Report - www.supernetforme.com/search.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcyOTU2NzE2MiwiaWF0IjoxNzI5NTU5OTYyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMDBhMzdxMXZkbmFjMG92MjQydHZiMDEiLCJuYmYiOjE3Mjk1NTk5NjIsInRzIjoxNzI5NTU5OTYyMjg5MDQ0fQ.G8iNpmwDCdsx6gVLJiY6mGerpAHbtGmhJV-hLiwfGh8&q=1234.2012.275.0.0.d91e3bf0510acc6a59587ab6fed83f23c7394fc93b6cc743fda62834015b1d44.1.5391171&sid=ab340ef4-9013-11ef-9f68-faa0e987145b

Report Overview

Submitted URL
www.supernetforme.com/search.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcyOTU2NzE2MiwiaWF0IjoxNzI5NTU5OTYyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMDBhMzdxMXZkbmFjMG92MjQydHZiMDEiLCJuYmYiOjE3Mjk1NTk5NjIsInRzIjoxNzI5NTU5OTYyMjg5MDQ0fQ.G8iNpmwDCdsx6gVLJiY6mGerpAHbtGmhJV-hLiwfGh8&q=1234.2012.275.0.0.d91e3bf0510acc6a59587ab6fed83f23c7394fc93b6cc743fda62834015b1d44.1.5391171&sid=ab340ef4-9013-11ef-9f68-faa0e987145b
IP
74.63.241.23
ASN
#46475 LIMESTONENETWORKS
Submitted
2024-10-22 01:22:20
Access
public
Website Title
kelkoogroup.net
Final URL
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
priverautional.com	unknown	2023-06-12	2023-06-12	2024-10-14	1.2 kB	8.2 kB	108.157.229.57
www.supernetforme.com	unknown	2014-12-20	2012-06-21	2024-10-21	902 B	506 B	82.192.82.228
veles-swg.com	unknown	2024-09-03	2024-10-13	2024-10-16	1.3 kB	4.6 kB	52.22.1.236
api.shopfinder24.com	unknown	2023-06-23	2023-07-10	2024-10-14	886 B	238 B	3.127.134.231
dd.kelkoogroup.net	unknown	2017-08-18	2022-06-24	2024-10-16	589 B	34 kB	54.240.174.66
ct.captcha-delivery.com	42546	2019-12-23	2020-02-05	2024-10-16	408 B	12 kB	108.157.214.105
geo.captcha-delivery.com	43337	2019-12-23	2020-03-18	2024-10-16	1.8 kB	200 kB	13.49.167.109
dd.prod.captcha-delivery.com	unknown	2019-12-23	2022-04-28	2024-10-16	1.1 kB	28 kB	108.157.229.65
r.linksprf.com	unknown	2023-09-05	2023-09-14	2024-10-16	2.1 kB	3.9 kB	63.33.119.172
no-go.kelkoogroup.net	unknown	2017-08-18	2017-10-30	2024-10-16	6.3 kB	35 kB	95.211.116.26
static.captcha-delivery.com	38537	2019-12-23	2020-05-12	2024-10-16	2.1 kB	40 kB	143.204.55.50

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-21	medium	supernetforme.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout	361 B	2024-10-22 01:22	2024-10-22 01:22
Pretty URL no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout IP 95.211.116.26 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-22 01:22 Last Seen2024-10-22 01:22 Times Seen1 Hash 15c0c30dd66a8b0d282fda3db0b21148 b818fd06f14f3cd77f95cc862617cd6df40353e1 a92dd53a384f553cb630015700162d1ec6f19ba3a30ed249dfca384f35c2ef0e Loading...

	ct.captcha-delivery.com/c.js	11 kB	2024-10-12 00:13	2024-10-22 02:03
Pretty URL ct.captcha-delivery.com/c.js IP 108.157.214.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 00:13 Last Seen2024-10-22 02:03 Times Seen29 Hash 51fb70ab138c06ddce7e1828dfce4326 070506850985a37bd6b9bbe33aab6115f3e0ed61 8490882953d1e080c34948f4dc067aaacd1ffade394d71898592958523f3f975 Loading...

	geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd	588 kB	2024-10-22 01:22	2024-10-22 01:22
Pretty URL geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd IP 13.49.167.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-22 01:22 Last Seen2024-10-22 01:22 Times Seen1 Hash d6a67a6d37e3974c1afd09bc0b58cc0f 7888a0f139bbd43eb17c50023f1f4162b8f4f299 7e3595f5f366aca4bab9e04047a162036c061f58ac1814ffcf63d1b2747bf6a8 Loading...

