urlscan.io logo urlscan.io
SecurityTrails logo

shareasale.com Open in urlscan Pro
104.16.226.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reeftechnlogy.com/
Effective URL: https://shareasale.com/r.cfm?b=223514&m=26748&u=2081315&afftrack=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1...
Submission: On August 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 21 HTTP transactions. The main IP is 104.16.226.72, located in and belongs to . The main domain is shareasale.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.
This is the only time shareasale.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 103.224.212.221 133618 (TRELLIAN-...)
1 5 103.224.182.206 133618 (TRELLIAN-...)
1 78.46.197.88 24940 (HETZNER-AS)
2 162.55.54.68 24940 (HETZNER-AS)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 143.204.215.100 16509 (AMAZON-02)
1 4 95.211.116.27 60781 (LEASEWEB-...)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.32.110.31 16509 (AMAZON-02)
1 104.16.226.72 ()
1 34.118.11.88 ()
21 11
2    103.224.212.221 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-221.above.com
reeftechnlogy.com
5    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redirc.com
1    78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com
2    162.55.54.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.54.55.162.clients.your-server.de
spidershopping.com
3    2606:4700:3034::6815:2953 (United States)

ASN13335 (CLOUDFLARENET, US)
shopbuttler.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3036::ac43:8065 (United States)

ASN13335 (CLOUDFLARENET, US)
www.smartredirect.de
1    143.204.215.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-100.fra53.r.cloudfront.net
api.kelkoogroup.net
4    95.211.116.27 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com
us-go.kelkoogroup.net
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.32.110.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-31.vie50.r.cloudfront.net
dd.kelkoogroup.net
1    104.16.226.72 (None, )

ASN- ()
shareasale.com
1    34.118.11.88 (None, )

ASN- ()
api-js.datadome.co
Apex Domain
Subdomains		 Transfer
6 kelkoogroup.net
api.kelkoogroup.net — Cisco Umbrella Rank: 182989
us-go.kelkoogroup.net — Cisco Umbrella Rank: 265971
dd.kelkoogroup.net — Cisco Umbrella Rank: 261974
75 KB
5 1redirc.com
1redirc.com — Cisco Umbrella Rank: 158453
8 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 shopbuttler.com
shopbuttler.com — Cisco Umbrella Rank: 777464
4 KB
2 spidershopping.com
spidershopping.com
1 KB
2 reeftechnlogy.com
reeftechnlogy.com
2 KB
1 datadome.co
api-js.datadome.co
428 B
1 shareasale.com
shareasale.com
2 KB
1 smartredirect.de
www.smartredirect.de — Cisco Umbrella Rank: 242322
828 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
41 KB
1 clever-redirect.com
clever-redirect.com — Cisco Umbrella Rank: 955687
694 B
0 grammarly.com Failed
grammarly.com Failed
21 12
Domain Requested by
5 1redirc.com 1 redirects 1redirc.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
us-go.kelkoogroup.net
4 us-go.kelkoogroup.net 1 redirects shopbuttler.com
us-go.kelkoogroup.net
3 shopbuttler.com 1 redirects spidershopping.com
shopbuttler.com
2 spidershopping.com clever-redirect.com
2 reeftechnlogy.com 2 redirects
1 api-js.datadome.co dd.kelkoogroup.net
1 shareasale.com us-go.kelkoogroup.net
1 dd.kelkoogroup.net us-go.kelkoogroup.net
1 api.kelkoogroup.net 1 redirects
1 www.smartredirect.de 1 redirects
1 www.googletagmanager.com shopbuttler.com
1 clever-redirect.com 1redirc.com
0 grammarly.com Failed shareasale.com
21 14

This site contains no links.

Subject Issuer Validity Valid
tracker.clever-redirect.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
spidershopping.com
R3		 2022-08-13 -
2022-11-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-26 -
2023-01-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.kelkoogroup.net
Thawte RSA CA 2018		 2021-09-07 -
2022-10-07		 a year crt.sh
dd.kelkoogroup.net
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
*.datadome.co
Gandi Standard SSL CA 2		 2021-10-12 -
2022-10-21		 a year crt.sh

This page contains 1 frames:

Frame: https://grammarly.com/aff_track/sas?SSAID=2081315&sscid=81k6_hp77i&SSAIDDATA=SSCID%5F81k6%5Fhp77i
Frame ID: 1294125CF48986420032587B0A60AE15
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://reeftechnlogy.com/ HTTP 302
    https://reeftechnlogy.com/ HTTP 302
    http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY... Page URL
  2. http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D17988... HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1798809718&sid=2022081611014585a6817930d767b689 Page URL
  3. https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=grammarly.com&s1=7216... Page URL
  4. https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dgrammarly.com%26... Page URL
  5. https://shopbuttler.com/visit/o3?d=grammarly.com&sid1=08cb048f1f759912c48ed9c954f6ecd9&nid=1 HTTP 302
    https://shopbuttler.com/visit?site=grammarly.com Page URL
  6. https://www.smartredirect.de/redir/clickGate.php?u=uvD6yP8x&m=1&p=RWSbhNjcg0&t=plEfkhLf&s=o362d9f862a4bfe... HTTP 302
    https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=us&custom2=at105521_a11754... HTTP 302
    https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affili... Page URL
  7. https://us-go.kelkoogroup.net/redirect?country=us&k=612f7a9541cd6ea61eb554c0e4cff4376da9bf6f40542c5ac64dcd... HTTP 303
    https://shareasale.com/r.cfm?b=223514&m=26748&u=2081315&afftrack=dc1-kls-prod-ls-02.prod.dc1.kelkoo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.cfm(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

