www.wellnessimo.com
Open in
urlscan Pro
163.172.172.119
Public Scan
Effective URL: https://www.wellnessimo.com/pdv/102?a=15629&t1=flux&t2=&r=cpc&c=&fd=1&nm=1&dis=CRAZY-50&utm_source=kelkoofr&utm_medium=cpc&u...
Submission: On September 10 via api from US — Scanned from FR
Summary
TLS certificate: Issued by R3 on July 25th 2022. Valid for: 3 months.
This is the only time www.wellnessimo.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
admin.capiatalone.com |
ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us
r.redirekted.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com
fr-go.kelkoogroup.net |
ASN- ()
PTR: server-18-66-112-3.fra56.r.cloudfront.net
dd.kelkoogroup.net |
ASN12876 (Online SAS, FR)
PTR: 119-172-172-163.instances.scw.cloud
www.wellnessimo.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.192.116.34.bc.googleusercontent.com
api-js.datadome.co |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-63.fra60.r.cloudfront.net
s.kk-resources.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16276 (OVH, FR)
asset.easydmp.net | |
sq.jobkiero.com | |
squa.squatiki.eu |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-87-138.eu-west-3.compute.amazonaws.com
sync.commander1.com |
ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
rd.frontend.weborama.fr |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
easydmp.net
asset.easydmp.net — Cisco Umbrella Rank: 57230 |
20 KB |
11 |
eldoslim.com
cdn.eldoslim.com |
502 KB |
6 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94 |
40 KB |
5 |
wellnessimo.com
1 redirects
www.wellnessimo.com |
15 KB |
5 |
kelkoogroup.net
1 redirects
fr-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 279490 |
76 KB |
4 |
commander1.com
2 redirects
sync.commander1.com — Cisco Umbrella Rank: 40460 |
3 KB |
4 |
redirekted.com
r.redirekted.com |
11 KB |
3 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 607 |
549 B |
3 |
wonderpush.com
cdn.by.wonderpush.com — Cisco Umbrella Rank: 29348 |
108 KB |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 303 |
641 B |
2 |
weborama.fr
2 redirects
rd.frontend.weborama.fr — Cisco Umbrella Rank: 19540 |
530 B |
2 |
capiatalone.com
1 redirects
admin.capiatalone.com |
1 KB |
1 |
squatiki.eu
squa.squatiki.eu — Cisco Umbrella Rank: 470097 |
415 B |
1 |
jobkiero.com
sq.jobkiero.com — Cisco Umbrella Rank: 545684 |
414 B |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 423 |
615 B |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 768 |
14 KB |
1 |
email-match.com
atout.email-match.com — Cisco Umbrella Rank: 337162 |
4 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141 |
74 KB |
1 |
kk-resources.com
s.kk-resources.com — Cisco Umbrella Rank: 42003 |
3 KB |
1 |
datadome.co
api-js.datadome.co — Cisco Umbrella Rank: 5811 |
429 B |
0 |
slimdoo.com
Failed
www.slimdoo.com Failed |
|
56 | 21 |
Domain | Requested by | |
---|---|---|
11 | asset.easydmp.net |
atout.email-match.com
asset.easydmp.net |
11 | cdn.eldoslim.com |
www.wellnessimo.com
cdn.eldoslim.com |
6 | www.google-analytics.com |
r.redirekted.com
www.google-analytics.com fr-go.kelkoogroup.net www.googletagmanager.com |
5 | www.wellnessimo.com |
1 redirects
fr-go.kelkoogroup.net
cdn.eldoslim.com |
4 | sync.commander1.com | 2 redirects |
4 | fr-go.kelkoogroup.net |
1 redirects
r.redirekted.com
fr-go.kelkoogroup.net |
4 | r.redirekted.com |
admin.capiatalone.com
r.redirekted.com |
3 | idsync.rlcdn.com | 2 redirects |
3 | cdn.by.wonderpush.com |
www.googletagmanager.com
cdn.by.wonderpush.com |