HTTP Transactions (20)

URL IP Response Size

www.supernetforme.com/search.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcyOTU2NzE2MiwiaWF0IjoxNzI5NTU5OTYyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMDBhMzdxMXZkbmFjMG92MjQydHZiMDEiLCJuYmYiOjE3Mjk1NTk5NjIsInRzIjoxNzI5NTU5OTYyMjg5MDQ0fQ.G8iNpmwDCdsx6gVLJiY6mGerpAHbtGmhJV-hLiwfGh8&q=1234.2012.275.0.0.d91e3bf0510acc6a59587ab6fed83f23c7394fc93b6cc743fda62834015b1d44.1.5391171&sid=ab340ef4-9013-11ef-9f68-faa0e987145b

82.192.82.228

302 Found

11 B

URL
www.supernetforme.com/search.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcyOTU2NzE2MiwiaWF0IjoxNzI5NTU5OTYyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMDBhMzdxMXZkbmFjMG92MjQydHZiMDEiLCJuYmYiOjE3Mjk1NTk5NjIsInRzIjoxNzI5NTU5OTYyMjg5MDQ0fQ.G8iNpmwDCdsx6gVLJiY6mGerpAHbtGmhJV-hLiwfGh8&q=1234.2012.275.0.0.d91e3bf0510acc6a59587ab6fed83f23c7394fc93b6cc743fda62834015b1d44.1.5391171&sid=ab340ef4-9013-11ef-9f68-faa0e987145b
IP
82.192.82.228:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /search.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcyOTU2NzE2MiwiaWF0IjoxNzI5NTU5OTYyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMDBhMzdxMXZkbmFjMG92MjQydHZiMDEiLCJuYmYiOjE3Mjk1NTk5NjIsInRzIjoxNzI5NTU5OTYyMjg5MDQ0fQ.G8iNpmwDCdsx6gVLJiY6mGerpAHbtGmhJV-hLiwfGh8&q=1234.2012.275.0.0.d91e3bf0510acc6a59587ab6fed83f23c7394fc93b6cc743fda62834015b1d44.1.5391171&sid=ab340ef4-9013-11ef-9f68-faa0e987145b HTTP/1.1
Host: www.supernetforme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Tue, 22 Oct 2024 01:21:53 GMT
location: http://veles-swg.com/zclkvisitor/058f5584-9014-11ef-b47d-12c3164d6b1b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18e3bdc0-92ad-11ee-9bb7-0a4ababc2193
server: Cowboy
set-cookie: sid=ab340ef4-9013-11ef-9f68-faa0e987145b; path=/; domain=.supernetforme.com; expires=Sun, 09 Nov 2092 04:36:01 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

veles-swg.com/zclkvisitor/058f5584-9014-11ef-b47d-12c3164d6b1b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18e3bdc0-92ad-11ee-9bb7-0a4ababc2193

52.22.1.236

200

3.1 kB

URL
veles-swg.com/zclkvisitor/058f5584-9014-11ef-b47d-12c3164d6b1b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18e3bdc0-92ad-11ee-9bb7-0a4ababc2193
IP
52.22.1.236:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text, with very long lines (408)
Size
3.1 kB (3086 bytes)
Hash
8d4317e0d680d05df1959fed1809214c
d34e22ceeb37c64964fe7ebe3e07147265803964
d81d4543d009eb3b113dec8514b72a0fa20f6bba36bfc9cdf3a4e1a6e505eb60

HTTP Headers

GET /zclkvisitor/058f5584-9014-11ef-b47d-12c3164d6b1b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18e3bdc0-92ad-11ee-9bb7-0a4ababc2193 HTTP/1.1
Host: veles-swg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Tue, 22 Oct 2024 01:21:54 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 3086
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type

veles-swg.com/zclkredirect?visitid=058f5584-9014-11ef-b47d-12c3164d6b1b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=undefined&timezone=UTC%2B00%3A00&timezoneName=UTC

52.22.1.236

302

0 B

URL
veles-swg.com/zclkredirect?visitid=058f5584-9014-11ef-b47d-12c3164d6b1b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=undefined&timezone=UTC%2B00%3A00&timezoneName=UTC
IP
52.22.1.236:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zclkredirect?visitid=058f5584-9014-11ef-b47d-12c3164d6b1b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=undefined&timezone=UTC%2B00%3A00&timezoneName=UTC HTTP/1.1
Host: veles-swg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://veles-swg.com/zclkvisitor/058f5584-9014-11ef-b47d-12c3164d6b1b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18e3bdc0-92ad-11ee-9bb7-0a4ababc2193
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 
Date: Tue, 22 Oct 2024 01:21:55 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type
Location: https://priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiZTk5Mjk4NWNiNTE0ZTc0OGNmYTAzOTUxZDc1NjRlMiUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9ODE1ZTQzYTVjZmM1ZGVkYzkxMGQ4MmRhNmM1ZjZkMzk%3D%3Fc%3Dwo0hc9kpbavu9125j4j482ra%26var10%3Dbadious-buzzard&caid=315c998e-58d8-4c08-bfb8-8b7a97e56392&zpid=058f5584-9014-11ef-b47d-12c3164d6b1b&cid=wo0hc9kpbavu9125j4j482ra&rt=D&ts=1729560115812&hash=QwNv_yC0h4C226RBJkKcARkvvtekNBHkhd9eBrx-r5k

api.shopfinder24.com/favicon.ico

3.127.134.231

200 OK

0 B

URL
api.shopfinder24.com/favicon.ico
IP
3.127.134.231:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: api.shopfinder24.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.shopfinder24.com/r/dG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiZTk5Mjk4NWNiNTE0ZTc0OGNmYTAzOTUxZDc1NjRlMiUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9ODE1ZTQzYTVjZmM1ZGVkYzkxMGQ4MmRhNmM1ZjZkMzk=?c=wo0hc9kpbavu9125j4j482ra&var10=badious-buzzard
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 22 Oct 2024 01:21:57 GMT
content-type: image/x-icon
content-length: 0
last-modified: Mon, 10 Jul 2023 10:16:37 GMT
etag: "64abda85-0"
accept-ranges: bytes
X-Firefox-Spdy: h2

r.linksprf.com/v1/redirect?type=linkId&id=be992985cb514e748cfa03951d7564e2&api_key=adf407fd1087a1e56eaddec0f5914267&site_id=270cd53ec2334f118ced14a4e8bc849f&dch=feed&ad_t=advertiser&yk_tag=wo0hc9kpbavu9125j4j482ra

