urlscan.io logo urlscan.io
SecurityTrails logo

no-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vpn.aple.no/
Effective URL: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20...
Submission Tags: @phishunt_io
Submission: On December 02 via api from DE — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 17 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is no-go.kelkoogroup.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 26th 2024. Valid for: a year.
This is the only time no-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.178.71 61969 (TEAMINTER...)
1 2600:9000:275... 16509 (AMAZON-02)
1 2 54.205.42.70 14618 (AMAZON-AES)
1 1 172.67.161.46 13335 (CLOUDFLAR...)
1 1 3.125.239.17 16509 (AMAZON-02)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
5 95.211.116.26 60781 (LEASEWEB-...)
1 18.66.112.3 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.28 16509 (AMAZON-02)
1 18.157.207.8 16509 (AMAZON-02)
17 9
4    185.53.178.71 (Germany)

ASN61969 (TEAMINTERNET-AS Team Internet AG, DE)
vpn.aple.no
1    2600:9000:275b:6e00:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
2    54.205.42.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-42-70.compute-1.amazonaws.com
ernus-dop.com
1    172.67.161.46 (United States)

ASN13335 (CLOUDFLARENET, US)
geotrkclknow.com
1    3.125.239.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
mghnhfvz.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
clickcanv.com
5    95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
no-go.kelkoogroup.net
1    18.66.112.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-3.fra56.r.cloudfront.net
dd.kelkoogroup.net
1    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.66.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-28.fra56.r.cloudfront.net
ct.captcha-delivery.com
1    18.157.207.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-207-8.eu-central-1.compute.amazonaws.com
geo.captcha-delivery.com
Apex Domain
Subdomains		 Transfer
6 kelkoogroup.net
no-go.kelkoogroup.net
dd.kelkoogroup.net — Cisco Umbrella Rank: 296022
68 KB
4 aple.no
vpn.aple.no
3 KB
2 captcha-delivery.com
ct.captcha-delivery.com — Cisco Umbrella Rank: 30248
geo.captcha-delivery.com — Cisco Umbrella Rank: 23657
11 KB
2 ernus-dop.com
ernus-dop.com
4 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
556 B
1 clickcanv.com
clickcanv.com
920 B
1 mghnhfvz.com
mghnhfvz.com
2 KB
1 geotrkclknow.com
geotrkclknow.com
800 B
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
17 9
Domain Requested by
5 no-go.kelkoogroup.net ernus-dop.com
no-go.kelkoogroup.net
4 vpn.aple.no d38psrni17bvxu.cloudfront.net
vpn.aple.no
2 ernus-dop.com 1 redirects vpn.aple.no
1 geo.captcha-delivery.com ct.captcha-delivery.com
1 ct.captcha-delivery.com no-go.kelkoogroup.net
1 www.google-analytics.com no-go.kelkoogroup.net
1 dd.kelkoogroup.net no-go.kelkoogroup.net
dd.kelkoogroup.net
1 clickcanv.com 1 redirects
1 mghnhfvz.com 1 redirects
1 geotrkclknow.com 1 redirects
1 d38psrni17bvxu.cloudfront.net vpn.aple.no
17 11

This site contains no links.

