ch-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://walmartcapitslone.com/
Effective URL:
https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=1...
Submission: On September 12 via api (September 12th 2023, 3:04:26 am UTC) from US — Scanned from CH

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 12 domains to perform 15 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is ch-go.kelkoogroup.net.
TLS certificate: Issued by Thawte RSA CA 2018 on August 25th 2022. Valid for: a year.

This is the only time ch-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	81.17.18.196 81.17.18.196	51852 (PLI-AS) (PLI-AS)
1 2	192.99.158.241 192.99.158.241	16276 (OVH) (OVH)
1 2	52.117.247.211 52.117.247.211	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2606:4700:303... 2606:4700:3032::ac43:a12e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.126.48.135 3.126.48.135	16509 (AMAZON-02) (AMAZON-02)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	88.99.112.6 88.99.112.6	24940 (HETZNER-AS) (HETZNER-AS)
1 5	95.211.116.26 95.211.116.26	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.66.112.3 18.66.112.3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	3.66.117.49 3.66.117.49	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:5a5::2854	() ()
15	10

2 81.17.18.196 (Zurich, Switzerland) 1 redirects

ASN51852 (PLI-AS, PA)
PTR: hostedby.privatelayer.com

walmartcapitslone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.99.158.241 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip241.ip-192-99-158.net

dnavexch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.117.247.211 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com

myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p274639.myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a12e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

geotrkclknow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.48.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com

arveaoy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

storesearch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clickcanv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.112.6 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: app3.yadore.com

api.yadore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.26 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com

ch-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-3.fra56.r.cloudfront.net

dd.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.117.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-117-49.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:5a5::2854 (None, )

ASN- ()

www.douglas.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	kelkoogroup.net 1 redirects ch-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 336297	94 KB
2	storesearch.net storesearch.net	3 KB
2	arveaoy.com arveaoy.com	3 KB
2	myckdom.com 1 redirects myckdom.com — Cisco Umbrella Rank: 196792 p274639.myckdom.com	1 KB
2	dnavexch.com 1 redirects dnavexch.com	8 KB
2	walmartcapitslone.com 1 redirects walmartcapitslone.com	2 KB
1	douglas.ch www.douglas.ch
1	datadome.co api-js.datadome.co — Cisco Umbrella Rank: 5932	414 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	258 B
1	yadore.com 1 redirects api.yadore.com — Cisco Umbrella Rank: 433144	397 B
1	clickcanv.com 1 redirects clickcanv.com	1 KB
1	geotrkclknow.com 1 redirects geotrkclknow.com	570 B
15	12

	Domain	Requested by
5	ch-go.kelkoogroup.net	1 redirects storesearch.net ch-go.kelkoogroup.net
2	storesearch.net	storesearch.net
2	arveaoy.com	p274639.myckdom.com
2	dnavexch.com	1 redirects walmartcapitslone.com
2	walmartcapitslone.com	1 redirects
1	www.douglas.ch	ch-go.kelkoogroup.net
1	api-js.datadome.co	dd.kelkoogroup.net
1	www.google-analytics.com	ch-go.kelkoogroup.net
1	dd.kelkoogroup.net	ch-go.kelkoogroup.net
1	api.yadore.com	1 redirects
1	clickcanv.com	1 redirects
1	geotrkclknow.com	1 redirects
1	p274639.myckdom.com
1	myckdom.com	1 redirects
15	14

This site contains no links.

Subject Issuer	Validity	Valid
*.myckdom.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-03-20`	a year	crt.sh
arveaoy.com R3	`2023-09-05` - `2023-12-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-18` - `2023-10-18`	a year	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2022-08-25` - `2023-09-25`	a year	crt.sh
dd.kelkoogroup.net R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2022-10-13` - `2023-10-21`	a year	crt.sh
www.douglas.de GeoTrust RSA CA 2018	`2023-05-19` - `2023-12-14`	7 months	crt.sh

This page contains 1 frames:

Frame: https://www.douglas.ch/de/p/5010433006?variant=297760&trac=DO_CH.05.05_Price_Search..Kelkoo...297760..PM
Frame ID: 9C2DEC6843A1A2C241A8C814562228C0
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://walmartcapitslone.com/ Page URL
http://walmartcapitslone.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
http://dnavexch.com/click?data=bDFLbkhrU3pFS1FsVzdyZ29hVjlXekRhWndQUGFMNERvLWVrRkdraFR3VWltZVYwV... Page URL
http://dnavexch.com/Redirect/ HTTP 302
https://myckdom.com/aS/feedclick?s=GXn5OvG0oxjHdJzjMU0jUFtoE-55yk0uxOnF_Ys8N2PEcH_5IZLpRZ5tV7Jmg... HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khSlBsDYLBiY7w-aTpnQHEUKMz0cJwHcdqkrAr1LJRJq4... Page URL
https://geotrkclknow.com/rot/KyCDRX4xOMlXxnMp?clickid=90681308514&bid=0.0025&source=447409124 HTTP 302
https://arveaoy.com/click?trvid=34080&clickid=90681308514&bid=0.0025&source=447409124 Page URL
https://arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHk9NTUyOFx... Page URL
https://storesearch.net/links?idy=5528&subid=9peybtzOS8AH Page URL
https://storesearch.net/douglas-ch?q=https%3A%2F%2Fdouglas.ch Page URL
https://clickcanv.com/offer?subid=9peybtzOS8AH&id=a6444319c8fd282cfac9d480947c32b8a2a91c32da0fb800... HTTP 302
https://api.yadore.com/v2/r?e=NG9BQ0pxNmgrTzdOYmNOUWg4OXRSanZWeGwrdXhId0ZLdXlDampxNlc1YnRRWGtYV0Nxb... HTTP 302
https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliatio... Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