63.33.119.172

302 Found

0 B

URL
r.linksprf.com/v1/redirect?type=linkId&id=be992985cb514e748cfa03951d7564e2&api_key=adf407fd1087a1e56eaddec0f5914267&site_id=270cd53ec2334f118ced14a4e8bc849f&dch=feed&ad_t=advertiser&yk_tag=wo0hc9kpbavu9125j4j482ra
IP
63.33.119.172:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/redirect?type=linkId&id=be992985cb514e748cfa03951d7564e2&api_key=adf407fd1087a1e56eaddec0f5914267&site_id=270cd53ec2334f118ced14a4e8bc849f&dch=feed&ad_t=advertiser&yk_tag=wo0hc9kpbavu9125j4j482ra HTTP/1.1
Host: r.linksprf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.shopfinder24.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 22 Oct 2024 01:21:57 GMT
content-length: 0
set-cookie: ykuid=51b3cb366c1a448cbf52e827da22035d; Path=/; Secure; Domain=.linksprf.com; Max-Age=31536000; SameSite=None
JSESSIONID=FFEAF60B9A6064D1CF034D732FABA924; Path=/; HttpOnly
location: /v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%255o0.124e1n.fio%3DsOiSaa2wFe%25R3jsrtchPrWrRfnR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr9h9i2b%26po1n8r8%3D2o9o8f9r9d3715d266d346bae0932812044537v1dck%26ieCrehsdl1u7%261u0t4s4a5a7d_d7a9b6c117e0d_86-5f7904sbr-i6ed34%269o3e8I%3Dd1n3kete6-%3D6cbv4e5%26-42746a2559441c0b5%262d1e5P1r5m2%3D3r0e6p0b%3DiIhcralscbI8%3Dd010409016b67eeeb72e332a743c%3DaI0e0fc%265n0yatcu%26cu3l3s4e3Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nAeaeAeO%3Dxtnpy%25gAf2G%25dF6pk.Qhgpsi%26d3r741c6m927%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=3bd6bdaf906c4f9487d87b1f9053ee8f&sct=1&ct=1729560117513&cu=eeeb74ed36ad41c3a90908c95208a8c1&cs=f24fb841cd66f658fd17577a47489286
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%255o0.124e1n.fio%3DsOiSaa2wFe%25R3jsrtchPrWrRfnR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr9h9i2b%26po1n8r8%3D2o9o8f9r9d3715d266d346bae0932812044537v1dck%26ieCrehsdl1u7%261u0t4s4a5a7d_d7a9b6c117e0d_86-5f7904sbr-i6ed34%269o3e8I%3Dd1n3kete6-%3D6cbv4e5%26-42746a2559441c0b5%262d1e5P1r5m2%3D3r0e6p0b%3DiIhcralscbI8%3Dd010409016b67eeeb72e332a743c%3DaI0e0fc%265n0yatcu%26cu3l3s4e3Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nAeaeAeO%3Dxtnpy%25gAf2G%25dF6pk.Qhgpsi%26d3r741c6m927%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=3bd6bdaf906c4f9487d87b1f9053ee8f&sct=1&ct=1729560117513&cu=eeeb74ed36ad41c3a90908c95208a8c1&cs=f24fb841cd66f658fd17577a47489286

63.33.119.172

200 OK

2.6 kB

URL
r.linksprf.com/v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%255o0.124e1n.fio%3DsOiSaa2wFe%25R3jsrtchPrWrRfnR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr9h9i2b%26po1n8r8%3D2o9o8f9r9d3715d266d346bae0932812044537v1dck%26ieCrehsdl1u7%261u0t4s4a5a7d_d7a9b6c117e0d_86-5f7904sbr-i6ed34%269o3e8I%3Dd1n3kete6-%3D6cbv4e5%26-42746a2559441c0b5%262d1e5P1r5m2%3D3r0e6p0b%3DiIhcralscbI8%3Dd010409016b67eeeb72e332a743c%3DaI0e0fc%265n0yatcu%26cu3l3s4e3Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nAeaeAeO%3Dxtnpy%25gAf2G%25dF6pk.Qhgpsi%26d3r741c6m927%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=3bd6bdaf906c4f9487d87b1f9053ee8f&sct=1&ct=1729560117513&cu=eeeb74ed36ad41c3a90908c95208a8c1&cs=f24fb841cd66f658fd17577a47489286
IP
63.33.119.172:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (666)
Size
2.6 kB (2579 bytes)
Hash
cec345a8e8108e0cfe27edca41ca42cb
acfe02994b6b85e62454bf04c559e79f5f138ce1
baaf52ce874dc9d3f5966d74fcb5bf26a9804feebbb58cdea6b2f42f91e42724

