urlscan.io logo urlscan.io
SecurityTrails logo

be-go.kelkoogroup.net Open in urlscan Pro
95.211.116.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.windmillmovements.com/unsub.php?qs=8f0a5d6ffeb84f969aa01e80c5352aa1
Effective URL: https://be-go.kelkoogroup.net/go?country=be&k=c17477a46a628db0f34a4353947e27a26fd84a603a4086c0fcef018ecf3467201951a26365b60f10...
Submission: On August 28 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 16 HTTP transactions. The main IP is 95.211.116.27, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is be-go.kelkoogroup.net.
TLS certificate: Issued by Thawte RSA CA 2018 on July 31st 2019. Valid for: a year.
This is the only time be-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 193.24.233.27 202998 (GONET)
1 3 198.143.165.221 32475 (SINGLEHOP...)
1 3 107.6.174.196 32475 (SINGLEHOP...)
1 213.227.130.57 60781 (LEASEWEB-...)
1 2 52.0.152.125 14618 (AMAZON-AES)
1 2 151.80.221.9 16276 (OVH)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 3.222.112.72 14618 (AMAZON-AES)
1 1 50.16.52.56 14618 (AMAZON-AES)
3 163.172.233.4 12876 (AS12876)
1 163.172.233.16 12876 (AS12876)
1 2 95.211.116.27 60781 (LEASEWEB-...)
16 11
2    193.24.233.27 (Lithuania)

ASN202998 (GONET, LT)
PTR: gmtaa.mail.windmillmovements.com
click.windmillmovements.com
3    198.143.165.221 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
links.securedark.com
3    107.6.174.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: bigfish.setupcentral.network
up.trkgenius.com
1    213.227.130.57 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
minently.com
2    52.0.152.125 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-152-125.compute-1.amazonaws.com
pop.bid
2    151.80.221.9 (Netherlands)

ASN16276 (OVH, FR)
PTR: core.royalads.net
core.royalads.net
1    2606:4700:20::6819:b011 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
popcash.net
2    3.222.112.72 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-222-112-72.compute-1.amazonaws.com
ps.popcash.net
1    50.16.52.56 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-50-16-52-56.compute-1.amazonaws.com
usd.odysseus-nua.com
3    163.172.233.4 (France)

ASN12876 (AS12876, FR)
ssl3.keelbeel.com
www.keelbeel.com
1    163.172.233.16 (France)

ASN12876 (AS12876, FR)
clic.grenads.com
2    95.211.116.27 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com
be-go.kelkoogroup.net
Domain Requested by
3 up.trkgenius.com 1 redirects links.securedark.com
up.trkgenius.com
3 links.securedark.com 1 redirects click.windmillmovements.com
links.securedark.com
2 be-go.kelkoogroup.net 1 redirects clic.grenads.com
2 ssl3.keelbeel.com ps.popcash.net
ssl3.keelbeel.com
2 ps.popcash.net 1 redirects core.royalads.net
2 core.royalads.net 1 redirects pop.bid
2 pop.bid minently.com
2 click.windmillmovements.com 1 redirects
1 clic.grenads.com ssl3.keelbeel.com
1 www.keelbeel.com ssl3.keelbeel.com
1 usd.odysseus-nua.com 1 redirects
1 popcash.net 1 redirects
1 minently.com
0 fr-go.kelkoogroup.net Failed be-go.kelkoogroup.net
16 14

This site contains no links.

Subject Issuer Validity Valid
up.trkgenius.com
Let's Encrypt Authority X3		 2019-07-21 -
2019-10-19		 3 months crt.sh
minently.com
Let's Encrypt Authority X3		 2019-07-12 -
2019-10-10		 3 months crt.sh
*.keelbeel.com
COMODO RSA Domain Validation Secure Server CA		 2017-11-11 -
2020-11-10		 3 years crt.sh
www.keelbeel.com
cPanel, Inc. Certification Authority		 2019-06-20 -
2019-09-18		 3 months crt.sh
clic.grenads.com
cPanel, Inc. Certification Authority		 2019-06-25 -
2019-09-23		 3 months crt.sh
*.kelkoogroup.net
Thawte RSA CA 2018		 2019-07-31 -
2020-08-28		 a year crt.sh

This page contains 1 frames:

Frame: https://fr-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1566870083979&.sig=C6oa.qW.oMSuZOGcllagtcKH.SA-&affiliationId=96957261&catId=138201&comId=100453912&contextLevel=2&country=fr&localCatId=138201&offerId=0f25d19d5d1050acf659ddae29a82a49&searchId=null&service=11&wait=true
Frame ID: A1E75FD08308D4D36C0235A8F9F9F1ED
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.windmillmovements.com/unsub.php?qs=8f0a5d6ffeb84f969aa01e80c5352aa1 HTTP 302
    http://click.windmillmovements.com/c/unsubscribe?email=pierrevh%40pvhmgt.be&list=windmillmovements.com&locale=s... Page URL
  2. http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
  3. http://links.securedark.com/?utm_term=6730107521161232569&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  4. http://links.securedark.com/proc.php?708689e3609d1351b1d4c00538e01a1ba9a9154f HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=673010752116123... Page URL
  5. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232... Page URL
  6. https://up.trkgenius.com/out.php?v=a2d7827c84cb09e9e10fcb96075117c5 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
  7. http://pop.bid/go/216668/456926 Page URL
  8. http://pop.bid/ad/ad?p=216668&w=456926&t=294b4f434e19aca8&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5... HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926 Page URL
  9. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926&ref=http%3A%2F%2Fpop... HTTP 302
    http://popcash.net/world/go/79141/465699 HTTP 301
    http://ps.popcash.net/go/79141/465699 Page URL
  10. http://ps.popcash.net/ad/ad?p=79141&w=465699&t=c2988c860c65aeca&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxh... HTTP 303
    http://usd.odysseus-nua.com/zcvisitor/b45b0c70-c960-11e9-abfa-125ac74fe6d2?campaignid=21b02750-a5e0-11e8... HTTP 302
    https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e... Page URL
  11. https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e... Page URL
  12. https://clic.grenads.com/?country=be&command=zrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a... Page URL
  13. https://be-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1566975285086&.sig=m4TV0YBBBlTegianyvXiMfA1Snc-&affi... HTTP 307
    https://be-go.kelkoogroup.net/go?country=be&k=c17477a46a628db0f34a4353947e27a26fd84a603a4086c0fcef018ecf34... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

50 %
HTTPS

8 %
IPv6

11
Domains

14
Subdomains

11
IPs

4
Countries

28 kB
Transfer

34 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.windmillmovements.com/unsub.php?qs=8f0a5d6ffeb84f969aa01e80c5352aa1 HTTP 302
    http://click.windmillmovements.com/c/unsubscribe?email=pierrevh%40pvhmgt.be&list=windmillmovements.com&locale=sv_SE&e=e:dY-nlDhg6tc60ZXrMBtgRw Page URL
  2. http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
  3. http://links.securedark.com/?utm_term=6730107521161232569&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d Page URL
  4. http://links.securedark.com/proc.php?708689e3609d1351b1d4c00538e01a1ba9a9154f HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704 Page URL
  5. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704&m=_rbo9fQ-VlTu53AqpI4l1x8M5I4dFrCOF6yAzsZ9E8AZFrAkd2Ai_xAkdz4E_L4tdVxZSr3QddV3lGvdv3Aq553.55e_c3nXlsV0QdVVlG9drX.i_f1_zuCh Page URL
  6. https://up.trkgenius.com/out.php?v=a2d7827c84cb09e9e10fcb96075117c5 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=7452c3859a458214c743e4899e74ef57&ext1=dvx Page URL
  7. http://pop.bid/go/216668/456926 Page URL
  8. http://pop.bid/ad/ad?p=216668&w=456926&t=294b4f434e19aca8&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926 Page URL
  9. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926&ref=http%3A%2F%2Fpop.bid%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=yDD7Po4Vfq7hf8pR&ven=&ver=&iif=0 HTTP 302
    http://popcash.net/world/go/79141/465699 HTTP 301
    http://ps.popcash.net/go/79141/465699 Page URL
  10. http://ps.popcash.net/ad/ad?p=79141&w=465699&t=c2988c860c65aeca&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200 HTTP 303
    http://usd.odysseus-nua.com/zcvisitor/b45b0c70-c960-11e9-abfa-125ac74fe6d2?campaignid=21b02750-a5e0-11e8-86aa-0e41d0acbc1a HTTP 302
    https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d Page URL
  11. https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d&step=2 Page URL
  12. https://clic.grenads.com/?country=be&command=zrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d Page URL
  13. https://be-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1566975285086&.sig=m4TV0YBBBlTegianyvXiMfA1Snc-&affiliationId=96950167&catId=138201&comId=100497628&contextLevel=1&contextOfferPosition=42&contextPageSize=50&country=be&ecs=ok&merchantid=100497628&offerId=55fde981e290ce3b3c28eeef6117f23c&searchId=1076992079442_1566975285045_9813&searchQuery=&service=5&wait=true&custom1=be_zendart-design HTTP 307
    https://be-go.kelkoogroup.net/go?country=be&k=c17477a46a628db0f34a4353947e27a26fd84a603a4086c0fcef018ecf3467201951a26365b60f10c242aa428f37a259278527f2b29da3709437c412781cbb1a8d0598a668c3ecdb2e0f202858bb2625ffb38d7b47dfa69b40ef190d9165f3a8145917f0787913244800c91d28b8428419c9fb27506704f6e621f7d185ac6a8bbe840e631f915e598fa88685961d9eb0b6c622355e19c93c018d559a7ebad65b2eca25f0668e63be7c0089197ec6ca8e4aef52b14b6b2b17fa48556215d1eaea093ea4adaea754c14faf0e8281e9f98201c90d096e19a53fcf675aa9758dc3bd1acb9b03d9c114d98159d7b04394d9d1956b3216727d603c6bbd15181eccb88bdd780e26fb1f518cdb646520c894b880b4d42016597a6be8d39fb9d73a5b178253c9ef5f01c4128ff32528697b3a86d32638b4719da980cf4d6f98e729d0afd1ab93f5793e7140dab6755ae700d5d38503b56a192fcac9b45325d97071fef76f4d6feeafb2eb9bd2edf524175925474f2e0e3b00b5f398fd79c601d9e985f733a1ac7c4060afd4c19d82a81e700f6546dad24a980ecdf9d17f48971e6bfa53e5&o= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://click.windmillmovements.com/unsub.php?qs=8f0a5d6ffeb84f969aa01e80c5352aa1 HTTP 302
  • http://click.windmillmovements.com/c/unsubscribe?email=pierrevh%40pvhmgt.be&list=windmillmovements.com&locale=sv_SE&e=e:dY-nlDhg6tc60ZXrMBtgRw
Request Chain 3
  • http://links.securedark.com/proc.php?708689e3609d1351b1d4c00538e01a1ba9a9154f HTTP 302
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704
Request Chain 5
  • https://up.trkgenius.com/out.php?v=a2d7827c84cb09e9e10fcb96075117c5 HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=7452c3859a458214c743e4899e74ef57&ext1=dvx
Request Chain 8
  • http://pop.bid/ad/ad?p=216668&w=456926&t=294b4f434e19aca8&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926
Request Chain 9
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926&ref=http%3A%2F%2Fpop.bid%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=yDD7Po4Vfq7hf8pR&ven=&ver=&iif=0 HTTP 302
  • http://popcash.net/world/go/79141/465699 HTTP 301
  • http://ps.popcash.net/go/79141/465699
Request Chain 10
  • http://ps.popcash.net/ad/ad?p=79141&w=465699&t=c2988c860c65aeca&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200 HTTP 303
  • http://usd.odysseus-nua.com/zcvisitor/b45b0c70-c960-11e9-abfa-125ac74fe6d2?campaignid=21b02750-a5e0-11e8-86aa-0e41d0acbc1a HTTP 302
  • https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d
Request Chain 14
  • https://be-go.kelkoogroup.net/redirect?country=be&k=612f7a9541cd6ea61eb554c0e4cff4373e38ceddede2ace562536b637b1e61f4d61ef527334c0a316d42f3aa072726f1a3f2d39fbaa2933c10a03ff4a32d061469ba8279f35e36427611cb0e2b08d31ef44ad5329d65e722762a7c515e9bbd7a2f04745de36f64a2d27965160c819f1f&leadId=dc1-kls-prod-srv-05.prod.dc1.kelkoo.net_1566975288405_693263&clickId=10769939_1566975288361_771428&url=https%3A%2F%2Ffr-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1566870083979%26.sig%3DC6oa.qW.oMSuZOGcllagtcKH.SA-%26affiliationId%3D96957261%26catId%3D138201%26comId%3D100453912%26contextLevel%3D2%26country%3Dfr%26localCatId%3D138201%26offerId%3D0f25d19d5d1050acf659ddae29a82a49%26searchId%3Dnull%26service%3D11%26wait%3Dtrue HTTP 303
  • https://fr-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1566870083979&.sig=C6oa.qW.oMSuZOGcllagtcKH.SA-&affiliationId=96957261&catId=138201&comId=100453912&contextLevel=2&country=fr&localCatId=138201&offerId=0f25d19d5d1050acf659ddae29a82a49&searchId=null&service=11&wait=true

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
unsubscribe
click.windmillmovements.com/c/
Redirect Chain
  • http://click.windmillmovements.com/unsub.php?qs=8f0a5d6ffeb84f969aa01e80c5352aa1
  • http://click.windmillmovements.com/c/unsubscribe?email=pierrevh%40pvhmgt.be&list=windmillmovements.com&locale=sv_SE&e=e:dY-nlDhg6tc60ZXrMBtgRw
824 B
821 B 		Document
General
Check archive.org
Download Go to
Full URL
http://click.windmillmovements.com/c/unsubscribe?email=pierrevh%40pvhmgt.be&list=windmillmovements.com&locale=sv_SE&e=e:dY-nlDhg6tc60ZXrMBtgRw
Protocol
HTTP/1.1
Server
193.24.233.27 , Lithuania, ASN202998 (GONET, LT),
Reverse DNS
gmtaa.mail.windmillmovements.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b639c02c423386e732cc64bccc3272604b60fdbf3b54a6e31f96fee47b91abd9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
click.windmillmovements.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 28 Aug 2019 06:54:23 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Content-Encoding
gzip

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 28 Aug 2019 06:54:23 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Location
http://click.windmillmovements.com/c/unsubscribe?email=pierrevh%40pvhmgt.be&list=windmillmovements.com&locale=sv_SE&e=e:dY-nlDhg6tc60ZXrMBtgRw
Cookie set /
links.securedark.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Requested by
Host: click.windmillmovements.com
URL: http://click.windmillmovements.com/c/unsubscribe?email=pierrevh%40pvhmgt.be&list=windmillmovements.com&locale=sv_SE&e=e:dY-nlDhg6tc60ZXrMBtgRw
Protocol
HTTP/1.1
Server
198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
b8e63b9e388a8973cce39b20eb0ed85702bc0c5ae08579c38f01b1812f3b0a8c

Request headers

Host
links.securedark.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://click.windmillmovements.com/c/unsubscribe?email=pierrevh%40pvhmgt.be&list=windmillmovements.com&locale=sv_SE&e=e:dY-nlDhg6tc60ZXrMBtgRw
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://click.windmillmovements.com/c/unsubscribe?email=pierrevh%40pvhmgt.be&list=windmillmovements.com&locale=sv_SE&e=e:dY-nlDhg6tc60ZXrMBtgRw

Response headers

Server
nginx
Date
Wed, 28 Aug 2019 06:54:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
u=377b520bea5029e73dfe5ecb15262f7e; expires=Thu, 27-Aug-2020 06:54:26 GMT; Max-Age=31536000; path=/
Content-Encoding
gzip
/
links.securedark.com/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://links.securedark.com/?utm_term=6730107521161232569&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Requested by
Host: links.securedark.com
URL: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Protocol
HTTP/1.1
Server
198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
fd5015f784c92374ded489c3b2abb20fee9abf85a8c17aa6ca9d3bee3f3cb237

Request headers

Host
links.securedark.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Accept-Encoding
gzip, deflate
Cookie
u=377b520bea5029e73dfe5ecb15262f7e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72

Response headers

Server
nginx
Date
Wed, 28 Aug 2019 06:54:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
in.html
up.trkgenius.com/
Redirect Chain
  • http://links.securedark.com/proc.php?708689e3609d1351b1d4c00538e01a1ba9a9154f
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704
Requested by
Host: links.securedark.com
URL: http://links.securedark.com/?utm_term=6730107521161232569&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.17.0 /
Resource Hash
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://links.securedark.com/?utm_term=6730107521161232569&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://links.securedark.com/?utm_term=6730107521161232569&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d

Response headers

status
200
server
nginx/1.17.0
date
Wed, 28 Aug 2019 06:54:27 GMT
content-type
text/html
last-modified
Sun, 27 Jan 2019 05:38:08 GMT
etag
W/"5c4d43c0-1605"
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 28 Aug 2019 06:54:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704
in.php
up.trkgenius.com/ 		1 KB
984 B 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704&m=_rbo9fQ-VlTu53AqpI4l1x8M5I4dFrCOF6yAzsZ9E8AZFrAkd2Ai_xAkdz4E_L4tdVxZSr3QddV3lGvdv3Aq553.55e_c3nXlsV0QdVVlG9drX.i_f1_zuCh
Requested by
Host: up.trkgenius.com
URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.17.0 /
Resource Hash
0c43916b5dc14d56b3d3224586af0609d4a6bd8edb45fdbb710c27538f0fe093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704&m=_rbo9fQ-VlTu53AqpI4l1x8M5I4dFrCOF6yAzsZ9E8AZFrAkd2Ai_xAkdz4E_L4tdVxZSr3QddV3lGvdv3Aq553.55e_c3nXlsV0QdVVlG9drX.i_f1_zuCh
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704

Response headers

status
200
server
nginx/1.17.0
date
Wed, 28 Aug 2019 06:54:27 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
refresh
0; url=out.php?v=a2d7827c84cb09e9e10fcb96075117c5
set-cookie
t=979dffb2a1874ffd
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://up.trkgenius.com/out.php?v=a2d7827c84cb09e9e10fcb96075117c5
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=7452c3859a458214c743e4899e74ef57&ext1=dvx
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=7452c3859a458214c743e4899e74ef57&ext1=dvx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.227.130.57 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
eab10a3f0b4d6ddabddf8bf7c0a2488960c34f9c4aafa2e909a8154bd6a4afb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Host
minently.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704&m=_rbo9fQ-VlTu53AqpI4l1x8M5I4dFrCOF6yAzsZ9E8AZFrAkd2Ai_xAkdz4E_L4tdVxZSr3QddV3lGvdv3Aq553.55e_c3nXlsV0QdVVlG9drX.i_f1_zuCh
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730107521161232569&pubid=2704&m=_rbo9fQ-VlTu53AqpI4l1x8M5I4dFrCOF6yAzsZ9E8AZFrAkd2Ai_xAkdz4E_L4tdVxZSr3QddV3lGvdv3Aq553.55e_c3nXlsV0QdVVlG9drX.i_f1_zuCh

Response headers

date
Wed, 28 Aug 2019 06:54:29 GMT
content-type
text/html;charset=utf-8
transfer-encoding
chunked
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-encoding
gzip
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=bedb24bee691514921fc712233eb48b8_1566975268.7493; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 06:54:28 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1566975268.752; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 06:54:28 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3VDRjL3FIZDNFQkJjOHJKeEVNVkJ5Ky9EaGt6M1l3QTdtZjJQOHpBWEZtKw%3D%3D; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 06:54:28 UTC; Secure bedb24bee691514921fc712233eb48b8_1566975268.7493_ck=MzhEZ044WllxeTNrQ0VUajhpc0luL01aclZJUFRHSmJSTDBFRDRhKzNVTXdYZnZZcXR6bC9CVWFEN1ZyVkd5VXlUVFdLVkphOUQ4elFZNHZqenltWFNKaEpJck0vaGliYWxtekNKV3oyR1FaQUh5aDd4Tk40Mm9hUjBMU1pCVDF0WWJlbEVDZDFBNTZBU1ZIUnJaajNINDR0eUo0cUtyaE0zT295RDVja0grbjU2ejNITUF4OU04WHd3aWQ0UlVJNkV0Z2RuZWYrSGdvbjllQ0Q0RzVBRWhnYnliaWJNUzh4RFlrQnhMeWdQb1NrT1ZnZlh1TVBnZWFMajlpdlFnb09LaGxieGwxdS9sM3RuMjdsbTRpVmZZanZiTVJGbDZZWXY0Y1BFdHVrelhycnY0ZGZ2blRaZ2dQenhWU0hCUmNOaFV0SmMveUVXbUNGTkNBMW9sSXhyU1FkQnJ3TmFtNHZUVHdIRngrYTNzTW1lZWVxdURLZTMwdmNBbUw4ZkJTckY1YmdNWTA0TXNyZ3ZVY3MxYk51clN1RHM5MlpIWHdoRHBuSytFdGNMc0ZYL2xjNzRPcXY5K1NCTDFRemtsT29GVE0yWEJ4dTVFakZQY0h2ckJZZWF6bk56RFJzelZUYWxFVThWKzZ2L1FSdFJsSDlzei9ReEJQOUZZdXBobG5YbVAwYWhwWnB4U2pvejVzUzE5OWYwc2RYNk5Od0tDQlVPVzJvV3FWZ1NEOG9SQUllQnVocDBaM3JaWlZ2QlU2Mm1WN1lpK3hybE5mSEgyYjJxb09VaTdOYTVGUG5ONHhPMHo2RXZTcTJEVkhDUFBCUGNFeUtQNHp2Z3lmTTI4cGRpR1NsclhJbW9rdHRIMGRxN1hCY2o3aEJ0ZUdvYnJ4dnJMbFcxSldSejNLbS9ubmR3S3B0d3VtNWdxRjlOYWFQbEpZek5KSDJSM2hraHdWY0YyMDVZQVdrUDB1a2E4UGVjQkpnYXdPcDJVallPbnlVU1NtK0ZwM0JRSjBhcnA4; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 06:54:28 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=cU5FVU50bHBZczA1T3VoNFZaN3p3b0ZSdjNoeW1zNUkzdGNBSnh3cno4K2FKM0YyUzZMS3ZQaHVKYU1nSkJDWDYyRnZmcVFudHdKNmdPaUFHejJnaWl2SkY0OUhnTHVHRUVSYnVHS293eDQ9; domain=minently.com; path=/; expires=Wed, 28-Aug-2019 07:59:29 UTC; Secure SERVERID=sfc37; path=/
strict-transport-security
max-age=31536000; includeSubDomains;

Redirect headers

status
302
server
nginx/1.17.0
date
Wed, 28 Aug 2019 06:54:27 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=7452c3859a458214c743e4899e74ef57&ext1=dvx
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
strict-transport-security
max-age=31536000; includeSubDomains
456926
pop.bid/go/216668/ 		0
0
456926
pop.bid/go/216668/ 		466 B
513 B 		Document
General
Check archive.org
Download Go to
Full URL
http://pop.bid/go/216668/456926
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=7452c3859a458214c743e4899e74ef57&ext1=dvx
Protocol
HTTP/1.1
Server
52.0.152.125 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-152-125.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5f3a9b3e52006300565f806ab801fc8f51739ffb8f6293d424f852a4cbd1928d

Request headers

Host
pop.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/

Response headers

Date
Wed, 28 Aug 2019 06:54:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip
Cookie set /
core.royalads.net/click/
Redirect Chain
  • http://pop.bid/ad/ad?p=216668&w=456926&t=294b4f434e19aca8&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926
824 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926
Requested by
Host: pop.bid
URL: http://pop.bid/go/216668/456926
Protocol
HTTP/1.1
Server
151.80.221.9 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
core.royalads.net
Software
nginx /
Resource Hash
b595a39cf055ce3a7450a644929df9baf6e058437eb7f75614d1782bd9342f49

Request headers

Host
core.royalads.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://pop.bid/go/216668/456926
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pop.bid/go/216668/456926

Response headers

Server
nginx
Date
Wed, 28 Aug 2019 06:54:31 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
cflag=127;Domain=core.royalads.net;Path=/
Content-Encoding
gzip

Redirect headers

Date
Wed, 28 Aug 2019 06:54:30 GMT
Content-Type
text/html; charset=utf-8
Content-Length
114
Connection
keep-alive
Server
nginx
Location
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926
465699
ps.popcash.net/go/79141/
Redirect Chain
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926&ref=http%3A%2F%2Fpop.bid%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=yDD7Po4Vfq7hf8pR&ven=&ver=&iif=0
  • http://popcash.net/world/go/79141/465699
  • http://ps.popcash.net/go/79141/465699
469 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/79141/465699
Requested by
Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&var=456926
Protocol
HTTP/1.1
Server
3.222.112.72 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-222-112-72.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9d6e620e8eff593908d0b6b547193850d3c1f66a366e836f15cef20ca9da1f70

Request headers

Host
ps.popcash.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://core.royalads.net/
Accept-Encoding
gzip, deflate
Cookie
__cfduid=daafef3f1454ea1e0d760e7375f87ab991566975271
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://core.royalads.net/

Response headers

Date
Wed, 28 Aug 2019 06:54:39 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Wed, 28 Aug 2019 06:54:31 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Set-Cookie
__cfduid=daafef3f1454ea1e0d760e7375f87ab991566975271; expires=Thu, 27-Aug-20 06:54:31 GMT; path=/; domain=.popcash.net; HttpOnly
Location
http://ps.popcash.net/go/79141/465699
Server
cloudflare
CF-RAY
50d45fd56baacba8-VIE
Cookie set /
ssl3.keelbeel.com/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=79141&w=465699&t=c2988c860c65aeca&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200
  • http://usd.odysseus-nua.com/zcvisitor/b45b0c70-c960-11e9-abfa-125ac74fe6d2?campaignid=21b02750-a5e0-11e8-86aa-0e41d0acbc1a
  • https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/79141/465699
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.233.4 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
ssl3.keelbeel.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ps.popcash.net/go/79141/465699
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ps.popcash.net/go/79141/465699

Response headers

Date
Wed, 28 Aug 2019 06:54:44 GMT
Server
Apache
Refresh
2; url=https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d&step=3&fallback=1
Set-Cookie
uid=15669752848552483115d6625341fe57; expires=Sat, 22-Aug-2020 06:54:44 GMT; Max-Age=31104000 test=1; expires=Wed, 28-Aug-2019 08:54:44 GMT; Max-Age=7200 sources=a%3A1%3A%7Bi%3A0%3Bs%3A14%3A%22vitellary-lion%22%3B%7D; expires=Thu, 29-Aug-2019 06:54:44 GMT; Max-Age=86400 targets=a%3A1%3A%7Bi%3A0%3Bs%3A19%3A%22sierra-fil-2ifc70o8%22%3B%7D; expires=Thu, 29-Aug-2019 06:54:44 GMT; Max-Age=86400
Keep-Alive
timeout=5, max=3000
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 28 Aug 2019 06:54:40 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location
https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d
Server
ZeroPark-Traffic
Cookie set /
ssl3.keelbeel.com/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d&step=2
Requested by
Host: ssl3.keelbeel.com
URL: https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.233.4 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache /
Resource Hash
cf0c2ee91610c0c7f2d759912a34b895ad7828371b9e7cb851d74a0175d13d1c

Request headers

Host
ssl3.keelbeel.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Cookie
uid=15669752848552483115d6625341fe57; test=1; sources=a%3A1%3A%7Bi%3A0%3Bs%3A14%3A%22vitellary-lion%22%3B%7D; targets=a%3A1%3A%7Bi%3A0%3Bs%3A19%3A%22sierra-fil-2ifc70o8%22%3B%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

Date
Wed, 28 Aug 2019 06:54:44 GMT
Server
Apache
Refresh
3; url=https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d&step=2&fallback=1
Set-Cookie
uid=15669752848552483115d6625341fe57; expires=Sat, 22-Aug-2020 06:54:44 GMT; Max-Age=31104000
Keep-Alive
timeout=5, max=2999
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
count_targets.php
www.keelbeel.com/stats/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.keelbeel.com/stats/count_targets.php?adv=&keyword=arts+entertainment+movies+music+men+women+games&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c=be&gc_country=be&cid=zrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d&php_referer=&php_url=https%3A%2F%2Fssl3.keelbeel.com%2F%3Fc%3Dbe%26s%3Dvitellary-lion%26t%3Dsierra-fil-2ifc70o8%26c_id%3D21b02750-a5e0-11e8-86aa-0e41d0acbc1a%26c_name%3DBE_RSL_Grenads_RON%26c_keyword%3Darts%2Bentertainment%2Bmovies%2Bmusic%2Bmen%2Bwomen%2Bgames%26c_domain%3D465699.popcash.net%26match%3D%26url%3Dhttp%253A%252F%252Fclic.grenads.com%252F%253Fcountry%253Dbe%2526command%253Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d%26step%3D2&js_referer=&js_url=https%3A%2F%2Fssl3.keelbeel.com%2F%3Fc%3Dbe%26s%3Dvitellary-lion%26t%3Dsierra-fil-2ifc70o8%26c_id%3D21b02750-a5e0-11e8-86aa-0e41d0acbc1a%26c_name%3DBE_RSL_Grenads_RON%26c_keyword%3Darts%2Bentertainment%2Bmovies%2Bmusic%2Bmen%2Bwomen%2Bgames%26c_domain%3D465699.popcash.net%26match%3D%26url%3Dhttp%253A%252F%252Fclic.grenads.com%252F%253Fcountry%253Dbe%2526command%253Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d%26step%3D2&f=2
Requested by
Host: ssl3.keelbeel.com
URL: https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.233.4 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Aug 2019 06:54:44 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
clic.grenads.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clic.grenads.com/?country=be&command=zrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d
Requested by
Host: ssl3.keelbeel.com
URL: https://ssl3.keelbeel.com/?c=be&s=vitellary-lion&t=sierra-fil-2ifc70o8&c_id=21b02750-a5e0-11e8-86aa-0e41d0acbc1a&c_name=BE_RSL_Grenads_RON&c_keyword=arts+entertainment+movies+music+men+women+games&c_domain=465699.popcash.net&match=&url=http%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.233.16 , France, ASN12876 (AS12876, FR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
clic.grenads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

Date
Wed, 28 Aug 2019 06:54:44 GMT
Server
Apache
refresh
3; url=https://be-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1566975285086&.sig=m4TV0YBBBlTegianyvXiMfA1Snc-&affiliationId=96950167&catId=138201&comId=100497628&contextLevel=1&contextOfferPosition=42&contextPageSize=50&country=be&ecs=ok&merchantid=100497628&offerId=55fde981e290ce3b3c28eeef6117f23c&searchId=1076992079442_1566975285045_9813&searchQuery=&service=5&wait=true&custom1=be_zendart-design
Keep-Alive
timeout=5, max=3000
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set go
be-go.kelkoogroup.net/
Redirect Chain
  • https://be-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1566975285086&.sig=m4TV0YBBBlTegianyvXiMfA1Snc-&affiliationId=96950167&catId=138201&comId=100497628&contextLevel=1&contextOfferPosition=42&cont...
  • https://be-go.kelkoogroup.net/go?country=be&k=c17477a46a628db0f34a4353947e27a26fd84a603a4086c0fcef018ecf3467201951a26365b60f10c242aa428f37a259278527f2b29da3709437c412781cbb1a8d0598a668c3ecdb2e0f202...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be-go.kelkoogroup.net/go?country=be&k=c17477a46a628db0f34a4353947e27a26fd84a603a4086c0fcef018ecf3467201951a26365b60f10c242aa428f37a259278527f2b29da3709437c412781cbb1a8d0598a668c3ecdb2e0f202858bb2625ffb38d7b47dfa69b40ef190d9165f3a8145917f0787913244800c91d28b8428419c9fb27506704f6e621f7d185ac6a8bbe840e631f915e598fa88685961d9eb0b6c622355e19c93c018d559a7ebad65b2eca25f0668e63be7c0089197ec6ca8e4aef52b14b6b2b17fa48556215d1eaea093ea4adaea754c14faf0e8281e9f98201c90d096e19a53fcf675aa9758dc3bd1acb9b03d9c114d98159d7b04394d9d1956b3216727d603c6bbd15181eccb88bdd780e26fb1f518cdb646520c894b880b4d42016597a6be8d39fb9d73a5b178253c9ef5f01c4128ff32528697b3a86d32638b4719da980cf4d6f98e729d0afd1ab93f5793e7140dab6755ae700d5d38503b56a192fcac9b45325d97071fef76f4d6feeafb2eb9bd2edf524175925474f2e0e3b00b5f398fd79c601d9e985f733a1ac7c4060afd4c19d82a81e700f6546dad24a980ecdf9d17f48971e6bfa53e5&o=
Requested by
Host: clic.grenads.com
URL: https://clic.grenads.com/?country=be&command=zrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-go-vip.kelkoo.com
Software
/
Resource Hash

Request headers

Host
be-go.kelkoogroup.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://clic.grenads.com/?country=be&command=zrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d
Accept-Encoding
gzip, deflate, br
Cookie
referer=https%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://clic.grenads.com/?country=be&command=zrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d

Response headers

Date
Wed, 28 Aug 2019 06:54:48 GMT
leadId
dc1-kls-prod-srv-05.prod.dc1.kelkoo.net_1566975288405_693263
clickId
10769939_1566975288361_771428
country
be
sentToLG
false
Request-Time
10
X-Robots-Tag
noindex,nofollow
Content-Type
text/html; charset=UTF-8
Content-Length
1735
Set-Cookie
kelkooID=a4c62ee-16cd7016455-66b12; Max-Age=31536000; Expires=Thu, 27 Aug 2020 06:54:48 GMT; Path=/; Domain=kelkoogroup.net; HTTPOnly lastSearchedKeyword=a3dkPVTDqnRlIFNUUlVDVFVSRVMgUzcgbWluaXx0cz0xNTY2OTc1Mjg4NDA2fGNhdElkPTEzODIwMXxjb21JZD0xMDA0OTc2Mjg=; Max-Age=31536000; Expires=Thu, 27 Aug 2020 06:54:48 GMT; Path=/; Domain=kelkoogroup.net; HTTPOnly
P3P
CP="Anything"
ApacheTracking
localhost
Keep-Alive
timeout=40, max=98
Connection
Keep-Alive

Redirect headers

Date
Wed, 28 Aug 2019 06:54:48 GMT
clickId
10769939_1566975288361_771428
country
be
Location
/go?country=be&k=c17477a46a628db0f34a4353947e27a26fd84a603a4086c0fcef018ecf3467201951a26365b60f10c242aa428f37a259278527f2b29da3709437c412781cbb1a8d0598a668c3ecdb2e0f202858bb2625ffb38d7b47dfa69b40ef190d9165f3a8145917f0787913244800c91d28b8428419c9fb27506704f6e621f7d185ac6a8bbe840e631f915e598fa88685961d9eb0b6c622355e19c93c018d559a7ebad65b2eca25f0668e63be7c0089197ec6ca8e4aef52b14b6b2b17fa48556215d1eaea093ea4adaea754c14faf0e8281e9f98201c90d096e19a53fcf675aa9758dc3bd1acb9b03d9c114d98159d7b04394d9d1956b3216727d603c6bbd15181eccb88bdd780e26fb1f518cdb646520c894b880b4d42016597a6be8d39fb9d73a5b178253c9ef5f01c4128ff32528697b3a86d32638b4719da980cf4d6f98e729d0afd1ab93f5793e7140dab6755ae700d5d38503b56a192fcac9b45325d97071fef76f4d6feeafb2eb9bd2edf524175925474f2e0e3b00b5f398fd79c601d9e985f733a1ac7c4060afd4c19d82a81e700f6546dad24a980ecdf9d17f48971e6bfa53e5&o=
Request-Time
1
X-Robots-Tag
noindex,nofollow
Content-Length
0
Set-Cookie
referer=https%3A%2F%2Fclic.grenads.com%2F%3Fcountry%3Dbe%26command%3Dzrb45b0c70c96011e9abfa125ac74fe6d2cc029a1ed0844b228a567a889412daee04080633bd635b853d; Max-Age=31536000; Expires=Thu, 27 Aug 2020 06:54:48 GMT; Path=/; Domain=kelkoogroup.net; HTTPOnly
P3P
CP="Anything"
ApacheTracking
localhost
Keep-Alive
timeout=40, max=99
Connection
Keep-Alive
Content-Type
text/plain
offersearchGo
fr-go.kelkoogroup.net/ctl/go/
Redirect Chain
  • https://be-go.kelkoogroup.net/redirect?country=be&k=612f7a9541cd6ea61eb554c0e4cff4373e38ceddede2ace562536b637b1e61f4d61ef527334c0a316d42f3aa072726f1a3f2d39fbaa2933c10a03ff4a32d061469ba8279f35e36427...
  • https://fr-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1566870083979&.sig=C6oa.qW.oMSuZOGcllagtcKH.SA-&affiliationId=96957261&catId=138201&comId=100453912&contextLevel=2&country=fr&localCatId=13820...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pop.bid
URL
http://pop.bid/go/216668/456926?
Domain
fr-go.kelkoogroup.net
URL
https://fr-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1566870083979&.sig=C6oa.qW.oMSuZOGcllagtcKH.SA-&affiliationId=96957261&catId=138201&comId=100453912&contextLevel=2&country=fr&localCatId=138201&offerId=0f25d19d5d1050acf659ddae29a82a49&searchId=null&service=11&wait=true

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
ssl3.keelbeel.com/ Name: sources
Value: a%3A1%3A%7Bi%3A0%3Bs%3A14%3A%22vitellary-lion%22%3B%7D
ssl3.keelbeel.com/ Name: test
Value: 1
ssl3.keelbeel.com/ Name: targets
Value: a%3A1%3A%7Bi%3A0%3Bs%3A19%3A%22sierra-fil-2ifc70o8%22%3B%7D
ssl3.keelbeel.com/ Name: uid
Value: 15669752848552483115d6625341fe57

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN