de-go.kelkoogroup.net
Open in
urlscan Pro
95.211.116.26
Public Scan
Submitted URL: http://go.staticvisit.net//
Effective URL: https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d480955a2cdc703760aefb7cab7b862a9f335b7781...
Submission Tags: demotag1 demotag2 Search All
Submission: On March 21 via api from RU — Scanned from DE
Effective URL: https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d480955a2cdc703760aefb7cab7b862a9f335b7781...
Submission Tags: demotag1 demotag2 Search All
Submission: On March 21 via api from RU — Scanned from DE
Summary
This website contacted 14 IPs
in 4 countries
across 10 domains to perform 22 HTTP transactions.
The main IP is 95.211.116.26, located in
Netherlands and
belongs to LEASEWEB-NL-AMS-01 Netherlands, NL.
The main domain is de-go.kelkoogroup.net.
The Cisco Umbrella rank of the primary domain is 714698.
TLS certificate: Issued by Thawte RSA CA 2018 on August 25th 2022. Valid for: a year.
This is the only time de-go.kelkoogroup.net was scanned on urlscan.io!
TLS certificate: Issued by Thawte RSA CA 2018 on August 25th 2022. Valid for: a year.
This is the only time de-go.kelkoogroup.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
52.117.247.211
(United States)
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
| myckdom.com | |
| p274639.myckdom.com |
2
3.126.48.135
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
| dryqsjk.com |
4
95.211.116.26
(Netherlands)
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
| de-go.kelkoogroup.net |
1
18.66.112.3
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-3.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-3.fra56.r.cloudfront.net
| dd.kelkoogroup.net |
1
2a00:1450:4001:831::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
65.9.86.56
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-56.ams1.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-56.ams1.r.cloudfront.net
| ct.captcha-delivery.com |
1
18.194.14.91
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-14-91.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-14-91.eu-central-1.compute.amazonaws.com
| geo.captcha-delivery.com |
2
13.224.189.117
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-117.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-117.fra2.r.cloudfront.net
| dd.prod.captcha-delivery.com |
3
2600:9000:2251:8c00:7:c516:5a80:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| static.captcha-delivery.com |
1
18.66.122.7
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-7.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-7.fra60.r.cloudfront.net
| js.datadome.co |
1
18.195.173.251
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-173-251.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-173-251.eu-central-1.compute.amazonaws.com
| api-js.datadome.co |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
captcha-delivery.com
ct.captcha-delivery.com — Cisco Umbrella Rank: 33826 geo.captcha-delivery.com — Cisco Umbrella Rank: 27020 dd.prod.captcha-delivery.com — Cisco Umbrella Rank: 59594 static.captcha-delivery.com — Cisco Umbrella Rank: 32597 |
140 KB |
| 5 |
kelkoogroup.net
de-go.kelkoogroup.net — Cisco Umbrella Rank: 714698 dd.kelkoogroup.net — Cisco Umbrella Rank: 333220 |
88 KB |
| 2 |
datadome.co
api-js.datadome.co — Cisco Umbrella Rank: 4173 Failed js.datadome.co — Cisco Umbrella Rank: 5275 |
57 KB |
| 2 |
dryqsjk.com
dryqsjk.com |
4 KB |
| 2 |
myckdom.com
1 redirects
myckdom.com p274639.myckdom.com |
1 KB |
| 2 |
btpnative.com
1 redirects
btpnative.com — Cisco Umbrella Rank: 304513 |
7 KB |
| 2 |
staticvisit.net
1 redirects
go.staticvisit.net |
1 KB |
| 1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25 |
351 B |
| 1 |
clickcanv.com
1 redirects
clickcanv.com |
720 B |
| 1 |
geotrkclknow.com
1 redirects
geotrkclknow.com — Cisco Umbrella Rank: 355492 |
589 B |
| 22 | 10 |
| Domain | Requested by | |