HTTP Headers

GET /v2/go?t=ft4pc%3A8%2F4o4gd.ce1kfo3r2ue.5ec%2F7i%3DeIeurrhhoi.bsp1F2%255o0.124e1n.fio%3DsOiSaa2wFe%25R3jsrtchPrWrRfnR-iaifoleaiinnhdr9e9%3D6p2T%26iofIr%3Dr9h9i2b%26po1n8r8%3D2o9o8f9r9d3715d266d346bae0932812044537v1dck%26ieCrehsdl1u7%261u0t4s4a5a7d_d7a9b6c117e0d_86-5f7904sbr-i6ed34%269o3e8I%3Dd1n3kete6-%3D6cbv4e5%26-42746a2559441c0b5%262d1e5P1r5m2%3D3r0e6p0b%3DiIhcralscbI8%3Dd010409016b67eeeb72e332a743c%3DaI0e0fc%265n0yatcu%26cu3l3s4e3Tdamfcc5y6e6s6a%3DcIeogtni%26irfg%26nAeaeAeO%3Dxtnpy%25gAf2G%25dF6pk.Qhgpsi%26d3r741c6m927%26%3Dutl%3FsGecSabsdt2s0tdn3pco3g4o1l8keo1-ane%2Fbs8t9h&s=https%3A%2F%2Fapi.shopfinder24.com%2F&e=1&ai=3bd6bdaf906c4f9487d87b1f9053ee8f&sct=1&ct=1729560117513&cu=eeeb74ed36ad41c3a90908c95208a8c1&cs=f24fb841cd66f658fd17577a47489286 HTTP/1.1
Host: r.linksprf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.shopfinder24.com/
DNT: 1
Connection: keep-alive
Cookie: ykuid=51b3cb366c1a448cbf52e827da22035d; JSESSIONID=FFEAF60B9A6064D1CF034D732FABA924
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Oct 2024 01:21:57 GMT
content-type: text/html;charset=UTF-8
content-length: 2579
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

no-go.kelkoogroup.net/sitesearchGo?.ts=1729560117431&.sig=QOkS6adwGefRgjyrncxPOWARanA-&affiliationId=96966625&comId=3949323&country=no&offerId=73572263326bae073b812944517d18cb&searchId=1076100342455175_1729560117405_26657740&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269eeeb74ed36ad41c3a90908c95208a8c1&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f

95.211.116.26

200 OK

30 kB

URL
no-go.kelkoogroup.net/sitesearchGo?.ts=1729560117431&.sig=QOkS6adwGefRgjyrncxPOWARanA-&affiliationId=96966625&comId=3949323&country=no&offerId=73572263326bae073b812944517d18cb&searchId=1076100342455175_1729560117405_26657740&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269eeeb74ed36ad41c3a90908c95208a8c1&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
IP
95.211.116.26:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (13792)
Size
30 kB (30136 bytes)
Hash
1bd617cd6dd96b48ff5d7b5d0c2565ee
3abdcc180ba2175d002e9c0d11293d7b6b6952ce
4a58587bbb0d24c851b2456c04ec85e4d9337c8abfac9ede9070f82c10417a43

HTTP Headers

GET /sitesearchGo?.ts=1729560117431&.sig=QOkS6adwGefRgjyrncxPOWARanA-&affiliationId=96966625&comId=3949323&country=no&offerId=73572263326bae073b812944517d18cb&searchId=1076100342455175_1729560117405_26657740&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269eeeb74ed36ad41c3a90908c95208a8c1&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.linksprf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
leadId: 62AE01JARX20RH4SKMSDACZ9XZA1W6
Pragma: no-cache
X-DD-B: 1
Charset: utf-8
clickId: 107698149_1729560118023_13953649
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=ZbyStmy7nx47Tpv1Xf8z_lwJftczpFWol7k6j8TasbsQnFpn4fS_0AMGj0UJ8a0NNSYzsFtcYv8QjvvMkeEKOuljhC9Ue~SkxQBVtAqKOJdwGSP4x49Q~u~fTc3xVi_b; Max-Age=31104000; Expires=Fri, 17 Oct 2025 01:21:58 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6295-192b1d10308-1a4bf4; Max-Age=31536000; Expires=Wed, 22 Oct 2025 01:21:58 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
X-DataDome: protected
Request-Time: PT0.030175572S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg==
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 22 Oct 2024 01:21:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 30136

no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891

95.211.116.26

200 OK

68 B

URL
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891
IP
95.211.116.26:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

HTTP Headers

GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1729560117431&.sig=QOkS6adwGefRgjyrncxPOWARanA-&affiliationId=96966625&comId=3949323&country=no&offerId=73572263326bae073b812944517d18cb&searchId=1076100342455175_1729560117405_26657740&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269eeeb74ed36ad41c3a90908c95208a8c1&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
DNT: 1
Connection: keep-alive
Cookie: datadome=ZbyStmy7nx47Tpv1Xf8z_lwJftczpFWol7k6j8TasbsQnFpn4fS_0AMGj0UJ8a0NNSYzsFtcYv8QjvvMkeEKOuljhC9Ue~SkxQBVtAqKOJdwGSP4x49Q~u~fTc3xVi_b; kelkooID=a4c6295-192b1d10308-1a4bf4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
leadId: 62AE01JARX20RH4SKMSDACZ9XZA1W6
clickId: 107698149_1729560118023_13953649
country: no
Request-Time: PT0.005104062S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 22 Oct 2024 01:21:58 GMT
Content-Type: image/png
Content-Length: 68

dd.kelkoogroup.net/tags.js

54.240.174.66

200 OK

33 kB

URL
dd.kelkoogroup.net/tags.js
IP
54.240.174.66:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix
Size
33 kB (33030 bytes)
Hash
1648bf2796c5b725921043371acb791a
d0591b6d19061885ef0e8ff5f6863e06e5209e66
efdf77f243c05a19af23e980cb5557e87d091bf514fcb8580140e6c0b9be9429

