de-go.kelkoogroup.net
Open in
urlscan Pro
95.211.116.26
Public Scan
Submitted URL: http://zstevemadden.com/
Effective URL: https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff43783933a8850d71a676e24f06846cc6414cf87f0bea6...
Submission: On August 04 via api from IN — Scanned from DE
Effective URL: https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff43783933a8850d71a676e24f06846cc6414cf87f0bea6...
Submission: On August 04 via api from IN — Scanned from DE
Summary
This website contacted 12 IPs
in 3 countries
across 9 domains to perform 20 HTTP transactions.
The main IP is 95.211.116.26, located in
Netherlands and
belongs to LEASEWEB-NL-AMS-01 Netherlands, NL.
The main domain is de-go.kelkoogroup.net.
TLS certificate: Issued by Thawte RSA CA 2018 on August 25th 2022. Valid for: a year.
This is the only time de-go.kelkoogroup.net was scanned on urlscan.io!
TLS certificate: Issued by Thawte RSA CA 2018 on August 25th 2022. Valid for: a year.
This is the only time de-go.kelkoogroup.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 167.172.228.26 167.172.228.26 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 1 2 | 52.117.247.211 52.117.247.211 | 36351 (SOFTLAYER) (SOFTLAYER) | |
| 1 1 | 2606:4700:303... 2606:4700:3031::6815:52b0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 3.125.239.17 3.125.239.17 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 4 | 95.211.116.26 95.211.116.26 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
| 1 | 18.66.112.35 18.66.112.35 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:82f::200e | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 35.156.198.179 35.156.198.179 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 65.9.66.86 65.9.66.86 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 3.125.247.22 3.125.247.22 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 13.224.189.84 13.224.189.84 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2600:9000:225... 2600:9000:2251:6a00:7:c516:5a80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 18.66.122.18 18.66.122.18 | 16509 (AMAZON-02) (AMAZON-02) | |
| 20 | 12 |
2
52.117.247.211
(United States)
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
| myckdom.com | |
| p374591.myckdom.com |
2
3.125.239.17
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
| arveaoy.com |
4
95.211.116.26
(Netherlands)
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
| de-go.kelkoogroup.net |
1
18.66.112.35
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-35.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-35.fra56.r.cloudfront.net
| dd.kelkoogroup.net |
2
2a00:1450:4001:82f::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
2
35.156.198.179
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-198-179.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-198-179.eu-central-1.compute.amazonaws.com
| api-js.datadome.co |
1
65.9.66.86
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-86.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-86.fra56.r.cloudfront.net
| ct.captcha-delivery.com |