Subject Issuer Validity Valid
vpn.aple.no
R10		 2024-12-02 -
2025-03-02		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
ernus-dop.com
Amazon RSA 2048 M02		 2024-11-22 -
2025-12-22		 a year crt.sh
*.kelkoogroup.net
Thawte TLS RSA CA G1		 2024-09-26 -
2025-10-10		 a year crt.sh
dd.kelkoogroup.net
E6		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.captcha-delivery.com
Amazon RSA 2048 M02		 2024-07-25 -
2025-08-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20a1a9e0a2d9c521261e9e53419420000d14c83c510d404da984b76d4a0ac7c536877eeeac7039610a6e21fee498635eddbacc30e1822d4b93beb1dd015994f47c1a93c4ab9125311eb90ab150b063ad82a4207a5b7b1084550ae8c021133d0f893132310f99d40ac317c054d93d40fb55f556f5c349b887e38f2f40990fc6e407b74c04807ef6d6600ff5ca357fd20653f0baa64b75e88566cc9feb264e68606f23c86bc4239d9403e03869c4c6fbd47ce12954c9546687fa345030ff226fce6be15991ec91344d98b909f74ff15bbc99188171ca7f99ccbe80ccd00ce88a7c5a82c31d4f7027f4a6553051f46b2aa0b6d9e48720329bb9290d9724&url=https%3A%2F%2Fwww.vpg.no%2FQuiver-Killer-Fastener-Kit-Look%2F161715%2F%3Fkk%3Da4c6293-193857cc5a1-6e6570%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DQuiver%2BKiller%2BFastener%2BKit%2BLookpivot%2B18%252F&initiator=timeout
Frame ID: 5E07492B50C0F86A8E039E0416B72BB3
Requests: 15 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAXw03ZyKJbp4Asv-Uow%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=90xO1fVz8limUA5eQtj~6ybyDFZwuJ_PUqYuTwbFtEJIU07MeTzN0x2OifuaxbN22g9eXtIzi35uYAxi52IZ7kKgU37YQg2xYWWqhuxRnXlRBBF_v3MQq5~TUZr80HI7&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20a1a9e0a2d9c521261e9e53419420000d14c83c510d404da984b76d4a0ac7c536877eeeac7039610a6e21fee498635eddbacc30e1822d4b93beb1dd015994f47c1a93c4ab9125311eb90ab150b063ad82a4207a5b7b1084550ae8c021133d0f893132310f99d40ac317c054d93d40fb55f556f5c349b887e38f2f40990fc6e407b74c04807ef6d6600ff5ca357fd20653f0baa64b75e88566cc9feb264e68606f23c86bc4239d9403e03869c4c6fbd47ce12954c9546687fa345030ff226fce6be15991ec91344d98b909f74ff15bbc99188171ca7f99ccbe80ccd00ce88a7c5a82c31d4f7027f4a6553051f46b2aa0b6d9e48720329bb9290d9724%26url%3Dhttps%253A%252F%252Fwww.vpg.no%252FQuiver-Killer-Fastener-Kit-Look%252F161715%252F%253Fkk%253Da4c6293-193857cc5a1-6e6570%2526utm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DQuiver%252BKiller%252BFastener%252BKit%252BLookpivot%252B18%25252F%26initiator%3Dtimeout&s=35103&e=a1fc21910f914a3bfd6a454239632b3d91944b8e47491963b1e04d7ac67379fc&dm=cd
Frame ID: 008ED1D3B7D5FA713AD2D5E5421FD0BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

  1. https://vpn.aple.no/ Page URL
  2. https://ernus-dop.com/zclkvisitor/6c6063a7-b060-11ef-bc74-0affc48552cb/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=6c6063a7-b060-11ef-bc74-0affc48552cb&type=js&browserWid... HTTP 302
    https://geotrkclknow.com/rot/CoXC1ug9UP3UrzbI?extid=zr6c6063a7b06011efbc740affc48552cb8de130b52f77434... HTTP 302
    https://mghnhfvz.com/click?trvid=37469&extid=zr6c6063a7b06011efbc740affc48552cb8de130b52f77434bb5... HTTP 302
    https://clickcanv.com/offerk?subid=cfXAbmWpktWd&id=5047723&c=V&merchantUrl=https%3A%2F%2Fwww.vpg.n... HTTP 302
    https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliatio... Page URL
  4. https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