15
Requests

87 %
HTTPS

38 %
IPv6

12
Domains

14
Subdomains

10
IPs

5
Countries

108 kB
Transfer

321 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://walmartcapitslone.com/ Page URL
http://walmartcapitslone.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5NDQ5NTA2MSwiaWF0IjoxNjk0NDg3ODYxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydTIwZmVyMm51MXRtOG8wcDgxNmdqdTMiLCJuYmYiOjE2OTQ0ODc4NjEsInRzIjoxNjk0NDg3ODYxMTk1MDkyfQ.7oZJ2Mit4CkB9mFagCe_prXYNCLry4SRrg_BLQdY_dU&sid=11ec926a-5119-11ee-aabf-39667b688ba6 HTTP 302
http://dnavexch.com/click?data=bDFLbkhrU3pFS1FsVzdyZ29hVjlXekRhWndQUGFMNERvLWVrRkdraFR3VWltZVYwVEJ2MVdzWjVVdGJnRlk0Ymc3cjZNSjBtX29JUC1CM1ByWmpPZ0p2TTdTTThVMXNneUd2RGJ4RndMclNkUzZxZjV4N1dEY2plS3M4VjBwbkQ3RzgwaHdVdzdMUVFIalBITTNSRkxsYlZ5LWRnRG81bTIyREpUcDk2Wk1BMQ2&id=48524ab2-22f2-49fa-9364-34c99819d82d Page URL
http://dnavexch.com/Redirect/ HTTP 302
https://myckdom.com/aS/feedclick?s=GXn5OvG0oxjHdJzjMU0jUFtoE-55yk0uxOnF_Ys8N2PEcH_5IZLpRZ5tV7JmgQXznIFjje5HrPodK7X5QIc3n0hfs9IVa7UGQ57WzBF2czkyZma9cQklHluxNC_VCHffxlOmzgR5fh3nQoQZVtH1UcHY6z5T2K7NFT_4ZRcycYj4ImzYbxbwU7CB1fR-grtk44QwN3AO7WAkjvU2H5xxoXboZCokKg6qcIFY4bX5LJbP7Z9nuH5LsE4EM2sq1eDpeR__PxwW791-3sm9U89aYO6JCngfQ44-3CxHPk-oU5qLTfUHnI6UIBlZwjPWfAqpWRQNCzq5xq5wtnAqUi7vONwYtHR_--mdiyzgqnUMhhEjXA2IyVDOzl1yS2C4XWCuNK9plToqI1z0849oetsmMctezRk429-Y5hTuRsX-2DcGpZcGQ4LHFyJIFMDt-GNdn6IwGTdHgCCzyJIuFbpylWd7t6-efTx3Xi5afpNMuNNsIQNVRHsZ7rjYB7ETwU4X53CbQfiJFJaTq0tQkADtZuyBFiu_9JrssR-9S1SZCvHyv1OYTzc6l1L2SVdRnpeQct0l9K9SRkOb7I_JDmZ1uP2AiVQ_WGVHWES3Hs2k47GzvKCPhiMWwfuafv4fuMBfX-fmTVzlAxegEiBM92cKc31Nlh1yeP6HB6cSVDdmsENh2EuZHTGxfoSFG9j4nipz39Y1qmnkPO_WMGFaKTb2KN7wevzlGmhBNG7dcZ3pEbqCuak7DS1J3_jw2wA7_fI28gUzWyRov1BlgO6rmoR5EJIidMtNATF_qWG8-uehTBZ2UX60SMINuMR2ciJT_DNTPHGR9WrZoCJ6ESqeCh3I_SdnY_ePiXKWvldJJrdUrdveSymzGr0QxeXlPkaVVvWJUVuppYBDqHwdPbWc5q4Ji1-sNHPmqEff1OpjWuRjtKprENr5QGVD-k6qQ_66cDnxFymS2zSzkH7h8R3jd6QQOEN50_0CqiiqjWGELRWKdTQMpwYxByd6lw8LmLTiWO7EgKNm5HUY_GUUyiAWoL2_OCkuuk2qInQNNCEJh1KRiBsue_BV7bTPH7n7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQFQaB8NztRqaKcnnOVCa1gtVodyh16Nu-Zngk2rC-1_E2NNxA6ib-IVMIyQQKPBQEVP-nMKsyLvQxB4bcvC7B7Msk-rfNkWHnTdEjH0r5u3hhRgl11k0YQUeZBwbSQFOqLKQBlEeBVyITIupyF1VPCuvLnGzgeumld1J27DFqpYyQx1nIUM87bOVPMGArVGcG01EHlhRqz78gDObcntSZZUscNLdNO10xbizTCFBPRd3ynD5UObBi5ToXez0dOA4Kp_A6_jXk48D5pOmdAcRQozPRwnAdx2qSsCvUslEmrhoyEOp_uQSua-e_6YCxK24olFSzYdV3736Yb6beD-aqDp6t2Df9GS86LKQBlEeBVyITIupyF1VPA7PQPk_awqCtiAbtp9NeTI HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khSlBsDYLBiY7w-aTpnQHEUKMz0cJwHcdqkrAr1LJRJq4explKRO3m--lI_VZzXHVDStIxuqmWjMrP9EWXpe3zcpLyN8qeptyBwFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgVz-p_6WiXVHmAzJt70lBnCg2eNoBXpz-IlFSzYdV3736Yb6beD-aqD6-J7z7Cr0DTmMMKiT1gysD5pOmdAcRQozPRwnAdx2qXzHykOcMREwf6gmL4f0BkMxAh0jd0Sg60uETJD3ZgRTR3-KXTNS3ismYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GXn5OvG0oxjHdJzjMU0jUPD9dUUGb61x5BqBrDJxXOFLhEyQ92YEUx32lDZW9_iarWAc4zpOGwSpYzvAeJzj40OPzQSC-IfiWvQOAX7eMl4vru-0_OIiPQ&si=1&oref=ff08b08e99d98d0bdb1103b7c669e0f6&optunit=0DCU_7Nl9E4heA8LV2TvUKhRwZqjCNIS&rb=30cHdPfkeTk&rr=1&abtg=0 Page URL
https://geotrkclknow.com/rot/KyCDRX4xOMlXxnMp?clickid=90681308514&bid=0.0025&source=447409124 HTTP 302
https://arveaoy.com/click?trvid=34080&clickid=90681308514&bid=0.0025&source=447409124 Page URL
https://arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHk9NTUyOFx1MDAyNnN1YmlkPTlwZXlidHpPUzhBSCIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MjAwMX0= Page URL
https://storesearch.net/links?idy=5528&subid=9peybtzOS8AH Page URL
https://storesearch.net/douglas-ch?q=https%3A%2F%2Fdouglas.ch Page URL
https://clickcanv.com/offer?subid=9peybtzOS8AH&id=a6444319c8fd282cfac9d480947c32b8a2a91c32da0fb800cf5a1ff910806782&g=ch HTTP 302
https://api.yadore.com/v2/r?e=NG9BQ0pxNmgrTzdOYmNOUWg4OXRSanZWeGwrdXhId0ZLdXlDampxNlc1YnRRWGtYV0NxbEExTWVKWU5JaHh3RStDWllsNGJwa1lLK1liNG82aWE5L2lPUTRaaWxSNjhGbUhWYnFQV2VWdHVhSE9uM0lnaDN3L01xNm90N0RiNzdNN1VsYVhQcHRpT2hNUDdhbENyUUFBYW8xaTIxU3JmYnYxQm1mT0VRRkt3Z2VPUHB6eDQ4YU9ZT0RrS3pDMjh3KzBCOWpVVmpjNStiWmJDV2lsOEZ1UlN3V0ZiUm13eGJhL2dLSHlGWG9FelRRMStqSC9tRjBLakp2S21yZlhjajE5TWV4emZrWk9QTmlHRnA2aU9XMEFubjR6OHBURGVIa1pkbExRMElnall1b0kxb0hxOG81eENwWHlkRFlnRDc2Zmw5Qm5yaFUvS05VcVVVbkRxbStjNklTUnNhTERmMUYwZ2FjYjB5QzBITFdlRERVb1pESklERSt2Z3NUcHJVSGJvSXY5MHkzYkQrdTZwMXNEK2UrY1VOWHJTMGdsUWE3NzZzSXc9PQ==&i=jYqt6r6zRoGvojgE&placementId=9peybtzOS8AH HTTP 302
https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://walmartcapitslone.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5NDQ5NTA2MSwiaWF0IjoxNjk0NDg3ODYxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydTIwZmVyMm51MXRtOG8wcDgxNmdqdTMiLCJuYmYiOjE2OTQ0ODc4NjEsInRzIjoxNjk0NDg3ODYxMTk1MDkyfQ.7oZJ2Mit4CkB9mFagCe_prXYNCLry4SRrg_BLQdY_dU&sid=11ec926a-5119-11ee-aabf-39667b688ba6 HTTP 302
http://dnavexch.com/click?data=bDFLbkhrU3pFS1FsVzdyZ29hVjlXekRhWndQUGFMNERvLWVrRkdraFR3VWltZVYwVEJ2MVdzWjVVdGJnRlk0Ymc3cjZNSjBtX29JUC1CM1ByWmpPZ0p2TTdTTThVMXNneUd2RGJ4RndMclNkUzZxZjV4N1dEY2plS3M4VjBwbkQ3RzgwaHdVdzdMUVFIalBITTNSRkxsYlZ5LWRnRG81bTIyREpUcDk2Wk1BMQ2&id=48524ab2-22f2-49fa-9364-34c99819d82d

