9c9652edf1bcaba9391&searchId=1076100331015996_1724946120537_672158&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269772f9a52f46445bcb2c4934baa482f2f&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f(Line 28)
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://gamezone.no/WebPages/Produkt/ProduktInfo.aspx?plid=61312&WebSiteMapNodeID=1000001&prdg1=88&prdg2=706&prdg3=1397&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_source_platform=KelkooGroup&utm_term=Brettspill+Star+Wars+Armada+Interdictor+
Message:
Failed to load resource: the server responded with a status of 404 ()