17
Requests

88 %
HTTPS

18 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

88 kB
Transfer

218 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vpn.aple.no/ Page URL
  2. https://ernus-dop.com/zclkvisitor/6c6063a7-b060-11ef-bc74-0affc48552cb/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381 Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=6c6063a7-b060-11ef-bc74-0affc48552cb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FOslo HTTP 302
    https://geotrkclknow.com/rot/CoXC1ug9UP3UrzbI?extid=zr6c6063a7b06011efbc740affc48552cb8de130b52f77434bb59293f6baa8f7220869558d763814f533&cost=0.005000&targid=yankee-piu-1n036o7ol0&sczp=lateritious-falcon HTTP 302
    https://mghnhfvz.com/click?trvid=37469&extid=zr6c6063a7b06011efbc740affc48552cb8de130b52f77434bb59293f6baa8f7220869558d763814f533&cost=0.005000&targid=yankee-piu-1n036o7ol0&sczp=lateritious-falcon HTTP 302
    https://clickcanv.com/offerk?subid=cfXAbmWpktWd&id=5047723&c=V&merchantUrl=https%3A%2F%2Fwww.vpg.no&vsid={vsid} HTTP 302
    https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX Page URL
  4. https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20a1a9e0a2d9c521261e9e53419420000d14c83c510d404da984b76d4a0ac7c536877eeeac7039610a6e21fee498635eddbacc30e1822d4b93beb1dd015994f47c1a93c4ab9125311eb90ab150b063ad82a4207a5b7b1084550ae8c021133d0f893132310f99d40ac317c054d93d40fb55f556f5c349b887e38f2f40990fc6e407b74c04807ef6d6600ff5ca357fd20653f0baa64b75e88566cc9feb264e68606f23c86bc4239d9403e03869c4c6fbd47ce12954c9546687fa345030ff226fce6be15991ec91344d98b909f74ff15bbc99188171ca7f99ccbe80ccd00ce88a7c5a82c31d4f7027f4a6553051f46b2aa0b6d9e48720329bb9290d9724&url=https%3A%2F%2Fwww.vpg.no%2FQuiver-Killer-Fastener-Kit-Look%2F161715%2F%3Fkk%3Da4c6293-193857cc5a1-6e6570%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DQuiver%2BKiller%2BFastener%2BKit%2BLookpivot%2B18%252F&initiator=timeout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://ernus-dop.com/zclkredirect?visitid=6c6063a7-b060-11ef-bc74-0affc48552cb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FOslo HTTP 302
  • https://geotrkclknow.com/rot/CoXC1ug9UP3UrzbI?extid=zr6c6063a7b06011efbc740affc48552cb8de130b52f77434bb59293f6baa8f7220869558d763814f533&cost=0.005000&targid=yankee-piu-1n036o7ol0&sczp=lateritious-falcon HTTP 302
  • https://mghnhfvz.com/click?trvid=37469&extid=zr6c6063a7b06011efbc740affc48552cb8de130b52f77434bb59293f6baa8f7220869558d763814f533&cost=0.005000&targid=yankee-piu-1n036o7ol0&sczp=lateritious-falcon HTTP 302
  • https://clickcanv.com/offerk?subid=cfXAbmWpktWd&id=5047723&c=V&merchantUrl=https%3A%2F%2Fwww.vpg.no&vsid={vsid} HTTP 302
  • https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
vpn.aple.no/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vpn.aple.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.71 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
6dbed8ecde9182d7909af20dcd46482b3b1429a0b35b1bcf5bfdc3d4c6da6332

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 03:49:25 GMT
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_TngOzvMHkbmOtoFf7wt7U5De+ue8egjfw0dyzADPPvNbI4lAqXvZBcfO3APiQ8Nn7ffHAQ78RNsY4tLTBlvXCg==
x-buckets
bucket011,bucket088,bucket077
x-domain
aple.no
x-language
norwegian
x-pcrew-blocked-reason
hosting network
x-pcrew-ip-organization
Blix Solutions
x-redirect
zeropark_zeroclick
x-subdomain
vpn
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: vpn.aple.no
URL: https://vpn.aple.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:6e00:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vpn.aple.no/

Response headers

etag
"65fc1e7b-448"
age
8100
via
1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1096
x-amz-cf-id
Rc9N2RxDHIP7VzgEEFQ5ZfmHIoo6F_RKpboX30VtQV3qz1jpM63IbQ==
date
Mon, 02 Dec 2024 01:34:25 GMT
content-type
application/javascript
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
track.php
vpn.aple.no/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpn.aple.no/track.php?domain=aple.no&toggle=browserjs&uid=MTczMzExMTM2NS4xODE6ZjU4OGM5OTZlZTU5NmNmNDYyNjg1MTk3OWY4Y2YzMDE2ODhiZDlhM2RlOTcyMTNhZGUzZDlkMjkwMjA3YWYxODo2NzRkMmU0NTJjMmVj
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.71 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width
1600
ect
4g
Referer
https://vpn.aple.no/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
100
downlink
10

Response headers

content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
browserjs
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Mon, 02 Dec 2024 03:49:25 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
ls.php
vpn.aple.no/ 		16 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpn.aple.no/ls.php?t=674d2e45&token=5e1e2528627883ac29f407cb2ee172e3fdd4da88
Requested by
Host: vpn.aple.no
URL: https://vpn.aple.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.71 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://vpn.aple.no/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
100
downlink
10

Response headers

access-control-max-age
86400
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods
POST, OPTIONS
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_WU2HuUFRHSImKJTltcULH7p9tgDDP0R3fydLb6BHVkcoOHyofnMZXoqftLp0qWgLDXom+hbVKYVHJWVIVAtvaw==
accept-ch-lifetime
30
x-log-success
674d2e4598cd41ce610b7c0b
access-control-allow-origin
alt-svc
h3=":8443"; ma=2592000
date
Mon, 02 Dec 2024 03:49:25 GMT
charset
utf-8
content-type
text/javascript;charset=UTF-8
server
Caddy, nginx
track.php
vpn.aple.no/ 		0
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpn.aple.no/track.php?click=3b57ad2025e33ed3c2dc1f6cde5c7a3dffafe1f4&domain=aple.no&uid=MTczMzExMTM2NS4xODE6ZjU4OGM5OTZlZTU5NmNmNDYyNjg1MTk3OWY4Y2YzMDE2ODhiZDlhM2RlOTcyMTNhZGUzZDlkMjkwMjA3YWYxODo2NzRkMmU0NTJjMmVj&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDg4LGJ1Y2tldDA3N3x8fHx8fDY3NGQyZTQ1MmMyYjd8fHwxNzMzMTExMzY1LjQ4MjV8NGY0OTA0Y2QyMWY3OWE5ZGFhNmNkMGY5ZmExYjlkNDdiY2IxNjYyN3x8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDVlMWUyNTI4NjI3ODgzYWMyOWY0MDdjYjJlZTE3MmUzZmRkNGRhODh8MHx8MHwwfHx8fA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.71 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width
1600
ect
4g
Referer
https://vpn.aple.no/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
100
downlink
10

Response headers

x-view-match
true
content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
none
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Mon, 02 Dec 2024 03:49:25 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
ernus-dop.com/zclkvisitor/6c6063a7-b060-11ef-bc74-0affc48552cb/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ernus-dop.com/zclkvisitor/6c6063a7-b060-11ef-bc74-0affc48552cb/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Requested by
Host: vpn.aple.no
URL: https://vpn.aple.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.42.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-42-70.compute-1.amazonaws.com
Software
/
Resource Hash
dff7d54120e6ec115657351e533289da74612dbdcdb4749b2b9aff3f4677f4ff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://vpn.aple.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Mon, 02 Dec 2024 03:49:26 GMT
offersearchGo
no-go.kelkoogroup.net/
Redirect Chain
  • https://ernus-dop.com/zclkredirect?visitid=6c6063a7-b060-11ef-bc74-0affc48552cb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://geotrkclknow.com/rot/CoXC1ug9UP3UrzbI?extid=zr6c6063a7b06011efbc740affc48552cb8de130b52f77434bb59293f6baa8f7220869558d763814f533&cost=0.005000&targid=yankee-piu-1n036o7ol0&sczp=lateritious-...
  • https://mghnhfvz.com/click?trvid=37469&extid=zr6c6063a7b06011efbc740affc48552cb8de130b52f77434bb59293f6baa8f7220869558d763814f533&cost=0.005000&targid=yankee-piu-1n036o7ol0&sczp=lateritious-falcon
  • https://clickcanv.com/offerk?subid=cfXAbmWpktWd&id=5047723&c=V&merchantUrl=https%3A%2F%2Fwww.vpg.no&vsid={vsid}
  • https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&t...
29 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
Requested by
Host: ernus-dop.com
URL: https://ernus-dop.com/zclkvisitor/6c6063a7-b060-11ef-bc74-0affc48552cb/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
8a61ea51b346c58816f337c4ab428592eaa68c4049a2e37c133b6dfc87ec7213
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ernus-dop.com/zclkvisitor/6c6063a7-b060-11ef-bc74-0affc48552cb/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Charset
utf-8
Content-Length
30048
Content-Security-Policy
frame-ancestors 'none'
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Dec 2024 03:49:26 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.018703714S
X-Content-Type-Options
nosniff
X-DD-B
1
X-DataDome
protected
X-DataDome-CID
AHrlqAAAAAMAXw03ZyKJbp4Asv-Uow==
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698147_1733111367073_62143347
country
no
leadId
62A001JE2QSHD8PBM1FM53KYGCSYAT

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8eb858da4a815685-OSL
content-type
text/html; charset=utf-8
date
Mon, 02 Dec 2024 03:49:26 GMT
location
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOhHnf5Y%2FB51cExcA7O6tm5GncAyomGMQFKOdgpuNX9X%2BJNQXBmTe4WYJpDth2GyQWuBkbt%2FLPHMzY3eKGQW91GjkWC2C8IS%2BTL8vQxdjV5e45O0IjJDYKJhM%2BWNsHRf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=40396&min_rtt=40268&rtt_var=8608&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4178&recv_bytes=4518&delivery_rate=14328&cwnd=12000&unsent_bytes=0&cid=a68b6b6618609bbf&ts=149&x=1" cfExtPri cfHdrFlush;dur=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
p.png
no-go.kelkoogroup.net/assets/images/ 		68 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20a1a9e0a2d9c521261e9e53419420000d14c83c510d404da984b76d4a0ac7c536877eeeac7039610a6e21fee498635eddbacc30e1822d4b93beb1dd015994f47c1a93c4ab9125311eb90ab150b063ad82a4207a5b7b1084550ae8c021133d0f893132310f99d40ac317c054d93d40fb55f556f5c349b887e38f2f40990fc6e407b74c04807ef6d6600ff5ca357fd20653f0baa64b75e88566cc9feb264e68606f23c86bc4239d9403e03869c4c6fbd47ce12954c9546687fa345030ff226fce6be15991ec91344d98b909f74ff15bbc99188171ca7f99ccbe80ccd00ce88a7c5a82c31d4f7027f4a6553051f46b2aa0b6d9e48720329bb9290d9724
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
Cache-Control
private, must-revalidate
leadId
62A001JE2QSHD8PBM1FM53KYGCSYAT
Request-Time
PT0.001900774S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
clickId
107698147_1733111367073_62143347
country
no
X-Content-Type-Options
nosniff
Content-Length
68
X-XSS-Protection
1; mode=block
Date
Mon, 02 Dec 2024 03:49:26 GMT
Content-Type
image/png
X-Frame-Options
DENY
tags.js
dd.kelkoogroup.net/ 		169 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/tags.js
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-3.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6f960ef6e2816613c107cdca0b45e95e497369d628de9cb444903b45fa78430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://no-go.kelkoogroup.net/

Response headers

content-encoding
br
x-amz-version-id
srBbjf4IpQWkR6dukRm3KeuXFeESXHnZ
etag
W/"f413de3002ba35101fcc6ab056e87d4b"
age
1922
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
FMbkpXLu0YEbsk5YpdEpOfyEZU6IiuHeaLO-bLMeJIa1WsuRVSX3_g==
date
Mon, 02 Dec 2024 03:17:44 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Tue, 19 Nov 2024 10:41:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600, public
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/ 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-08KS908YC5&_p=532254989&sr=1600x1200&ul=no-no&cid=396215098.1733111367&uid=a4c6293-193857cc5a1-6e6570&_fv=1&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1733105296865%26.sig%3DJ.EA7UDPOwjajbSOxohjV9NcVSA-%26affiliationId%3D96976299%26comId%3D5047723%26country%3Dno%26offerId%3Dda062e0202485fbed8d36b06bb9fcce9%26service%3D37%26tokenId%3D16e2234e-431d-42a4-8898-2b90fd38875e%26wait%3Dtrue%26custom1%3DcfXAbmWpktWd%26publisherClickId%3DcfXAbmWpktWd%26custom2%3DVVSI70DX%26publisherSubId%3DVVSI70DX&dt=Du%20sendes%20videre%20til%20Vpg.no&dr=https%3A%2F%2Fernus-dop.com%2F&dp=%2F96976299%7C5047723%7C&sid=1733111367&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96976299&ep.cd2=62A001JE2QSHD8PBM1FM53KYGCSYAT&ep.cd3=5047723&ep.cd4=a4c6293-193857cc5a1-6e6570&ep.cd5=&ep.cd6=96976299%7C5047723%7C
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://no-go.kelkoogroup.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://no-go.kelkoogroup.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 03:49:27 GMT
content-type
text/plain
server
Golfe2
ados.js
no-go.kelkoogroup.net/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://no-go.kelkoogroup.net/ados.js
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
Request-Time
PT0.000582841S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
Content-Length
1140
X-XSS-Protection
1; mode=block
Date
Mon, 02 Dec 2024 03:49:27 GMT
Content-Type
text/html; charset=UTF-8
X-Frame-Options
DENY
fp
no-go.kelkoogroup.net/ 		0
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20a1a9e0a2d9c521261e9e53419420000d14c83c510d404da984b76d4a0ac7c536877eeeac7039610a6e21fee498635eddbacc30e1822d4b93beb1dd015994f47c1a93c4ab9125311eb90ab150b063ad82a4207a5b7b1084550ae8c021133d0f893132310f99d40ac317c054d93d40fb55f556f5c349b887e38f2f40990fc6e407b74c04807ef6d6600ff5ca357fd20653f0baa64b75e88566cc9feb264e68606f23c86bc4239d9403e03869c4c6fbd47ce12954c9546687fa345030ff226fce6be15991ec91344d98b909f74ff15bbc99188171ca7f99ccbe80ccd00ce88a7c5a82c31d4f7027f4a6553051f46b2aa0b6d9e48720329bb9290d9724
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=utf-8
sec-ch-device-memory
8

Response headers

X-Robots-Tag
noindex,nofollow
Content-Security-Policy
frame-ancestors 'none'
leadId
62A001JE2QSHD8PBM1FM53KYGCSYAT
Request-Time
PT0.010179864S
X-Permitted-Cross-Domain-Policies
master-only
Referrer-Policy
origin-when-cross-origin
clickId
107698147_1733111367073_62143347
country
no
X-Content-Type-Options
nosniff
Content-Length
0
X-XSS-Protection
1; mode=block
Date
Mon, 02 Dec 2024 03:49:26 GMT
Content-Type
text/plain; charset=UTF-8
X-Frame-Options
DENY
fc905022-65ad-4b71-893b-c9e015e8d883
https://no-go.kelkoogroup.net/ Frame 		0
0
/
dd.kelkoogroup.net/js/ 		0
0
Primary Request redirect
no-go.kelkoogroup.net/ 		725 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20a1a9e0a2d9c521261e9e53419420000d14c83c510d404da984b76d4a0ac7c536877eeeac7039610a6e21fee498635eddbacc30e1822d4b93beb1dd015994f47c1a93c4ab9125311eb90ab150b063ad82a4207a5b7b1084550ae8c021133d0f893132310f99d40ac317c054d93d40fb55f556f5c349b887e38f2f40990fc6e407b74c04807ef6d6600ff5ca357fd20653f0baa64b75e88566cc9feb264e68606f23c86bc4239d9403e03869c4c6fbd47ce12954c9546687fa345030ff226fce6be15991ec91344d98b909f74ff15bbc99188171ca7f99ccbe80ccd00ce88a7c5a82c31d4f7027f4a6553051f46b2aa0b6d9e48720329bb9290d9724&url=https%3A%2F%2Fwww.vpg.no%2FQuiver-Killer-Fastener-Kit-Look%2F161715%2F%3Fkk%3Da4c6293-193857cc5a1-6e6570%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DQuiver%2BKiller%2BFastener%2BKit%2BLookpivot%2B18%252F&initiator=timeout
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
e53e2e5fcbac835fcba18e260f3670815330e0732e75f2d3eb47fc60f5105ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Charset
utf-8
Content-Length
725
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Dec 2024 03:49:27 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.013654103S
X-Content-Type-Options
nosniff
X-DD-B
1
X-DataDome
protected
X-DataDome-CID
AHrlqAAAAAMAXw03ZyKJbp4Asv-Uow==
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-XSS-Protection
1; mode=block
c.js
ct.captcha-delivery.com/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.captcha-delivery.com/c.js
Requested by
Host: no-go.kelkoogroup.net
URL: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20a1a9e0a2d9c521261e9e53419420000d14c83c510d404da984b76d4a0ac7c536877eeeac7039610a6e21fee498635eddbacc30e1822d4b93beb1dd015994f47c1a93c4ab9125311eb90ab150b063ad82a4207a5b7b1084550ae8c021133d0f893132310f99d40ac317c054d93d40fb55f556f5c349b887e38f2f40990fc6e407b74c04807ef6d6600ff5ca357fd20653f0baa64b75e88566cc9feb264e68606f23c86bc4239d9403e03869c4c6fbd47ce12954c9546687fa345030ff226fce6be15991ec91344d98b909f74ff15bbc99188171ca7f99ccbe80ccd00ce88a7c5a82c31d4f7027f4a6553051f46b2aa0b6d9e48720329bb9290d9724&url=https%3A%2F%2Fwww.vpg.no%2FQuiver-Killer-Fastener-Kit-Look%2F161715%2F%3Fkk%3Da4c6293-193857cc5a1-6e6570%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DQuiver%2BKiller%2BFastener%2BKit%2BLookpivot%2B18%252F&initiator=timeout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b87bb6192320ea7a36d1caa7a2c0d26f39cfa92909fe168d29bfecc13c81ca0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://no-go.kelkoogroup.net/

Response headers

x-amz-version-id
null
etag
"1fd766ce129c8b2cae0770e023a22682"
age
63947
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
11217
x-amz-cf-id
Gx4PecpGVHQAm3Q7eRLn7CWDqjZAyTDSw7c64z-Zc2CUU15endGXrQ==
date
Sun, 01 Dec 2024 10:03:41 GMT
content-type
text/javascript
last-modified
Fri, 22 Nov 2024 10:03:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
/
geo.captcha-delivery.com/captcha/ Frame 008E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAXw03ZyKJbp4Asv-Uow%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=90xO1fVz8limUA5eQtj~6ybyDFZwuJ_PUqYuTwbFtEJIU07MeTzN0x2OifuaxbN22g9eXtIzi35uYAxi52IZ7kKgU37YQg2xYWWqhuxRnXlRBBF_v3MQq5~TUZr80HI7&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20a1a9e0a2d9c521261e9e53419420000d14c83c510d404da984b76d4a0ac7c536877eeeac7039610a6e21fee498635eddbacc30e1822d4b93beb1dd015994f47c1a93c4ab9125311eb90ab150b063ad82a4207a5b7b1084550ae8c021133d0f893132310f99d40ac317c054d93d40fb55f556f5c349b887e38f2f40990fc6e407b74c04807ef6d6600ff5ca357fd20653f0baa64b75e88566cc9feb264e68606f23c86bc4239d9403e03869c4c6fbd47ce12954c9546687fa345030ff226fce6be15991ec91344d98b909f74ff15bbc99188171ca7f99ccbe80ccd00ce88a7c5a82c31d4f7027f4a6553051f46b2aa0b6d9e48720329bb9290d9724%26url%3Dhttps%253A%252F%252Fwww.vpg.no%252FQuiver-Killer-Fastener-Kit-Look%252F161715%252F%253Fkk%253Da4c6293-193857cc5a1-6e6570%2526utm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DQuiver%252BKiller%252BFastener%252BKit%252BLookpivot%252B18%25252F%26initiator%3Dtimeout&s=35103&e=a1fc21910f914a3bfd6a454239632b3d91944b8e47491963b1e04d7ac67379fc&dm=cd
Requested by
Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.157.207.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-207-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 02 Dec 2024 03:49:27 GMT
Transfer-Encoding
chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
no-go.kelkoogroup.net
URL
blob:https://no-go.kelkoogroup.net/fc905022-65ad-4b71-893b-c9e015e8d883
Domain
dd.kelkoogroup.net
URL
https://dd.kelkoogroup.net/js/

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dd

4 Cookies

Domain/Path Name / Value
mghnhfvz.com/ Name: ClickDataNG
Value: H4sIAAAAAAAA_7RU72_bNhD9V4QDArSAIlOiflmDULjZug1N0gFpkg4YMFDkySYskwJJKXHS_O8DJSXzh37tF1M8Ph7v3b3nZxjRWKkVVBBHJCIQgjv2CBUJwQ7N19dvrtWIxqGAqmWdxRB4J_n-TwEV8Pbbpjnc93t3LyAEwRxCFReUxnFM8zwEzg49k1vl0bRI83UI0l78tXnLZbRjTuoJEJOSpiGYoUO_JSEYFNIgd1fodlpAlYRg9WD4dE5pCB1TQqrtAl92t6aDCiAE3bZopswZXSchNIYpvlvA0-EM3TnX22q1mohxpsaI68NqAuw_2KGRoj5l-s9ASJJLUWckLYqEznte380fBzR8x5S7NV09ZT6jm7Pk01ny6eHhIRr7baT0jBytFPWz_30B32jroCIRIZlnPqIa5gn07KgH93_RF4MxqPgRKri9-RVCGIw8YXHY7tSuHZ8mEhOlD86MUtTTAOaX8dFJUT-ZnOckp6xoSE7iGNuGFylhbcvTMssS3pQCY0qaLGmLIqVp02TrZE3bvGGsbIskIWW-zrJSFDkt47TN6GsztHX1RIUQMoccM1sp6iNTe8TzXg7nsSI014XuFoTlT33dMYdGOqkHe96yjmsFIch-I4RBa71YizJKsiyK0zKKc3p6ms9jHyyazRaVgwqu9JPsOrbKIhK8-xbHvwSXUg2PwWOZ_5un74NN33d4j81n6VYZLSKaB-8-__H16jIMOrnH4Hfke_0-uNgZfcBVTCerRCS4YS0zcrkCfl4tGjRQARo12HOhe99_bwocJcc3O2nPYarBC9TevZkQvD71g52SzO-93f5omBIzZg5caYHdaeCaHXDe8_kpuNCm18Y70nuuhwo-dvIxuNHd4A1nJ8UNyhmvo-svE4ftXMr1l-_f7-Qefeu5dMcl9LczGPymsGH7PXhZGlTuwgtssZuRW6ku-5OQM0xZxmeHW6jU0HUh8ME6fYDqedE8vCoFQsBHh0axbvp_-RkChRBGMlc3xlDBDwXpD5MFRKGCH6pyTBdEtqyL_sZiWctlXfv15eW_AAAA__8DYwcEcwUAAA==
mghnhfvz.com/ Name: ClickDataNgFall
Value: H4sIAAAAAAAA_7RU72_bNhD9V4QDArSAIlOiflmDULjZug1N0gFpkg4YMFDkySYskwJJKXHS_O8DJSXzh37tF1M8Ph7v3b3nZxjRWKkVVBBHJCIQgjv2CBUJwQ7N19dvrtWIxqGAqmWdxRB4J_n-TwEV8Pbbpjnc93t3LyAEwRxCFReUxnFM8zwEzg49k1vl0bRI83UI0l78tXnLZbRjTuoJEJOSpiGYoUO_JSEYFNIgd1fodlpAlYRg9WD4dE5pCB1TQqrtAl92t6aDCiAE3bZopswZXSchNIYpvlvA0-EM3TnX22q1mohxpsaI68NqAuw_2KGRoj5l-s9ASJJLUWckLYqEznte380fBzR8x5S7NV09ZT6jm7Pk01ny6eHhIRr7baT0jBytFPWz_30B32jroCIRIZlnPqIa5gn07KgH93_RF4MxqPgRKri9-RVCGIw8YXHY7tSuHZ8mEhOlD86MUtTTAOaX8dFJUT-ZnOckp6xoSE7iGNuGFylhbcvTMssS3pQCY0qaLGmLIqVp02TrZE3bvGGsbIskIWW-zrJSFDkt47TN6GsztHX1RIUQMoccM1sp6iNTe8TzXg7nsSI014XuFoTlT33dMYdGOqkHe96yjmsFIch-I4RBa71YizJKsiyK0zKKc3p6ms9jHyyazRaVgwqu9JPsOrbKIhK8-xbHvwSXUg2PwWOZ_5un74NN33d4j81n6VYZLSKaB-8-__H16jIMOrnH4Hfke_0-uNgZfcBVTCerRCS4YS0zcrkCfl4tGjRQARo12HOhe99_bwocJcc3O2nPYarBC9TevZkQvD71g52SzO-93f5omBIzZg5caYHdaeCaHXDe8_kpuNCm18Y70nuuhwo-dvIxuNHd4A1nJ8UNyhmvo-svE4ftXMr1l-_f7-Qefeu5dMcl9LczGPymsGH7PXhZGlTuwgtssZuRW6ku-5OQM0xZxmeHW6jU0HUh8ME6fYDqedE8vCoFQsBHh0axbvp_-RkChRBGMlc3xlDBDwXpD5MFRKGCH6pyTBdEtqyL_sZiWctlXfv15eW_AAAA__8DYwcEcwUAAA==
.kelkoogroup.net/ Name: kelkooID
Value: a4c6293-193857cc5a1-6e6570
.kelkoogroup.net/ Name: datadome
Value: 90xO1fVz8limUA5eQtj~6ybyDFZwuJ_PUqYuTwbFtEJIU07MeTzN0x2OifuaxbN22g9eXtIzi35uYAxi52IZ7kKgU37YQg2xYWWqhuxRnXlRBBF_v3MQq5~TUZr80HI7

3 Console Messages

Source Level URL
Text
rendering warning URL: https://ernus-dop.com/zclkvisitor/6c6063a7-b060-11ef-bc74-0affc48552cb/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0006512BC010000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://no-go.kelkoogroup.net/offersearchGo?.ts=1733105296865&.sig=J.EA7UDPOwjajbSOxohjV9NcVSA-&affiliationId=96976299&comId=5047723&country=no&offerId=da062e0202485fbed8d36b06bb9fcce9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=cfXAbmWpktWd&publisherClickId=cfXAbmWpktWd&custom2=VVSI70DX&publisherSubId=VVSI70DX(Line 28)
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437dcec1250a02803e36bbdc98b924bba2ae43a5b8c20a1a9e0a2d9c521261e9e53419420000d14c83c510d404da984b76d4a0ac7c536877eeeac7039610a6e21fee498635eddbacc30e1822d4b93beb1dd015994f47c1a93c4ab9125311eb90ab150b063ad82a4207a5b7b1084550ae8c021133d0f893132310f99d40ac317c054d93d40fb55f556f5c349b887e38f2f40990fc6e407b74c04807ef6d6600ff5ca357fd20653f0baa64b75e88566cc9feb264e68606f23c86bc4239d9403e03869c4c6fbd47ce12954c9546687fa345030ff226fce6be15991ec91344d98b909f74ff15bbc99188171ca7f99ccbe80ccd00ce88a7c5a82c31d4f7027f4a6553051f46b2aa0b6d9e48720329bb9290d9724&url=https%3A%2F%2Fwww.vpg.no%2FQuiver-Killer-Fastener-Kit-Look%2F161715%2F%3Fkk%3Da4c6293-193857cc5a1-6e6570%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DQuiver%2BKiller%2BFastener%2BKit%2BLookpivot%2B18%252F&initiator=timeout
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)