Request Chain 2

http://dnavexch.com/Redirect/ HTTP 302
https://myckdom.com/aS/feedclick?s=GXn5OvG0oxjHdJzjMU0jUFtoE-55yk0uxOnF_Ys8N2PEcH_5IZLpRZ5tV7JmgQXznIFjje5HrPodK7X5QIc3n0hfs9IVa7UGQ57WzBF2czkyZma9cQklHluxNC_VCHffxlOmzgR5fh3nQoQZVtH1UcHY6z5T2K7NFT_4ZRcycYj4ImzYbxbwU7CB1fR-grtk44QwN3AO7WAkjvU2H5xxoXboZCokKg6qcIFY4bX5LJbP7Z9nuH5LsE4EM2sq1eDpeR__PxwW791-3sm9U89aYO6JCngfQ44-3CxHPk-oU5qLTfUHnI6UIBlZwjPWfAqpWRQNCzq5xq5wtnAqUi7vONwYtHR_--mdiyzgqnUMhhEjXA2IyVDOzl1yS2C4XWCuNK9plToqI1z0849oetsmMctezRk429-Y5hTuRsX-2DcGpZcGQ4LHFyJIFMDt-GNdn6IwGTdHgCCzyJIuFbpylWd7t6-efTx3Xi5afpNMuNNsIQNVRHsZ7rjYB7ETwU4X53CbQfiJFJaTq0tQkADtZuyBFiu_9JrssR-9S1SZCvHyv1OYTzc6l1L2SVdRnpeQct0l9K9SRkOb7I_JDmZ1uP2AiVQ_WGVHWES3Hs2k47GzvKCPhiMWwfuafv4fuMBfX-fmTVzlAxegEiBM92cKc31Nlh1yeP6HB6cSVDdmsENh2EuZHTGxfoSFG9j4nipz39Y1qmnkPO_WMGFaKTb2KN7wevzlGmhBNG7dcZ3pEbqCuak7DS1J3_jw2wA7_fI28gUzWyRov1BlgO6rmoR5EJIidMtNATF_qWG8-uehTBZ2UX60SMINuMR2ciJT_DNTPHGR9WrZoCJ6ESqeCh3I_SdnY_ePiXKWvldJJrdUrdveSymzGr0QxeXlPkaVVvWJUVuppYBDqHwdPbWc5q4Ji1-sNHPmqEff1OpjWuRjtKprENr5QGVD-k6qQ_66cDnxFymS2zSzkH7h8R3jd6QQOEN50_0CqiiqjWGELRWKdTQMpwYxByd6lw8LmLTiWO7EgKNm5HUY_GUUyiAWoL2_OCkuuk2qInQNNCEJh1KRiBsue_BV7bTPH7n7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQFQaB8NztRqaKcnnOVCa1gtVodyh16Nu-Zngk2rC-1_E2NNxA6ib-IVMIyQQKPBQEVP-nMKsyLvQxB4bcvC7B7Msk-rfNkWHnTdEjH0r5u3hhRgl11k0YQUeZBwbSQFOqLKQBlEeBVyITIupyF1VPCuvLnGzgeumld1J27DFqpYyQx1nIUM87bOVPMGArVGcG01EHlhRqz78gDObcntSZZUscNLdNO10xbizTCFBPRd3ynD5UObBi5ToXez0dOA4Kp_A6_jXk48D5pOmdAcRQozPRwnAdx2qSsCvUslEmrhoyEOp_uQSua-e_6YCxK24olFSzYdV3736Yb6beD-aqDp6t2Df9GS86LKQBlEeBVyITIupyF1VPA7PQPk_awqCtiAbtp9NeTI HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khSlBsDYLBiY7w-aTpnQHEUKMz0cJwHcdqkrAr1LJRJq4explKRO3m--lI_VZzXHVDStIxuqmWjMrP9EWXpe3zcpLyN8qeptyBwFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgVz-p_6WiXVHmAzJt70lBnCg2eNoBXpz-IlFSzYdV3736Yb6beD-aqD6-J7z7Cr0DTmMMKiT1gysD5pOmdAcRQozPRwnAdx2qXzHykOcMREwf6gmL4f0BkMxAh0jd0Sg60uETJD3ZgRTR3-KXTNS3ismYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GXn5OvG0oxjHdJzjMU0jUPD9dUUGb61x5BqBrDJxXOFLhEyQ92YEUx32lDZW9_iarWAc4zpOGwSpYzvAeJzj40OPzQSC-IfiWvQOAX7eMl4vru-0_OIiPQ&si=1&oref=ff08b08e99d98d0bdb1103b7c669e0f6&optunit=0DCU_7Nl9E4heA8LV2TvUKhRwZqjCNIS&rb=30cHdPfkeTk&rr=1&abtg=0