|---|---|---|
| 4 | de-go.kelkoogroup.net |
de-go.kelkoogroup.net
|
| 3 | static.captcha-delivery.com |
geo.captcha-delivery.com
|
| 2 | dd.prod.captcha-delivery.com |
geo.captcha-delivery.com
|
| 2 | dryqsjk.com |
p274639.myckdom.com
|
| 2 | btpnative.com |
1 redirects
go.staticvisit.net
|
| 2 | go.staticvisit.net | 1 redirects |
| 1 | js.datadome.co |
geo.captcha-delivery.com
|
| 1 | geo.captcha-delivery.com |
ct.captcha-delivery.com
|
| 1 | ct.captcha-delivery.com |
de-go.kelkoogroup.net
|
| 1 | api-js.datadome.co |
dd.kelkoogroup.net
js.datadome.co |
| 1 | www.google-analytics.com |
de-go.kelkoogroup.net
|
| 1 | dd.kelkoogroup.net |
de-go.kelkoogroup.net
|
| 1 | clickcanv.com | 1 redirects |
| 1 | geotrkclknow.com | 1 redirects |
| 1 | p274639.myckdom.com | |
| 1 | myckdom.com | 1 redirects |
| 22 | 16 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.myckdom.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-20 - 2024-03-20 |
a year | crt.sh |
| dryqsjk.com R3 |
2023-03-09 - 2023-06-07 |
3 months | crt.sh |
| *.kelkoogroup.net Thawte RSA CA 2018 |
2022-08-25 - 2023-09-25 |
a year | crt.sh |
| dd.kelkoogroup.net R3 |
2023-02-04 - 2023-05-05 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
| *.captcha-delivery.com Amazon RSA 2048 M02 |
2023-02-23 - 2023-10-23 |
8 months | crt.sh |
| dd.prod.captcha-delivery.com Amazon RSA 2048 M01 |
2023-02-24 - 2023-05-26 |
3 months | crt.sh |
| *.datadome.co Gandi Standard SSL CA 2 |
2022-10-13 - 2023-10-21 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d480955a2cdc703760aefb7cab7b862a9f335b7781e4639f77343e093499088f6b4f2594d7d797674a176307a69c55a5df941b34f131d64c5677688d2e0eeccc55c3bbe2010a0bd9d2fad66479f1ade2404d355d19281b2e78f84f309e6a4f311ac145463c446804885bd1205eb70b2f1732eed0e0d5517706111dff00c0d4b7bc7c503bdac15ac1125eb1bf9758f5a2f2a63338a4a223e87ce1d685c8b1898f611417cf43c6b351bb27a9e2e9ac16e9a6ad9bcf2a6fb242c68d6db093e79d48c9b1c72820eedfda2f0e5c97936f883a84434ae2f3e2136a91f6812e243ea9471ed9016b57bb9c9ba4353aa8964f60ae8a4dd69f6fd97dccd94beb443c057f34&url=https%3A%2F%2Fwww.proidee.de%2F%3Fkk%3Da4c6293-18703f39ca2-4d907%26P%3D200318473%26H%3Dkelkoo_portal_pi_de_fc%26utm_source%3Dkelkoode%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DCelestino%2527s%2BCasanova%2BBallerinas%252C%2B42%2B-%2BNa&initiator=timeout
Frame ID: CCBB42EA1F8611C6F579D78EBAF49983
Requests: 13 HTTP requests in this frame
Frame:
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMACUzNtONxNvMAkkZ1UQ%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=7ms6RVM9QcgOFCvg6~BJ20Y9Rzs4K55VfN_gX7TIoRmlF1n4K-ZsW73eAxhgA7TJDORZEwDjVUbqgBlT062YnPYubWO9GvSxnUo3TkfRnn9PUmQI39ppcyvqVZ_azPQX&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff437d480955a2cdc703760aefb7cab7b862a9f335b7781e4639f77343e093499088f6b4f2594d7d797674a176307a69c55a5df941b34f131d64c5677688d2e0eeccc55c3bbe2010a0bd9d2fad66479f1ade2404d355d19281b2e78f84f309e6a4f311ac145463c446804885bd1205eb70b2f1732eed0e0d5517706111dff00c0d4b7bc7c503bdac15ac1125eb1bf9758f5a2f2a63338a4a223e87ce1d685c8b1898f611417cf43c6b351bb27a9e2e9ac16e9a6ad9bcf2a6fb242c68d6db093e79d48c9b1c72820eedfda2f0e5c97936f883a84434ae2f3e2136a91f6812e243ea9471ed9016b57bb9c9ba4353aa8964f60ae8a4dd69f6fd97dccd94beb443c057f34%26url%3Dhttps%253A%252F%252Fwww.proidee.de%252F%253Fkk%253Da4c6293-18703f39ca2-4d907%2526P%253D200318473%2526H%253Dkelkoo_portal_pi_de_fc%2526utm_source%253Dkelkoode%2526utm_medium%253Dcpc%2526utm_campaign%253Dkelkooclick%2526utm_term%253DCelestino%252527s%252BCasanova%252BBallerinas%25252C%252B42%252B-%252BNa%26initiator%3Dtimeout&s=35103&e=53fb7301cf38aed8cefcf421a81296e40acefb3abc6a5bb65bcb595489fde6db
Frame ID: A706F180F40967291E9EF35796540E66
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
kelkoogroup.netPage URL History Show full URLs
- http://go.staticvisit.net// Page URL
-
http://go.staticvisit.net//?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6M...