2 | cm.g.doubleclick.net | 2 redirects |
2 | rd.frontend.weborama.fr | 2 redirects |
2 | admin.capiatalone.com | 1 redirects |
1 | squa.squatiki.eu |
asset.easydmp.net
|
1 | sq.jobkiero.com |
asset.easydmp.net
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | js-agent.newrelic.com |
www.wellnessimo.com
|
1 | atout.email-match.com |
admin.capiatalone.com
|
1 | www.googletagmanager.com |
www.wellnessimo.com
|
1 | s.kk-resources.com |
www.wellnessimo.com
|
1 | api-js.datadome.co |
dd.kelkoogroup.net
|
1 | dd.kelkoogroup.net |
fr-go.kelkoogroup.net
|
0 | www.slimdoo.com Failed |
cdn.by.wonderpush.com
|
56 | 22 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.slimdoo.com |
www.absolusecure.com |
www.eldolink.com |
www.iddn.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.kelkoogroup.net Thawte RSA CA 2018 |
2022-08-25 - 2023-09-25 |
a year | crt.sh |
dd.kelkoogroup.net R3 |
2022-09-07 - 2022-12-06 |
3 months | crt.sh |
wellnessimo.com R3 |
2022-07-25 - 2022-10-23 |
3 months | crt.sh |
*.datadome.co Gandi Standard SSL CA 2 |
2021-10-12 - 2022-10-21 |
a year | crt.sh |
cdn.eldoslim.com Amazon |
2022-07-17 - 2023-08-15 |
a year | crt.sh |
s.kk-resources.com Amazon |
2022-07-09 - 2023-08-07 |
a year | crt.sh |
wonderpush.com Cloudflare Inc ECC CA-3 |
2022-07-27 - 2022-10-25 |
3 months | crt.sh |
em.wd.retarget-leads.com R3 |
2022-07-30 - 2022-10-28 |
3 months | crt.sh |
icd.easydmp.net R3 |
2022-07-25 - 2022-10-23 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2 |
2022-07-10 - 2023-08-11 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-10 - 2023-02-10 |
a year | crt.sh |
asset.azdmp.com R3 |
2022-09-05 - 2022-12-04 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.wellnessimo.com/pdv/102?a=15629&t1=flux&t2=&r=cpc&c=&fd=1&nm=1&dis=CRAZY-50&utm_source=kelkoofr&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Slimdoo%C2%AE+Light+-+Ceinture+Minceur
Frame ID: 289694718E0E8237065A79066306783F
Requests: 36 HTTP requests in this frame
Frame:
http://r.redirekted.com/go?e=NA-pFFuHPqxcvCzbxXYMFLdf0X9blB8OJsmEGL-IFs-03F8txXbjKL9S2V743pj9Ir_xUCuHlX-0KL8SJsyDQL8gQsX13B0VzX7tQM9SzVu1aCwfmX-tUM9AKs74aq4cHr_xaCutFBsImqjI2rXuJBeLULOAwBxgwXcRKDdxlV5ZwqbM0XxD2BmR2KUyaCwuTs7LFF8IPrWkKWjSJsXglBlfRLTIQXWEHr-D2F1pUrb13F84mZbVPL0V2VXSPXvx0X-LFF9gHs8j3p50wsyLPM8gRCvcPXw4QsYAvB8uvVv1KLzZzs2WvL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Frame ID: 0BE51FE544E5859B9DD258696E2216BD
Requests: 4 HTTP requests in this frame
Frame:
https://asset.easydmp.net/client_iframe.html?t=230944
Frame ID: DE2F732863AA6BC03E05FA1B85593C6E
Requests: 14 HTTP requests in this frame
Frame:
https://asset.easydmp.net/collect_v2.img.php?dmp=comact&uid=166279402378103175&webo_id=jbMpnRo292IMPyzrIvgMLO
Frame ID: EB65D0D58D987DC3BC28EBE4052B0566
Requests: 1 HTTP requests in this frame
Frame:
https://www.slimdoo.com/wonderpush.min.html
Frame ID: 6345D3BCE9DF46E6B26EF03AD5444115
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
La ceinture minceur Slimdoo ® Light pour affiner votre corpsPage URL History Show full URLs
- http://admin.capiatalone.com/ Page URL
-
http://admin.capiatalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Mjg...
HTTP 302
http://r.redirekted.com/redirect?redirect_id=6f7c6575232677b897d66dcfb943c8b2&request_id=19be2c56c6e... Page URL
- https://fr-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1662715203210&.sig=S3msCqvUCGltMm7x9QmTvGyrTMM-&aff... Page URL
-
https://fr-go.kelkoogroup.net/redirect?country=fr&k=612f7a9541cd6ea61eb554c0e4cff437432ad62727879cc85ea4f1...
HTTP 303
https://www.wellnessimo.com/g?kk=a4c6293-183263f3c03-b7ae&a=15629&t1=flux&t2=&r=cpc&c=&fd=1&nm=1&dis=CRA... HTTP 302
https://www.wellnessimo.com/pdv/102?a=15629&t1=flux&t2=&r=cpc&c=&fd=1&nm=1&dis=CRAZY-50&utm_source=kelko... Page URL
Detected technologies
Datadome (Miscellaneous) ExpandDetected patterns
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Accès Membre
Search URL Search Domain Scan URL
Title: Mon compte client
Search URL Search Domain Scan URL
Title: Résilier mon abonnement
Search URL Search Domain Scan URL
Title: Rétractation
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Affiliation
Search URL Search Domain Scan URL
Title: IDDN Certification
Search URL Search Domain Scan URL
Title: >>> Commandez la Ceinture Minceur* + Découvrez le programme minceur Slimdoo®
Search URL Search Domain Scan URL
Title: Commandez la Ceinture MinceurSlimdoo® Light seule
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://admin.capiatalone.com/ Page URL
-
http://admin.capiatalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjgwMTIyMCwiaWF0IjoxNjYyNzk0MDIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczltc21mcXFqdDRvaWhsZzQwdXI4OGQiLCJuYmYiOjE2NjI3OTQwMjAsInRzIjoxNjYyNzk0MDIwMTY5MjI1fQ.9mrVDyOg1RUEptY6I2lvVealy2My54ZjA8uMpFh1rDU&sid=1891ec26-30d8-11ed-ba85-541104604e23
HTTP 302
http://r.redirekted.com/redirect?redirect_id=6f7c6575232677b897d66dcfb943c8b2&request_id=19be2c56c6eb3547693f790ac67dc804 Page URL
- https://fr-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1662715203210&.sig=S3msCqvUCGltMm7x9QmTvGyrTMM-&affiliationId=96966789&comId=100540425&country=fr&offerId=7e385fc0007136d43bb746eb8d6a4731&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gwVV53p1pzXuIUFltFqscPXWq0Z-LvEdRTnSqQqeDlAmkwF7gQrXkaBwcRsytaE8IlXakKWjuHs7DUF-IPA&custom2=jKWjuHsyVPF9AUrtqwqSExZvyxC08GrUAQB Page URL
-
https://fr-go.kelkoogroup.net/redirect?country=fr&k=612f7a9541cd6ea61eb554c0e4cff437432ad62727879cc85ea4f10b346fffea7b8cd0f99bf34cfc21dd34c4df85284405faa68aa78863abf5a969f48df8f6f91b1d3214a7694cfdabc5e27badef4fe7b41aa5cb3c0fd17303160d1d90f6c475385e333f334850463f2811b0008050304916bdad2f08e392cd78d1021415d045328ca1b9d060eae11d85c57bfb6bee6cc13a126b775ed3a1ba17060a489e38edb1973775d183bdef91796eac570b7adbdad0dc9d264dc88b91b4e2bfbc5283e1bee243162f689034e10c58ef189c85beb2749a9539e2284f4222ac0d5d45ded0b29e8766ff6b28230b1615688f74cf45a63bea40549af754db3868dc4dae93b60b7c7509d172fe5beb3a86e0f9312cc93179db37cf8e3db75f48df3c47b8d24c93074c8b03b074af734d3867df5bd5ea0a8ae828901bd9a2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1662794021906_7945373&clickId=107698147_1662794021891_172818&url=https%3A%2F%2Fwww.wellnessimo.com%2Fg%3Fkk%3Da4c6293-183263f3c03-b7ae%26a%3D15629%26t1%3Dflux%26t2%3D%26r%3Dcpc%26c%3D%26fd%3D1%26nm%3D1%26dis%3DCRAZY-50%26t%3D%26p%3D3%26locale%3Dfr%26utm_source%3Dkelkoofr%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSlimdoo%25C2%25AE%2BLight%2B-%2BCeinture%2BMinceur&initiator=timeout
HTTP 303
https://www.wellnessimo.com/g?kk=a4c6293-183263f3c03-b7ae&a=15629&t1=flux&t2=&r=cpc&c=&fd=1&nm=1&dis=CRAZY-50&t=&p=3&locale=fr&utm_source=kelkoofr&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Slimdoo%C2%AE+Light+-+Ceinture+Minceur HTTP 302
https://www.wellnessimo.com/pdv/102?a=15629&t1=flux&t2=&r=cpc&c=&fd=1&nm=1&dis=CRAZY-50&utm_source=kelkoofr&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Slimdoo%C2%AE+Light+-+Ceinture+Minceur Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://admin.capiatalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjgwMTIyMCwiaWF0IjoxNjYyNzk0MDIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczltc21mcXFqdDRvaWhsZzQwdXI4OGQiLCJuYmYiOjE2NjI3OTQwMjAsInRzIjoxNjYyNzk0MDIwMTY5MjI1fQ.9mrVDyOg1RUEptY6I2lvVealy2My54ZjA8uMpFh1rDU&sid=1891ec26-30d8-11ed-ba85-541104604e23 HTTP 302
- http://r.redirekted.com/redirect?redirect_id=6f7c6575232677b897d66dcfb943c8b2&request_id=19be2c56c6eb3547693f790ac67dc804
- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
- http://www.google-analytics.com/collect?v=1&_v=j96&a=1388915981&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHPqxcvCzbxXYMFLdf0X9blB8OJsmEGL-IFs-03F8txXbjKL9S2V743pj9Ir_xUCuHlX-0KL8SJsyDQL8gQsX13B0VzX7tQM9SzVu1aCwfmX-tUM9AKs74aq4cHr_xaCutFBsImqjI2rXuJBeLULOAwBxgwXcRKDdxlV5ZwqbM0XxD2BmR2KUyaCwuTs7LFF8IPrWkKWjSJsXglBlfRLTIQXWEHr-D2F1pUrb13F84mZbVPL0V2VXSPXvx0X-LFF9gHs8j3p50wsyLPM8gRCvcPXw4QsYAvB8uvVv1KLzZzs2WvL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1104434648.1662794022&tid=UA-32454353-1&_gid=368922697.1662794022&cd1=oz9lpzM8n2kesUk8sT5ipaWzsTgfn3k8sUj%3D&z=1141702831 HTTP 307
- https://www.google-analytics.com/collect?v=1&_v=j96&a=1388915981&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHPqxcvCzbxXYMFLdf0X9blB8OJsmEGL-IFs-03F8txXbjKL9S2V743pj9Ir_xUCuHlX-0KL8SJsyDQL8gQsX13B0VzX7tQM9SzVu1aCwfmX-tUM9AKs74aq4cHr_xaCutFBsImqjI2rXuJBeLULOAwBxgwXcRKDdxlV5ZwqbM0XxD2BmR2KUyaCwuTs7LFF8IPrWkKWjSJsXglBlfRLTIQXWEHr-D2F1pUrb13F84mZbVPL0V2VXSPXvx0X-LFF9gHs8j3p50wsyLPM8gRCvcPXw4QsYAvB8uvVv1KLzZzs2WvL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1104434648.1662794022&tid=UA-32454353-1&_gid=368922697.1662794022&cd1=oz9lpzM8n2kesUk8sT5ipaWzsTgfn3k8sUj%3D&z=1141702831
- https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId HTTP 302
- https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1
- https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D166279402378103175%26webo_id%3D{WEBO_CID} HTTP 302
- https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D166279402378103175%26webo_id%3D%7BWEBO_CID%7D&bounce=1&random=16364534 HTTP 302
- https://asset.easydmp.net/collect_v2.img.php?dmp=comact&uid=166279402378103175&webo_id=jbMpnRo292IMPyzrIvgMLO
- https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/166279402378103175 HTTP 302
- https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/166279402378103175&firsttime=1
- https://idsync.rlcdn.com/461249.gif?partner_uid=166279402378103175 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2NjI3OTQwMjM3ODEwMzE3NRAAGg0Ip_LwmAYSBQjoBxAAQgBKAA HTTP 307
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
- https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHfT4_mtAqfYveSdERn5DlU&google_cver=1
56 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
admin.capiatalone.com/ |
477 B 836 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redirect
r.redirekted.com/ Redirect Chain
|
844 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adren.css
r.redirekted.com/css/ |
243 B 479 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adren.min.js
r.redirekted.com/js/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
go
r.redirekted.com/ Frame 0BE5 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 0BE5 Redirect Chain
|
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ Frame 0BE5 |
2 B 145 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ Frame 0BE5 Redirect Chain
|
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
offersearchGo
fr-go.kelkoogroup.net/ctl/go/ |
30 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.png
fr-go.kelkoogroup.net/assets/images/ |
68 B 552 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tags.js
dd.kelkoogroup.net/ |
204 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fp
fr-go.kelkoogroup.net/ |
0 457 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
102
www.wellnessimo.com/pdv/ Redirect Chain
|
43 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.datadome.co/js/ |
236 B 429 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_pdv.102.min.css
cdn.eldoslim.com/bundles/eldopages/assets/css/ |
289 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
cdn.eldoslim.com/bundles/eldopages/img/pdv102/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
product.jpg
cdn.eldoslim.com/bundles/eldopages/img/pdv102/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
model-xs.jpg
cdn.eldoslim.com/bundles/eldopages/img/pdv102/ |
59 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.png
cdn.eldoslim.com/bundles/eldopages/img/pdv/icons/small/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
french-label.png
cdn.eldoslim.com/bundles/eldopages/img/pdv/icons/small/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shield.png
cdn.eldoslim.com/bundles/eldopages/img/pdv/icons/small/ |
884 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
truck.png
cdn.eldoslim.com/bundles/eldopages/img/pdv/icons/small/ |
606 B 1005 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
model.jpg
cdn.eldoslim.com/bundles/eldopages/img/pdv102/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_pdv.fr.min.js
cdn.eldoslim.com/bundles/eldopages/assets/js/ |
784 KB 228 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
leadtag.js
s.kk-resources.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
210 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
emafunc.js
atout.email-match.com/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdn.eldoslim.com/bundles/eldopages/assets/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
notify
www.wellnessimo.com/ |
93 B 368 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
notify
www.wellnessimo.com/ |
196 B 471 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
banner
www.wellnessimo.com/cookie_consent/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.js
asset.easydmp.net/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client_iframe.html
asset.easydmp.net/ Frame DE2F |
26 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1216.min.js
js-agent.newrelic.com/ |
38 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
etag.php
asset.easydmp.net/ Frame DE2F |
0 415 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect_v3.php
asset.easydmp.net/ Frame DE2F |
109 B 568 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7c229654ac
bam.nr-data.net/1/ |
49 B 615 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
etag.php
asset.easydmp.net/ Frame DE2F |
84 B 529 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
get_delivery_data.php
asset.easydmp.net/ Frame DE2F |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuid&callback=sqdComActOnGetTcId&firsttime=1
sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/ Frame DE2F Redirect Chain
|
126 B 763 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
collect_v2.img.php
asset.easydmp.net/ Frame EB65 Redirect Chain
|
43 B 696 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
166279402378103175&firsttime=1
sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/ Frame DE2F Redirect Chain
|
95 B 704 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
362358.gif
idsync.rlcdn.com/ Frame DE2F Redirect Chain
|
42 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
get_delivery_data.php
asset.easydmp.net/ Frame DE2F |
130 B 866 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
get_delivery_data.php
asset.easydmp.net/ Frame DE2F |
130 B 866 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get
sq.jobkiero.com/tmpPds/ Frame DE2F |
27 B 414 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect_v3.php
asset.easydmp.net/ Frame DE2F |
362 B 882 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
etag.php
asset.easydmp.net/ Frame DE2F |
336 B 733 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get
squa.squatiki.eu/tmpPds/ Frame DE2F |
28 B 415 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wonderpush.min.js
cdn.by.wonderpush.com/sdk/1.1.33.5/ |
443 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
71b430952156d51801e5b7fb6e6056010a2351f0912555cb2362027601419221
cdn.by.wonderpush.com/config/webkeys/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wonderpush.min.html
www.slimdoo.com/ Frame 6345 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.slimdoo.com
- URL
- https://www.slimdoo.com/wonderpush.min.html
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| NREUM object| newrelic function| __nr_require object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| WonderPush string| ema_critere function| w_emasend number| ema_id_site object| gaplugins object| gaGlobal object| gaData function| fullPageLoading function| fullPageUnLoading function| openPopup function| facebookShare function| twitterShare function| googleShare function| initModalLink function| initCookieConsentModal function| initCookieConsentAcceptAll function| initCookieConsentRejectAll function| initCookieConsentSave function| $ function| jQuery object| intlTelInputGlobals object| vttjs function| WebVTT function| videojs object| Bounceback object| KELKOO string| _wp_loaderScriptUrl boolean| emabbstr function| emasend string| [eedmpact] function| eedmpdo boolean| easydmp_load_lib object| [eedmpmt]23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.capiatalone.com/ | Name: sid Value: 1891ec26-30d8-11ed-ba85-541104604e23 |
|
r.redirekted.com/ | Name: uuid Value: 9117303258430946304 |
|
.redirekted.com/ | Name: _ga Value: GA1.2.1104434648.1662794022 |
|
.redirekted.com/ | Name: _gid Value: GA1.2.368922697.1662794022 |
|
.redirekted.com/ | Name: _gat Value: 1 |
|
.kelkoogroup.net/ | Name: kelkooID Value: a4c6293-183263f3c03-b7ae |
|
.kelkoogroup.net/ | Name: _ga Value: GA1.2.941832465.1662794021 |
|
.kelkoogroup.net/ | Name: _gid Value: GA1.2.1904882466.1662794021 |
|
.kelkoogroup.net/ | Name: datadome Value: .CyKk2T4~fPt6qi0GfKpF3Hb1RNzVU4jRse1wIFwjfnR.FdFUZdm74tpgXAq9-cprJN~rML7deSX-E8bzEnD_3ekFQ-TNDbPkg57yNQZkjoMcp-XxCimtDWt6RmqdYK5 |
|
www.wellnessimo.com/ | Name: device_view Value: full |
|
.wellnessimo.com/ | Name: _ga Value: GA1.2.155092562.1662794023 |
|
.wellnessimo.com/ | Name: _gid Value: GA1.2.1524338408.1662794023 |
|
.wellnessimo.com/ | Name: _gat_UA-59826262-4 Value: 1 |
|
.wellnessimo.com/ | Name: kk_leadtag Value: true |
|
www.wellnessimo.com/ | Name: PHPSESSID Value: f3575d15c321c16516ed980c18d034db |
|
.easydmp.net/ | Name: capping Value: eyJlbWRtcGVhc3k6ZWFzeWRtcHN5bmN1aWQiOiIxNjYyNzk0MDIzIiwiZW1kbXBlYXN5OmxpdmVyYW1wIjoiMTY2Mjc5NDAyMyIsImVtZG1wZWFzeTp3ZWJvcmFtYV9tcmt0ZXNwX3N5bmMiOiIxNjYyNzk0MDIzIn0%3D |
|
.weborama.fr/ | Name: AFFICHE_W Value: 65XUTwekiY3r15 |
|
.commander1.com/ | Name: TCID Value: 20220910091343968464828 |
|
.nr-data.net/ | Name: JSESSIONID Value: 978aea21fe1e63f8 |
|
.rlcdn.com/ | Name: rlas3 Value: wa/BUQQsNKxJd2iYzidcs3wLlF2C4GKyMHZsvilzbto= |
|
.rlcdn.com/ | Name: pxrc Value: CKjy8JgGEgUI6AcQABIGCLrqARAA |
|
.easydmp.net/ | Name: ecdstpds1 Value: 000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slhNkcGCO5Iou88wuCqll85cvEBcplBZgVXcUDhEWc%2FeLcROIj9HkDGUIZAgICmSJlEuKZEkWqzJjMdEyTwwNMKlWkwqS0qpI8K5l92FM9WKqDmLzqJBz4g9lVshg9omUD5NmiQnik2J0FCwOCnIJzTR2EHTUzzeqEZRm8WXiiOQucrQrCtMN8WVIEmCqCeQKqPfwZo1n9mf3DnHkY3UIYRfkc3bhCaqRE2YLZUgWYZNI0c%2BokRMVdc4xkvLKdcgpCa3m8GNOcJeoCmIKqZHXz5LyZPAAAMDMM5A%3D%3B |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnNu1nlAkkbv_-bhfjCFX6DLh1HqwEhTygou1cGTtw54Q_6pDT4N7-fY0Zk2EI |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
admin.capiatalone.com
api-js.datadome.co
asset.easydmp.net
atout.email-match.com
bam.nr-data.net
cdn.by.wonderpush.com
cdn.eldoslim.com
cm.g.doubleclick.net
dd.kelkoogroup.net
fr-go.kelkoogroup.net
idsync.rlcdn.com
js-agent.newrelic.com
r.redirekted.com
rd.frontend.weborama.fr
s.kk-resources.com
sq.jobkiero.com
squa.squatiki.eu
sync.commander1.com
www.google-analytics.com
www.googletagmanager.com
www.slimdoo.com
www.wellnessimo.com
www.slimdoo.com
134.119.176.20
142.250.185.194
15.237.87.138
151.101.2.137
162.247.241.14
163.172.172.119
18.66.112.3
18.66.147.63
2001:41d0:202:100:145:239:192:103
2001:41d0:301:100:145:239:193:53
2600:9000:223c:8c00:1:b8c1:41c0:93a1
2606:4700::6812:13b7
2a00:1450:4001:801::2008
2a00:1450:4001:813::200e
34.116.192.107
35.190.24.218
35.244.174.68
66.165.243.160
95.211.116.27
02f233b73be9a98d32d81d6d3543271c11f3e211c159f14baeb024dec0a2d3e2
0e4c7a4914656084b61c8f9ad1347fc6b26c51c1274e77db01c17518bb056028
114906c562228250bb2e43243d080f58a68d216ea25190b81f1a0aa3f58aa8e9
1611eeec8b33569615d9f6ade725f07c906a62b1a5cbf0e8ea5bce83c40cd473
1af881d487391ce12797497b65a981c16c911ff2e847f1e96fdde6def10b17f8
29b03a406670a63b6286bdb6a6aea74812f85d68e1a20edd364817617c383f26
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e6baccce2250116e5be73b68e9e08d644ff84aed324514110535c1af1eea0ba
3928aa513b32706876d3ed41a83588300c37abdf2032ccedfb81230e4b3f082e
3b9652b8cbbb2c0e1d874df99b38993a3dff08c850de9ea3006c18701299ca26
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41ca388023ed4f7fd1fb722191d3b208fdac623290a3af935cb698d2374da650
48ccb15e818869bfd7b3dcc8f9b46c72420182a6c25f18230a0fcdd7248d30ea
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
57c13ea5f4d0389107637297dbea055387d8c611892739671df017456668d9c7
5cb5b615ad0b024b665e057e1afb422506bbb6362cb9770e2de9b11c90b625b4
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b439158c66433a4540041119ffa6598c479422fe9e1a58d7e54d5ff2eaf2fb9
6b518838b6fae3f079becf718a3ed967985ea90af52bc484886b5e29cddc71b8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8789c05e2855e59c77be3bb59b09f37d92e44f54e733092006a7fb9d0d4e133e
8d8e13cb4b71006474b91181d60749d7991721f07b9e6e819d1d390a2c8c0ef5
96d562dce773ff560219adb4245e82e8c0ec52017f7d58c6a47025364a8efd78
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4b42d4b025fea56fcf59596e2051192b2d5aa3d81132492b6f189703623dbdf
b6c76b54d99080b2b4a6976a8e23e88c134ed48b01a86f46fcfc8234b3681dd8
b728a7944608450267ebac40ac14c25ab1e97187656dc80c41896c67e2dc2f55
bbb7d3fff3d102b83038184b462efa615fc8c7dfbbf753be2d3cbc0091f98284
c0c3934e79bdafa111f0c6da25e06f9d7c92b0a86dbf798db19e28e8a37947b4
c2fc5dec89e84862f73de94802749b7b94af9ee4af0b6c3d653b965318188e44
c58bcf002b0f270a62fd8c9a6cf8ac22cf4e1268318d33f64be848ce8df41947
cc8eb64e6c1e5b0fcdf2c5ec2b24cc009e10c538cd6e15312fd5c356c381c924
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf71d84cfcb2b55e01d9d5161d12a9d78b38660e6a9978494c91ebf183555011
d89b829053299fe17fea178ef37ced86b7469cc8541bc65c7b3b422cd777030a
d8b88f5cab9422046951e9b83659b524fc20d7cff385173c5c76a43506c1ff25
d99dc2da986f6464e22eef0c078a5f838f5525591bb633e0c7bb1e04ba7221fa
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f090870b8506fc6e04506ea665ffb739dbfe5eba3bfe17792069f36c92a9de21
f43f98ba234b185637e96e63315730ae1df53d8881f0f4855817d15597cb869e
f743208406f006ae4ae901dfd8faeeff4d2a02c653205f970569beb81e8d1716
fda2d063acb4c114ac108fb77f65ebb76be4fc8f8022888ba2362da035ba76ae