HTTP Headers

GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
DNT: 1
Connection: keep-alive
Cookie: datadome=ZbyStmy7nx47Tpv1Xf8z_lwJftczpFWol7k6j8TasbsQnFpn4fS_0AMGj0UJ8a0NNSYzsFtcYv8QjvvMkeEKOuljhC9Ue~SkxQBVtAqKOJdwGSP4x49Q~u~fTc3xVi_b; kelkooID=a4c6295-192b1d10308-1a4bf4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 12:43:13 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 3leCM9jGAq2_7z1hJqQMAiZ.vKvvZDqu
server: AmazonS3
content-encoding: gzip
date: Tue, 22 Oct 2024 00:35:32 GMT
cache-control: max-age=3600, public
etag: W/"86b848e45746db7159d1fbb589ce0f3f"
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sDQT-QZSK3RfFQdTsABZ2JQno4xJz8BEYk0F0oEkCaWLdQaoFITa5Q==
age: 2787
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout

95.211.116.26

403 Forbidden

725 B

URL User Request GET HTTP/1.1
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout
IP
95.211.116.26:443
ASN
#60781 LeaseWeb Netherlands B.V.

Certificate
IssuerDigiCert Inc
Subject*.kelkoogroup.net
FingerprintAB:7F:31:B1:66:46:76:99:39:20:8C:5B:A4:03:6B:DE:E6:6B:F4:17
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 10 Oct 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (725), with no line terminators
Size
725 B (725 bytes)
Hash
6d5f405f489cd7a6ddb1d1ec0dacb2d2
9dbe19106379a41ac02f91d43964c8affa6e2061
7533a85cf7ceb3e6e57fbf0964dbd7e8d690f86064ab889b9bd97b311e54412b

HTTP Headers

GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/sitesearchGo?.ts=1729560117431&.sig=QOkS6adwGefRgjyrncxPOWARanA-&affiliationId=96966625&comId=3949323&country=no&offerId=73572263326bae073b812944517d18cb&searchId=1076100342455175_1729560117405_26657740&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v030400016269eeeb74ed36ad41c3a90908c95208a8c1&publisherTrafficType=searchengine&originReferer=https%3A%2F%2Fapi.shopfinder24.com%2F&publisherSubId=270cd53ec2334f118ced14a4e8bc849f
DNT: 1
Connection: keep-alive
Cookie: datadome=ZbyStmy7nx47Tpv1Xf8z_lwJftczpFWol7k6j8TasbsQnFpn4fS_0AMGj0UJ8a0NNSYzsFtcYv8QjvvMkeEKOuljhC9Ue~SkxQBVtAqKOJdwGSP4x49Q~u~fTc3xVi_b; kelkooID=a4c6295-192b1d10308-1a4bf4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Pragma: no-cache
X-DD-B: 1
Charset: utf-8
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ; Max-Age=31104000; Expires=Fri, 17 Oct 2025 01:21:58 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.019085427S
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg==
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 22 Oct 2024 01:21:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 725

ct.captcha-delivery.com/c.js

108.157.214.105

200 OK

11 kB

URL GET HTTP/2
ct.captcha-delivery.com/c.js
IP
108.157.214.105:443
ASN
#16509 AMAZON-02

Requested by
https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout
Certificate
IssuerAmazon
Subject*.captcha-delivery.com
FingerprintED:2E:83:EA:4F:B1:B5:19:99:0D:76:95:73:F3:47:D3:5D:96:73:95
ValidityThu, 25 Jul 2024 00:00:00 GMT - Fri, 22 Aug 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
11 kB (10958 bytes)
Hash
51fb70ab138c06ddce7e1828dfce4326
070506850985a37bd6b9bbe33aab6115f3e0ed61
8490882953d1e080c34948f4dc067aaacd1ffade394d71898592958523f3f975

HTTP Headers

GET /c.js HTTP/1.1
Host: ct.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
content-length: 10958
last-modified: Thu, 10 Oct 2024 08:41:32 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 21 Oct 2024 08:42:00 GMT
etag: "51fb70ab138c06ddce7e1828dfce4326"
x-cache: Hit from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: FPMgFmAIlkrpA8WG41GFK2J-WQO_jqZUzaZ5q9mM6rulZhN55-DRuw==
age: 59999
X-Firefox-Spdy: h2

no-go.kelkoogroup.net/favicon.ico

95.211.116.26

404 Not Found

1.1 kB

URL GET HTTP/1.1
no-go.kelkoogroup.net/favicon.ico
IP
95.211.116.26:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout
Certificate
IssuerDigiCert Inc
Subject*.kelkoogroup.net
FingerprintAB:7F:31:B1:66:46:76:99:39:20:8C:5B:A4:03:6B:DE:E6:6B:F4:17
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 10 Oct 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
1.1 kB (1144 bytes)
Hash
8560de521c4990c7c870121fc9643508
0cacf7a6b96cceeb6ceae74d5f14dc87406a6f39
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout
DNT: 1
Connection: keep-alive
Cookie: datadome=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ; kelkooID=a4c6295-192b1d10308-1a4bf4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Request-Time: PT0.000290341S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'none'
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 22 Oct 2024 01:21:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1144

geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd

13.49.167.109

200 OK

200 kB

URL GET HTTP/1.1
geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd
IP
13.49.167.109:443
ASN
#16509 AMAZON-02

Requested by
https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891&url=https%3A%2F%2Fwww.nytelse.no%2Fklitorisvibrator%2Fwomanizer-next-reservehetter-dark-purple%2Fkvinner%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_source_platform%3DKelkooGroup%26utm_term%3DWomanizer%2BNext%2BReservehetter%2B-%2BMedium&initiator=timeout
Certificate
IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint41:02:9F:4B:ED:5F:95:C1:B9:AD:2E:77:48:16:F7:B1:C7:BF:89:EE
ValidityMon, 01 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (42885)
Size
200 kB (200177 bytes)
Hash
66ae8af673082fae97dd9f492f788099
1b577616e848dc59155be97d6ee708b9774d68b9
6245821f5f66824593b693b7e69b4bf291ba9925bc3136492f5f705ced5541eb

HTTP Headers

GET /captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 22 Oct 2024 01:21:58 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip

dd.prod.captcha-delivery.com/image/2024-10-22/f8d06c9cfc2fb5764252d91c021e02aa.jpg

108.157.229.65

200 OK

20 kB

URL GET HTTP/2
dd.prod.captcha-delivery.com/image/2024-10-22/f8d06c9cfc2fb5764252d91c021e02aa.jpg
IP
108.157.229.65:443
ASN
#16509 AMAZON-02

Requested by
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd
Certificate
IssuerAmazon
Subjectdd.prod.captcha-delivery.com
Fingerprint27:E0:19:52:08:B4:4E:3E:03:D8:D4:80:80:61:BE:8A:39:D7:60:9B
ValidityTue, 27 Feb 2024 00:00:00 GMT - Thu, 27 Mar 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 280x155, components 3
Size
20 kB (19976 bytes)
Hash
474c40f1176ea5888b44b2a81d727419
b31e999ef73ba8b7bc6306eced22fd720dafa0eb
0d7471ba454dd0ef150f702ebb61be728b0b3bd3ca056ed6338aa6d62bdbddcd

HTTP Headers

GET /image/2024-10-22/f8d06c9cfc2fb5764252d91c021e02aa.jpg HTTP/1.1
Host: dd.prod.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 19976
date: Tue, 22 Oct 2024 00:01:06 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
last-modified: Fri, 18 Oct 2024 05:01:18 GMT
x-amz-expiration: expiry-date="Sat, 26 Oct 2024 00:00:00 GMT", rule-id="auto-clean old captchas (7 days)"
etag: "474c40f1176ea5888b44b2a81d727419"
x-amz-server-side-encryption: AES256
x-amz-version-id: lg4K1dVmA822qjQ0sE2d9yszwNcmqc1u
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: hKtisdoXxE1WeMk22g0P1Mpe7FKKkiXm8rJJuDxM-BIZbALYIx3dGQ==
age: 4854
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

dd.prod.captcha-delivery.com/image/2024-10-22/f8d06c9cfc2fb5764252d91c021e02aa.frag.png

108.157.229.65

200 OK

6.5 kB

URL GET HTTP/2
dd.prod.captcha-delivery.com/image/2024-10-22/f8d06c9cfc2fb5764252d91c021e02aa.frag.png
IP
108.157.229.65:443
ASN
#16509 AMAZON-02

Requested by
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd
Certificate
IssuerAmazon
Subjectdd.prod.captcha-delivery.com
Fingerprint27:E0:19:52:08:B4:4E:3E:03:D8:D4:80:80:61:BE:8A:39:D7:60:9B
ValidityTue, 27 Feb 2024 00:00:00 GMT - Thu, 27 Mar 2025 23:59:59 GMT

File type
PNG image data, 63 x 155, 8-bit/color RGBA, non-interlaced
Size
6.5 kB (6487 bytes)
Hash
f95834fdfe553c23975935ddf1931183
ef1483f556316176be3cb1f7d853f0b8989c074e
1343f137477df529015ecbbda0616be6bad3bd0ac1eafe4ce060bd2889f5734e

HTTP Headers

GET /image/2024-10-22/f8d06c9cfc2fb5764252d91c021e02aa.frag.png HTTP/1.1
Host: dd.prod.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 6487
date: Tue, 22 Oct 2024 00:01:06 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
last-modified: Fri, 18 Oct 2024 05:01:18 GMT
x-amz-expiration: expiry-date="Sat, 26 Oct 2024 00:00:00 GMT", rule-id="auto-clean old captchas (7 days)"
etag: "f95834fdfe553c23975935ddf1931183"
x-amz-server-side-encryption: AES256
x-amz-version-id: hAJmOr6gi8vk26lcXZguJuNPydmCosEE
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: wtwxOemt1d8k2WDMGA4aSZUhOdnqpUHCzG4aSs7X5E4UjV8SUEwsFg==
age: 4854
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

static.captcha-delivery.com/common/fonts/roboto/font-face.css

143.204.55.50

200 OK

519 B

URL GET HTTP/2
static.captcha-delivery.com/common/fonts/roboto/font-face.css
IP
143.204.55.50:443
ASN
#16509 AMAZON-02