21
Requests

76 %
HTTPS

31 %
IPv6

12
Domains

14
Subdomains

11
IPs

4
Countries

149 kB
Transfer

411 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reeftechnlogy.com/ HTTP 302
    https://reeftechnlogy.com/ HTTP 302
    http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3RGlCRStESGJ2ejVWNGw5SlY0dVljS1k1NCtjOUF0SDFsNkk4ZkhwSU8rTlFwZGY2KzdUd0ovMEIwdTFDbzhqbnpoTUR0VjM1d05abkxSSEZ2VlJYNzlEYXlpd1ZjUFRhbS9zOVlVSGN6N0VQbm54VGZLOXlKQVd0Z3JmWnJJNVVTd01uVy9ncFJQbmZ2djR2YzJiV2dTdHpLK0ZMYVArZTY4Zk5VeHhwTURqd1MydVJiQmgwdkdaNHp4VjU0aEd2Y1N0V3lsaUxjWUh1Q1Y4V09xazZGQVJGWEpLRmt6RU4yMmJ6TE0remRhMjh1ZXR2dEdTdGYxWlZiL0VqakpENU9jSitwekcxb0xwOGl1Ry9zVHE0SDJqemtYZGRUT0dWN0p4VlF0KzlqM1VlK05QZHBWREpJUnpKTjgxenREbktnbmxlNHltVlRhNTBFS0IxOXFhN3E1VDFqT3BzN2thcDNRcGIvcnlqNUlFcVRjbmhuRmRWQjZUWkk2b0tMc0k0ek1xUThKWmRmVi9nS3U4MXRZT0VqczA3eFBIb29oandJcE84b2lOODBtNFhmcGxPdVpnU0ovSmZib2twNDU4dEZYaTR4YzJiWmc0MkIxMERKcFdPM0NRVXp2eXZwR0xRNGU3TFNhMVdDNDdMT1dHaEw5eTNwZE40NmM5U2lqOERvMHYxUlBzK0lCWW92bE1NSlFFUTlBMzl1TWZyc0tuZkgzRXNaQUVTTDhRQjQ0YmgxbmQ3b2tVZUppeEFoTWY4VHI1bDkvRWZzOGwzMWJSMjc4aXhlR1RBQTlHU1BhN2J5emgvdUlTRUdDK2hxdFU2MG5VSWE3QmtUUWRDcUN0dWgrN2tQUy9CQnlXWDdJWElkK1ZKMA%3D%3D Page URL
  2. http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1798809718%26sid%3D2022081611014585a6817930d767b689&s=j&enc=w1fAQErS0DsL56H5X3ngCX49fnhxWFdPQk5kWkJnbk94TkpXckova1ZkUytneVo2aDJ5Q0NHVldpR2FmQ3UyR05jbWl1WWNiRVZOVFRNOC9qMnpTdmZrd2FNVXNtVFNyb0dmZEowYVB0RnpMdjZjcDhDekJTRnVqckcxYVIrdHdYdGxuS1Z0Mm9iajZSTTBGYU1JdTYxTEExblY4UU9OMkVZYmVpemFBcGhueEN5OHJTVHFndGpJZGx5YVMxZG90UnlQQWxLWlNHS05BZkNubmM1YjdmU0JpRHZoSkRLY0YrMUZmYVkzSlBCUGZKL3d1MEZhT1hxaUw4eFFqOXU5ZzlHTTdKOURjRS96OFhDMW1EeUdpaUxCNDJBangyQVhVU3pFdFNDdVFhMVMxTXAyVVRUQXdEZlNlSWYwUUxNMjY4Z3JYWnUzbjZMdU9jb1ZjTkVFREFDRWNFcSt1eG9rSGR0M0Z1dXc4OHA5dVJvSmtEWDl5TXBkRmdiZEsyaUhiZmFVRGNlZCtFRmdyRElMczRxOHlIZm9wUkhSSk15YkhYQzJMNjhLVytuQlNSbG9mSUFDTXRqMURYaFpIa1JlQVh2c3REYmRGSWM2eFV4czBtNW9PSTk1VzJIWTZTT1ZuNTNsc21ubzROS1kxZmdYalh4VFp2c1JLcnREY0YwMUVFUkhST3FhWW1rTFJISEZJK1lSSUZSaHVRaE9nVnA5VnBCV01HbUZQbU1WUEt0cGx4bmVFalFDNHZrQlBiWGIzc2hjRUpyUHBsM2JwRmNFOU1pajRhS3ZVSXp2cnVsZGhOMCthOXpPY3pqSkFTdzBZbWZPOThIUEZrZTUxWXE3c012Ynd6eG8yQXVrdzBTSjJ0czZwclJsL3M4UjhYazIwU1YycmJvNGkybDV1Z09UbHdxdXV6Z3VZOWNsN1VaWjIyUmRzZUk4TDh5SmtrV1VMSDVLa3hzOG03UWg4VnhUSzcxVWdjMzlQalVZVkI3V20wSENSZUJYa0d3aFRsWEpBUlhHL1JsWWZLSnMxQWt1WkZiM3J4T3pTOGVpZ01ZZWtram11OXhDNStqeEpwUkRLSmo5OWZyWFA4SDlGVGJzMG5YTW9PTFdhczRHYjVLdGVsUklmWDhLMnhFNTJCVnB2R2pOOFg5bUxBPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1798809718&sid=2022081611014585a6817930d767b689 Page URL
  3. https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=grammarly.com&s1=721614&s2=&s3=1798809718&s5=cf&it=46&in=1 Page URL
  4. https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dgrammarly.com%26sid1%3D08cb048f1f759912c48ed9c954f6ecd9%26nid%3D1&h=036be5634967ca35125e4198f49cd362 Page URL
  5. https://shopbuttler.com/visit/o3?d=grammarly.com&sid1=08cb048f1f759912c48ed9c954f6ecd9&nid=1 HTTP 302
    https://shopbuttler.com/visit?site=grammarly.com Page URL
  6. https://www.smartredirect.de/redir/clickGate.php?u=uvD6yP8x&m=1&p=RWSbhNjcg0&t=plEfkhLf&s=o362d9f862a4bfe&url=https%3A%2F%2Fgrammarly.com&r=https%3A%2F%2Fshopbuttler.com HTTP 302
    https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=us&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe&id=e4e2e5c6-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https://grammarly.com HTTP 302
    https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe Page URL
  7. https://us-go.kelkoogroup.net/redirect?country=us&k=612f7a9541cd6ea61eb554c0e4cff4376da9bf6f40542c5ac64dcd62d40dd90d4ad68e8a4cc8da94404350f867dbfc0690a4e5001a016ca1897bf747fb611f03953928ba4e81a836c3a98f30e650bae3e41e245dca11042c7201b19e2a225079fdd9066b7214b6a595e2bbcaffae9a209ae100ce57bb20f3892aa9909ed7c12dc6343eecdf51748a788f830e33d7f93d8d237d51df7e0fb1fbf542c946502ea1f8eb83787151f2d4ecf513becebd1c30ecbc35144b5742c9d056a279b0442656544c639056e8288e14df3015346980547342c36489971d2c5f235d39087625f205c9013cb8c189d46abc265cef15b7ac9a01232d991111ee4d2f03b81aa14b78&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461&clickId=107698147_1660611709970_3767886&url=https%3A%2F%2Fshareasale.com%2Fr.cfm%3Fb%3D223514%26m%3D26748%26u%3D2081315%26afftrack%3Ddc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461%26urllink%3Dhttps%253A%252F%252Fgrammarly.com&initiator=timeout HTTP 303
    https://shareasale.com/r.cfm?b=223514&m=26748&u=2081315&afftrack=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461&urllink=https%3A%2F%2Fgrammarly.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://reeftechnlogy.com/ HTTP 302
  • https://reeftechnlogy.com/ HTTP 302
  • http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3RGlCRStESGJ2ejVWNGw5SlY0dVljS1k1NCtjOUF0SDFsNkk4ZkhwSU8rTlFwZGY2KzdUd0ovMEIwdTFDbzhqbnpoTUR0VjM1d05abkxSSEZ2VlJYNzlEYXlpd1ZjUFRhbS9zOVlVSGN6N0VQbm54VGZLOXlKQVd0Z3JmWnJJNVVTd01uVy9ncFJQbmZ2djR2YzJiV2dTdHpLK0ZMYVArZTY4Zk5VeHhwTURqd1MydVJiQmgwdkdaNHp4VjU0aEd2Y1N0V3lsaUxjWUh1Q1Y4V09xazZGQVJGWEpLRmt6RU4yMmJ6TE0remRhMjh1ZXR2dEdTdGYxWlZiL0VqakpENU9jSitwekcxb0xwOGl1Ry9zVHE0SDJqemtYZGRUT0dWN0p4VlF0KzlqM1VlK05QZHBWREpJUnpKTjgxenREbktnbmxlNHltVlRhNTBFS0IxOXFhN3E1VDFqT3BzN2thcDNRcGIvcnlqNUlFcVRjbmhuRmRWQjZUWkk2b0tMc0k0ek1xUThKWmRmVi9nS3U4MXRZT0VqczA3eFBIb29oandJcE84b2lOODBtNFhmcGxPdVpnU0ovSmZib2twNDU4dEZYaTR4YzJiWmc0MkIxMERKcFdPM0NRVXp2eXZwR0xRNGU3TFNhMVdDNDdMT1dHaEw5eTNwZE40NmM5U2lqOERvMHYxUlBzK0lCWW92bE1NSlFFUTlBMzl1TWZyc0tuZkgzRXNaQUVTTDhRQjQ0YmgxbmQ3b2tVZUppeEFoTWY4VHI1bDkvRWZzOGwzMWJSMjc4aXhlR1RBQTlHU1BhN2J5emgvdUlTRUdDK2hxdFU2MG5VSWE3QmtUUWRDcUN0dWgrN2tQUy9CQnlXWDdJWElkK1ZKMA%3D%3D
Request Chain 4
  • http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1798809718%26sid%3D2022081611014585a6817930d767b689&s=j&enc=w1fAQErS0DsL56H5X3ngCX49fnhxWFdPQk5kWkJnbk94TkpXckova1ZkUytneVo2aDJ5Q0NHVldpR2FmQ3UyR05jbWl1WWNiRVZOVFRNOC9qMnpTdmZrd2FNVXNtVFNyb0dmZEowYVB0RnpMdjZjcDhDekJTRnVqckcxYVIrdHdYdGxuS1Z0Mm9iajZSTTBGYU1JdTYxTEExblY4UU9OMkVZYmVpemFBcGhueEN5OHJTVHFndGpJZGx5YVMxZG90UnlQQWxLWlNHS05BZkNubmM1YjdmU0JpRHZoSkRLY0YrMUZmYVkzSlBCUGZKL3d1MEZhT1hxaUw4eFFqOXU5ZzlHTTdKOURjRS96OFhDMW1EeUdpaUxCNDJBangyQVhVU3pFdFNDdVFhMVMxTXAyVVRUQXdEZlNlSWYwUUxNMjY4Z3JYWnUzbjZMdU9jb1ZjTkVFREFDRWNFcSt1eG9rSGR0M0Z1dXc4OHA5dVJvSmtEWDl5TXBkRmdiZEsyaUhiZmFVRGNlZCtFRmdyRElMczRxOHlIZm9wUkhSSk15YkhYQzJMNjhLVytuQlNSbG9mSUFDTXRqMURYaFpIa1JlQVh2c3REYmRGSWM2eFV4czBtNW9PSTk1VzJIWTZTT1ZuNTNsc21ubzROS1kxZmdYalh4VFp2c1JLcnREY0YwMUVFUkhST3FhWW1rTFJISEZJK1lSSUZSaHVRaE9nVnA5VnBCV01HbUZQbU1WUEt0cGx4bmVFalFDNHZrQlBiWGIzc2hjRUpyUHBsM2JwRmNFOU1pajRhS3ZVSXp2cnVsZGhOMCthOXpPY3pqSkFTdzBZbWZPOThIUEZrZTUxWXE3c012Ynd6eG8yQXVrdzBTSjJ0czZwclJsL3M4UjhYazIwU1YycmJvNGkybDV1Z09UbHdxdXV6Z3VZOWNsN1VaWjIyUmRzZUk4TDh5SmtrV1VMSDVLa3hzOG03UWg4VnhUSzcxVWdjMzlQalVZVkI3V20wSENSZUJYa0d3aFRsWEpBUlhHL1JsWWZLSnMxQWt1WkZiM3J4T3pTOGVpZ01ZZWtram11OXhDNStqeEpwUkRLSmo5OWZyWFA4SDlGVGJzMG5YTW9PTFdhczRHYjVLdGVsUklmWDhLMnhFNTJCVnB2R2pOOFg5bUxBPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
  • https://clever-redirect.com/s/r6?s=721614&s3=1798809718&sid=2022081611014585a6817930d767b689
Request Chain 7
  • https://shopbuttler.com/visit/o3?d=grammarly.com&sid1=08cb048f1f759912c48ed9c954f6ecd9&nid=1 HTTP 302
  • https://shopbuttler.com/visit?site=grammarly.com
Request Chain 10
  • https://www.smartredirect.de/redir/clickGate.php?u=uvD6yP8x&m=1&p=RWSbhNjcg0&t=plEfkhLf&s=o362d9f862a4bfe&url=https%3A%2F%2Fgrammarly.com&r=https%3A%2F%2Fshopbuttler.com HTTP 302
  • https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=us&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe&id=e4e2e5c6-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https://grammarly.com HTTP 302
  • https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r2.php
1redirc.com/
Redirect Chain
  • http://reeftechnlogy.com/
  • https://reeftechnlogy.com/
  • http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3R...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3RGlCRStESGJ2ejVWNGw5SlY0dVljS1k1NCtjOUF0SDFsNkk4ZkhwSU8rTlFwZGY2KzdUd0ovMEIwdTFDbzhqbnpoTUR0VjM1d05abkxSSEZ2VlJYNzlEYXlpd1ZjUFRhbS9zOVlVSGN6N0VQbm54VGZLOXlKQVd0Z3JmWnJJNVVTd01uVy9ncFJQbmZ2djR2YzJiV2dTdHpLK0ZMYVArZTY4Zk5VeHhwTURqd1MydVJiQmgwdkdaNHp4VjU0aEd2Y1N0V3lsaUxjWUh1Q1Y4V09xazZGQVJGWEpLRmt6RU4yMmJ6TE0remRhMjh1ZXR2dEdTdGYxWlZiL0VqakpENU9jSitwekcxb0xwOGl1Ry9zVHE0SDJqemtYZGRUT0dWN0p4VlF0KzlqM1VlK05QZHBWREpJUnpKTjgxenREbktnbmxlNHltVlRhNTBFS0IxOXFhN3E1VDFqT3BzN2thcDNRcGIvcnlqNUlFcVRjbmhuRmRWQjZUWkk2b0tMc0k0ek1xUThKWmRmVi9nS3U4MXRZT0VqczA3eFBIb29oandJcE84b2lOODBtNFhmcGxPdVpnU0ovSmZib2twNDU4dEZYaTR4YzJiWmc0MkIxMERKcFdPM0NRVXp2eXZwR0xRNGU3TFNhMVdDNDdMT1dHaEw5eTNwZE40NmM5U2lqOERvMHYxUlBzK0lCWW92bE1NSlFFUTlBMzl1TWZyc0tuZkgzRXNaQUVTTDhRQjQ0YmgxbmQ3b2tVZUppeEFoTWY4VHI1bDkvRWZzOGwzMWJSMjc4aXhlR1RBQTlHU1BhN2J5emgvdUlTRUdDK2hxdFU2MG5VSWE3QmtUUWRDcUN0dWgrN2tQUy9CQnlXWDdJWElkK1ZKMA%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdac96b7a2c5b3c3779b10cb379b074b0c0db7c0375a75b1627ab2477134de8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Length
2039
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Aug 2022 01:01:46 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Aug 2022 01:01:45 GMT
Location
http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3RGlCRStESGJ2ejVWNGw5SlY0dVljS1k1NCtjOUF0SDFsNkk4ZkhwSU8rTlFwZGY2KzdUd0ovMEIwdTFDbzhqbnpoTUR0VjM1d05abkxSSEZ2VlJYNzlEYXlpd1ZjUFRhbS9zOVlVSGN6N0VQbm54VGZLOXlKQVd0Z3JmWnJJNVVTd01uVy9ncFJQbmZ2djR2YzJiV2dTdHpLK0ZMYVArZTY4Zk5VeHhwTURqd1MydVJiQmgwdkdaNHp4VjU0aEd2Y1N0V3lsaUxjWUh1Q1Y4V09xazZGQVJGWEpLRmt6RU4yMmJ6TE0remRhMjh1ZXR2dEdTdGYxWlZiL0VqakpENU9jSitwekcxb0xwOGl1Ry9zVHE0SDJqemtYZGRUT0dWN0p4VlF0KzlqM1VlK05QZHBWREpJUnpKTjgxenREbktnbmxlNHltVlRhNTBFS0IxOXFhN3E1VDFqT3BzN2thcDNRcGIvcnlqNUlFcVRjbmhuRmRWQjZUWkk2b0tMc0k0ek1xUThKWmRmVi9nS3U4MXRZT0VqczA3eFBIb29oandJcE84b2lOODBtNFhmcGxPdVpnU0ovSmZib2twNDU4dEZYaTR4YzJiWmc0MkIxMERKcFdPM0NRVXp2eXZwR0xRNGU3TFNhMVdDNDdMT1dHaEw5eTNwZE40NmM5U2lqOERvMHYxUlBzK0lCWW92bE1NSlFFUTlBMzl1TWZyc0tuZkgzRXNaQUVTTDhRQjQ0YmgxbmQ3b2tVZUppeEFoTWY4VHI1bDkvRWZzOGwzMWJSMjc4aXhlR1RBQTlHU1BhN2J5emgvdUlTRUdDK2hxdFU2MG5VSWE3QmtUUWRDcUN0dWgrN2tQUy9CQnlXWDdJWElkK1ZKMA%3D%3D
Server
Apache/2.4.38 (Debian)
jscheck.js
1redirc.com/javascript/ 		899 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/javascript/jscheck.js
Requested by
Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3RGlCRStESGJ2ejVWNGw5SlY0dVljS1k1NCtjOUF0SDFsNkk4ZkhwSU8rTlFwZGY2KzdUd0ovMEIwdTFDbzhqbnpoTUR0VjM1d05abkxSSEZ2VlJYNzlEYXlpd1ZjUFRhbS9zOVlVSGN6N0VQbm54VGZLOXlKQVd0Z3JmWnJJNVVTd01uVy9ncFJQbmZ2djR2YzJiV2dTdHpLK0ZMYVArZTY4Zk5VeHhwTURqd1MydVJiQmgwdkdaNHp4VjU0aEd2Y1N0V3lsaUxjWUh1Q1Y4V09xazZGQVJGWEpLRmt6RU4yMmJ6TE0remRhMjh1ZXR2dEdTdGYxWlZiL0VqakpENU9jSitwekcxb0xwOGl1Ry9zVHE0SDJqemtYZGRUT0dWN0p4VlF0KzlqM1VlK05QZHBWREpJUnpKTjgxenREbktnbmxlNHltVlRhNTBFS0IxOXFhN3E1VDFqT3BzN2thcDNRcGIvcnlqNUlFcVRjbmhuRmRWQjZUWkk2b0tMc0k0ek1xUThKWmRmVi9nS3U4MXRZT0VqczA3eFBIb29oandJcE84b2lOODBtNFhmcGxPdVpnU0ovSmZib2twNDU4dEZYaTR4YzJiWmc0MkIxMERKcFdPM0NRVXp2eXZwR0xRNGU3TFNhMVdDNDdMT1dHaEw5eTNwZE40NmM5U2lqOERvMHYxUlBzK0lCWW92bE1NSlFFUTlBMzl1TWZyc0tuZkgzRXNaQUVTTDhRQjQ0YmgxbmQ3b2tVZUppeEFoTWY4VHI1bDkvRWZzOGwzMWJSMjc4aXhlR1RBQTlHU1BhN2J5emgvdUlTRUdDK2hxdFU2MG5VSWE3QmtUUWRDcUN0dWgrN2tQUy9CQnlXWDdJWElkK1ZKMA%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3RGlCRStESGJ2ejVWNGw5SlY0dVljS1k1NCtjOUF0SDFsNkk4ZkhwSU8rTlFwZGY2KzdUd0ovMEIwdTFDbzhqbnpoTUR0VjM1d05abkxSSEZ2VlJYNzlEYXlpd1ZjUFRhbS9zOVlVSGN6N0VQbm54VGZLOXlKQVd0Z3JmWnJJNVVTd01uVy9ncFJQbmZ2djR2YzJiV2dTdHpLK0ZMYVArZTY4Zk5VeHhwTURqd1MydVJiQmgwdkdaNHp4VjU0aEd2Y1N0V3lsaUxjWUh1Q1Y4V09xazZGQVJGWEpLRmt6RU4yMmJ6TE0remRhMjh1ZXR2dEdTdGYxWlZiL0VqakpENU9jSitwekcxb0xwOGl1Ry9zVHE0SDJqemtYZGRUT0dWN0p4VlF0KzlqM1VlK05QZHBWREpJUnpKTjgxenREbktnbmxlNHltVlRhNTBFS0IxOXFhN3E1VDFqT3BzN2thcDNRcGIvcnlqNUlFcVRjbmhuRmRWQjZUWkk2b0tMc0k0ek1xUThKWmRmVi9nS3U4MXRZT0VqczA3eFBIb29oandJcE84b2lOODBtNFhmcGxPdVpnU0ovSmZib2twNDU4dEZYaTR4YzJiWmc0MkIxMERKcFdPM0NRVXp2eXZwR0xRNGU3TFNhMVdDNDdMT1dHaEw5eTNwZE40NmM5U2lqOERvMHYxUlBzK0lCWW92bE1NSlFFUTlBMzl1TWZyc0tuZkgzRXNaQUVTTDhRQjQ0YmgxbmQ3b2tVZUppeEFoTWY4VHI1bDkvRWZzOGwzMWJSMjc4aXhlR1RBQTlHU1BhN2J5emgvdUlTRUdDK2hxdFU2MG5VSWE3QmtUUWRDcUN0dWgrN2tQUy9CQnlXWDdJWElkK1ZKMA%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 01:01:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Jul 2022 05:32:26 GMT
Server
Apache/2.4.38 (Debian)
ETag
"383-5e47246a24e80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
405
swfobject.js
1redirc.com/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/javascript/swfobject.js
Requested by
Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3RGlCRStESGJ2ejVWNGw5SlY0dVljS1k1NCtjOUF0SDFsNkk4ZkhwSU8rTlFwZGY2KzdUd0ovMEIwdTFDbzhqbnpoTUR0VjM1d05abkxSSEZ2VlJYNzlEYXlpd1ZjUFRhbS9zOVlVSGN6N0VQbm54VGZLOXlKQVd0Z3JmWnJJNVVTd01uVy9ncFJQbmZ2djR2YzJiV2dTdHpLK0ZMYVArZTY4Zk5VeHhwTURqd1MydVJiQmgwdkdaNHp4VjU0aEd2Y1N0V3lsaUxjWUh1Q1Y4V09xazZGQVJGWEpLRmt6RU4yMmJ6TE0remRhMjh1ZXR2dEdTdGYxWlZiL0VqakpENU9jSitwekcxb0xwOGl1Ry9zVHE0SDJqemtYZGRUT0dWN0p4VlF0KzlqM1VlK05QZHBWREpJUnpKTjgxenREbktnbmxlNHltVlRhNTBFS0IxOXFhN3E1VDFqT3BzN2thcDNRcGIvcnlqNUlFcVRjbmhuRmRWQjZUWkk2b0tMc0k0ek1xUThKWmRmVi9nS3U4MXRZT0VqczA3eFBIb29oandJcE84b2lOODBtNFhmcGxPdVpnU0ovSmZib2twNDU4dEZYaTR4YzJiWmc0MkIxMERKcFdPM0NRVXp2eXZwR0xRNGU3TFNhMVdDNDdMT1dHaEw5eTNwZE40NmM5U2lqOERvMHYxUlBzK0lCWW92bE1NSlFFUTlBMzl1TWZyc0tuZkgzRXNaQUVTTDhRQjQ0YmgxbmQ3b2tVZUppeEFoTWY4VHI1bDkvRWZzOGwzMWJSMjc4aXhlR1RBQTlHU1BhN2J5emgvdUlTRUdDK2hxdFU2MG5VSWE3QmtUUWRDcUN0dWgrN2tQUy9CQnlXWDdJWElkK1ZKMA%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3RGlCRStESGJ2ejVWNGw5SlY0dVljS1k1NCtjOUF0SDFsNkk4ZkhwSU8rTlFwZGY2KzdUd0ovMEIwdTFDbzhqbnpoTUR0VjM1d05abkxSSEZ2VlJYNzlEYXlpd1ZjUFRhbS9zOVlVSGN6N0VQbm54VGZLOXlKQVd0Z3JmWnJJNVVTd01uVy9ncFJQbmZ2djR2YzJiV2dTdHpLK0ZMYVArZTY4Zk5VeHhwTURqd1MydVJiQmgwdkdaNHp4VjU0aEd2Y1N0V3lsaUxjWUh1Q1Y4V09xazZGQVJGWEpLRmt6RU4yMmJ6TE0remRhMjh1ZXR2dEdTdGYxWlZiL0VqakpENU9jSitwekcxb0xwOGl1Ry9zVHE0SDJqemtYZGRUT0dWN0p4VlF0KzlqM1VlK05QZHBWREpJUnpKTjgxenREbktnbmxlNHltVlRhNTBFS0IxOXFhN3E1VDFqT3BzN2thcDNRcGIvcnlqNUlFcVRjbmhuRmRWQjZUWkk2b0tMc0k0ek1xUThKWmRmVi9nS3U4MXRZT0VqczA3eFBIb29oandJcE84b2lOODBtNFhmcGxPdVpnU0ovSmZib2twNDU4dEZYaTR4YzJiWmc0MkIxMERKcFdPM0NRVXp2eXZwR0xRNGU3TFNhMVdDNDdMT1dHaEw5eTNwZE40NmM5U2lqOERvMHYxUlBzK0lCWW92bE1NSlFFUTlBMzl1TWZyc0tuZkgzRXNaQUVTTDhRQjQ0YmgxbmQ3b2tVZUppeEFoTWY4VHI1bDkvRWZzOGwzMWJSMjc4aXhlR1RBQTlHU1BhN2J5emgvdUlTRUdDK2hxdFU2MG5VSWE3QmtUUWRDcUN0dWgrN2tQUy9CQnlXWDdJWElkK1ZKMA%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 01:01:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Jul 2022 05:32:26 GMT
Server
Apache/2.4.38 (Debian)
ETag
"27ef-5e47246a24e80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3949
jscheck.php
1redirc.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/jscheck.php?enc=w1fAQErS0DsL56H5X3ngCX49fnhxWFdPQk5kWkJnbk94TkpXckova1ZkUytneVo2aDJ5Q0NHVldpR2FmQ3UyR05jbWl1WWNiRVZOVFRNOC9qMnpTdmZrd2FNVXNtVFNyb0dmZEowYVB0RnpMdjZjcDhDekJTRnVqckcxYVIrdHdYdGxuS1Z0Mm9iajZSTTBGYU1JdTYxTEExblY4UU9OMkVZYmVpemFBcGhueEN5OHJTVHFndGpJZGx5YVMxZG90UnlQQWxLWlNHS05BZkNubmM1YjdmU0JpRHZoSkRLY0YrMUZmYVkzSlBCUGZKL3d1MEZhT1hxaUw4eFFqOXU5ZzlHTTdKOURjRS96OFhDMW1EeUdpaUxCNDJBangyQVhVU3pFdFNDdVFhMVMxTXAyVVRUQXdEZlNlSWYwUUxNMjY4Z3JYWnUzbjZMdU9jb1ZjTkVFREFDRWNFcSt1eG9rSGR0M0Z1dXc4OHA5dVJvSmtEWDl5TXBkRmdiZEsyaUhiZmFVRGNlZCtFRmdyRElMczRxOHlIZm9wUkhSSk15YkhYQzJMNjhLVytuQlNSbG9mSUFDTXRqMURYaFpIa1JlQVh2c3REYmRGSWM2eFV4czBtNW9PSTk1VzJIWTZTT1ZuNTNsc21ubzROS1kxZmdYalh4VFp2c1JLcnREY0YwMUVFUkhST3FhWW1rTFJISEZJK1lSSUZSaHVRaE9nVnA5VnBCV01HbUZQbU1WUEt0cGx4bmVFalFDNHZrQlBiWGIzc2hjRUpyUHBsM2JwRmNFOU1pajRhS3ZVSXp2cnVsZGhOMCthOXpPY3pqSkFTdzBZbWZPOThIUEZrZTUxWXE3c012Ynd6eG8yQXVrdzBTSjJ0czZwclJsL3M4UjhYazIwU1YycmJvNGkybDV1Z09UbHdxdXV6Z3VZOWNsN1VaWjIyUmRzZUk4TDh5SmtrV1VMSDVLa3hzOG03UWg4VnhUSzcxVWdjMzlQalVZVkI3V20wSENSZUJYa0d3aFRsWEpBUlhHL1JsWWZLSnMxQWt1WkZiM3J4T3pTOGVpZ01ZZWtram11OXhDNStqeEpwUkRLSmo5OWZyWFA4SDlGVGJzMG5YTW9PTFdhczRHYjVLdGVsUklmWDhLMnhFNTJCVnB2R2pOOFg5bUxBPT0%3D&rand=0.6097825383775286
Requested by
Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=0yIdHVWgRe3quDF5hUj8sX49fnYrZDVpOGNuSWNnWERTakxTS3pVeGxleGdybEJQZmY3YmsyL3NsTXU0RU4xY2VhK3pIZWl2aW9MUTZrd0dkdEticHpQSjhVMytjTjVLeXAzMDBKYUJCV0hCbnlYWUpyS2RBRkdjTXp5QXJ3RGlCRStESGJ2ejVWNGw5SlY0dVljS1k1NCtjOUF0SDFsNkk4ZkhwSU8rTlFwZGY2KzdUd0ovMEIwdTFDbzhqbnpoTUR0VjM1d05abkxSSEZ2VlJYNzlEYXlpd1ZjUFRhbS9zOVlVSGN6N0VQbm54VGZLOXlKQVd0Z3JmWnJJNVVTd01uVy9ncFJQbmZ2djR2YzJiV2dTdHpLK0ZMYVArZTY4Zk5VeHhwTURqd1MydVJiQmgwdkdaNHp4VjU0aEd2Y1N0V3lsaUxjWUh1Q1Y4V09xazZGQVJGWEpLRmt6RU4yMmJ6TE0remRhMjh1ZXR2dEdTdGYxWlZiL0VqakpENU9jSitwekcxb0xwOGl1Ry9zVHE0SDJqemtYZGRUT0dWN0p4VlF0KzlqM1VlK05QZHBWREpJUnpKTjgxenREbktnbmxlNHltVlRhNTBFS0IxOXFhN3E1VDFqT3BzN2thcDNRcGIvcnlqNUlFcVRjbmhuRmRWQjZUWkk2b0tMc0k0ek1xUThKWmRmVi9nS3U4MXRZT0VqczA3eFBIb29oandJcE84b2lOODBtNFhmcGxPdVpnU0ovSmZib2twNDU4dEZYaTR4YzJiWmc0MkIxMERKcFdPM0NRVXp2eXZwR0xRNGU3TFNhMVdDNDdMT1dHaEw5eTNwZE40NmM5U2lqOERvMHYxUlBzK0lCWW92bE1NSlFFUTlBMzl1TWZyc0tuZkgzRXNaQUVTTDhRQjQ0YmgxbmQ3b2tVZUppeEFoTWY4VHI1bDkvRWZzOGwzMWJSMjc4aXhlR1RBQTlHU1BhN2J5emgvdUlTRUdDK2hxdFU2MG5VSWE3QmtUUWRDcUN0dWgrN2tQUy9CQnlXWDdJWElkK1ZKMA%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 01:01:47 GMT
Server
Apache/2.4.38 (Debian)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
r6
clever-redirect.com/s/
Redirect Chain
  • http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1798809718%26sid%3D2022081611014585a6817930d767b689&s=j&enc=w1fAQErS0DsL56H5X3ngCX49fnhxWFdPQk5kWkJnbk94Tkp...
  • https://clever-redirect.com/s/r6?s=721614&s3=1798809718&sid=2022081611014585a6817930d767b689
345 B
694 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clever-redirect.com/s/r6?s=721614&s3=1798809718&sid=2022081611014585a6817930d767b689
Requested by
Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.197.46.78.clients.your-server.de
Software
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer
http://1redirc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
345
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 01:01:47 GMT
referrer-policy
no-referrer
server
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by
PHP/7.4.27

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Aug 2022 01:01:47 GMT
Location
https://clever-redirect.com/s/r6?s=721614&s3=1798809718&sid=2022081611014585a6817930d767b689
Server
Apache/2.4.38 (Debian)
a
spidershopping.com/search/ 		370 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=grammarly.com&s1=721614&s2=&s3=1798809718&s5=cf&it=46&in=1
Requested by
Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=1798809718&sid=2022081611014585a6817930d767b689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.54.55.162.clients.your-server.de
Software
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash
8e4384836af2d4bbd2296bce37f0c307c755e4f53d434a66844ad998ec7b1e31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
370
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 01:01:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by
PHP/7.4.27
r
spidershopping.com/search/ 		297 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dgrammarly.com%26sid1%3D08cb048f1f759912c48ed9c954f6ecd9%26nid%3D1&h=036be5634967ca35125e4198f49cd362
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.54.55.162.clients.your-server.de
Software
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=grammarly.com&s1=721614&s2=&s3=1798809718&s5=cf&it=46&in=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
297
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 01:01:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by
PHP/7.4.27
visit
shopbuttler.com/
Redirect Chain
  • https://shopbuttler.com/visit/o3?d=grammarly.com&sid1=08cb048f1f759912c48ed9c954f6ecd9&nid=1
  • https://shopbuttler.com/visit?site=grammarly.com
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shopbuttler.com/visit?site=grammarly.com
Requested by
Host: spidershopping.com
URL: https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dgrammarly.com%26sid1%3D08cb048f1f759912c48ed9c954f6ecd9%26nid%3D1&h=036be5634967ca35125e4198f49cd362
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dgrammarly.com%26sid1%3D08cb048f1f759912c48ed9c954f6ecd9%26nid%3D1&h=036be5634967ca35125e4198f49cd362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
73b63daf4a089bd7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 01:01:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xjrjUfMTiKqk5jzgNdQcsM7Rs%2FCZbEqulV9%2FxGaKCDV8O1AvX639lOxK5kzzXreeeRFa%2Byr%2FC0Fc%2B2pCxH7o1gooSDhwU3PMQOshJOIwKXuzOFUvUbdDPzM4ydhJaeYp%2Bd622gYfLXmqTWCWQ0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
73b63daa7e329bd7-FRA
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 01:01:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://shopbuttler.com/visit?site=grammarly.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIaracLYdwqUqJ6%2FxRQEpxOf6pGy04bte1M83wDX8VdsTEsuwT5EnetVFXm3hLGEgyXC8n3JxzyeyiOjzeOOm1j3ttnaukzFKhb1RbsHQvv8g5KyEh3oOnchHPLpSZnXId1N9X4tpvW4d0BLmlY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-175809664-6
Requested by
Host: shopbuttler.com
URL: https://shopbuttler.com/visit?site=grammarly.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shopbuttler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 01:01:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41786
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 00:05:33 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Aug 2022 01:01:49 GMT
ba1affc3-ec1c-4b04-9273-91e5c8c42beb
shopbuttler.com/r/2022-08-16/o3/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopbuttler.com/r/2022-08-16/o3/ba1affc3-ec1c-4b04-9273-91e5c8c42beb
Requested by
Host: shopbuttler.com
URL: https://shopbuttler.com/visit?site=grammarly.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shopbuttler.com/visit?site=grammarly.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 01:01:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mfq6prIe%2B4OOoNiN8Nq23CSlBYti9PvVXmxdfKuyJAQIgRPnXUMBqihtKLauui3x23vJrrM68FtyDGpSJcxLEJSyc8zKsmuhQvXN%2FpZbhvPTmxVbokxv25dlSTBp%2FtT3u3mvz%2BUDAQUQ5OTVQXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
73b63dafddd29c0a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
merchantGo
us-go.kelkoogroup.net/ctl/go/
Redirect Chain
  • https://www.smartredirect.de/redir/clickGate.php?u=uvD6yP8x&m=1&p=RWSbhNjcg0&t=plEfkhLf&s=o362d9f862a4bfe&url=https%3A%2F%2Fgrammarly.com&r=https%3A%2F%2Fshopbuttler.com
  • https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=us&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe&id=e4e2e5c6-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=...
  • https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchI...
28 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
Requested by
Host: shopbuttler.com
URL: https://shopbuttler.com/visit?site=grammarly.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-go-vip.kelkoo.com
Software
/
Resource Hash
3f3edef0035b3aa6e3c92b3b3ce990a14ceb9079006e600881a8cb05a0893ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shopbuttler.com/visit?site=grammarly.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
ApacheTracking
localhost
Connection
Keep-Alive
Content-Length
28437
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Aug 2022 01:01:49 GMT
Keep-Alive
timeout=40, max=90
P3P
CP="Anything"
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.012511S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698147_1660611709970_3767886
country
us
leadId
dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461

Redirect headers

content-length
0
date
Tue, 16 Aug 2022 01:01:49 GMT
location
https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
request-time
12
vary
Origin
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-id
32Y_ABScQsWbOqCPi7yB_PA5-r-9abtW3Fck0kvm88Bw53yNI1YTAg==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-gravitee-request-id
391e82c2-d33d-4f17-9e82-c2d33dbf1709
x-gravitee-transaction-id
391e82c2-d33d-4f17-9e82-c2d33dbf1709
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175809664-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shopbuttler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7189
date
Mon, 15 Aug 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 16 Aug 2022 01:02:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1784668929&t=pageview&_s=1&dl=https%3A%2F%2Fshopbuttler.com%2Fvisit%3Fsite%3Dgrammarly.com&dr=https%3A%2F%2Fspidershopping.com%2F&ul=en-us&de=UTF-8&dt=Privacy-Dereferer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1488618605&gjid=735637810&cid=1696090766.1660611710&tid=UA-175809664-6&_gid=239978053.1660611710&_r=1&gtm=2ou8f0&z=1584145880
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shopbuttler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 01:01:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shopbuttler.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1784668929&t=event&_s=2&dl=https%3A%2F%2Fshopbuttler.com%2Fvisit%3Fsite%3Dgrammarly.com&dr=https%3A%2F%2Fspidershopping.com%2F&ul=en-us&de=UTF-8&dt=Privacy-Dereferer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=partner_o3&ea=network_1&el=ba1affc3-ec1c-4b04-9273-91e5c8c42beb&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1696090766.1660611710&tid=UA-175809664-6&_gid=239978053.1660611710&gtm=2ou8f0&z=1466102295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shopbuttler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 05:17:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71035
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
p.png
us-go.kelkoogroup.net/assets/images/ 		68 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-go.kelkoogroup.net/assets/images/p.png?country=us&k=612f7a9541cd6ea61eb554c0e4cff4376da9bf6f40542c5ac64dcd62d40dd90d4ad68e8a4cc8da94404350f867dbfc0690a4e5001a016ca1897bf747fb611f03953928ba4e81a836c3a98f30e650bae3e41e245dca11042c7201b19e2a225079fdd9066b7214b6a595e2bbcaffae9a209ae100ce57bb20f3892aa9909ed7c12dc6343eecdf51748a788f830e33d7f93d8d237d51df7e0fb1fbf542c946502ea1f8eb83787151f2d4ecf513becebd1c30ecbc35144b5742c9d056a279b0442656544c639056e8288e14df3015346980547342c36489971d2c5f235d39087625f205c9013cb8c189d46abc265cef15b7ac9a01232d991111ee4d2f03b81aa14b78&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461&clickId=107698147_1660611709970_3767886
Requested by
Host: us-go.kelkoogroup.net
URL: https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-go-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

ApacheTracking
localhost
Date
Tue, 16 Aug 2022 01:01:50 GMT
Referrer-Policy
origin-when-cross-origin
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-Frame-Options
DENY
P3P
CP="Anything"
Cache-Control
private, must-revalidate
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Type
image/png
Request-Time
PT0.001677S
Content-Length
68
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=40, max=75
tags.js
dd.kelkoogroup.net/ 		209 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/tags.js
Requested by
Host: us-go.kelkoogroup.net
URL: https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-31.vie50.r.cloudfront.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
etag
"34515-5e4b2951e5a21-gzip"
age
2723
x-cache
Hit from cloudfront
content-length
43581
access-control-allow-origin
*
last-modified
Tue, 26 Jul 2022 10:15:40 GMT
server
Apache
date
Tue, 16 Aug 2022 00:16:40 GMT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront), 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
x-amz-cf-pop
FRA60-P2, VIE50-C2
accept-ranges
bytes
x-amz-cf-id
fze0-YmOrk9PGcuD5rJGr286Bu7jR3wbJtUgv-8Y4DgodlqKdp1SjQ==
expires
Tue, 16 Aug 2022 01:16:27 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fus-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1660611709762%26.sig%3DjwjngDxoS4Er8g1MvFUrwDDOf3c-%26affiliationId%3D96980028%26comId%3D100526158%26country%3Dus%26cpcId%3D415506%26merchantName%3DGrammarly%2BInc%26searchId%3D1076100353918921_1660611709751_45356033%26service%3D30%26url%3Dhttps%253A%252F%252Fgrammarly.com%26custom2%3Dat105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe&dr=https%3A%2F%2Fshopbuttler.com%2F&dp=%2F96980028%7C100526158%7C&ul=en-us&de=UTF-8&dt=Redirecting%20to%20Grammarly%20Inc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAAABAAAAAC~&cid=138020651.1660611710&tid=UA-168544891-39&_gid=313828633.1660611710&_r=1&cd1=96980028&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461&cd3=100526158&cd4=a4c6293-182a42bcc12-10c7b4&cd5=&cd6=96980028%7C100526158%7C&z=89983296
Requested by
Host: us-go.kelkoogroup.net
URL: https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 01:01:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://us-go.kelkoogroup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp
us-go.kelkoogroup.net/ 		0
458 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us-go.kelkoogroup.net/fp?country=us&k=612f7a9541cd6ea61eb554c0e4cff4376da9bf6f40542c5ac64dcd62d40dd90d4ad68e8a4cc8da94404350f867dbfc0690a4e5001a016ca1897bf747fb611f03953928ba4e81a836c3a98f30e650bae3e41e245dca11042c7201b19e2a225079fdd9066b7214b6a595e2bbcaffae9a209ae100ce57bb20f3892aa9909ed7c12dc6343eecdf51748a788f830e33d7f93d8d237d51df7e0fb1fbf542c946502ea1f8eb83787151f2d4ecf513becebd1c30ecbc35144b5742c9d056a279b0442656544c639056e8288e14df3015346980547342c36489971d2c5f235d39087625f205c9013cb8c189d46abc265cef15b7ac9a01232d991111ee4d2f03b81aa14b78&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461&clickId=107698147_1660611709970_3767886
Requested by
Host: us-go.kelkoogroup.net
URL: https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-go-vip.kelkoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

ApacheTracking
localhost
Date
Tue, 16 Aug 2022 01:01:50 GMT
Referrer-Policy
origin-when-cross-origin
X-Permitted-Cross-Domain-Policies
master-only
X-Frame-Options
DENY
P3P
CP="Anything"
X-Robots-Tag
noindex,nofollow
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Type
text/plain; charset=UTF-8
Request-Time
PT0.003438S
Content-Length
0
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=40, max=64
Primary Request r.cfm
shareasale.com/
Redirect Chain
  • https://us-go.kelkoogroup.net/redirect?country=us&k=612f7a9541cd6ea61eb554c0e4cff4376da9bf6f40542c5ac64dcd62d40dd90d4ad68e8a4cc8da94404350f867dbfc0690a4e5001a016ca1897bf747fb611f03953928ba4e81a836c...
  • https://shareasale.com/r.cfm?b=223514&m=26748&u=2081315&afftrack=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461&urllink=https%3A%2F%2Fgrammarly.com
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shareasale.com/r.cfm?b=223514&m=26748&u=2081315&afftrack=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461&urllink=https%3A%2F%2Fgrammarly.com
Requested by
Host: us-go.kelkoogroup.net
URL: https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.226.72 -, , ASN (),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN

Request headers

Referer
https://us-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1660611709762&.sig=jwjngDxoS4Er8g1MvFUrwDDOf3c-&affiliationId=96980028&comId=100526158&country=us&cpcId=415506&merchantName=Grammarly+Inc&searchId=1076100353918921_1660611709751_45356033&service=30&url=https%3A%2F%2Fgrammarly.com&custom2=at105521_a117549_m1_p210175_t15409_cDE_so362d9f862a4bfe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cf-apo-via
origin,page-rules
cf-cache-status
BYPASS
cf-ray
73b63db5abea9b3d-FRA
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 16 Aug 2022 01:01:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADMi TAIi PSAi IVAi OUR STP NAV"
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAME-ORIGIN
x-powered-by
ASP.NET

Redirect headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
ApacheTracking
localhost
Connection
Keep-Alive
Content-Length
0
Content-Type
text/plain
Date
Tue, 16 Aug 2022 01:01:50 GMT
Keep-Alive
timeout=40, max=86
Location
https://shareasale.com/r.cfm?b=223514&m=26748&u=2081315&afftrack=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461&urllink=https%3A%2F%2Fgrammarly.com
P3P
CP="Anything"
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.013849S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698147_1660611709970_3767886
country
us
leadId
dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1660611709973_1240461
/
api-js.datadome.co/js/ 		235 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.118.11.88 -, , ASN (),
Reverse DNS
Software
DataDome /
Resource Hash

Request headers

Referer
https://us-go.kelkoogroup.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 01:01:50 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
235
expires
0
sas
grammarly.com/aff_track/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
grammarly.com
URL
https://grammarly.com/aff_track/sas?SSAID=2081315&sscid=81k6_hp77i&SSAIDDATA=SSCID%5F81k6%5Fhp77i

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

13 Cookies

Domain/Path Name / Value
reeftechnlogy.com/ Name: __tad
Value: 1660611704.4923991
.1redirc.com/ Name: __dsnsid
Value: 2022081611014585a6817930d767b689
clever-redirect.com/ Name: 3e9c6f07ac0fe4172e15ddd02e65909d
Value: 738a808974c8fbfd6483e1e787de4ade0f8243c25ba6d4da836a5c6d0b9e5ad1a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223e9c6f07ac0fe4172e15ddd02e65909d%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
spidershopping.com/ Name: bc9468efca36bf4d042985a01f969c7d
Value: 8b52b2303d15490336e6acb914858412e6e2254d500718d3a5081d6155b41d80a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22bc9468efca36bf4d042985a01f969c7d%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
shopbuttler.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjJsSE5RN0FVUWkvZDVKcDg0KzNPRHc9PSIsInZhbHVlIjoiRGQvM1lqVjd6NlVLWEl6TkUwdVZLRmh0TW5lYzBlZVJvLzd5RXpNVWpwa3krVG5XNlJQeXZTYXhOUWlRRCtQZFE0TE5sWlIvVmovVW8xeVFsMlJ3WGdtVkVNaW9ZbmxqRmZ3d3h5aUVlVWxzWU5INjFOc3Y0UGhOK0FsSjdRbXUiLCJtYWMiOiI4ZWU3ZTAxMDZkMjZiYzZhODM4Y2Y2ZjAxOTE0ZjY5NzM0ZjhlYzdmOTI1MjcxOTg5NjM0MmM2NTE2N2FiODFhIiwidGFnIjoiIn0%3D
shopbuttler.com/ Name: shopbuttler_session
Value: eyJpdiI6IitCRTduZEtsTXd5aFRXekoycTFrc2c9PSIsInZhbHVlIjoiVDIxeTZqSTNyNU8wMnpxSFF4YWY5Ni9VQ0ZTWjltUGJiQ3ZETFEzSmVaZUkySHpiMmNFMHA2N09TMkRmbDZIRHZ4aklwc2RsOWlZOVkrNlBWdXlPeG9OZEVHU3ppLzlneDZHbWFOZU9YQkZwSzFPWVlyRW9xUjkyeGV6UFNWL3EiLCJtYWMiOiIzZmEyMTNkYjRiMjg1NjI0MTVjM2FiMGQ3ZDEwYzk4NWY2Y2Y0MTAyNWEzODY0ODUwYWNhMGNlZGMzYzljNmE3IiwidGFnIjoiIn0%3D
.shopbuttler.com/ Name: _ga
Value: GA1.2.1696090766.1660611710
.shopbuttler.com/ Name: _gid
Value: GA1.2.239978053.1660611710
.shopbuttler.com/ Name: _gat_gtag_UA_175809664_6
Value: 1
.kelkoogroup.net/ Name: kelkooID
Value: a4c6293-182a42bcc12-10c7b4
.kelkoogroup.net/ Name: _ga
Value: GA1.2.138020651.1660611710
.kelkoogroup.net/ Name: _gid
Value: GA1.2.313828633.1660611710
.kelkoogroup.net/ Name: datadome
Value: uawjpLSc4DlPCUNwH4OPsw1u0gs3V4wKhM75HppuhITfzNIO0YRFij2goE2vqFF5sjx7PaEr-C3yEd6F~1MVqEoTwREBH8CP2hLEVptkT-0JUa2i1K661F-GdjQ7YR3