de-go.kelkoogroup.net
Open in
urlscan Pro
95.211.116.27
Public Scan
Submitted URL: http://capitolonemobile.com/
Effective URL: https://de-go.kelkoogroup.net/go?country=de&k=5c1bf089578eec9adfb0537cd062b8e227401b33e1a17aecbbc0d3c57b361d04adb5183c0259156a...
Submission: On February 09 via api from US — Scanned from DE
Effective URL: https://de-go.kelkoogroup.net/go?country=de&k=5c1bf089578eec9adfb0537cd062b8e227401b33e1a17aecbbc0d3c57b361d04adb5183c0259156a...
Submission: On February 09 via api from US — Scanned from DE
Summary
This website contacted 8 IPs
in 4 countries
across 10 domains to perform 15 HTTP transactions.
The main IP is 95.211.116.27, located in
Den Helder, Netherlands and
belongs to LEASEWEB-NL-AMS-01 Netherlands, NL.
The main domain is de-go.kelkoogroup.net.
The Cisco Umbrella rank of the primary domain is 656938.
TLS certificate: Issued by Thawte RSA CA 2018 on September 7th 2021. Valid for: a year.
This is the only time de-go.kelkoogroup.net was scanned on urlscan.io!
TLS certificate: Issued by Thawte RSA CA 2018 on September 7th 2021. Valid for: a year.
This is the only time de-go.kelkoogroup.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 103.224.182.240 103.224.182.240 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 1 5 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 1 1 | 78.46.197.88 78.46.197.88 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 2 | 157.90.169.168 157.90.169.168 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 1 | 88.99.112.2 88.99.112.2 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 2 5 | 95.211.116.27 95.211.116.27 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
| 1 | 99.86.3.5 99.86.3.5 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 35.156.78.174 35.156.78.174 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:82b::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 52.214.84.71 52.214.84.71 | () () | |
| 15 | 8 |
2
103.224.182.240
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-240.above.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-240.above.com
| capitolonemobile.com |
5
103.224.182.206
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
| 1redirb.com |
1
78.46.197.88
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
| clever-redirect.com |
2
157.90.169.168
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
| lookandfind.me |
5
95.211.116.27
(Den Helder, Netherlands)
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com
| de-go.kelkoogroup.net |
1
99.86.3.5
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-5.fra6.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-5.fra6.r.cloudfront.net
| js.datadome.co |
1
2a00:1450:4001:82f::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
35.156.78.174
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-78-174.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-78-174.eu-central-1.compute.amazonaws.com
| api-js.datadome.co |
2
2a00:1450:4001:82b::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
kelkoogroup.net
2 redirects
de-go.kelkoogroup.net — Cisco Umbrella Rank: 656938 |
33 KB |
| 5 |
1redirb.com
1 redirects
1redirb.com — Cisco Umbrella Rank: 552700 |
8 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
20 KB |
| 2 |
datadome.co
js.datadome.co — Cisco Umbrella Rank: 8546 api-js.datadome.co — Cisco Umbrella Rank: 8229 |
42 KB |
| 2 |
lookandfind.me
lookandfind.me |
2 KB |
| 2 |
capitolonemobile.com
2 redirects
capitolonemobile.com |
1 KB |
| 1 |
tannico.com
de.tannico.com |
|
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
40 KB |
| 1 |
yadore.com
1 redirects
api.yadore.com — Cisco Umbrella Rank: 622851 |
371 B |
| 1 |
clever-redirect.com
1 redirects
clever-redirect.com |
431 B |
| 15 | 10 |
| Domain | Requested by | |
|---|---|---|
| 5 | de-go.kelkoogroup.net |
2 redirects
lookandfind.me
de-go.kelkoogroup.net |
| 5 | 1redirb.com |
1 redirects
1redirb.com
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | lookandfind.me |
1redirb.com
|
| 2 | capitolonemobile.com | 2 redirects |
| 1 | de.tannico.com |
de-go.kelkoogroup.net
|
| 1 | api-js.datadome.co |
js.datadome.co
|
| 1 | www.googletagmanager.com |
de-go.kelkoogroup.net
|
| 1 | js.datadome.co |
de-go.kelkoogroup.net
|
| 1 | api.yadore.com | 1 redirects |
| 1 | clever-redirect.com | 1 redirects |
| 15 | 11 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| lookandfind.me R3 |
2022-01-02 - 2022-04-02 |
3 months | crt.sh |
| *.kelkoogroup.net Thawte RSA CA 2018 |
2021-09-07 - 2022-10-07 |
a year | crt.sh |
| *.datadome.co Gandi Standard SSL CA 2 |
2021-10-12 - 2022-10-21 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
| tannico.com Amazon |
2022-02-02 - 2023-03-03 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://de.tannico.com/vipavska-dolina-sauvignon-zgp-2017-hedele.html?kk=a4c6361-17edc726c5f-1690b8&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Hedele+Vipavska+Dolina+Sauvignon+Zgp+201
Frame ID: 3E5C44B3A41FF3D51251BB09C9878996
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://capitolonemobile.com/
HTTP 302
https://capitolonemobile.com/ HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKd0fqebKs62Q33l8farNhX7n3JocMefMqn02KesrGq70zJ... Page URL
-
http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D47519...
HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=475199633&sid=202202091406287990687e03f972f1eb HTTP 302
https://lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=de.tannico.com&s1=721614&s... Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DNDVYQmxYVmZtaW5kNTZtS0U2VX... Page URL
-
https://api.yadore.com/v2/r?e=NDVYQmxYVmZtaW5kNTZtS0U2VXpudUdSaVN6Nm9aMnZPdEczbTh6Q3k4K0VEbjB0NkFkV...
HTTP 302
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1644361201128&.sig=gXDYnzdFMVgd2gOKrMKKjDwvyz4-&aff... HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=5c1bf089578eec9adfb0537cd062b8e227401b33e1a17aecbbc0d3c57b36... Page URL
Detected technologies
Datadome
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
SWFObject
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- swfobject.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://capitolonemobile.com/
HTTP 302
https://capitolonemobile.com/ HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKd0fqebKs62Q33l8farNhX7n3JocMefMqn02KesrGq70zJoUYxJaT4COzq%2BUW6GHypDhvpghvGYPqzlFsVCAi%2FU2T4j18orwjmmXJzOfOtVrYN7GVQhCFJhTEmBgy7WpMmqWUH8NjKjzO7VJWfLRr29GxnZ6Xb572NnxBCcX495SuKTsd5vf9dDifyrz5yHkgvH9aiEwUnQt4yDJvyLFzgnXySRf4bjEW34qL9atGx7K6sPjVEmuJNQo4qgKLy6iXNLWhUnV%2FrCHOXxVZPTbEsdSzGDXNcRYfjL2vEeeafECi7Xno473PPL9vLZQ12KhkZbgAw4VAelh1sgXhbOoPL5vo4JLtNC7boRJk8FCq5J4jRcjz49tzgz2tSOqYZZBa1G9DM5SXo%2FZuPVHXRVcBpNubLfUCRsqQRC9wPpzE4pDhg6vIRoMt3mGxS%2BoT1fBkFBbfpomS7b0owKtUCQ9rn%2FXwEHolcWoI08g3Y4hq3On1bsa3DKkgfSbWvnl1zs2Vm4hCeJvzjn1XMiU%2B5cVJ0dCdeXwGvhIH%2FqcT9AAApJvs4ZXuKLN24Qa2xpk8j4oFf1qSzllUIiOxGlP92lZePbc%2BA58eMcsjifUVpOu8xWpaEWa2zLNx97Ttp2URizKTnNe459bTTHdoQyycQdTq66eQPL7M8LgghQhBnlKaoM9htAQCQ5KoPlOyAo1wCinNGPJp4cpG4fqGEc9Y3uzSoWjgQCup872zph4SeNlphjMqHOmPirvmXmsoHlrdJGxnZy7S7sosemxP3I7yOfMgc%3D Page URL
-
http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D475199633%26sid%3D202202091406287990687e03f972f1eb&s=j&enc=U1orMS94ZGIzeENUaWJ2TDBXTDgzbjQ5Zm5Sd2JXWXhlRE5VTDBndldFVTVZbkIxVjJoaVdrdG9UbFF2UjB0M09EaFBlbmd3ZWtkM2JqbGhhR0puWVZkYU5FVjBWbmRSYlRNd1RHdzBNMUJ4T1dOcWFFNWpjRmhCWVdaYWVVNU1hMFp6YUVSaVJXdHdOWGRRVUd0WVdFWnpjV1ZNUkdKMk9Tc3JaVUkxT1RCVlpUUjVTbWNyU0NzdlNXeG9hMmw0UTJSWVJGTkdWbVZHV25kVU5YZE1NSGhNUVZjNVRXeHZhalpKZFdaVlJGUnhjVkppVVVWblozTkRLMnhSV0ZOaVpXdHNOeXRPV2pkV1RHbDFZMjl4TjJ0VGMzQmFRVkZRTm1kdFMwaDVTMHg0ZDJKVFEwZ3llVnBMVURCM2NWUnpVSFJHTDJjMGFHTnhWa2gwUVVRNGRrczRUMGRvS3paMmJuVkhkV1p0VmtWcVVYUTNSV3hFVUVFdlprbDBTbWxWYUZKNk1HMWFhVkZMWVhWUlJGZG9XRmRXTm5aV1EzVk9abXh4UVRORWNYaDVUV0kwV1hjck4xcGhaMjFCY0VWTGJIcFRNMmhqVkZWU2FHcHdLMHBFVjNOVVlqUlBXbUZYZW5ZMVowTTRXbE1yWm1OMk5uSnFZV1pETVZKaFNuVlZiMGgwY25WclZ5czJaMUVyVEVwR1FrTTNVMFpsUmxKUVNXbDBlVGg2THpWM2JVUTFXU3QzTVd4VlNIZFdlRFJLTjNKWk1FSkJhemQwWTBkalMzRlFORFF3WjBOWVlsWTNSR3B0VEhBeFpISktielJLZG1kdVlVRjFOMHhKVW1welZsSjNTWFkwYjNZdk5tSkdlR3gxYmt4VUwzTlRRV2xaWms5cU4wazVjMWR0TVhOTVdYWnFlSEJZUm5CVmVYazJlbkpUYldKQ1FVRnBkWE5UTVdobmRtWnFXWFZVYVZVMlVUTTNhbWhpU0RSbk1FdDZPV0pyTVc1MVpGWkJkWFYxYTNrMGFFZERWMmg0WW5adlEwWjBkSEowWlRKUmVXTTNWRmN5YVdjNE1YRmhhRTQxY1dwMWFGZG5UMUozVDBGcVRrRjFiME5pYzBsRGRFTXJURVIzVkZGMlUydFpXRVp1Y0dkbFMxbFFkRnBQTnpGUFNWcENNVzlvVWtzeVEyVXhUV014ZEZGRWRXWkZSMmR2WW5GU2RqbHRWMDFZV1c5UE5FaHZXR3hrTm5VMVEwUnpNSEJhWjJ4Q05tOU5OVTEwWVVaWE5tMWhSM1JySzBOTVNpdEtiV2xzYXk5SVkyMVBNa05uVERoV1dUWnBZVzFrZUZSV1pWZG9UaTlMTUZBeFoybFdjVkJ4YVhoS05XcGhNMDA1ZERCeFpGWTFRbGM1TWpCdGREaHRaMjFaSzBobVFtUnpTMmh4TjJsRlZrVlZkMFl2UVZWRFRqTmtRVlJOU1RSRWMwcEZURTFFYjNsQmVEbDRjbXRFV2pkdlVVSlNSalZUY1U0elZHZ3dORlY2U1hoWlIySXhaamREY0ZaVFdGTklhMVppV21OaGRtVjNaelZWZUU4MFBRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine
HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=475199633&sid=202202091406287990687e03f972f1eb HTTP 302
https://lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=de.tannico.com&s1=721614&s2=&s3=475199633&s5=cf Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DNDVYQmxYVmZtaW5kNTZtS0U2VXpudUdSaVN6Nm9aMnZPdEczbTh6Q3k4K0VEbjB0NkFkV0VHY2JJc3NYVHBlTHQ4dFJvM2ZxbkJMcmhqemVLdWdFK3ZuSzFnVCtQNXprRzJ1dUtWek90ZUg5d20wQ0g1SFhVYXpKY0VvaTlRdjZCT1hUaWhSTWprRGN4SHVkdWg5b2dpZ2ZZNlo1RjFYaFE2bXhwSzhoakh1U3ZJdTlRM2x0b0VTQkRBb3h4bXJ5clhrbGxlL0p2OEpGczhOdGxPbU05Y3FnbTZlN2N1a3F1NzJvOUNYbFNDUWdxV05vSzBBOFhVU2YzZzg2L1NFMEl2emFrZkIreEZGcmM1djI2ajh5QlJlL0lxQmRoUkdHZzhUeUVGRkk0N28yYzBJbnp6MkhsbFJuZU1UWFo2bVNwbFBqdVR1cUxXa29YaUIxZm5PWkNHMS9Dc25TSWpHMSs2bHYxTDliQkJ5NWI0WXNFMTdrNm9yWTJrZFVSYUZGRUxuQW5WOTdUdzdkdi9lMFY4NmhQZ2ZvbFA1OU0zNWVLanBlMXc9PQ%3D%3D%26i%3Dpk_P6jhCJe7XMOdN%26placementId%3Dc291e8940198e14194dfe0e56959d10e&h=ee580ae7e67899f152533abe9b31106d Page URL
-
https://api.yadore.com/v2/r?e=NDVYQmxYVmZtaW5kNTZtS0U2VXpudUdSaVN6Nm9aMnZPdEczbTh6Q3k4K0VEbjB0NkFkV0VHY2JJc3NYVHBlTHQ4dFJvM2ZxbkJMcmhqemVLdWdFK3ZuSzFnVCtQNXprRzJ1dUtWek90ZUg5d20wQ0g1SFhVYXpKY0VvaTlRdjZCT1hUaWhSTWprRGN4SHVkdWg5b2dpZ2ZZNlo1RjFYaFE2bXhwSzhoakh1U3ZJdTlRM2x0b0VTQkRBb3h4bXJ5clhrbGxlL0p2OEpGczhOdGxPbU05Y3FnbTZlN2N1a3F1NzJvOUNYbFNDUWdxV05vSzBBOFhVU2YzZzg2L1NFMEl2emFrZkIreEZGcmM1djI2ajh5QlJlL0lxQmRoUkdHZzhUeUVGRkk0N28yYzBJbnp6MkhsbFJuZU1UWFo2bVNwbFBqdVR1cUxXa29YaUIxZm5PWkNHMS9Dc25TSWpHMSs2bHYxTDliQkJ5NWI0WXNFMTdrNm9yWTJrZFVSYUZGRUxuQW5WOTdUdzdkdi9lMFY4NmhQZ2ZvbFA1OU0zNWVLanBlMXc9PQ==&i=pk_P6jhCJe7XMOdN&placementId=c291e8940198e14194dfe0e56959d10e
HTTP 302
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1644361201128&.sig=gXDYnzdFMVgd2gOKrMKKjDwvyz4-&affiliationId=96965883&comId=16175113&country=de&offerId=7b07a550bea18ccdb0d5088ed8506ed0&service=37&tokenId=5e6f7842-8992-4e6c-b456-525bbb2ca68e&wait=true&addedParams=true&custom1=ebfebcf5ba6b55215a5c546be65c646b70dfa959422437911ab6444fbebdadcd&custom2=SRdytlITOR16&custom3=false HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=5c1bf089578eec9adfb0537cd062b8e227401b33e1a17aecbbc0d3c57b361d04adb5183c0259156afb043b7f69f00d24b95c350597af7942622970a39c6058a45d410b214a15b75b39de0ba26f3c9cd7546a42f2c0c1d72e5b0be9fb463710457256b5221d26e0117e3021b8242d969e722b6a4609904d3e4a593e6acd1e5b3a8393e455db84cc94a286d567b207832f631b54f6151d67a8a198ffa8f4d4eca834cc2fc7b14a2d6a641d6e694f28e6213546d27b2215961f0a99715d9be9c7a7668791246e7909b379fcde63f584e28562aee5ff36c24fb876cc544d40926f71120d63cc5aaf0411a5cd74f3011d34e019060540896ff72793b4e59b4c02be1b005326bf2c4c7a239e0199f5752eacce54eb9e6837a41bb1aaefcadcd163e05d649604cd2d64adc5030d2a7f33e2623b0c07dbcf660bf261d853ed2cb0d9efc9739a348bf9808c927fea613ab124cfc67f46f1fd2cbc8159dc97a5a9fe082b4317c660743d07667f8f585780a3f23bb8c29b7a6c8812200c578b112ee088eaa68efbd05e3679b30559dbca691be4b59af094915f233a6d2fd925a09d67088d020b92afd0cf72aedd484b56c3180228cd81595009f1da333be01d1e5c0c99e29fe1af4d09b86ee9046c8cc485ae0bf9c27ff948be654a47b2ce6df4541d9c4aeb449ddb1f306753fc&o= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://capitolonemobile.com/ HTTP 302
- https://capitolonemobile.com/ HTTP 302
- http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKd0fqebKs62Q33l8farNhX7n3JocMefMqn02KesrGq70zJoUYxJaT4COzq%2BUW6GHypDhvpghvGYPqzlFsVCAi%2FU2T4j18orwjmmXJzOfOtVrYN7GVQhCFJhTEmBgy7WpMmqWUH8NjKjzO7VJWfLRr29GxnZ6Xb572NnxBCcX495SuKTsd5vf9dDifyrz5yHkgvH9aiEwUnQt4yDJvyLFzgnXySRf4bjEW34qL9atGx7K6sPjVEmuJNQo4qgKLy6iXNLWhUnV%2FrCHOXxVZPTbEsdSzGDXNcRYfjL2vEeeafECi7Xno473PPL9vLZQ12KhkZbgAw4VAelh1sgXhbOoPL5vo4JLtNC7boRJk8FCq5J4jRcjz49tzgz2tSOqYZZBa1G9DM5SXo%2FZuPVHXRVcBpNubLfUCRsqQRC9wPpzE4pDhg6vIRoMt3mGxS%2BoT1fBkFBbfpomS7b0owKtUCQ9rn%2FXwEHolcWoI08g3Y4hq3On1bsa3DKkgfSbWvnl1zs2Vm4hCeJvzjn1XMiU%2B5cVJ0dCdeXwGvhIH%2FqcT9AAApJvs4ZXuKLN24Qa2xpk8j4oFf1qSzllUIiOxGlP92lZePbc%2BA58eMcsjifUVpOu8xWpaEWa2zLNx97Ttp2URizKTnNe459bTTHdoQyycQdTq66eQPL7M8LgghQhBnlKaoM9htAQCQ5KoPlOyAo1wCinNGPJp4cpG4fqGEc9Y3uzSoWjgQCup872zph4SeNlphjMqHOmPirvmXmsoHlrdJGxnZy7S7sosemxP3I7yOfMgc%3D
- http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D475199633%26sid%3D202202091406287990687e03f972f1eb&s=j&enc=U1orMS94ZGIzeENUaWJ2TDBXTDgzbjQ5Zm5Sd2JXWXhlRE5VTDBndldFVTVZbkIxVjJoaVdrdG9UbFF2UjB0M09EaFBlbmd3ZWtkM2JqbGhhR0puWVZkYU5FVjBWbmRSYlRNd1RHdzBNMUJ4T1dOcWFFNWpjRmhCWVdaYWVVNU1hMFp6YUVSaVJXdHdOWGRRVUd0WVdFWnpjV1ZNUkdKMk9Tc3JaVUkxT1RCVlpUUjVTbWNyU0NzdlNXeG9hMmw0UTJSWVJGTkdWbVZHV25kVU5YZE1NSGhNUVZjNVRXeHZhalpKZFdaVlJGUnhjVkppVVVWblozTkRLMnhSV0ZOaVpXdHNOeXRPV2pkV1RHbDFZMjl4TjJ0VGMzQmFRVkZRTm1kdFMwaDVTMHg0ZDJKVFEwZ3llVnBMVURCM2NWUnpVSFJHTDJjMGFHTnhWa2gwUVVRNGRrczRUMGRvS3paMmJuVkhkV1p0VmtWcVVYUTNSV3hFVUVFdlprbDBTbWxWYUZKNk1HMWFhVkZMWVhWUlJGZG9XRmRXTm5aV1EzVk9abXh4UVRORWNYaDVUV0kwV1hjck4xcGhaMjFCY0VWTGJIcFRNMmhqVkZWU2FHcHdLMHBFVjNOVVlqUlBXbUZYZW5ZMVowTTRXbE1yWm1OMk5uSnFZV1pETVZKaFNuVlZiMGgwY25WclZ5czJaMUVyVEVwR1FrTTNVMFpsUmxKUVNXbDBlVGg2THpWM2JVUTFXU3QzTVd4VlNIZFdlRFJLTjNKWk1FSkJhemQwWTBkalMzRlFORFF3WjBOWVlsWTNSR3B0VEhBeFpISktielJLZG1kdVlVRjFOMHhKVW1welZsSjNTWFkwYjNZdk5tSkdlR3gxYmt4VUwzTlRRV2xaWms5cU4wazVjMWR0TVhOTVdYWnFlSEJZUm5CVmVYazJlbkpUYldKQ1FVRnBkWE5UTVdobmRtWnFXWFZVYVZVMlVUTTNhbWhpU0RSbk1FdDZPV0pyTVc1MVpGWkJkWFYxYTNrMGFFZERWMmg0WW5adlEwWjBkSEowWlRKUmVXTTNWRmN5YVdjNE1YRmhhRTQxY1dwMWFGZG5UMUozVDBGcVRrRjFiME5pYzBsRGRFTXJURVIzVkZGMlUydFpXRVp1Y0dkbFMxbFFkRnBQTnpGUFNWcENNVzlvVWtzeVEyVXhUV014ZEZGRWRXWkZSMmR2WW5GU2RqbHRWMDFZV1c5UE5FaHZXR3hrTm5VMVEwUnpNSEJhWjJ4Q05tOU5OVTEwWVVaWE5tMWhSM1JySzBOTVNpdEtiV2xzYXk5SVkyMVBNa05uVERoV1dUWnBZVzFrZUZSV1pWZG9UaTlMTUZBeFoybFdjVkJ4YVhoS05XcGhNMDA1ZERCeFpGWTFRbGM1TWpCdGREaHRaMjFaSzBobVFtUnpTMmh4TjJsRlZrVlZkMFl2UVZWRFRqTmtRVlJOU1RSRWMwcEZURTFFYjNsQmVEbDRjbXRFV2pkdlVVSlNSalZUY1U0elZHZ3dORlY2U1hoWlIySXhaamREY0ZaVFdGTklhMVppV21OaGRtVjNaelZWZUU4MFBRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
- https://clever-redirect.com/s/r6?s=721614&s3=475199633&sid=202202091406287990687e03f972f1eb HTTP 302
- https://lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=de.tannico.com&s1=721614&s2=&s3=475199633&s5=cf
- https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d45f3ea733a87531cd4a4bf95961339a49d984aa63bf3637e3643e5b54ae0beec506dbbcb970af1968db43da64642f69e92873e022ca9fe10f40f56cce1c1c94def566b9fbc41379bec5327e50efcb447c542213be630142d9efddd4ccd37ef13807c615e2fe554265042db3fa730e3d117df10343e9208bd43b46b9d70fbd507e73b180c94b4b247c5977e129473b4adf673dcde6cd31e4dfa7172746733821c1ae2a8c08e9b117f87c999d7b65d1721935f8029d55fe1fe3ca5a3a71ec769e4d0006fe6924b5f7e2890710e323374937e1f62701c3df8719cf56361b615cbcc75b8bf612cd17a70e1e455dfeb21de0&leadId=dc1-kls-prod-srv-03.prod.dc1.kelkoo.net_1644375993453_2421280&clickId=107699104_1644375993409_2589831&url=https%3A%2F%2Fde.tannico.com%2Fvipavska-dolina-sauvignon-zgp-2017-hedele.html%3Fkk%3Da4c6361-17edc726c5f-1690b8%26utm_source%3Dkelkoode%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DHedele%2BVipavska%2BDolina%2BSauvignon%2BZgp%2B201 HTTP 303
- https://de.tannico.com/vipavska-dolina-sauvignon-zgp-2017-hedele.html?kk=a4c6361-17edc726c5f-1690b8&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Hedele+Vipavska+Dolina+Sauvignon+Zgp+201
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
r2.php
1redirb.com/ Redirect Chain
|
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.js
1redirb.com/javascript/ |
899 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
swfobject.js
1redirb.com/javascript/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.php
1redirb.com/ |
0 166 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a
lookandfind.me/s/ Redirect Chain
|
939 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r
lookandfind.me/s/ |
867 B 920 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
go
de-go.kelkoogroup.net/ Redirect Chain
|
28 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p.png
de-go.kelkoogroup.net/assets/images/ |
68 B 629 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tags.js
js.datadome.co/ |
226 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
107 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
fp
de-go.kelkoogroup.net/ |
0 445 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
api-js.datadome.co/js/ |
50 B 227 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vipavska-dolina-sauvignon-zgp-2017-hedele.html
de.tannico.com/ Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| capitolonemobile.com/ | Name: __tad Value: 1644375988.4706162 |
|
| .1redirb.com/ | Name: __dsnsid Value: 202202091406287990687e03f972f1eb |
|
| clever-redirect.com/ | Name: 379deea9313f282f277115251701683a Value: d99d313766ddfb32160da28ca37209335322895ab2455fb3ff717b19dc97d3a9a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22379deea9313f282f277115251701683a%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D |
|
| lookandfind.me/ | Name: bc94e51daa7612e187353d489c2d9e34 Value: ae473514e5356fb231aeed8864db900f42d37fc9abc736cd26573d7e89c3f832a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22bc94e51daa7612e187353d489c2d9e34%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D |
|
| .kelkoogroup.net/ | Name: referer Value: https%3A%2F%2Flookandfind.me%2F |
|
| .kelkoogroup.net/ | Name: kelkooID Value: a4c6361-17edc726c5f-1690b8 |
|
| .kelkoogroup.net/ | Name: lastSearchedKeyword Value: a3dkPUhlZGVsZSBWaXBhdnNrYSBEb2xpbmEgU2F1dmlnbm9uIFpncHx0cz0xNjQ0Mzc1OTkzNDU3fGNhdElkPTEyOTgwMXxjb21JZD0xNjE3NTExMw== |
|
| .kelkoogroup.net/ | Name: datadome Value: BcOlejRApq8pLIEZmnMKLj.p8wvT7YuhMy-E2E4u5VmIy-AJIVHGbfbi3wz1kcBS_K6~nRV7kqh0BkUxBmCd~l6uuJf-f6ynNKnGV8QxzohOnm9e6jFZtO2JB~TQD59 |
|
| .de-go.kelkoogroup.net/ | Name: _ga Value: GA1.3.1358489799.1644375994 |
|
| .de-go.kelkoogroup.net/ | Name: _gid Value: GA1.3.1622219212.1644375994 |
|
| .de-go.kelkoogroup.net/ | Name: _gat_UA-168544891-7 Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1redirb.com
api-js.datadome.co
api.yadore.com
capitolonemobile.com
clever-redirect.com
de-go.kelkoogroup.net
de.tannico.com
js.datadome.co
lookandfind.me
www.google-analytics.com
www.googletagmanager.com
103.224.182.206
103.224.182.240
157.90.169.168
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
35.156.78.174
52.214.84.71
78.46.197.88
88.99.112.2
95.211.116.27
99.86.3.5
2dbb148d0621c2a2839b419950b1259af9bb3b8d19714634e40beb485d9a223e
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
496f81a579e8e186283ff9b1d396d60d2a688300e912a9ce8bc341e39fc57dda
516400b3ca3a3a66efd43cac6c3565bd27abe9e4ab2055f76500c106b04cfc2e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
67e0571ee2e591691df949e4440ad5cd914e2a1d842e67993e24676e6ba43b20
9e732c0535a0d8501df59c4a7b24861e543f978886ab70ec83ebdf591167cb96
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855