Request Chain 3

https://geotrkclknow.com/rot/KyCDRX4xOMlXxnMp?clickid=90681308514&bid=0.0025&source=447409124 HTTP 302
https://arveaoy.com/click?trvid=34080&clickid=90681308514&bid=0.0025&source=447409124

Request Chain 13

https://ch-go.kelkoogroup.net/redirect?country=ch&k=612f7a9541cd6ea61eb554c0e4cff43782507d91f2acee5bddf1ad0f52eb0789e11ceb12a7077617e63468009532b88055b582482080e49d1704b2ac4d248a223d15ab439e1182a5d7f63956a1a38811af8604902bbaba801db0ff1d65527d27a8fb00844ff487a2857f52304682708ada4ae9dfbd822a9cdc765c9df770714d8a1666b1d857812a04526a0ee1d01e60ed83eeccf1a04d913a1a82ff52b0b71550d2d84aa6bc42117317c5341d7777e62b76d5d70448a6387b421a6c0ac0e8527e12ced4124d609911d5142a1b7b950b4e5d3ed7df549a7878cec9c5d215e94b8643f4c852d879bfb96e85b717bbd7be8d9664fe57a0c134aa8e1f102c88bd01aedc3f744942d940e0b1ecabba369bc055ed99331f1ac381061d84f17378127c03e5ed217880299b70b347d7d1c2bfa4e99a7daddbedeb93653e435cfc54fd5269e20e9875ea7c6dab7187e991d4b5f2187bc937c9b1570975a45590b32c4cf840dd0f3de6748a6abff1a965ed2cdea1b0c7bb670051cc657a6b6bb98b9a5af328126172ef08121ab05caae81ec5594a&url=https%3A%2F%2Fwww.douglas.ch%2Fde%2Fp%2F5010433006%3Fvariant%3D297760%26trac%3DDO_CH.05.05_Price_Search..Kelkoo...297760..PM HTTP 303
https://www.douglas.ch/de/p/5010433006?variant=297760&trac=DO_CH.05.05_Price_Search..Kelkoo...297760..PM

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
walmartcapitslone.com/ 482 B
935 B 170ms
42ms Document
text/html 81.17.18.196
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://walmartcapitslone.com/
Protocol: HTTP/1.1
Server: 81.17.18.196 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 482
content-type: text/html; charset=utf-8
date: Tue, 12 Sep 2023 03:04:21 GMT
server: nginx

GET
H/1.1

200
OK

click Show response
dnavexch.com/
Redirect Chain

http://walmartcapitslone.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5NDQ5NTA2MSwiaWF0IjoxNjk0NDg3ODYxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydTIwZmVyMm51MXRtOG...
http://dnavexch.com/click?data=bDFLbkhrU3pFS1FsVzdyZ29hVjlXekRhWndQUGFMNERvLWVrRkdraFR3VWltZVYwVEJ2MVdzWjVVdGJnRlk0Ymc3cjZNSjBtX29JUC1CM1ByWmpPZ0p2TTdTTThVMXNneUd2RGJ4RndMclNkUzZxZjV4N1dEY2plS3M4Vj...

5 KB
6 KB

250ms
109ms

Document
text/html

192.99.158.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://dnavexch.com/click?data=bDFLbkhrU3pFS1FsVzdyZ29hVjlXekRhWndQUGFMNERvLWVrRkdraFR3VWltZVYwVEJ2MVdzWjVVdGJnRlk0Ymc3cjZNSjBtX29JUC1CM1ByWmpPZ0p2TTdTTThVMXNneUd2RGJ4RndMclNkUzZxZjV4N1dEY2plS3M4VjBwbkQ3RzgwaHdVdzdMUVFIalBITTNSRkxsYlZ5LWRnRG81bTIyREpUcDk2Wk1BMQ2&id=48524ab2-22f2-49fa-9364-34c99819d82d
Requested by: Host: walmartcapitslone.com
URL: http://walmartcapitslone.com/
Protocol: HTTP/1.1
Server: 192.99.158.241 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ip241.ip-192-99-158.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 14a2020184513eff37ca6f5d09ee503da6b08450e36048ce5176d393a235220f

Request headers

Referer: http://walmartcapitslone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 5470
Content-Type: text/html; charset=utf-8
Date: Tue, 12 Sep 2023 03:02:39 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 12 Sep 2023 03:04:21 GMT
location: http://dnavexch.com/click?data=bDFLbkhrU3pFS1FsVzdyZ29hVjlXekRhWndQUGFMNERvLWVrRkdraFR3VWltZVYwVEJ2MVdzWjVVdGJnRlk0Ymc3cjZNSjBtX29JUC1CM1ByWmpPZ0p2TTdTTThVMXNneUd2RGJ4RndMclNkUzZxZjV4N1dEY2plS3M4VjBwbkQ3RzgwaHdVdzdMUVFIalBITTNSRkxsYlZ5LWRnRG81bTIyREpUcDk2Wk1BMQ2&id=48524ab2-22f2-49fa-9364-34c99819d82d
server: nginx

GET
H2

200

domainClick
p274639.myckdom.com/adServe/
Redirect Chain

http://dnavexch.com/Redirect/
https://myckdom.com/aS/feedclick?s=GXn5OvG0oxjHdJzjMU0jUFtoE-55yk0uxOnF_Ys8N2PEcH_5IZLpRZ5tV7JmgQXznIFjje5HrPodK7X5QIc3n0hfs9IVa7UGQ57WzBF2czkyZma9cQklHluxNC_VCHffxlOmzgR5fh3nQoQZVtH1UcHY6z5T2K7NFT...
https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khSlBsDYLBiY7w-aTpnQHEUKMz0cJwHcdqkrAr1LJRJq4explKRO3m--lI_VZzXHVDStIxuqmWjMrP9EWXpe3zcpLyN8qeptyBwFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrF...

289 B
613 B

232ms
208ms

Document
text/html

52.117.247.211
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khSlBsDYLBiY7w-aTpnQHEUKMz0cJwHcdqkrAr1LJRJq4explKRO3m--lI_VZzXHVDStIxuqmWjMrP9EWXpe3zcpLyN8qeptyBwFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgVz-p_6WiXVHmAzJt70lBnCg2eNoBXpz-IlFSzYdV3736Yb6beD-aqD6-J7z7Cr0DTmMMKiT1gysD5pOmdAcRQozPRwnAdx2qXzHykOcMREwf6gmL4f0BkMxAh0jd0Sg60uETJD3ZgRTR3-KXTNS3ismYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GXn5OvG0oxjHdJzjMU0jUPD9dUUGb61x5BqBrDJxXOFLhEyQ92YEUx32lDZW9_iarWAc4zpOGwSpYzvAeJzj40OPzQSC-IfiWvQOAX7eMl4vru-0_OIiPQ&si=1&oref=ff08b08e99d98d0bdb1103b7c669e0f6&optunit=0DCU_7Nl9E4heA8LV2TvUKhRwZqjCNIS&rb=30cHdPfkeTk&rr=1&abtg=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: d3.f7.7534.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://dnavexch.com
Referer: http://dnavexch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 12 Sep 2023 03:04:22 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Tue, 12 Sep 2023 03:04:22 GMT
location: https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khSlBsDYLBiY7w-aTpnQHEUKMz0cJwHcdqkrAr1LJRJq4explKRO3m--lI_VZzXHVDStIxuqmWjMrP9EWXpe3zcpLyN8qeptyBwFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgVz-p_6WiXVHmAzJt70lBnCg2eNoBXpz-IlFSzYdV3736Yb6beD-aqD6-J7z7Cr0DTmMMKiT1gysD5pOmdAcRQozPRwnAdx2qXzHykOcMREwf6gmL4f0BkMxAh0jd0Sg60uETJD3ZgRTR3-KXTNS3ismYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GXn5OvG0oxjHdJzjMU0jUPD9dUUGb61x5BqBrDJxXOFLhEyQ92YEUx32lDZW9_iarWAc4zpOGwSpYzvAeJzj40OPzQSC-IfiWvQOAX7eMl4vru-0_OIiPQ&si=1&oref=ff08b08e99d98d0bdb1103b7c669e0f6&optunit=0DCU_7Nl9E4heA8LV2TvUKhRwZqjCNIS&rb=30cHdPfkeTk&rr=1&abtg=0
server: nginx

GET
H2

200

click Show response
arveaoy.com/
Redirect Chain

https://geotrkclknow.com/rot/KyCDRX4xOMlXxnMp?clickid=90681308514&bid=0.0025&source=447409124
https://arveaoy.com/click?trvid=34080&clickid=90681308514&bid=0.0025&source=447409124

999 B
3 KB

1003ms
926ms

Document
text/html

3.126.48.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arveaoy.com/click?trvid=34080&clickid=90681308514&bid=0.0025&source=447409124
Requested by: Host: p274639.myckdom.com
URL: https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khSlBsDYLBiY7w-aTpnQHEUKMz0cJwHcdqkrAr1LJRJq4explKRO3m--lI_VZzXHVDStIxuqmWjMrP9EWXpe3zcpLyN8qeptyBwFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgVz-p_6WiXVHmAzJt70lBnCg2eNoBXpz-IlFSzYdV3736Yb6beD-aqD6-J7z7Cr0DTmMMKiT1gysD5pOmdAcRQozPRwnAdx2qXzHykOcMREwf6gmL4f0BkMxAh0jd0Sg60uETJD3ZgRTR3-KXTNS3ismYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GXn5OvG0oxjHdJzjMU0jUPD9dUUGb61x5BqBrDJxXOFLhEyQ92YEUx32lDZW9_iarWAc4zpOGwSpYzvAeJzj40OPzQSC-IfiWvQOAX7eMl4vru-0_OIiPQ&si=1&oref=ff08b08e99d98d0bdb1103b7c669e0f6&optunit=0DCU_7Nl9E4heA8LV2TvUKhRwZqjCNIS&rb=30cHdPfkeTk&rr=1&abtg=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf742e7bf523e3775816a1db40bf47eb517c5c1d64db40aadad8afbfbfa461db

Request headers

Referer: https://p274639.myckdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length: 999
content-type: text/html; charset=utf-8
date: Tue, 12 Sep 2023 03:04:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8054ec37ffd8bb49-FRA
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 03:04:23 GMT
location: https://arveaoy.com/click?trvid=34080&clickid=90681308514&bid=0.0025&source=447409124
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZUwofjLaiSXdD3kKZb3e%2BIeIX2dYHu86oumdtMIJG6w8J5RxbDhAsqImKyTywCp4QiXeyAw3k%2FsZyiXCVPYC8i6222W0XqeAxsiorYLWH%2BjJhVHPgkVIRf19XmG1E4j58pWltXRjhsUkj93SSHQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 double
arveaoy.com/ 638 B
818 B 22ms
21ms Document
text/html 3.126.48.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHk9NTUyOFx1MDAyNnN1YmlkPTlwZXlidHpPUzhBSCIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MjAwMX0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length: 638
content-type: text/html; charset=utf-8
date: Tue, 12 Sep 2023 03:04:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: nginx

GET
H2 200 links
storesearch.net/ 604 B
2 KB 111ms
45ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storesearch.net/links?idy=5528&subid=9peybtzOS8AH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8054ec3f383491d5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 03:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKcxDFsvVIjU0YFvJNR7cwXiWryZtsx2Z6OPPKOi%2BeUA4FupXPWgpwkja18AETTqAWOxjsPjLZlPGmxYff3Nuz%2F4rNU8DnrmMXZjr8PGf3yOM9AlOjmLdluC16hK6iNvgSKsxvVQuEuo3n2mnhM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 douglas-ch
storesearch.net/ 621 B
1 KB 54ms
53ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storesearch.net/douglas-ch?q=https%3A%2F%2Fdouglas.ch

Requested by

Host: storesearch.net
URL: https://storesearch.net/links?idy=5528&subid=9peybtzOS8AH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8054ec3f986091d5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 03:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6T3uojhsadyUBhCb%2BlXPl%2FBLt0p81UFpgtduGab5k9D2C1Ur6lWGW6%2FMJ8snXktYRHv75gi3495YDCISr25LrBa6fxP6twQrO9Dlhzh3K5DlkdWNppuNzMNnvIz5SBOkdIOfV0mFhKjW3nzXN8I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request offersearchGo Show response
ch-go.kelkoogroup.net/
Redirect Chain

https://clickcanv.com/offer?subid=9peybtzOS8AH&id=a6444319c8fd282cfac9d480947c32b8a2a91c32da0fb800cf5a1ff910806782&g=ch
https://api.yadore.com/v2/r?e=NG9BQ0pxNmgrTzdOYmNOUWg4OXRSanZWeGwrdXhId0ZLdXlDampxNlc1YnRRWGtYV0NxbEExTWVKWU5JaHh3RStDWllsNGJwa1lLK1liNG82aWE5L2lPUTRaaWxSNjhGbUhWYnFQV2VWdHVhSE9uM0lnaDN3L01xNm90N0R...
https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&...

33 KB
34 KB

215ms
77ms

Document
text/html

95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F

Requested by

Host: storesearch.net
URL: https://storesearch.net/douglas-ch?q=https%3A%2F%2Fdouglas.ch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3db44a6ab7dd13f7f562c60464300efad0ac2f41beddae71a8f3fd76902b780d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://storesearch.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length: 33905
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Sep 2023 03:04:24 GMT
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.020844S
X-Content-Type-Options: nosniff
X-DataDome: protected
X-Frame-Options: ALLOWALL
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698154_1694487864866_9197187
country: ch
leadId: 629D01HA3NHSHB66B4XYFE86BGT8G8

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 03:04:24 GMT
location: https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F
server: nginx
x-powered-by: PHP/8.0.26

GET
H/1.1 200
OK p.png
ch-go.kelkoogroup.net/assets/images/ 68 B
548 B 52ms
31ms Image
image/png 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ch-go.kelkoogroup.net/assets/images/p.png?country=ch&k=612f7a9541cd6ea61eb554c0e4cff43782507d91f2acee5bddf1ad0f52eb0789e11ceb12a7077617e63468009532b88055b582482080e49d1704b2ac4d248a223d15ab439e1182a5d7f63956a1a38811af8604902bbaba801db0ff1d65527d27a8fb00844ff487a2857f52304682708ada4ae9dfbd822a9cdc765c9df770714d8a1666b1d857812a04526a0ee1d01e60ed83eeccf1a04d913a1a82ff52b0b71550d2d84aa6bc42117317c5341d7777e62b76d5d70448a6387b421a6c0ac0e8527e12ced4124d609911d5142a1b7b950b4e5d3ed7df549a7878cec9c5d215e94b8643f4c852d879bfb96e85b717bbd7be8d9664fe57a0c134aa8e1f102c88bd01aedc3f744942d940e0b1ecabba369bc055ed99331f1ac381061d84f17378127c03e5ed217880299b70b347d7d1c2bfa4e99a7daddbedeb93653e435cfc54fd5269e20e9875ea7c6dab7187e991d4b5f2187bc937c9b1570975a45590b32c4cf840dd0f3de6748a6abff1a965ed2cdea1b0c7bb670051cc657a6b6bb98b9a5af328126172ef08121ab05caae81ec5594a

Requested by

Host: ch-go.kelkoogroup.net
URL: https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
sec-ch-device-memory: 8

Response headers

Date: Tue, 12 Sep 2023 03:04:24 GMT
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
leadId: 629D01HA3NHSHB66B4XYFE86BGT8G8
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.002277S
X-Frame-Options: ALLOWALL
Content-Type: image/png
Cache-Control: private, must-revalidate
clickId: 107698154_1694487864866_9197187
country: ch
X-Robots-Tag: noindex,nofollow
Content-Length: 68
X-XSS-Protection: 1; mode=block

GET
H2 200 tags.js Show response
dd.kelkoogroup.net/ 277 KB
57 KB 155ms
26ms Script
text/javascript 18.66.112.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-3.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

d35c481a63fed744bb6c423366b1e543166e325c124f78bb61a3ca56b185f011

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ch-go.kelkoogroup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date: Tue, 12 Sep 2023 02:49:25 GMT
x-amz-cf-pop: FRA56-P5
age: 904
x-cache: Hit from cloudfront
content-length: 57544
last-modified: Mon, 11 Sep 2023 08:37:26 GMT
server: Apache
etag: "454a1-605113c70f9b6-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: 74xyhqgASKc0WeXLY0vYNnO0t52EIe-oz450rADZwM_FIUudhHqgxg==
expires: Tue, 12 Sep 2023 03:49:20 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
258 B 97ms
32ms Ping
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-F6K3CVLGR7&_p=648940817&sr=1600x1200&ul=en-us&cid=908331469.1694487864&uid=a4c629a-18a8758e622-21cd55&_fv=1&_s=1&dl=https%3A%2F%2Fch-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1694474489211%26.sig%3DWnwHFCOFwVZ.QuPeyA8NzUK67SI-%26affiliationId%3D96965876%26comId%3D14981713%26country%3Dch%26offerId%3D64be7f271908b3fac2a1df9adea7e926%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Db4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185%26custom2%3DSde46opRHJDX%26custom3%3Dfalse%26originReferer%3Dhttps%253A%252F%252Fstoresearch.net%252F&dt=Weiterleitung%20zu%20Parf%C3%BCmerie%20Douglas&dr=https%3A%2F%2Fstoresearch.net%2F&dp=%2F96965876%7C14981713%7C&sid=1694487864&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96965876&ep.cd2=629D01HA3NHSHB66B4XYFE86BGT8G8&ep.cd3=14981713&ep.cd4=a4c629a-18a8758e622-21cd55&ep.cd5=&ep.cd6=96965876%7C14981713%7C
Requested by: Host: ch-go.kelkoogroup.net
URL: https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ch-go.kelkoogroup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 03:04:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ch-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found ados.js Show response
ch-go.kelkoogroup.net/ 1 KB
2 KB 51ms
33ms XHR
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ch-go.kelkoogroup.net/ados.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
sec-ch-device-memory: 8

Response headers

Content-Security-Policy: frame-ancestors 'none'
Date: Tue, 12 Sep 2023 03:04:25 GMT
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.000283S
X-Frame-Options: DENY
Content-Type: text/html; charset=UTF-8
X-Robots-Tag: noindex,nofollow
Content-Length: 1140
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK fp
ch-go.kelkoogroup.net/ 0
454 B 34ms
33ms Ping
text/plain 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ch-go.kelkoogroup.net/fp?country=ch&k=612f7a9541cd6ea61eb554c0e4cff43782507d91f2acee5bddf1ad0f52eb0789e11ceb12a7077617e63468009532b88055b582482080e49d1704b2ac4d248a223d15ab439e1182a5d7f63956a1a38811af8604902bbaba801db0ff1d65527d27a8fb00844ff487a2857f52304682708ada4ae9dfbd822a9cdc765c9df770714d8a1666b1d857812a04526a0ee1d01e60ed83eeccf1a04d913a1a82ff52b0b71550d2d84aa6bc42117317c5341d7777e62b76d5d70448a6387b421a6c0ac0e8527e12ced4124d609911d5142a1b7b950b4e5d3ed7df549a7878cec9c5d215e94b8643f4c852d879bfb96e85b717bbd7be8d9664fe57a0c134aa8e1f102c88bd01aedc3f744942d940e0b1ecabba369bc055ed99331f1ac381061d84f17378127c03e5ed217880299b70b347d7d1c2bfa4e99a7daddbedeb93653e435cfc54fd5269e20e9875ea7c6dab7187e991d4b5f2187bc937c9b1570975a45590b32c4cf840dd0f3de6748a6abff1a965ed2cdea1b0c7bb670051cc657a6b6bb98b9a5af328126172ef08121ab05caae81ec5594a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
sec-ch-device-memory: 8
Content-Type: text/plain;charset=utf-8

Response headers

Date: Tue, 12 Sep 2023 03:04:25 GMT
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
leadId: 629D01HA3NHSHB66B4XYFE86BGT8G8
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.004956S
X-Frame-Options: ALLOWALL
Content-Type: text/plain; charset=UTF-8
clickId: 107698154_1694487864866_9197187
country: ch
X-Robots-Tag: noindex,nofollow
Content-Length: 0
X-XSS-Protection: 1; mode=block

POST
H2 200 /
api-js.datadome.co/js/ 236 B
414 B 117ms
27ms XHR
application/json 3.66.117.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.117.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-117-49.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash

Request headers

Referer: https://ch-go.kelkoogroup.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 03:04:25 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 236
expires: 0

GET
H2

200

5010433006
www.douglas.ch/de/p/
Redirect Chain

https://ch-go.kelkoogroup.net/redirect?country=ch&k=612f7a9541cd6ea61eb554c0e4cff43782507d91f2acee5bddf1ad0f52eb0789e11ceb12a7077617e63468009532b88055b582482080e49d1704b2ac4d248a223d15ab439e1182a5d...
https://www.douglas.ch/de/p/5010433006?variant=297760&trac=DO_CH.05.05_Price_Search..Kelkoo...297760..PM

0
0

1164ms
1013ms

Document
text/html

2a02:26f0:480:5a5::2854

General

Check archive.org

Show headers Download Go to

Full URL

https://www.douglas.ch/de/p/5010433006?variant=297760&trac=DO_CH.05.05_Price_Search..Kelkoo...297760..PM

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:5a5::2854 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-CH,de;q=0.9
sec-ch-device-memory: 8

Response headers

cache-control: max-age=120
content-encoding: gzip
content-length: 127785
content-type: text/html; charset=utf-8
date: Tue, 12 Sep 2023 03:04:26 GMT
expires: Tue, 12 Sep 2023 03:06:26 GMT
server-timing: intid;desc=60acdd92466f4c52
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-dgl-requestid: 0.a7d01702.1694487865.2b3c8954

Redirect headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length: 0
Date: Tue, 12 Sep 2023 03:04:25 GMT
Location: https://www.douglas.ch/de/p/5010433006?variant=297760&trac=DO_CH.05.05_Price_Search..Kelkoo...297760..PM
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.012103S
X-Content-Type-Options: nosniff
X-DataDome: protected
X-Frame-Options: ALLOWALL
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698154_1694487864866_9197187
country: ch
leadId: 629D01HA3NHSHB66B4XYFE86BGT8G8

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.walmartcapitslone.com/	1970-01-21 00:17:27	Name: sid Value: 11ec926a-5119-11ee-aabf-39667b688ba6
dnavexch.com/	1969-12-31 23:59:59	Name: MvNXRLqVFYYuCdi Value: MvNXRLqVFYYuCdi
.myckdom.com/	1970-01-20 19:00:39	Name: rhid Value: 83623945244
.myckdom.com/	1970-01-20 14:41:31	Name: loi Value: ad_1428316_off_871253_aff_14470_cid_274639-584329633-WALMARTCAPITSLONE.COM_ts_1694487862
arveaoy.com/	1970-01-20 15:24:39	Name: ClickDataNG Value: H4sIAAAAAAAA_1xT72-jOBD9V9B8aiWLGAKEUEVVLne6nNr0Vpt2K632i2MmiRVio7GhTX_87ysD20b99PDMMPP85vkVWiSrjIYCopCHHBi4U41QcAa22dz_-ZZGt0gOSyi2orLIQFZKHv4roYBpjaeNe_l_nc-XwKAUDqGIsmmS5JM8SxhIcayF2mlfPU54zhkou_g2_-hFxgmnTFeQx2nKgJoK_YkzICwVoXQrdHtTQpEysKYh2eVzBpXQpdK7oXo4PVAFBQADs90i-VwUZXzCYENCy_1Q3CX70r1ztS1GI-sMoUVBch9qdKNK6YO9VuVplqZx_qvhPM5ss1Hl7Mu1pbEOCh5yHnv-2KJueu1qcTKN-xy4aIhQyxMU8LD-Gxg0pM4YCGpRmFMozXHUiXztqFXlrFOuJ9CFPQWe5dGY52mU9AnPq6cwMO2EmiXJJOHTKE6AgarnZUlorV_5NA1jnoURT8NoPD7PZr18jUWa71A7KGBlXlRViVEa8uDiUenSPNng7j6IeMivgkels-QqeM6Sy2Be1xU-4uZGuVE6noTjLLi4Wd6vbllQqQMG_6I8mMtgsSdzxFEUZSEP0zxJw2gyDdZiK0gN_4GXcouE1PMpsVUSP2xp_C0GKn7Z9sennb2XN2SebPdvP-ujw18kdHnecmVKrM4Dd-KI_Vn242BhqDbk3e39W3tF4mQS_NOQqTFYf7_tXNBoR361i2XHfdezWSzf3n42pOTeFyl3-hqrBaF2C7_Ywbikdkrf1mchR0JbIfuXYqHQTVUxkI115gjF62BB6A0ADPDZIWlR9a_00yvAoOV9yzYaMB5wPGAyYAoFnNunHYzRTgbMB5x6fH__HQAA__9FUxZsUgQAAA==
arveaoy.com/	1970-01-20 15:24:39	Name: ClickDataNgFall Value: H4sIAAAAAAAA_1xT72-jOBD9V9B8aiWLGAKEUEVVLne6nNr0Vpt2K632i2MmiRVio7GhTX_87ysD20b99PDMMPP85vkVWiSrjIYCopCHHBi4U41QcAa22dz_-ZZGt0gOSyi2orLIQFZKHv4roYBpjaeNe_l_nc-XwKAUDqGIsmmS5JM8SxhIcayF2mlfPU54zhkou_g2_-hFxgmnTFeQx2nKgJoK_YkzICwVoXQrdHtTQpEysKYh2eVzBpXQpdK7oXo4PVAFBQADs90i-VwUZXzCYENCy_1Q3CX70r1ztS1GI-sMoUVBch9qdKNK6YO9VuVplqZx_qvhPM5ss1Hl7Mu1pbEOCh5yHnv-2KJueu1qcTKN-xy4aIhQyxMU8LD-Gxg0pM4YCGpRmFMozXHUiXztqFXlrFOuJ9CFPQWe5dGY52mU9AnPq6cwMO2EmiXJJOHTKE6AgarnZUlorV_5NA1jnoURT8NoPD7PZr18jUWa71A7KGBlXlRViVEa8uDiUenSPNng7j6IeMivgkels-QqeM6Sy2Be1xU-4uZGuVE6noTjLLi4Wd6vbllQqQMG_6I8mMtgsSdzxFEUZSEP0zxJw2gyDdZiK0gN_4GXcouE1PMpsVUSP2xp_C0GKn7Z9sennb2XN2SebPdvP-ujw18kdHnecmVKrM4Dd-KI_Vn242BhqDbk3e39W3tF4mQS_NOQqTFYf7_tXNBoR361i2XHfdezWSzf3n42pOTeFyl3-hqrBaF2C7_Ywbikdkrf1mchR0JbIfuXYqHQTVUxkI115gjF62BB6A0ADPDZIWlR9a_00yvAoOV9yzYaMB5wPGAyYAoFnNunHYzRTgbMB5x6fH__HQAA__9FUxZsUgQAAA==
storesearch.net/	1970-01-20 14:41:35	Name: XSRF-TOKEN Value: eyJpdiI6IloxWFZ2UVZZd3FoVmVFR0UwTjV1VEE9PSIsInZhbHVlIjoiTHNVZzB3Um5xdmUycGZtMi8vcUFjWnFWM2laVkVkb1kvaG9UaFpxZytIeTdJYW1DdlFhU2t2d2lKYlBWLzM4bE1RemY3b3IxRGpjZDBZRjArdVN2ZWs5Tjd3ckdud0lTM1pOYzdmVjhET3d0Q0hXZGYvN0hOY2VPcVJPYi9wZzEiLCJtYWMiOiJmYmY3MzIxN2I5NzY1NzljNGQ5ZjEwNmQ0ZTEwYjdjNzE0NWJhNDcyNzAxODY4MGRmZWEwZDkzM2ZlMWZhOTJmIn0%3D
storesearch.net/	1970-01-20 14:41:35	Name: vipesearches_session Value: eyJpdiI6IitPUGxQTTNjOCtPQVNUYkUvczM0cmc9PSIsInZhbHVlIjoiTXF0eEdmZ2dhQldGV2s3UmFEMGpQdk50cDVZYXVJWmdkcjhOdWRzeHdKcGhKQnY0V2l4bFJOT0pPcU1FdkJPbDFib2F4d2xZWHRpNWhlQkJ4eE0rQ0VkRDJGbW9leW9nV3MvK0ZLWGU2Vm5UQlo4WXlGWnpSK3k1em1pRnE5ZDIiLCJtYWMiOiI2NDNlZTAyNmMzOTZmMjlhM2M3OTM0MWZhOGZkODkwZTIzNjM1MDZhM2NhMWRiYzA3NjVmNWI1Y2FlZDc4YzMyIn0%3D
.kelkoogroup.net/	1970-01-20 23:27:03	Name: kelkooID Value: a4c629a-18a8758e622-21cd55
.kelkoogroup.net/	1970-01-20 23:27:03	Name: datadome Value: 6qLdpmi8C01J~4Yy9AsSb7~_uxVd43TavxatrR2~BJMHhET5tXvmLCnzg28zu8Nm-rFte4KcZFh16EhFYsqnm~ZPAk_uM2Vr6dmUcCl5N5-JbswwXMUtW4mCykolKoJx

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ch-go.kelkoogroup.net/offersearchGo?.ts=1694474489211&.sig=WnwHFCOFwVZ.QuPeyA8NzUK67SI-&affiliationId=96965876&comId=14981713&country=ch&offerId=64be7f271908b3fac2a1df9adea7e926&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b4aca0bb0235fcf48677f740638fa7ae02736e72aa0af8b38a8bc37142906185&custom2=Sde46opRHJDX&custom3=false&originReferer=https%3A%2F%2Fstoresearch.net%2F(Line 28) Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
api.yadore.com
arveaoy.com
ch-go.kelkoogroup.net
clickcanv.com
dd.kelkoogroup.net
dnavexch.com
geotrkclknow.com
myckdom.com
p274639.myckdom.com
storesearch.net
walmartcapitslone.com
www.douglas.ch
www.google-analytics.com
18.66.112.3
192.99.158.241
2606:4700:3032::ac43:a12e
2a00:1450:4001:801::200e
2a02:26f0:480:5a5::2854
2a06:98c1:3120::3
2a06:98c1:3121::3
3.126.48.135
3.66.117.49
52.117.247.211
81.17.18.196
88.99.112.6
95.211.116.26
14a2020184513eff37ca6f5d09ee503da6b08450e36048ce5176d393a235220f
3db44a6ab7dd13f7f562c60464300efad0ac2f41beddae71a8f3fd76902b780d
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
cf742e7bf523e3775816a1db40bf47eb517c5c1d64db40aadad8afbfbfa461db
d35c481a63fed744bb6c423366b1e543166e325c124f78bb61a3ca56b185f011
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ch-go.kelkoogroup.net Open in urlscan Pro 95.211.116.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

87 %HTTPS

38 %IPv6

12 Domains

14 Subdomains

10 IPs

5 Countries

108 kBTransfer

321 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

10 Cookies

1 Console Messages

Indicators

ch-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

38 %
IPv6

12
Domains

14
Subdomains

10
IPs

5
Countries

108 kB
Transfer

321 kB
Size

10
Cookies

15 HTTP transactions
0 data transactions