Requested by
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd
Certificate
IssuerAmazon
Subject*.captcha-delivery.com
FingerprintED:2E:83:EA:4F:B1:B5:19:99:0D:76:95:73:F3:47:D3:5D:96:73:95
ValidityThu, 25 Jul 2024 00:00:00 GMT - Fri, 22 Aug 2025 23:59:59 GMT

File type
ASCII text
Size
519 B (519 bytes)
Hash
e4f77074c0ffbfab377011e19283eb13
9160259165ca1ef84209d4dd675c3ed367babff1
66599c34190f7a6a402b38664a30a9b564fc22510f51fa3c5f027fb91e7a0e51

HTTP Headers

GET /common/fonts/roboto/font-face.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 519
last-modified: Fri, 19 Jul 2024 12:42:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 21 Oct 2024 01:39:59 GMT
etag: "e4f77074c0ffbfab377011e19283eb13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lBylmgnMF8BPUJCvFUKDdHDFRDZFf3QfNoul9Wfh4klQHyqVo7isjQ==
age: 85321
X-Firefox-Spdy: h2

static.captcha-delivery.com/common/fonts/roboto/roboto.woff2

143.204.55.50

200 OK

16 kB

URL GET HTTP/2
static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
143.204.55.50:443
ASN
#16509 AMAZON-02

Requested by
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd
Certificate
IssuerAmazon
Subject*.captcha-delivery.com
FingerprintED:2E:83:EA:4F:B1:B5:19:99:0D:76:95:73:F3:47:D3:5D:96:73:95
ValidityThu, 25 Jul 2024 00:00:00 GMT - Fri, 22 Aug 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Size
16 kB (15688 bytes)
Hash
aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

HTTP Headers

GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 22 Oct 2024 00:26:53 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xpoP1aPL56oH5s-Pa3iGAlZ-S9El113-DliDFBt0XBTRxyYJY3VZAQ==
age: 3308
X-Firefox-Spdy: h2

static.captcha-delivery.com/common/fonts/roboto/roboto.woff2

143.204.55.50

200 OK

16 kB

URL GET HTTP/2
static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
143.204.55.50:443
ASN
#16509 AMAZON-02

Requested by
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd
Certificate
IssuerAmazon
Subject*.captcha-delivery.com
FingerprintED:2E:83:EA:4F:B1:B5:19:99:0D:76:95:73:F3:47:D3:5D:96:73:95
ValidityThu, 25 Jul 2024 00:00:00 GMT - Fri, 22 Aug 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Size
16 kB (15688 bytes)
Hash
aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

HTTP Headers

GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 22 Oct 2024 00:26:53 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OYMYVqEsXCdrQltuONAIUH5atnXqJfGVbTzjnDR15mfMJMdTl9G8OQ==
age: 3309
X-Firefox-Spdy: h2

priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiZTk5Mjk4NWNiNTE0ZTc0OGNmYTAzOTUxZDc1NjRlMiUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9ODE1ZTQzYTVjZmM1ZGVkYzkxMGQ4MmRhNmM1ZjZkMzk%3D%3Fc%3Dwo0hc9kpbavu9125j4j482ra%26var10%3Dbadious-buzzard&caid=315c998e-58d8-4c08-bfb8-8b7a97e56392&zpid=058f5584-9014-11ef-b47d-12c3164d6b1b&cid=wo0hc9kpbavu9125j4j482ra&rt=D&ts=1729560115812&hash=QwNv_yC0h4C226RBJkKcARkvvtekNBHkhd9eBrx-r5k

108.157.229.57

200 OK

7.5 kB

URL
priverautional.com/zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiZTk5Mjk4NWNiNTE0ZTc0OGNmYTAzOTUxZDc1NjRlMiUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9ODE1ZTQzYTVjZmM1ZGVkYzkxMGQ4MmRhNmM1ZjZkMzk%3D%3Fc%3Dwo0hc9kpbavu9125j4j482ra%26var10%3Dbadious-buzzard&caid=315c998e-58d8-4c08-bfb8-8b7a97e56392&zpid=058f5584-9014-11ef-b47d-12c3164d6b1b&cid=wo0hc9kpbavu9125j4j482ra&rt=D&ts=1729560115812&hash=QwNv_yC0h4C226RBJkKcARkvvtekNBHkhd9eBrx-r5k
IP
108.157.229.57:0
ASN
#16509 AMAZON-02

File type
data
Size
7.5 kB (7488 bytes)
Hash
2524fb935d41ac1217b45f90d433fe6c
10a9b7cf5945f5e8c8233732bd8ccb67e67e6cee
60b4ec1731af5b74b07e185aca69874591c753368db7443e232b29cdc2dc47cd

HTTP Headers

GET /zp-redirect?target=https%3A%2F%2Fapi.shopfinder24.com%2Fr%2FdG89aHR0cHMlM0ElMkYlMkZyLmxpbmtzcHJmLmNvbSUyRnYxJTJGcmVkaXJlY3QlM0Z0eXBlJTNEbGlua0lkJTI2aWQlM0RiZTk5Mjk4NWNiNTE0ZTc0OGNmYTAzOTUxZDc1NjRlMiUyNmFwaV9rZXklM0RhZGY0MDdmZDEwODdhMWU1NmVhZGRlYzBmNTkxNDI2NyUyNnNpdGVfaWQlM0QyNzBjZDUzZWMyMzM0ZjExOGNlZDE0YTRlOGJjODQ5ZiUyNmRjaCUzRGZlZWQlMjZhZF90JTNEYWR2ZXJ0aXNlciUyNnlrX3RhZyUzRCU3QmNsaWNraWQlN0QmdD0wJnM9ODE1ZTQzYTVjZmM1ZGVkYzkxMGQ4MmRhNmM1ZjZkMzk%3D%3Fc%3Dwo0hc9kpbavu9125j4j482ra%26var10%3Dbadious-buzzard&caid=315c998e-58d8-4c08-bfb8-8b7a97e56392&zpid=058f5584-9014-11ef-b47d-12c3164d6b1b&cid=wo0hc9kpbavu9125j4j482ra&rt=D&ts=1729560115812&hash=QwNv_yC0h4C226RBJkKcARkvvtekNBHkhd9eBrx-r5k HTTP/1.1
Host: priverautional.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://veles-swg.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html;charset=UTF-8
date: Tue, 22 Oct 2024 01:21:56 GMT
set-cookie: cc-v4=qeN89mJMPpBjLMKFYfiyDfuqVuZlx6%2FrO3MXpPnzZZNS3%2FKPayCd39FB6j8J4ECcsqQppxNHbmPHb3IOsR8jBFjo0lYXMtOLNvTxTsjtKAH28aGR1jmQvKOejQGhH6GlW99wJ8dVv9q06VARPu1jKQ%3D%3D; Max-Age=31536000; Expires=Wed, 22 Oct 2025 01:21:56 GMT; Domain=priverautional.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: Miss from cloudfront
via: 1.1 ce3c66cc97e84e18b943362365d9ba66.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: vCsy7GUZ0QjIv58TnwKBr1kU9CInsUK_b2k6NGQrVJcUlpiuEewL4Q==
X-Firefox-Spdy: h2

static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css

143.204.55.50

200 OK

6.2 kB

URL GET HTTP/2
static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css
IP
143.204.55.50:443
ASN
#16509 AMAZON-02

Requested by
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAz5V1cjHjR2EAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=kMlK8mJ6TpA39v4VqFfWem6VSKpHf_6ycgJGbb5djhm508kLrDlhPC_8BkPk5r8DkWJgvD1uNQB5QaK43PwSiQ~g3w1ofcXkip~RnUkjRKO~tpCvoc7RnbGfd3B2RiiQ&t=fe&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464bec641311967ff84b23b495819093cb988d8a4d7a6eff6aa9a5ea686d7b1fe1858eae63f12bff69df2b79b8793ad00e27a1c8010677cc278d6d411fcd20a93cbd5e4935b8688f5601fee153c1166015466037187c86928a4b6b812da7adc17a6754b789d3bee96e3edf1d7c6072a5eac3aad38b44fd2049bc092423f65f223018f328f25a558e38a841140839d9350ac2709eac01b101f449f01209fec68dfe3a9ec0d421a9cd4e39f1a45855bf5ba78f214c2351b198f664d2d1e94d60d264616bdeeca31f148e0d20fb9083925e2cf41fa2ba0a9c721239c43aa186b456b663816aee850c1a4d87261f5595eddbd53aea638cec4d2fba65b2c54c5a5f2c2b87def5b25128b45bd6c6ffd7ce75a6891%26url%3Dhttps%253A%252F%252Fwww.nytelse.no%252Fklitorisvibrator%252Fwomanizer-next-reservehetter-dark-purple%252Fkvinner%252F%253Futm_source%253Dkelkoono%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_source_platform%253DKelkooGroup%2526utm_term%253DWomanizer%252BNext%252BReservehetter%252B-%252BMedium%26initiator%3Dtimeout&s=35103&e=6dfb6fdc186969bcdbaf0fd5362e5e08e12404579e94b4a9cf3b7e713ba5abb3&dm=cd
Certificate
IssuerAmazon
Subject*.captcha-delivery.com
FingerprintED:2E:83:EA:4F:B1:B5:19:99:0D:76:95:73:F3:47:D3:5D:96:73:95
ValidityThu, 25 Jul 2024 00:00:00 GMT - Fri, 22 Aug 2025 23:59:59 GMT

File type
ASCII text, with very long lines (6892), with no line terminators
Size
6.2 kB (6162 bytes)
Hash
d6882e46f843cd956a4ff0cc1906170f
9cce6f420346ea6fd2f96c6f5d257f2b28d0adb6
84da6d4da68c3ac37cab4889826253a4dedd37958eb23b100a2c27f13e5626ac

HTTP Headers

GET /captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 11 Apr 2024 08:21:58 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Mon, 21 Oct 2024 01:34:32 GMT
etag: W/"1f113f0b6d6855568c684e354bb853d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vFlTy61f2NthRaNJsLR8Yp1XSNF2qXX6pueYLAJyq46wvLRkSp5pTw==
age: 85648
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN