nl-go.kelkoogroup.net
Open in
urlscan Pro
95.211.116.26
Public Scan
Submitted URL: http://oraleys.com/
Effective URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437122b3460de417287fe57bb0cb5a91edbc68ef1bf59...
Submission: On March 07 via api from US — Scanned from NL
Effective URL: https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437122b3460de417287fe57bb0cb5a91edbc68ef1bf59...
Submission: On March 07 via api from US — Scanned from NL
Summary
This website contacted 10 IPs
in 4 countries
across 8 domains to perform 19 HTTP transactions.
The main IP is 95.211.116.26, located in
Netherlands and
belongs to LEASEWEB-NL-AMS-01 Netherlands, NL.
The main domain is nl-go.kelkoogroup.net.
TLS certificate: Issued by Thawte RSA CA 2018 on August 25th 2022. Valid for: a year.
This is the only time nl-go.kelkoogroup.net was scanned on urlscan.io!
TLS certificate: Issued by Thawte RSA CA 2018 on August 25th 2022. Valid for: a year.
This is the only time nl-go.kelkoogroup.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2a06:98c1:312... 2a06:98c1:3120::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 2 | 52.116.53.155 52.116.53.155 | 36351 (SOFTLAYER) (SOFTLAYER) | |
| 1 1 | 2606:4700:303... 2606:4700:3031::6815:52b0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 3.126.48.135 3.126.48.135 | 16509 (AMAZON-02) (AMAZON-02) | |
| 4 | 95.211.116.26 95.211.116.26 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
| 1 | 18.66.147.28 18.66.147.28 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 18.194.14.91 18.194.14.91 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 13.32.121.25 13.32.121.25 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 2600:9000:225... 2600:9000:2251:4800:7:c516:5a80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 18.66.122.11 18.66.122.11 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 34.118.68.136 34.118.68.136 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 19 | 10 |
2
52.116.53.155
(United States)
ASN36351 (SOFTLAYER, US)
PTR: 9b.35.7434.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: 9b.35.7434.ip4.static.sl-reverse.com
| mybettermb.com | |
| p374591.mybettermb.com |
2
3.126.48.135
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
| arveaoy.com |
4
95.211.116.26
(Netherlands)
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
| nl-go.kelkoogroup.net |
1
18.66.147.28
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-28.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-28.fra60.r.cloudfront.net
| ct.captcha-delivery.com |
1
18.194.14.91
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-14-91.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-14-91.eu-central-1.compute.amazonaws.com
| geo.captcha-delivery.com |
2
13.32.121.25
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-25.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-25.fra60.r.cloudfront.net
| dd.prod.captcha-delivery.com |
3
2600:9000:2251:4800:7:c516:5a80:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| static.captcha-delivery.com |
1
18.66.122.11
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-11.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-11.fra60.r.cloudfront.net
| js.datadome.co |
1
34.118.68.136
(Warsaw, Poland)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 136.68.118.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 136.68.118.34.bc.googleusercontent.com
| api-js.datadome.co |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
captcha-delivery.com
ct.captcha-delivery.com — Cisco Umbrella Rank: 30514 geo.captcha-delivery.com — Cisco Umbrella Rank: 24843 dd.prod.captcha-delivery.com — Cisco Umbrella Rank: 55592 static.captcha-delivery.com — Cisco Umbrella Rank: 29973 |
142 KB |
| 4 |
kelkoogroup.net
nl-go.kelkoogroup.net dd.kelkoogroup.net Failed |
31 KB |
| 2 |
datadome.co
js.datadome.co — Cisco Umbrella Rank: 5478 api-js.datadome.co — Cisco Umbrella Rank: 4309 |
55 KB |
| 2 |
arveaoy.com
arveaoy.com |
4 KB |
| 2 |
mybettermb.com
1 redirects
mybettermb.com — Cisco Umbrella Rank: 89242 p374591.mybettermb.com — Cisco Umbrella Rank: 674401 |
1 KB |
| 1 |
geotrkclknow.com
1 redirects
geotrkclknow.com — Cisco Umbrella Rank: 881621 |
594 B |
| 1 |
oraleys.com
1 redirects
oraleys.com |
2 KB |
| 0 |
google-analytics.com
Failed
www.google-analytics.com Failed |
|
| 19 | 8 |
| Domain | Requested by | |
|---|---|---|
| 4 | nl-go.kelkoogroup.net |
nl-go.kelkoogroup.net
|
| 3 | static.captcha-delivery.com |
geo.captcha-delivery.com
|
| 2 | dd.prod.captcha-delivery.com |
geo.captcha-delivery.com
|
| 2 | arveaoy.com |
p374591.mybettermb.com
|
| 1 | api-js.datadome.co |
js.datadome.co
|
| 1 | js.datadome.co |
geo.captcha-delivery.com
|
| 1 | geo.captcha-delivery.com |
ct.captcha-delivery.com
|
| 1 | ct.captcha-delivery.com |
nl-go.kelkoogroup.net
|
| 1 | geotrkclknow.com | 1 redirects |
| 1 | p374591.mybettermb.com | |
| 1 | mybettermb.com | 1 redirects |
| 1 | oraleys.com | 1 redirects |
| 0 | www.google-analytics.com Failed |
nl-go.kelkoogroup.net
|
| 0 | dd.kelkoogroup.net Failed |
nl-go.kelkoogroup.net
|
| 19 | 14 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.mybettermb.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-02 - 2023-11-02 |
a year | crt.sh |
| arveaoy.com R3 |
2023-01-11 - 2023-04-11 |
3 months | crt.sh |
| *.kelkoogroup.net Thawte RSA CA 2018 |
2022-08-25 - 2023-09-25 |
a year | crt.sh |
| *.captcha-delivery.com Amazon RSA 2048 M02 |
2023-02-23 - 2023-10-23 |
8 months | crt.sh |
| dd.prod.captcha-delivery.com Amazon RSA 2048 M01 |
2023-02-24 - 2023-05-26 |
3 months | crt.sh |
| *.datadome.co Gandi Standard SSL CA 2 |
2022-10-13 - 2023-10-21 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437122b3460de417287fe57bb0cb5a91edbc68ef1bf590fff683b7ed9a35f05da91d7693df54055aa8a63e422a274587d50b1296cbeb1831b089bf9f635ea6fcc383efe55b1794adc7c4d902c66a4a9472cd465181b668167697b951e720d80a22c606d7bc1c1d12a3265930dc636ea28b42949bb9322875edb24addd11510ff911ba7533ea720a91f9533ed41b80ace5140d4dc14ccb6a40d6f7c7fd8170041a679c9375c08a701f0eeb49f769a94bca658dbd0b54a9e351ac8961ee72e8221fee6010c69582be77cbc414a223d9891b82&url=https%3A%2F%2Fwww.johnbeerens.com%2F%3Fkk%3Da4c6295-186be23162f-20fe29%26channable%3D02aa8669640032393533305d%26149%3D2175%23149%3D2175%26utm_source%3Dkelkoonl%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DBumble%2Band%2BBumble%2BBumble%2Band%2Bbumble%2BFull&initiator=timeout
Frame ID: 096F667DE01F9F6643B823958D85432B
Requests: 10 HTTP requests in this frame
Frame:
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAf1lDQG6sTkcAH8yYlg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=5g~zuxq3U~BHVqgFsRjaKXEOHtcYJ4ZHcpq0gIJBROETV3gQtRZLAJn~P~3djXjC1A0-aDE9NREPDeT56DZa4mkXoj6vLo7D_VwlX7ZHNYWm~h5EUf-XY8I6y2WJNH_h&t=fe&referer=https%3A%2F%2Fnl-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dnl%26k%3D612f7a9541cd6ea61eb554c0e4cff437122b3460de417287fe57bb0cb5a91edbc68ef1bf590fff683b7ed9a35f05da91d7693df54055aa8a63e422a274587d50b1296cbeb1831b089bf9f635ea6fcc383efe55b1794adc7c4d902c66a4a9472cd465181b668167697b951e720d80a22c606d7bc1c1d12a3265930dc636ea28b42949bb9322875edb24addd11510ff911ba7533ea720a91f9533ed41b80ace5140d4dc14ccb6a40d6f7c7fd8170041a679c9375c08a701f0eeb49f769a94bca658dbd0b54a9e351ac8961ee72e8221fee6010c69582be77cbc414a223d9891b82%26url%3Dhttps%253A%252F%252Fwww.johnbeerens.com%252F%253Fkk%253Da4c6295-186be23162f-20fe29%2526channable%253D02aa8669640032393533305d%2526149%253D2175%2523149%253D2175%2526utm_source%253Dkelkoonl%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_term%253DBumble%252Band%252BBumble%252BBumble%252Band%252Bbumble%252BFull%26initiator%3Dtimeout&s=35103&e=a69d2b3c11b17c51bd22ca8dd524a8d8deff5682b9e18f9633a8f1a2fb4e21e9
Frame ID: 1FC790348E177EB37EB029E3886B1A20
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
kelkoogroup.netPage URL History Show full URLs
-
http://oraleys.com/
HTTP 302
https://mybettermb.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oLQQbK9sgQOBWt3Q5wgRfquV3SqZv4h... HTTP 302
https://p374591.mybettermb.com/adServe/domainClick?ai=8t_YSst-khTgkIiA47RHXja04x5YXzBOeB6uA4PYW2L867UhjQK3l... Page URL
-
https://geotrkclknow.com/rot/YceGzrqeT7YJZQve?clickid=90098328337&bid=0.0025&source=443287394
HTTP 302
https://arveaoy.com/click?trvid=33370&clickid=90098328337&bid=0.0025&source=443287394 Page URL
- https://arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL25sLWdvLmtlbGtvb2dyb3VwLm5ldC9wZXJtYW5lbnR... Page URL
- https://nl-go.kelkoogroup.net/permanentLinkGo?country=nl&id=e4f16dda-03eb-11eb-bf21-ba5ec25d7100&merchantU... Page URL
- https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437122b3460de417287fe57bb... Page URL
Detected technologies
Datadome
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://oraleys.com/
HTTP 302
https://mybettermb.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oLQQbK9sgQOBWt3Q5wgRfquV3SqZv4hOZKMW666yO9BJ6C1H2g0f_zXlVR_iJrSaT2hvzYfNFjJsKn06qgcpL4cMekvHstgT9yoXj-_RA3t99KvxRhlTspZcZTps4EeX4d50KEGVbR9VHB2Os-U9iuzRU_-GUXMnGI-CJs2G8W8FOe10Mi8lHeGnmSUOi0_Fle1UPIO5Fq8qQTv6x0fFQbvjcIiZUK8qJvn6CJks9_9TXqCey34M1qp5mZ-6xAv93pnU8B9UAMbOlk6IMGxkyrce0SS0mKHnUkfIVDTLurF-tBHItnXhTp8JAbzu2G6C__JBAQ-90hPPWFLv96R8YI3NRe8WzxcfmjWwXp6GVOXBqWpjXo-Visr281eNxWc5a8ji4ImVqQU1kNnRfwZMpCu-61oInKWPaUALejgls0FsvqFlNL-Wf97EYTQT_gpG12v7xZzXX29QE2Il7dvWZPxEmMt4iiZPV73Oo04zSlhr4uFAw7vk2NJXggyoofct_v_f3HwwBn46Y-cKq-7Us3mlrkTi8J3H4-5_AS_o0_f2OgzX0PPvUp53re-6KKDK-FxGht0GAIVFpQ2zj3VWHtvo5PKC9ggRYCOyV5jg-TF35wBW5fwcTPEVkR8RR6iFCjQuF9BZ1wAdfLyr3ktqCTJeq3za5kFqBSsF3gnEzx90hrtFc8dc5AMCW0rWa9Y7LvShGxL5bKCXosue9jmbNFXNWCUbX-0gf1f3zmREQChrU7ZaQGwaQEYFLr6DF80Dn3SKJP-YoBcR3G5t53-injUOLjUi6vy7U24SPkDFYSjsLzaeNVJKSP7PyGCOq4F_F8Gpq7mmd4k8ykY6xOeCfurNteskzua_MSJA-1dwlN5xCBfTSKA4VxWSWaUm5XWmxUFNbaWJ1UGS4Ws-4x5gp0FnWv4tmHLA4YwGJDjSpMhP0T1fcBhCwKkASfel2cZKhCkdMDsrP1-j3iYqdNQvLa15CBN6w_2GHEYNEdYbi5ZYgJcbCgfywccgzFgxHCKxLJbhQpVcshSAOragiVpSF7j4l4po_srV7CCYXHFyN-XaNaNGUFq_Mhn055gZV-wDaTELE2HVa0m1IDd7JLY_2oBerxMcIMxGZ8Dd6khgw1xiwesPRi7vVqxubK0UuDvUH2ywQQSsXxG9wlrNdk2cXBtLe7RPc5jXNDCDSZogtdp53-XGMgc5D5vWUceTel07RzQoftLpsXFLwD-RtqD0DhJ0QYkntRx6G53HG6IKd785fmlVnfNFcSHX8aq0rEHVKk4X7wdGttzXcYbTpTUMPEJW3nWMGo8srLhWrKOpri0aHgcm6cqkr2IRaCLgCDWd7gd0ZJyW6U7uplkkLEB146pQ HTTP 302
https://p374591.mybettermb.com/adServe/domainClick?ai=8t_YSst-khTgkIiA47RHXja04x5YXzBOeB6uA4PYW2L867UhjQK3l9HEikzkaI1XAryxzNTIb8UDPia90PSftPk9AL42zsfRQ_iKEYlo5heDNUOjKBe3mbJV_vrcuzaBZT4gk-eVXV_uLljrvxIndWGu5pO1GKRhjs7k7G4PeStzLgJcWpOlRHikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2upxzf5dlqQp8-xMV99RRwgmB9_bJZGHAHPEcH_5IZLpRX7SXsGEDQB4&ui=4mm7HB0T_jnQKo9BxOvwg1CDPzYxHsT5tsY9AQadO5vC5iZabv3OQnI5hLc-eSJQq3rkU3RSFKBUEIZbLDvoMNF6ZsWYpIbI4iQbHi-JbDRTxcSGN7ukFXbTQpukYQUp&si=1&oref=d8ad8dedf80559426d6b618ab3b4230b&optunit=GG06U1DDxCXomJ5wtw7vIA&rb=oAj0wwk7Eag&rr=1&isco=t&abtg=0 Page URL
-
https://geotrkclknow.com/rot/YceGzrqeT7YJZQve?clickid=90098328337&bid=0.0025&source=443287394
HTTP 302
https://arveaoy.com/click?trvid=33370&clickid=90098328337&bid=0.0025&source=443287394 Page URL
- https://arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL25sLWdvLmtlbGtvb2dyb3VwLm5ldC9wZXJtYW5lbnRMaW5rR28_Y291bnRyeT1ubFx1MDAyNmlkPWU0ZjE2ZGRhLTAzZWItMTFlYi1iZjIxLWJhNWVjMjVkNzEwMFx1MDAyNm1lcmNoYW50VXJsPWh0dHBzJTNBJTJGJTJGd3d3LmpvaG5iZWVyZW5zLmNvbVx1MDAyNmN1c3RvbTE9M2tkZ2VpMXd2c2l6IiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ== Page URL
- https://nl-go.kelkoogroup.net/permanentLinkGo?country=nl&id=e4f16dda-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.johnbeerens.com&custom1=3kdgei1wvsiz Page URL
- https://nl-go.kelkoogroup.net/redirect?country=nl&k=612f7a9541cd6ea61eb554c0e4cff437122b3460de417287fe57bb0cb5a91edbc68ef1bf590fff683b7ed9a35f05da91d7693df54055aa8a63e422a274587d50b1296cbeb1831b089bf9f635ea6fcc383efe55b1794adc7c4d902c66a4a9472cd465181b668167697b951e720d80a22c606d7bc1c1d12a3265930dc636ea28b42949bb9322875edb24addd11510ff911ba7533ea720a91f9533ed41b80ace5140d4dc14ccb6a40d6f7c7fd8170041a679c9375c08a701f0eeb49f769a94bca658dbd0b54a9e351ac8961ee72e8221fee6010c69582be77cbc414a223d9891b82&url=https%3A%2F%2Fwww.johnbeerens.com%2F%3Fkk%3Da4c6295-186be23162f-20fe29%26channable%3D02aa8669640032393533305d%26149%3D2175%23149%3D2175%26utm_source%3Dkelkoonl%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DBumble%2Band%2BBumble%2BBumble%2Band%2Bbumble%2BFull&initiator=timeout Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://oraleys.com/ HTTP 302
- https://mybettermb.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oLQQbK9sgQOBWt3Q5wgRfquV3SqZv4hOZKMW666yO9BJ6C1H2g0f_zXlVR_iJrSaT2hvzYfNFjJsKn06qgcpL4cMekvHstgT9yoXj-_RA3t99KvxRhlTspZcZTps4EeX4d50KEGVbR9VHB2Os-U9iuzRU_-GUXMnGI-CJs2G8W8FOe10Mi8lHeGnmSUOi0_Fle1UPIO5Fq8qQTv6x0fFQbvjcIiZUK8qJvn6CJks9_9TXqCey34M1qp5mZ-6xAv93pnU8B9UAMbOlk6IMGxkyrce0SS0mKHnUkfIVDTLurF-tBHItnXhTp8JAbzu2G6C__JBAQ-90hPPWFLv96R8YI3NRe8WzxcfmjWwXp6GVOXBqWpjXo-Visr281eNxWc5a8ji4ImVqQU1kNnRfwZMpCu-61oInKWPaUALejgls0FsvqFlNL-Wf97EYTQT_gpG12v7xZzXX29QE2Il7dvWZPxEmMt4iiZPV73Oo04zSlhr4uFAw7vk2NJXggyoofct_v_f3HwwBn46Y-cKq-7Us3mlrkTi8J3H4-5_AS_o0_f2OgzX0PPvUp53re-6KKDK-FxGht0GAIVFpQ2zj3VWHtvo5PKC9ggRYCOyV5jg-TF35wBW5fwcTPEVkR8RR6iFCjQuF9BZ1wAdfLyr3ktqCTJeq3za5kFqBSsF3gnEzx90hrtFc8dc5AMCW0rWa9Y7LvShGxL5bKCXosue9jmbNFXNWCUbX-0gf1f3zmREQChrU7ZaQGwaQEYFLr6DF80Dn3SKJP-YoBcR3G5t53-injUOLjUi6vy7U24SPkDFYSjsLzaeNVJKSP7PyGCOq4F_F8Gpq7mmd4k8ykY6xOeCfurNteskzua_MSJA-1dwlN5xCBfTSKA4VxWSWaUm5XWmxUFNbaWJ1UGS4Ws-4x5gp0FnWv4tmHLA4YwGJDjSpMhP0T1fcBhCwKkASfel2cZKhCkdMDsrP1-j3iYqdNQvLa15CBN6w_2GHEYNEdYbi5ZYgJcbCgfywccgzFgxHCKxLJbhQpVcshSAOragiVpSF7j4l4po_srV7CCYXHFyN-XaNaNGUFq_Mhn055gZV-wDaTELE2HVa0m1IDd7JLY_2oBerxMcIMxGZ8Dd6khgw1xiwesPRi7vVqxubK0UuDvUH2ywQQSsXxG9wlrNdk2cXBtLe7RPc5jXNDCDSZogtdp53-XGMgc5D5vWUceTel07RzQoftLpsXFLwD-RtqD0DhJ0QYkntRx6G53HG6IKd785fmlVnfNFcSHX8aq0rEHVKk4X7wdGttzXcYbTpTUMPEJW3nWMGo8srLhWrKOpri0aHgcm6cqkr2IRaCLgCDWd7gd0ZJyW6U7uplkkLEB146pQ HTTP 302
- https://p374591.mybettermb.com/adServe/domainClick?ai=8t_YSst-khTgkIiA47RHXja04x5YXzBOeB6uA4PYW2L867UhjQK3l9HEikzkaI1XAryxzNTIb8UDPia90PSftPk9AL42zsfRQ_iKEYlo5heDNUOjKBe3mbJV_vrcuzaBZT4gk-eVXV_uLljrvxIndWGu5pO1GKRhjs7k7G4PeStzLgJcWpOlRHikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2upxzf5dlqQp8-xMV99RRwgmB9_bJZGHAHPEcH_5IZLpRX7SXsGEDQB4&ui=4mm7HB0T_jnQKo9BxOvwg1CDPzYxHsT5tsY9AQadO5vC5iZabv3OQnI5hLc-eSJQq3rkU3RSFKBUEIZbLDvoMNF6ZsWYpIbI4iQbHi-JbDRTxcSGN7ukFXbTQpukYQUp&si=1&oref=d8ad8dedf80559426d6b618ab3b4230b&optunit=GG06U1DDxCXomJ5wtw7vIA&rb=oAj0wwk7Eag&rr=1&isco=t&abtg=0
- https://geotrkclknow.com/rot/YceGzrqeT7YJZQve?clickid=90098328337&bid=0.0025&source=443287394 HTTP 302
- https://arveaoy.com/click?trvid=33370&clickid=90098328337&bid=0.0025&source=443287394
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
domainClick
p374591.mybettermb.com/adServe/ Redirect Chain
|
289 B 598 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
click
arveaoy.com/ Redirect Chain
|
1 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
double
arveaoy.com/ |
866 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
permanentLinkGo
nl-go.kelkoogroup.net/ |
27 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p.png
nl-go.kelkoogroup.net/assets/images/ |
68 B 544 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
tags.js
dd.kelkoogroup.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
collect
www.google-analytics.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
fp
nl-go.kelkoogroup.net/ |
0 450 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
redirect
nl-go.kelkoogroup.net/ |
586 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c.js
ct.captcha-delivery.com/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
geo.captcha-delivery.com/captcha/ Frame 1FC7 |
322 KB 66 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
84ce04738132da90c4aa1f778672ab9b.jpg
dd.prod.captcha-delivery.com/image/2023-03-07/ Frame 1FC7 |
14 KB 15 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
84ce04738132da90c4aa1f778672ab9b.frag.png
dd.prod.captcha-delivery.com/image/2023-03-07/ Frame 1FC7 |
6 KB 7 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.css
static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame 1FC7 |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-face.css
static.captcha-delivery.com/common/fonts/roboto/ Frame 1FC7 |
287 B 619 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading_spinner.gif
static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame 1FC7 |
44 KB 44 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tags.js
js.datadome.co/ Frame 1FC7 |
268 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 1FC7 |
707 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 1FC7 |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 1FC7 |
634 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 1FC7 |
308 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
d124c7c4-b26e-40a9-8028-35e5d6a930e1
https://geo.captcha-delivery.com/ Frame 1FC7 |
251 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
api-js.datadome.co/js/ Frame 1FC7 |
240 B 433 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dd.kelkoogroup.net
- URL
- https://dd.kelkoogroup.net/tags.js
- Domain
- www.google-analytics.com
- URL
- https://www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fnl-go.kelkoogroup.net%2FpermanentLinkGo%3Fcountry%3Dnl%26id%3De4f16dda-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Fwww.johnbeerens.com%26custom1%3D3kdgei1wvsiz&dp=%2F%7C100519930%7C&ul=en-us&de=UTF-8&dt=U%20wordt%20doorgestuurd%20naar%20John%20Beerens&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAAABAAAAAC~&cid=1528390693.1678227216&tid=UA-168544891-12&_gid=2145205458.1678227216&_r=1&cd1=&cd2=62A001GTZ265HS8QZ7VRRCJYGP6VYQ&cd3=100519930&cd4=a4c6295-186be23162f-20fe29&cd5=&cd6=%7C100519930%7C&z=437519485
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| dd undefined| isIframeLoaded undefined| maxTimeoutMs undefined| initialTime function| iframeOnload8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mybettermb.com/ | Name: rhid Value: 82950319791 |
|
| .mybettermb.com/ | Name: loi Value: ad_1428321_off_871258_aff_14470_cid_374591-ORALEYS.COM_ts_1678227214 |
|
| arveaoy.com/ | Name: ClickDataNG Value: H4sIAAAAAAAA_1xU227bOBD9FWGAAC0gy6RkSY4Ko3BdtF3UCRabpHnZF0oc21zLpDCk5LqXf19Q1CbGPo2GczgXzjn6CQOSVUZDBTxhCYMY3KVDqFgMtq8f__tujB6QHEqodqK1GEPTqub4h4QKsqPco-LnwaofEIMUDqHiRblM0zLleQyNOHVC7bVHZ1lWshiU3fy5fslFxgmnzAgo0yyLgfoWvcdiIJSKsHF36A5GQpXHYE1PzRhfxtAKLZXeT-jJe6IWKoAYzG6H5GOcFQWLoSahm8MEHoMBenCus9V8rtvZ3iRHbI_G7Mn0XaLRzTukk9Co3Vbp42fzvjG9dnRZ6fbvnrG0UHKFix0vpBQzlmE94xzrWb1L-awWOTZpLkvOWACfkJqD0O6J2tVY9iZb36SfbtJP5_M5-cccdI1IqG3SmFO40vTWmRNf_e-pG2MdVCxhLM39Qw2o-7CvTlxM716H3PREqJsLVPD08BFi6EldTS1oQGEuvuB8XOx7R4OSq3FbUwv-WMnVLWO3yyxdZlkZArWSq9BC8MNyVotFli7L7HYBMahuLSWhtZ4tPEnZIuF5mvCcXQeLsLHeIq33qB1UcGd-qLYV8zxh0ZtnpaU52-j-MeIsYe-iZ6WLxbvoe7F4G627rsVnrL8qN8-zMsmK6M3XL4932zhq1RGjz9gczdtocyBzwjn3CZJ8seQJL8voQewEqeke-JfcISGFfiQOqsEXJRg_xNSK55f99qogP05N5mzHu6HWS4YPJLS8TnlnJLbXB_fihMFvQjnYGOoMeUF5yXRQgco-ekZGH5JvIwFGHkIF99ux733o5H7769eD6d0h-mJaLwmPVe4yhf4yziFJcQLPFELtNn67k2JI7ZXedldHjoS2ogkStVDpvm1jCKSE6ufEQwgsgBjwu0PSoh1_D1eEgRgGFlIOfLLpZLPJLiabT3ZixVBOdgkVvHLr9-9_AwAA___VufE8wwQAAA== |
|
| arveaoy.com/ | Name: ClickDataNgFall Value: H4sIAAAAAAAA_1xU227bOBD9FWGAAC0gy6RkSY4Ko3BdtF3UCRabpHnZF0oc21zLpDCk5LqXf19Q1CbGPo2GczgXzjn6CQOSVUZDBTxhCYMY3KVDqFgMtq8f__tujB6QHEqodqK1GEPTqub4h4QKsqPco-LnwaofEIMUDqHiRblM0zLleQyNOHVC7bVHZ1lWshiU3fy5fslFxgmnzAgo0yyLgfoWvcdiIJSKsHF36A5GQpXHYE1PzRhfxtAKLZXeT-jJe6IWKoAYzG6H5GOcFQWLoSahm8MEHoMBenCus9V8rtvZ3iRHbI_G7Mn0XaLRzTukk9Co3Vbp42fzvjG9dnRZ6fbvnrG0UHKFix0vpBQzlmE94xzrWb1L-awWOTZpLkvOWACfkJqD0O6J2tVY9iZb36SfbtJP5_M5-cccdI1IqG3SmFO40vTWmRNf_e-pG2MdVCxhLM39Qw2o-7CvTlxM716H3PREqJsLVPD08BFi6EldTS1oQGEuvuB8XOx7R4OSq3FbUwv-WMnVLWO3yyxdZlkZArWSq9BC8MNyVotFli7L7HYBMahuLSWhtZ4tPEnZIuF5mvCcXQeLsLHeIq33qB1UcGd-qLYV8zxh0ZtnpaU52-j-MeIsYe-iZ6WLxbvoe7F4G627rsVnrL8qN8-zMsmK6M3XL4932zhq1RGjz9gczdtocyBzwjn3CZJ8seQJL8voQewEqeke-JfcISGFfiQOqsEXJRg_xNSK55f99qogP05N5mzHu6HWS4YPJLS8TnlnJLbXB_fihMFvQjnYGOoMeUF5yXRQgco-ekZGH5JvIwFGHkIF99ux733o5H7769eD6d0h-mJaLwmPVe4yhf4yziFJcQLPFELtNn67k2JI7ZXedldHjoS2ogkStVDpvm1jCKSE6ufEQwgsgBjwu0PSoh1_D1eEgRgGFlIOfLLpZLPJLiabT3ZixVBOdgkVvHLr9-9_AwAA___VufE8wwQAAA== |
|
| .kelkoogroup.net/ | Name: kelkooID Value: a4c6295-186be23162f-20fe29 |
|
| .kelkoogroup.net/ | Name: _ga Value: GA1.2.1528390693.1678227216 |
|
| .kelkoogroup.net/ | Name: _gid Value: GA1.2.2145205458.1678227216 |
|
| .kelkoogroup.net/ | Name: datadome Value: 5g~zuxq3U~BHVqgFsRjaKXEOHtcYJ4ZHcpq0gIJBROETV3gQtRZLAJn~P~3djXjC1A0-aDE9NREPDeT56DZa4mkXoj6vLo7D_VwlX7ZHNYWm~h5EUf-XY8I6y2WJNH_h |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-js.datadome.co
arveaoy.com
ct.captcha-delivery.com
dd.kelkoogroup.net
dd.prod.captcha-delivery.com
geo.captcha-delivery.com
geotrkclknow.com
js.datadome.co
mybettermb.com
nl-go.kelkoogroup.net
oraleys.com
p374591.mybettermb.com
static.captcha-delivery.com
www.google-analytics.com
dd.kelkoogroup.net
www.google-analytics.com
13.32.121.25
18.194.14.91
18.66.122.11
18.66.147.28
2600:9000:2251:4800:7:c516:5a80:93a1
2606:4700:3031::6815:52b0
2a06:98c1:3120::c
3.126.48.135
34.118.68.136
52.116.53.155
95.211.116.26
0270c3c72ee7e14a08529b830abcb6673c0fe79606726b1b4089c6b55325bd47
03cd31e4d3c37c852aec70f0c5bb40641131ba56ea401ba48b7b5d4c68f3d39a
140d2b69ed38a0a2dfb547fd7a6970b184a0189e3088292d6e061cbf95b994bc
3e60979021e384209bd6adc873bd3e898e443a09f539288ffb5b9e3ec2e34046
5e300d75bbcb96edeec3c1997d2b10a4b6d3d688dbf9bcd9cda6049defe60c2b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
670415a9265c06166a9e53350ea09f416113752897f75323ddffcba7d5eaa434
8040b5d26a79af42785be9746f2fde3046549af8e3c8d0cf3f9a8970504a3862
8e4d54c14ce63d3e4d711fa10df5548453d50a56367bf3baecf3d0d691a054d7
926a1b696c1c9750e0ce2e24fe7980937ebe43db5076081ea1326c143dd91535
92e35c8c17554d7fe6dbdcbb15c93f85c196cdbcc15dc77fe5503402cfa0d7e7
a028b873ea59dce22f2ad131ec24bebe58b7bc37a1f1a46e9a027a4ed623097f
c54cb9a12083d46f17eeeaa0f3fd26a25405f489696bb1cdcd504bea1cf3b9a7
e2cdfd06386f3bf44cd9b2bf4b0157c2b9028e0e3e6aafab534e724fa95ef6a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61f74facc336635533cdb2ce8466af9dd5a4b06e261e3c9e43341bfd3d5f6d2
ed243a7fa712a26559089ad5eadb7bffb314357ac21966fe20f5cef1fb6355b1
fab79f1dfdc7b759da9e1c4d80169bc879352b47bf0cf9352e3eeaed39e55de7