1
3.125.247.22
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-247-22.eu-central-1.compute.amazonaws.com
| geo.captcha-delivery.com |
2
13.224.189.84
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-84.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-84.fra2.r.cloudfront.net
| dd.prod.captcha-delivery.com |
2
2600:9000:2251:6a00:7:c516:5a80:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| static.captcha-delivery.com |
1
18.66.122.18
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-18.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-18.fra60.r.cloudfront.net
| js.datadome.co |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
captcha-delivery.com
ct.captcha-delivery.com — Cisco Umbrella Rank: 51669 geo.captcha-delivery.com — Cisco Umbrella Rank: 48929 dd.prod.captcha-delivery.com — Cisco Umbrella Rank: 108470 static.captcha-delivery.com — Cisco Umbrella Rank: 91523 |
104 KB |
| 5 |
kelkoogroup.net
de-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 367609 |
92 KB |
| 3 |
datadome.co
api-js.datadome.co — Cisco Umbrella Rank: 5845 js.datadome.co — Cisco Umbrella Rank: 6296 |
58 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 55 |
415 B |
| 2 |
arveaoy.com
arveaoy.com |
4 KB |
| 2 |
myckdom.com
1 redirects
myckdom.com — Cisco Umbrella Rank: 124837 p374591.myckdom.com |
1 KB |
| 1 |
clickcanv.com
1 redirects
clickcanv.com |
726 B |
| 1 |
geotrkclknow.com
1 redirects
geotrkclknow.com |
573 B |
| 1 |
zstevemadden.com
1 redirects
zstevemadden.com |
2 KB |
| 20 | 9 |
| Domain | Requested by | |
|---|---|---|
| 4 | de-go.kelkoogroup.net |
de-go.kelkoogroup.net
|
| 2 | static.captcha-delivery.com |
geo.captcha-delivery.com
|
| 2 | dd.prod.captcha-delivery.com |
geo.captcha-delivery.com
|
| 2 | api-js.datadome.co |
dd.kelkoogroup.net
js.datadome.co |
| 2 | www.google-analytics.com |
de-go.kelkoogroup.net
|
| 2 | arveaoy.com |
p374591.myckdom.com
|
| 1 | js.datadome.co |
geo.captcha-delivery.com
|
| 1 | geo.captcha-delivery.com |
ct.captcha-delivery.com
|
| 1 | ct.captcha-delivery.com |
de-go.kelkoogroup.net
|
| 1 | dd.kelkoogroup.net |
de-go.kelkoogroup.net
|
| 1 | clickcanv.com | 1 redirects |
| 1 | geotrkclknow.com | 1 redirects |
| 1 | p374591.myckdom.com | |
| 1 | myckdom.com | 1 redirects |
| 1 | zstevemadden.com | 1 redirects |
| 20 | 15 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.myckdom.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-20 - 2024-03-20 |
a year | crt.sh |
| arveaoy.com R3 |
2023-07-08 - 2023-10-06 |
3 months | crt.sh |
| *.kelkoogroup.net Thawte RSA CA 2018 |
2022-08-25 - 2023-09-25 |
a year | crt.sh |
| dd.kelkoogroup.net R3 |
2023-07-04 - 2023-10-02 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
| *.datadome.co Gandi Standard SSL CA 2 |
2022-10-13 - 2023-10-21 |
a year | crt.sh |
| *.captcha-delivery.com Amazon RSA 2048 M02 |
2023-02-23 - 2023-10-23 |
8 months | crt.sh |
| dd.prod.captcha-delivery.com Amazon RSA 2048 M01 |
2023-03-28 - 2024-04-26 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff43783933a8850d71a676e24f06846cc6414cf87f0bea6a955f4312f8cca498c1107626e5bb25b3d98f6611916f41e5627f13bbc411bc0754fe1df8c04c7055b9b687453553377b9f2b86e6499ed227c3ab1f3885fb006073e3b480e0e7e00c0b2e2e80df5fc2626ca066d176485453599718a19dddb77a10fc873bd7f1c215c2803ffff390a77c7be3211f144a5c7c731e079468cb5e63e38c1bde0480412eea3caed94ace3198c27f13bc80352d258742c9ee94ff624f8d05f180200c3569aee018e924c0ee044b6c9f6b57ea0a251a811781a4129a996efded8fa78cda6e7a66607012a0e8cf930fd2e6e183dfa26fe24d89b29b5aa44f8d13d77d516cf2daf5d6ee444f642ba628bc454f27248a524d95659776947d065e7&url=https%3A%2F%2Fclick.cptrack.de%2F%3Frd%3Dtrue%26k%3DuaZKZJHhlwQbg39o67ri7QzDyo9TuRm2ZWGNn3sEAkRI9dneIqqRGopEz2uTMtRMB1ldTz6udm2Q2BBmet6yPA%7E%7E%26rdlink%3Dhttps%253A%252F%252Fwww.basler-beauty.de%252Fmarken%252Festee-lauder%252Festee-lauder-the-brow-multitasker-03-brunette.html%253Fkk%253Da4c6294-189bef5b777-e0d43%2526utm_source%253Dkelkoo%2526utm_medium%253Dcpc%2526utm_campaign%253Dpsm_kelkoo&initiator=dd
Frame ID: DED0FC990842F03BBD8D64D45E5056F5
Requests: 12 HTTP requests in this frame
Frame:
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAux0HdKHODLIALY2YTQ%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=0vvzE4sztk~4x6cWTzNPWioKCrpN1eDRrL50sBOqafamx4GSZe9fWVtSke3NBbnUsVCoycWCwrfWHQu67mzBDInX7Qtz6FFgOZtk77-A~2H-Vc~oUep5B2grfbBgcoZ2&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff43783933a8850d71a676e24f06846cc6414cf87f0bea6a955f4312f8cca498c1107626e5bb25b3d98f6611916f41e5627f13bbc411bc0754fe1df8c04c7055b9b687453553377b9f2b86e6499ed227c3ab1f3885fb006073e3b480e0e7e00c0b2e2e80df5fc2626ca066d176485453599718a19dddb77a10fc873bd7f1c215c2803ffff390a77c7be3211f144a5c7c731e079468cb5e63e38c1bde0480412eea3caed94ace3198c27f13bc80352d258742c9ee94ff624f8d05f180200c3569aee018e924c0ee044b6c9f6b57ea0a251a811781a4129a996efded8fa78cda6e7a66607012a0e8cf930fd2e6e183dfa26fe24d89b29b5aa44f8d13d77d516cf2daf5d6ee444f642ba628bc454f27248a524d95659776947d065e7%26url%3Dhttps%253A%252F%252Fclick.cptrack.de%252F%253Frd%253Dtrue%2526k%253DuaZKZJHhlwQbg39o67ri7QzDyo9TuRm2ZWGNn3sEAkRI9dneIqqRGopEz2uTMtRMB1ldTz6udm2Q2BBmet6yPA%257E%257E%2526rdlink%253Dhttps%25253A%25252F%25252Fwww.basler-beauty.de%25252Fmarken%25252Festee-lauder%25252Festee-lauder-the-brow-multitasker-03-brunette.html%25253Fkk%25253Da4c6294-189bef5b777-e0d43%252526utm_source%25253Dkelkoo%252526utm_medium%25253Dcpc%252526utm_campaign%25253Dpsm_kelkoo%26initiator%3Ddd&s=35103&e=1ab44ec984840bbd0c16f0dc315e11b89a86b7fbd723f35d53f163cc0dff3df4
Frame ID: B9049551768A0F92823890ED6E4F2C57
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
kelkoogroup.netPage URL History Show full URLs
-
http://zstevemadden.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=ebx9GOHwD8EtRC1MLj8Lw48uDhK_8R6j3ASDw0OC7FSSfGNr9-zRUxG_6U4hq... HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiBoDgoytEQenpAXBEuiMH2ragO1zLqWFs... Page URL
-
https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90578585648&bid=0.0055&source=444245245
HTTP 302
https://arveaoy.com/click?trvid=34025&clickid=90578585648&bid=0.0055&source=444245245 Page URL
- https://arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL2NsaWNrY2Fudi5jb20vb2ZmZXJrP3N1YmlkPThlZmE... Page URL
-
https://clickcanv.com/offerk?subid=8efa1ntxqylb&id=100457240&c=A&merchantUrl=https%3A%2F%2Fwww.bas...
HTTP 302
https://de-go.kelkoogroup.net/offersearchGo?.ts=1691125304455&.sig=ClO7mVLjr.3gqBELFTbU34qVOaU-&affiliatio... Page URL
- https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff43783933a8850d71a676e24f0... Page URL
Detected technologies
Datadome
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://zstevemadden.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=ebx9GOHwD8EtRC1MLj8Lw48uDhK_8R6j3ASDw0OC7FSSfGNr9-zRUxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhw4lBdXdQ-SI1jpdsOk2Ina_4rrEXqmh5Vqsg7IIhsb6ry1GubLim8_Vm1ZWime046rM0urDWDBNyep4UROwkRWrD_xkwxZPu2hCR5LYTDOCBI3aqtiCUMHC_-CNj1Ips3mLJEn8EDVon6YJfDkOkTCHxCZfChT8nTLAEru3otCeLjlyYVadBnMIsWV0CSwekWv1PgfLnEeS1gm_hgP-sRG7EFBD8pmNGwrdpX4QL_Eki162gKtiuISxtKtK9FS4HlcBF6IAA6QuBmHKBJ51KwTCiOnyoQKMbS9CGfnxG0blbVSVLqMFaijwXGRXQ-I4nvIUwDhx4hAeRhcHErJ4fJLt7qQ8u1xPF6fOxiPcwgPrn0D75cIK1d7x_cllFUQR6XNBIqJNAUnpunCEVFWT0m6nGkfZCuIhTdKNnh-vr-XjjfBbqHnmwDL0fj4FZNFejtLD2Sq7ZDoiD5N-1IOKTler2qudAtVtLvCgf9Yt3T-q72lPyGWZZevgekoPR87E-3sAgTsg3mcAfteF9zb_hFVJ_GIv7WsoVpd4NZzFoK-p2ICD28xS7Vx140GeNAfWnZMRFYJVA17s1fTchxGtnKYad9roKPNNOBdWXb7CvKWpiIgfthFNfUJY-WmmlMVrWK5-csD1G3grCUpMc45a_URN-twhnEyY33NrdjEP6AMpXkV1i4ADNe8g5cpGPGZ0Ep1TKAsEbe7gW9cpEBTNlFwQtA0-01xpGmpQLQDQxbXk8_7JR-hbuwWQEYs0ZrMmcyYhzHO5N1VM_QgpSKnXbOL16nA3XzWSyEuX825yOuPWageWagaeRS5ZZwHz9Bvl2Lopmo4UyBe48S7kow7Rcud5HCzSbjFyiFeYnbs-otEUMMpRymM_kSzh6qQ73zKsy_bbrIx95Ss7xd5mii5cYm1yZhaiZ__bmejwLTk-efHQNceoR2wiGrQ_HD22MGI3Dc1s_6SN_9Bt4mSe6FKMq5XzVZaHvkqmM7j9CaMeMgQ1PrcsalzmHKrAO8AThKeEbqw-Vxl5bLJb058qw_DoP8qhvHn1CkgRFFufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu9DEHhty8LsHlhdxKlAzKkEJ7eff9drxrSGFGCXXWTRhBR5kHBtJAU63H7iTfkOj2rS1-D_2ZRuenE2nlWriQ3WlBhZTDjkes96XuAXsVGiUxpW5Yxll427p5WGmvbGrO4lXwEPeondTADms9k0EM2gXH8dLYd0OJEcY4SDU19gtES4gG4QZjIxpsWGUFm1RCgk38UY7ifHZXdJz3Z-QCFDIKfDBQaM4gUS7pQMSOWcBqUObbiDWXnZdVpBlY_4lMYMZygOxPGKocZjPiLLhPM25ufcRcs_3uTGICHoG1gyPf1vMTT2X7G9eC0ZCwsSLbAuEiLJ2l_sBgldE6KVglgMs64pTleoWpWKKt1Z2dRwlUT4oAFbgP-neW88M04azi8dlOWLCUaq8BVYLENnLLZBjf1ywAQJTTQPhmAYfOfkro06e3IaIktQ_aba46G5I4e5HBHAGI8aS43514T15SBK2IBu2n015Mg HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiBoDgoytEQenpAXBEuiMH2ragO1zLqWFsycN3TlFjw65D7LBPOrJ3DylZ4VTrC5_Tyce9YUc8VAlGgBrbp4bFKX4er5nlHTcKnn39Nr4y-K_hPOr_8s577NTbR3eQjCyLMOcKmq3yJycUDPw72WrlXPm59xFyz_e5KFSnzVbwK2LzJBWQqRQACKEaKZCsy0NP8QHMFFA7OmXAryxzNTIb8UDPia90PSftPk9AL42zsfRQ_iKEYlo5hfXdnI5qQEcjo39csAECU00D4ZgGHzn5K4BSCF4qMtDorAIyiLGumli3H7iTfkOj2rS1-D_2ZRuevFLxia235iM83NUWPn7gbccY4SDU19gtES4gG4QZjIxeKSMBa8gc8oA30yniLX4OBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D9R2p1wd5MDK1A3LQQeWyuAM6cRdns6hCZEWaA5Ezek0Lg4vWacia8T9PVemRXHa6nHN_l2WpCnzhCcIiriXVPlhCrNPURqilky6mHFWYZhhZZJCxAdeOqU&ui=ebx9GOHwD8EtRC1MLj8Lw_bWwvziNp_1xLgNeF8Zj-jo8l8ExM9TXHSDYGM7NhTCryKrS32782Yd-fOrch07aQwDt9PcK7XEOLOM3d97RfzsebW_BjRiUg&si=1&oref=5ba82faff304a82e2436bb4d92dacf66&optunit=xJp3JC8OR0O01lMedr3DmGWSQsQHXjql&rb=N4JbjN4NfJo&rr=1&isco=t&abtg=0 Page URL
-
https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90578585648&bid=0.0055&source=444245245
HTTP 302
https://arveaoy.com/click?trvid=34025&clickid=90578585648&bid=0.0055&source=444245245 Page URL
- https://arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL2NsaWNrY2Fudi5jb20vb2ZmZXJrP3N1YmlkPThlZmExbnR4cXlsYlx1MDAyNmlkPTEwMDQ1NzI0MFx1MDAyNmM9QVx1MDAyNm1lcmNoYW50VXJsPWh0dHBzJTNBJTJGJTJGd3d3LmJhc2xlci1iZWF1dHkuZGVcdTAwMjZhc2lkPXthc2lkfSIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MjAwMX0= Page URL
-
https://clickcanv.com/offerk?subid=8efa1ntxqylb&id=100457240&c=A&merchantUrl=https%3A%2F%2Fwww.basler-beauty.de&asid={asid}
HTTP 302
https://de-go.kelkoogroup.net/offersearchGo?.ts=1691125304455&.sig=ClO7mVLjr.3gqBELFTbU34qVOaU-&affiliationId=96984262&comId=100457240&country=de&offerId=19ddecba41d31d573f498433f742f02a&service=37&tokenId=b19b42ff-d27e-4a5f-bbcc-4be2da9cd0f1&wait=true&custom1=8efa1ntxqylb&custom2=as6cpdrfb Page URL
- https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff43783933a8850d71a676e24f06846cc6414cf87f0bea6a955f4312f8cca498c1107626e5bb25b3d98f6611916f41e5627f13bbc411bc0754fe1df8c04c7055b9b687453553377b9f2b86e6499ed227c3ab1f3885fb006073e3b480e0e7e00c0b2e2e80df5fc2626ca066d176485453599718a19dddb77a10fc873bd7f1c215c2803ffff390a77c7be3211f144a5c7c731e079468cb5e63e38c1bde0480412eea3caed94ace3198c27f13bc80352d258742c9ee94ff624f8d05f180200c3569aee018e924c0ee044b6c9f6b57ea0a251a811781a4129a996efded8fa78cda6e7a66607012a0e8cf930fd2e6e183dfa26fe24d89b29b5aa44f8d13d77d516cf2daf5d6ee444f642ba628bc454f27248a524d95659776947d065e7&url=https%3A%2F%2Fclick.cptrack.de%2F%3Frd%3Dtrue%26k%3DuaZKZJHhlwQbg39o67ri7QzDyo9TuRm2ZWGNn3sEAkRI9dneIqqRGopEz2uTMtRMB1ldTz6udm2Q2BBmet6yPA%7E%7E%26rdlink%3Dhttps%253A%252F%252Fwww.basler-beauty.de%252Fmarken%252Festee-lauder%252Festee-lauder-the-brow-multitasker-03-brunette.html%253Fkk%253Da4c6294-189bef5b777-e0d43%2526utm_source%253Dkelkoo%2526utm_medium%253Dcpc%2526utm_campaign%253Dpsm_kelkoo&initiator=dd Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://zstevemadden.com/ HTTP 302
- https://myckdom.com/aS/feedclick?s=ebx9GOHwD8EtRC1MLj8Lw48uDhK_8R6j3ASDw0OC7FSSfGNr9-zRUxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhw4lBdXdQ-SI1jpdsOk2Ina_4rrEXqmh5Vqsg7IIhsb6ry1GubLim8_Vm1ZWime046rM0urDWDBNyep4UROwkRWrD_xkwxZPu2hCR5LYTDOCBI3aqtiCUMHC_-CNj1Ips3mLJEn8EDVon6YJfDkOkTCHxCZfChT8nTLAEru3otCeLjlyYVadBnMIsWV0CSwekWv1PgfLnEeS1gm_hgP-sRG7EFBD8pmNGwrdpX4QL_Eki162gKtiuISxtKtK9FS4HlcBF6IAA6QuBmHKBJ51KwTCiOnyoQKMbS9CGfnxG0blbVSVLqMFaijwXGRXQ-I4nvIUwDhx4hAeRhcHErJ4fJLt7qQ8u1xPF6fOxiPcwgPrn0D75cIK1d7x_cllFUQR6XNBIqJNAUnpunCEVFWT0m6nGkfZCuIhTdKNnh-vr-XjjfBbqHnmwDL0fj4FZNFejtLD2Sq7ZDoiD5N-1IOKTler2qudAtVtLvCgf9Yt3T-q72lPyGWZZevgekoPR87E-3sAgTsg3mcAfteF9zb_hFVJ_GIv7WsoVpd4NZzFoK-p2ICD28xS7Vx140GeNAfWnZMRFYJVA17s1fTchxGtnKYad9roKPNNOBdWXb7CvKWpiIgfthFNfUJY-WmmlMVrWK5-csD1G3grCUpMc45a_URN-twhnEyY33NrdjEP6AMpXkV1i4ADNe8g5cpGPGZ0Ep1TKAsEbe7gW9cpEBTNlFwQtA0-01xpGmpQLQDQxbXk8_7JR-hbuwWQEYs0ZrMmcyYhzHO5N1VM_QgpSKnXbOL16nA3XzWSyEuX825yOuPWageWagaeRS5ZZwHz9Bvl2Lopmo4UyBe48S7kow7Rcud5HCzSbjFyiFeYnbs-otEUMMpRymM_kSzh6qQ73zKsy_bbrIx95Ss7xd5mii5cYm1yZhaiZ__bmejwLTk-efHQNceoR2wiGrQ_HD22MGI3Dc1s_6SN_9Bt4mSe6FKMq5XzVZaHvkqmM7j9CaMeMgQ1PrcsalzmHKrAO8AThKeEbqw-Vxl5bLJb058qw_DoP8qhvHn1CkgRFFufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu9DEHhty8LsHlhdxKlAzKkEJ7eff9drxrSGFGCXXWTRhBR5kHBtJAU63H7iTfkOj2rS1-D_2ZRuenE2nlWriQ3WlBhZTDjkes96XuAXsVGiUxpW5Yxll427p5WGmvbGrO4lXwEPeondTADms9k0EM2gXH8dLYd0OJEcY4SDU19gtES4gG4QZjIxpsWGUFm1RCgk38UY7ifHZXdJz3Z-QCFDIKfDBQaM4gUS7pQMSOWcBqUObbiDWXnZdVpBlY_4lMYMZygOxPGKocZjPiLLhPM25ufcRcs_3uTGICHoG1gyPf1vMTT2X7G9eC0ZCwsSLbAuEiLJ2l_sBgldE6KVglgMs64pTleoWpWKKt1Z2dRwlUT4oAFbgP-neW88M04azi8dlOWLCUaq8BVYLENnLLZBjf1ywAQJTTQPhmAYfOfkro06e3IaIktQ_aba46G5I4e5HBHAGI8aS43514T15SBK2IBu2n015Mg HTTP 302
- https://p374591.myckdom.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiBoDgoytEQenpAXBEuiMH2ragO1zLqWFsycN3TlFjw65D7LBPOrJ3DylZ4VTrC5_Tyce9YUc8VAlGgBrbp4bFKX4er5nlHTcKnn39Nr4y-K_hPOr_8s577NTbR3eQjCyLMOcKmq3yJycUDPw72WrlXPm59xFyz_e5KFSnzVbwK2LzJBWQqRQACKEaKZCsy0NP8QHMFFA7OmXAryxzNTIb8UDPia90PSftPk9AL42zsfRQ_iKEYlo5hfXdnI5qQEcjo39csAECU00D4ZgGHzn5K4BSCF4qMtDorAIyiLGumli3H7iTfkOj2rS1-D_2ZRuevFLxia235iM83NUWPn7gbccY4SDU19gtES4gG4QZjIxeKSMBa8gc8oA30yniLX4OBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D9R2p1wd5MDK1A3LQQeWyuAM6cRdns6hCZEWaA5Ezek0Lg4vWacia8T9PVemRXHa6nHN_l2WpCnzhCcIiriXVPlhCrNPURqilky6mHFWYZhhZZJCxAdeOqU&ui=ebx9GOHwD8EtRC1MLj8Lw_bWwvziNp_1xLgNeF8Zj-jo8l8ExM9TXHSDYGM7NhTCryKrS32782Yd-fOrch07aQwDt9PcK7XEOLOM3d97RfzsebW_BjRiUg&si=1&oref=5ba82faff304a82e2436bb4d92dacf66&optunit=xJp3JC8OR0O01lMedr3DmGWSQsQHXjql&rb=N4JbjN4NfJo&rr=1&isco=t&abtg=0
- https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90578585648&bid=0.0055&source=444245245 HTTP 302
- https://arveaoy.com/click?trvid=34025&clickid=90578585648&bid=0.0055&source=444245245
- https://clickcanv.com/offerk?subid=8efa1ntxqylb&id=100457240&c=A&merchantUrl=https%3A%2F%2Fwww.basler-beauty.de&asid={asid} HTTP 302
- https://de-go.kelkoogroup.net/offersearchGo?.ts=1691125304455&.sig=ClO7mVLjr.3gqBELFTbU34qVOaU-&affiliationId=96984262&comId=100457240&country=de&offerId=19ddecba41d31d573f498433f742f02a&service=37&tokenId=b19b42ff-d27e-4a5f-bbcc-4be2da9cd0f1&wait=true&custom1=8efa1ntxqylb&custom2=as6cpdrfb
20 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
domainClick
p374591.myckdom.com/adServe/ Redirect Chain
|
289 B 597 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
click
arveaoy.com/ Redirect Chain
|
1 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
double
arveaoy.com/ |
798 B 978 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
offersearchGo
de-go.kelkoogroup.net/ Redirect Chain
|
31 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p.png
de-go.kelkoogroup.net/assets/images/ |
68 B 593 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tags.js
dd.kelkoogroup.net/ |
276 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/ |
35 B 351 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/g/ |
0 64 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
fp
de-go.kelkoogroup.net/ |
0 499 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
api-js.datadome.co/js/ |
236 B 414 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
redirect
de-go.kelkoogroup.net/ |
586 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c.js
ct.captcha-delivery.com/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
geo.captcha-delivery.com/captcha/ Frame B904 |
358 KB 76 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fee161cbde6c5bad178451627310d3b7.jpg
dd.prod.captcha-delivery.com/image/2023-08-04/ Frame B904 |
11 KB 12 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fee161cbde6c5bad178451627310d3b7.frag.png
dd.prod.captcha-delivery.com/image/2023-08-04/ Frame B904 |
7 KB 8 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.css
static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame B904 |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-face.css
static.captcha-delivery.com/common/fonts/roboto/ Frame B904 |
287 B 637 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tags.js
js.datadome.co/ Frame B904 |
276 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame B904 |
707 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame B904 |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame B904 |
634 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame B904 |
308 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
33a5a5ec-f746-4b96-ad13-cc5c6c0bb805
https://geo.captcha-delivery.com/ Frame B904 |
251 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
api-js.datadome.co/js/ Frame B904 |
241 B 418 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| dd undefined| isIframeLoaded undefined| maxTimeoutMs undefined| initialTime function| iframeOnload8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .myckdom.com/ | Name: rhid Value: 83508665205 |
|
| .myckdom.com/ | Name: loi Value: ad_1398702_off_841761_aff_14470_cid_374591-ZSTEVEMADDEN.COM_ts_1691125921 |
|
| arveaoy.com/ | Name: ClickDataNG Value: H4sIAAAAAAAA_0xTX2_bNhD_KsIBBVpAkylZtGwVRuE5yTo0LoYlWV72QpNnm7BMakdKjpfmuw8UtdQvOt1f3u_ud6_QIzltDdSQZyxjkIK_tAg1S8F128f__6U1PZJHBfVONA5TkI2Wx98V1DDHnciNf_nn0mwhBSU8Qp3PFnle8EWRpyDFqRV6b0L0tGQFT0G79R-r91pkvfDaDgHzgi1SoK7BoLEUCJUmlH6D_mAV1DwFZzuSg3-eQiOM0mY_Ro_aEzVQA6Rgdzuk4MtzPluksCVh5GEMHpwx9OB96-rJZIAlhekzaU-TIeD4xXVbrZbXOP_uGCtmWi1zxkpeFSWLFrlcxZ8TkjwI45-oWQ61P0xXH4q7D8Xd-XzOtsI1SL9sUXT-kimMOcJptXwN3zcII3ceapYxxnmYQo-mi8toxcV2_ieCdUeERl6ghqeHG0ihI30FSVCPwl4GQAO8L556rZbDKsa2g1mr5YLxas7nfFbOoyPgji1EPU5-WZZlUfKi5JCCbldKEToHNZQ8y8s8y3mRVdW1bxa30Tmk1R6Nhxo29l_dNGLCM5Z8fNZG2bNLvj8mOcvY5-RZm1n5OXmZlZ-SVds2-Izbb9pP-LTKprPk47evj5v7NGn0EZPfUB7tp2R9IHvCSZ7zjGW8WrAsr1jyIHaC9JgHYZA7JKTYj8JeS3xnuQ0YxlYCd9xfP68jnMaW7NkNufGt9wq_kjDquuTGKmyuDd_FCaMu43OwttRaCscSzqENEynKKrntyLaYPPx5P3CgM57CYm9uh973sZub2x8_vqJzIVdqfxlNdyTMcdeRT8Qp2QhtIJCF0Ph1WPB4EaT32ty3VyZPwjgh4wk6qE3XNCnIznl7gvp1pCJEIkAK-OKRjGiG87_iDKTQs1iyz0dZjHI6ynKUPNDlikb9SJG-GuV8lIsg397-CwAA__9rMh69qwQAAA== |
|
| arveaoy.com/ | Name: ClickDataNgFall Value: H4sIAAAAAAAA_0xTX2_bNhD_KsIBBVpAkylZtGwVRuE5yTo0LoYlWV72QpNnm7BMakdKjpfmuw8UtdQvOt1f3u_ud6_QIzltDdSQZyxjkIK_tAg1S8F128f__6U1PZJHBfVONA5TkI2Wx98V1DDHnciNf_nn0mwhBSU8Qp3PFnle8EWRpyDFqRV6b0L0tGQFT0G79R-r91pkvfDaDgHzgi1SoK7BoLEUCJUmlH6D_mAV1DwFZzuSg3-eQiOM0mY_Ro_aEzVQA6Rgdzuk4MtzPluksCVh5GEMHpwx9OB96-rJZIAlhekzaU-TIeD4xXVbrZbXOP_uGCtmWi1zxkpeFSWLFrlcxZ8TkjwI45-oWQ61P0xXH4q7D8Xd-XzOtsI1SL9sUXT-kimMOcJptXwN3zcII3ceapYxxnmYQo-mi8toxcV2_ieCdUeERl6ghqeHG0ihI30FSVCPwl4GQAO8L556rZbDKsa2g1mr5YLxas7nfFbOoyPgji1EPU5-WZZlUfKi5JCCbldKEToHNZQ8y8s8y3mRVdW1bxa30Tmk1R6Nhxo29l_dNGLCM5Z8fNZG2bNLvj8mOcvY5-RZm1n5OXmZlZ-SVds2-Izbb9pP-LTKprPk47evj5v7NGn0EZPfUB7tp2R9IHvCSZ7zjGW8WrAsr1jyIHaC9JgHYZA7JKTYj8JeS3xnuQ0YxlYCd9xfP68jnMaW7NkNufGt9wq_kjDquuTGKmyuDd_FCaMu43OwttRaCscSzqENEynKKrntyLaYPPx5P3CgM57CYm9uh973sZub2x8_vqJzIVdqfxlNdyTMcdeRT8Qp2QhtIJCF0Ph1WPB4EaT32ty3VyZPwjgh4wk6qE3XNCnIznl7gvp1pCJEIkAK-OKRjGiG87_iDKTQs1iyz0dZjHI6ynKUPNDlikb9SJG-GuV8lIsg397-CwAA__9rMh69qwQAAA== |
|
| .kelkoogroup.net/ | Name: kelkooID Value: a4c6294-189bef5b777-e0d43 |
|
| .kelkoogroup.net/ | Name: _ga Value: GA1.2.705960738.1691125921 |
|
| .kelkoogroup.net/ | Name: _gid Value: GA1.2.1735030477.1691125921 |
|
| .kelkoogroup.net/ | Name: datadome Value: 0vvzE4sztk~4x6cWTzNPWioKCrpN1eDRrL50sBOqafamx4GSZe9fWVtSke3NBbnUsVCoycWCwrfWHQu67mzBDInX7Qtz6FFgOZtk77-A~2H-Vc~oUep5B2grfbBgcoZ2 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-js.datadome.co
arveaoy.com
clickcanv.com
ct.captcha-delivery.com
dd.kelkoogroup.net
dd.prod.captcha-delivery.com
de-go.kelkoogroup.net
geo.captcha-delivery.com
geotrkclknow.com
js.datadome.co
myckdom.com
p374591.myckdom.com
static.captcha-delivery.com
www.google-analytics.com
zstevemadden.com
13.224.189.84
167.172.228.26
18.66.112.35
18.66.122.18
2600:9000:2251:6a00:7:c516:5a80:93a1
2606:4700:3031::6815:52b0
2a00:1450:4001:82f::200e
2a06:98c1:3121::3
3.125.239.17
3.125.247.22
35.156.198.179
52.117.247.211
65.9.66.86
95.211.116.26
03cd31e4d3c37c852aec70f0c5bb40641131ba56ea401ba48b7b5d4c68f3d39a
2ed7c81ca257817aaa265314a9e0824ab283c438955ee98575eb851be371577f
3e60979021e384209bd6adc873bd3e898e443a09f539288ffb5b9e3ec2e34046
5fffbed2d69589428bf9cfe6cc9ad5daa6a4d2c1cf16929ae716cdf50c92d985
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
670415a9265c06166a9e53350ea09f416113752897f75323ddffcba7d5eaa434
69de1209d0021324b9034bec3d32c8ce5af4ffa895629755f80e9adfedbe1b1f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
926a1b696c1c9750e0ce2e24fe7980937ebe43db5076081ea1326c143dd91535
978473eef5cf50c3a42139e9acc4151c54d55dd3b73f5c1f4489bf4f3ee013c0
a028b873ea59dce22f2ad131ec24bebe58b7bc37a1f1a46e9a027a4ed623097f
a16882f3c5123871dd991f6d9387f5ef2baca8c7e4c3ad685068210f3f6d425c
a999504a45c1eae52610480d524af680deb568f731767001c228f21839237528
c54cb9a12083d46f17eeeaa0f3fd26a25405f489696bb1cdcd504bea1cf3b9a7
d327fdebb5a02dd43a2ca128e50366f059518860adc8a952158e4cb23c5e01a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed243a7fa712a26559089ad5eadb7bffb314357ac21966fe20f5cef1fb6355b1
f63aa42002515fd9fea94051235f9941dff297348dac37e2f76e475008eafacd