HTTP 302
http://btpnative.com/click?data=M3VOVFA4X2N2REd3MHNFbkR3WVNYeUt1eU9XSG93b0Jmb2tUTDEwYWNLNkpzLTNya... Page URL
-
http://btpnative.com/Redirect/
HTTP 302
https://myckdom.com/aS/feedclick?s=rI7t-hs_SLdE0HI00WdpCq3dDnCBF-q5fAf3WaGFtkm-TqxfUtzbh4LUfaDR_... HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiOP5aEt-yHArPWiTKFVSGFbKK2bAg5JoX... Page URL
-
https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90139000529&bid=0.0035&source=445400160
HTTP 302
https://dryqsjk.com/click?trvid=33158&clickid=90139000529&bid=0.0035&source=445400160 Page URL
- https://dryqsjk.com/double?t=2&d=eyJVUkwiOiJodHRwczovL2NsaWNrY2Fudi5jb20vb2ZmZXJrP3N1YmlkPTN5djB... Page URL
-
https://clickcanv.com/offerk?subid=3yv0cbh28347&id=14228713&c=V&merchantUrl=https%3A%2F%2Fwww.proi...
HTTP 302
https://de-go.kelkoogroup.net/offersearchGo?.ts=1679392848447&.sig=1Xyt2YOYVhhGYKcx58aEDzFel30-&affiliatio... Page URL
- https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d480955a2cdc703760aefb... Page URL
Detected technologies
Datadome
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://go.staticvisit.net// Page URL
-
http://go.staticvisit.net//?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTQwNTcwNywiaWF0IjoxNjc5Mzk4NTA3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDc2bzJzMTRudTZuaGo4bDQwZzNjOGoiLCJuYmYiOjE2NzkzOTg1MDcsInRzIjoxNjc5Mzk4NTA3NzIyOTAwfQ.6Br5KNDHry_yHcjbjvtLHc734HiHZXxl18DFzN78d8Q&sid=6e64344c-c7dc-11ed-9c96-fee603d9d210
HTTP 302
http://btpnative.com/click?data=M3VOVFA4X2N2REd3MHNFbkR3WVNYeUt1eU9XSG93b0Jmb2tUTDEwYWNLNkpzLTNyakVsWFFGLUY4QUNvWFlYQ1g0X0Rfd0paSWZ6ZjRyWXplN3ZYd21oQlZ2YUJOWlBwOWtuS2lRQ1dvWjE0NVVJLTVjM1oxa1A2M0NXcjdVYmIwN1VOWEhyUENTcF8zN2pjcWw2VHNBMg2&id=96f78d1f-63dc-4660-8a09-458e64b440a9 Page URL
-
http://btpnative.com/Redirect/
HTTP 302
https://myckdom.com/aS/feedclick?s=rI7t-hs_SLdE0HI00WdpCq3dDnCBF-q5fAf3WaGFtkm-TqxfUtzbh4LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwWIS7h6QDglS1GwSkt-HhOVnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCkov1iao4blwVS7AvGzOd9DVXWyO89DqYXvnUNi7nOg7mxTUF0ec0wklr-zYQjjrHSvelPQKkZ_vxjJTbb8v1CG6dAdsbrpo_QQCQzdKaBJ7Mn3t8f9yo46UeThIS3sBo5MzAgPdq85-zKcbH-g5PlsrYJ6ngEUKRxIU_xbYfWuitalWpzWelC3Stqy39_sIgliTD3wO-zAopXlpJ1OFN_jeOltUh-tBWY5HPbleBCjExTpRD8NVDltvdIVYjEv4nWlq0suI1l3wGmiIfjbj_ZR8Ocn5frZbQtOuxlh_KN6IU5dsRS9WDrIz7xRPfdASdMCDPFFJwmzrvoGp2JgIiLhp-eCNpdh3xav82HXhzmQK7WyrstrwqzC5hd56v022rX1QboUqh-VkAG6IdXk38fiWv3T9XQ7L4xVY2jp3TYtY0mpA8L12wQmHbUSsPEfHbFmdcWvVDoOM4egfGZIjuplB1JDfRKt-a2EEQ42OICtmwKsVxWXWao9zHykhxIghM3-l_zYn5EiPa2n2Vneh0IuXjb8vvVTMrI9YgMyVWsY5w3G93wHxEoj-UTeRM8r75y2WJLY7OgvpE02QtWtGIWQ5s-dUM9YcNbgcs1i13P9AT6nNDmSH6QEcG62lBGEaHrRb7DmxnTgztq8LKN_OYumJ6nqfNWu5IUFRSQWkYZlMpniICAyF3KxSMjnTkCGMM3euAYHfT8ZH1Wc41511BwAi8ZqvQ3GQwFzhcOE1fLqdKK7fJPfprpufkqzLDlUjqxSHosHnVPI9Ml8STot9ceWBBpdSzObQCHCCKUoKHuWdT5XrXlxzUFEGUJZJip7FpZgXwpjfZo1a8LVC70UdjTlDd7nRpo9WFqrIerNKT4pGDupvY895NyWiNeY_JnsouBr7LOS3ngvUmIjzPWFf6OHa2VARlTN7rhKDgkHn7BCpV1w5gKS_xNI307PspS4ce5IRs96vg6turOxeeCXinm7mspaanACjAeV1wiRK5wrm6QCkvirOzGXHvBcwvqO_JhyHo4wPNsDMThD-QfICOZmGTOxlKTXi0jHB2ldly_N8MhB48pHz41T1IApJmI3RcRW0sP32wpqbOohDFbIMKmJo5b9k8pkBQpvReBL5ZFLMYKjrMYm-5RBtiO7wLElWUOW3ynD5UObBi6-rOknCEIMv_UALWHhD85j4_loS37IcCs9aJMoVVIYVkFfz2ba4Ii87djKx05z6-NfDwFqnFQgfKTtW-QFBWNr53fZc37T0mxfDwFqnFQgfE23Rr2gs8qtJg1v6JbB0DQ HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiOP5aEt-yHArPWiTKFVSGFbKK2bAg5JoXf69cgphgWAr7uSHiBGagfFj4wuKqRorZGJQiv6ksvHSh_XxP0KkeoJPYv00XJVcXnlDjvP4JXWiXaThdUnMclfyYWAdJYTdNvCcyQThhbpWB2ldly_N8Mgf0DzooqA3mGJWdAgaDFAOJTu6AXYz7K564N2DRyWG6t7iZNn17UVKf6gmL4f0BkMgS-qi85_sbKgwjrWmrTAr_SANDyLDInkmYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=rI7t-hs_SLdE0HI00WdpClY37AsT2AewbdSiFG1VZzyRrzzp873dLRq9aL6gQrTQIQxWyDCpiaOW_ZPKZAUKb0XgS-WRSzGCo6zGJvuUQbbDB4nx4ZwOxA&si=1&oref=99743f42a1d8711a3350f2dd3d6d2697&optunit=euDdg0clhupkz-TugnfuTw&rb=ySZLXnWfhQU&rr=1&abtg=0 Page URL
-
https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90139000529&bid=0.0035&source=445400160
HTTP 302
https://dryqsjk.com/click?trvid=33158&clickid=90139000529&bid=0.0035&source=445400160 Page URL
- https://dryqsjk.com/double?t=2&d=eyJVUkwiOiJodHRwczovL2NsaWNrY2Fudi5jb20vb2ZmZXJrP3N1YmlkPTN5djBjYmgyODM0N1x1MDAyNmlkPTE0MjI4NzEzXHUwMDI2Yz1WXHUwMDI2bWVyY2hhbnRVcmw9aHR0cHMlM0ElMkYlMkZ3d3cucHJvaWRlZS5kZSIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MjAwMX0= Page URL
-
https://clickcanv.com/offerk?subid=3yv0cbh28347&id=14228713&c=V&merchantUrl=https%3A%2F%2Fwww.proidee.de
HTTP 302
https://de-go.kelkoogroup.net/offersearchGo?.ts=1679392848447&.sig=1Xyt2YOYVhhGYKcx58aEDzFel30-&affiliationId=96976304&comId=14228713&country=de&offerId=75516c8f58167d893c8a41b4c946c5e9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=3yv0cbh28347 Page URL
- https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437d480955a2cdc703760aefb7cab7b862a9f335b7781e4639f77343e093499088f6b4f2594d7d797674a176307a69c55a5df941b34f131d64c5677688d2e0eeccc55c3bbe2010a0bd9d2fad66479f1ade2404d355d19281b2e78f84f309e6a4f311ac145463c446804885bd1205eb70b2f1732eed0e0d5517706111dff00c0d4b7bc7c503bdac15ac1125eb1bf9758f5a2f2a63338a4a223e87ce1d685c8b1898f611417cf43c6b351bb27a9e2e9ac16e9a6ad9bcf2a6fb242c68d6db093e79d48c9b1c72820eedfda2f0e5c97936f883a84434ae2f3e2136a91f6812e243ea9471ed9016b57bb9c9ba4353aa8964f60ae8a4dd69f6fd97dccd94beb443c057f34&url=https%3A%2F%2Fwww.proidee.de%2F%3Fkk%3Da4c6293-18703f39ca2-4d907%26P%3D200318473%26H%3Dkelkoo_portal_pi_de_fc%26utm_source%3Dkelkoode%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DCelestino%2527s%2BCasanova%2BBallerinas%252C%2B42%2B-%2BNa&initiator=timeout Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://go.staticvisit.net//?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTQwNTcwNywiaWF0IjoxNjc5Mzk4NTA3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDc2bzJzMTRudTZuaGo4bDQwZzNjOGoiLCJuYmYiOjE2NzkzOTg1MDcsInRzIjoxNjc5Mzk4NTA3NzIyOTAwfQ.6Br5KNDHry_yHcjbjvtLHc734HiHZXxl18DFzN78d8Q&sid=6e64344c-c7dc-11ed-9c96-fee603d9d210 HTTP 302
- http://btpnative.com/click?data=M3VOVFA4X2N2REd3MHNFbkR3WVNYeUt1eU9XSG93b0Jmb2tUTDEwYWNLNkpzLTNyakVsWFFGLUY4QUNvWFlYQ1g0X0Rfd0paSWZ6ZjRyWXplN3ZYd21oQlZ2YUJOWlBwOWtuS2lRQ1dvWjE0NVVJLTVjM1oxa1A2M0NXcjdVYmIwN1VOWEhyUENTcF8zN2pjcWw2VHNBMg2&id=96f78d1f-63dc-4660-8a09-458e64b440a9
- http://btpnative.com/Redirect/ HTTP 302
- https://myckdom.com/aS/feedclick?s=rI7t-hs_SLdE0HI00WdpCq3dDnCBF-q5fAf3WaGFtkm-TqxfUtzbh4LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwWIS7h6QDglS1GwSkt-HhOVnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCkov1iao4blwVS7AvGzOd9DVXWyO89DqYXvnUNi7nOg7mxTUF0ec0wklr-zYQjjrHSvelPQKkZ_vxjJTbb8v1CG6dAdsbrpo_QQCQzdKaBJ7Mn3t8f9yo46UeThIS3sBo5MzAgPdq85-zKcbH-g5PlsrYJ6ngEUKRxIU_xbYfWuitalWpzWelC3Stqy39_sIgliTD3wO-zAopXlpJ1OFN_jeOltUh-tBWY5HPbleBCjExTpRD8NVDltvdIVYjEv4nWlq0suI1l3wGmiIfjbj_ZR8Ocn5frZbQtOuxlh_KN6IU5dsRS9WDrIz7xRPfdASdMCDPFFJwmzrvoGp2JgIiLhp-eCNpdh3xav82HXhzmQK7WyrstrwqzC5hd56v022rX1QboUqh-VkAG6IdXk38fiWv3T9XQ7L4xVY2jp3TYtY0mpA8L12wQmHbUSsPEfHbFmdcWvVDoOM4egfGZIjuplB1JDfRKt-a2EEQ42OICtmwKsVxWXWao9zHykhxIghM3-l_zYn5EiPa2n2Vneh0IuXjb8vvVTMrI9YgMyVWsY5w3G93wHxEoj-UTeRM8r75y2WJLY7OgvpE02QtWtGIWQ5s-dUM9YcNbgcs1i13P9AT6nNDmSH6QEcG62lBGEaHrRb7DmxnTgztq8LKN_OYumJ6nqfNWu5IUFRSQWkYZlMpniICAyF3KxSMjnTkCGMM3euAYHfT8ZH1Wc41511BwAi8ZqvQ3GQwFzhcOE1fLqdKK7fJPfprpufkqzLDlUjqxSHosHnVPI9Ml8STot9ceWBBpdSzObQCHCCKUoKHuWdT5XrXlxzUFEGUJZJip7FpZgXwpjfZo1a8LVC70UdjTlDd7nRpo9WFqrIerNKT4pGDupvY895NyWiNeY_JnsouBr7LOS3ngvUmIjzPWFf6OHa2VARlTN7rhKDgkHn7BCpV1w5gKS_xNI307PspS4ce5IRs96vg6turOxeeCXinm7mspaanACjAeV1wiRK5wrm6QCkvirOzGXHvBcwvqO_JhyHo4wPNsDMThD-QfICOZmGTOxlKTXi0jHB2ldly_N8MhB48pHz41T1IApJmI3RcRW0sP32wpqbOohDFbIMKmJo5b9k8pkBQpvReBL5ZFLMYKjrMYm-5RBtiO7wLElWUOW3ynD5UObBi6-rOknCEIMv_UALWHhD85j4_loS37IcCs9aJMoVVIYVkFfz2ba4Ii87djKx05z6-NfDwFqnFQgfKTtW-QFBWNr53fZc37T0mxfDwFqnFQgfE23Rr2gs8qtJg1v6JbB0DQ HTTP 302
- https://p274639.myckdom.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiOP5aEt-yHArPWiTKFVSGFbKK2bAg5JoXf69cgphgWAr7uSHiBGagfFj4wuKqRorZGJQiv6ksvHSh_XxP0KkeoJPYv00XJVcXnlDjvP4JXWiXaThdUnMclfyYWAdJYTdNvCcyQThhbpWB2ldly_N8Mgf0DzooqA3mGJWdAgaDFAOJTu6AXYz7K564N2DRyWG6t7iZNn17UVKf6gmL4f0BkMgS-qi85_sbKgwjrWmrTAr_SANDyLDInkmYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=rI7t-hs_SLdE0HI00WdpClY37AsT2AewbdSiFG1VZzyRrzzp873dLRq9aL6gQrTQIQxWyDCpiaOW_ZPKZAUKb0XgS-WRSzGCo6zGJvuUQbbDB4nx4ZwOxA&si=1&oref=99743f42a1d8711a3350f2dd3d6d2697&optunit=euDdg0clhupkz-TugnfuTw&rb=ySZLXnWfhQU&rr=1&abtg=0
- https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90139000529&bid=0.0035&source=445400160 HTTP 302
- https://dryqsjk.com/click?trvid=33158&clickid=90139000529&bid=0.0035&source=445400160
- https://clickcanv.com/offerk?subid=3yv0cbh28347&id=14228713&c=V&merchantUrl=https%3A%2F%2Fwww.proidee.de HTTP 302
- https://de-go.kelkoogroup.net/offersearchGo?.ts=1679392848447&.sig=1Xyt2YOYVhhGYKcx58aEDzFel30-&affiliationId=96976304&comId=14228713&country=de&offerId=75516c8f58167d893c8a41b4c946c5e9&service=37&tokenId=16e2234e-431d-42a4-8898-2b90fd38875e&wait=true&custom1=3yv0cbh28347
22 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
go.staticvisit.net// |
480 B 927 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
click
btpnative.com/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
domainClick
p274639.myckdom.com/adServe/ Redirect Chain
|
289 B 604 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
click
dryqsjk.com/ Redirect Chain
|
1 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
double
dryqsjk.com/ |
748 B 928 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
offersearchGo
de-go.kelkoogroup.net/ Redirect Chain
|
28 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p.png
de-go.kelkoogroup.net/assets/images/ |
68 B 544 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tags.js
dd.kelkoogroup.net/ |
276 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/ |
35 B 351 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
fp
de-go.kelkoogroup.net/ |
0 450 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
/
api-js.datadome.co/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
redirect
de-go.kelkoogroup.net/ |
586 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c.js
ct.captcha-delivery.com/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
geo.captcha-delivery.com/captcha/ Frame A706 |
320 KB 66 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c114d235477608ae13bce3174db6fd94.jpg
dd.prod.captcha-delivery.com/image/2023-03-21/ Frame A706 |
13 KB 13 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c114d235477608ae13bce3174db6fd94.frag.png
dd.prod.captcha-delivery.com/image/2023-03-21/ Frame A706 |
7 KB 7 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.css
static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame A706 |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-face.css
static.captcha-delivery.com/common/fonts/roboto/ Frame A706 |
287 B 619 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading_spinner.gif
static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame A706 |
44 KB 44 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tags.js
js.datadome.co/ Frame A706 |
276 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame A706 |
707 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame A706 |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame A706 |
634 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame A706 |
308 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
f9a926dc-89e1-4ed9-b9e5-8cad1fac0ffc
https://geo.captcha-delivery.com/ Frame A706 |
251 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
api-js.datadome.co/js/ Frame A706 |
241 B 419 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api-js.datadome.co
- URL
- https://api-js.datadome.co/js/
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| dd undefined| isIframeLoaded undefined| maxTimeoutMs undefined| initialTime function| iframeOnload10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .staticvisit.net/ | Name: sid Value: 6e64344c-c7dc-11ed-9c96-fee603d9d210 |
|
| btpnative.com/ | Name: WSiGjSfEVvJlyNf Value: WSiGjSfEVvJlyNf |
|
| .myckdom.com/ | Name: rhid Value: 82998476890 |
|
| .myckdom.com/ | Name: loi Value: ad_1398702_off_841761_aff_14470_cid_274639-583412099-STATICVISIT.NET_ts_1679398509 |
|
| dryqsjk.com/ | Name: ClickDataNG Value: H4sIAAAAAAAA_0yTbW_bNhDHv4pwQIAWEGTq2VZhFJ6TrEPjYliS5s3e0OTZ5iyT2pGS67X97gNFNfGr0z3o9L_T777DgGSV0dBAmrCEQQzu0iE0LAbbb59-PQujBySHEpodby3GIFoljn9IaCC_DExsD9k8L2qIQXKH0KRVvcgX85ItYhD81HG11746z9NyHoOy6z9Xr73IOO6UGQvqMitjoL5F77EYCKUiFG6D7mAkNGUM1vQkxvw8hpZrqfR-qp68Z2qhAYjB7HZIPpeyal7FsCWuxWEqHpOh9OBcZ5vZbBxLcD0kwpxmY8Hxo-23Si6v5_y7ZyyrlFymRZbN6zQPAbH8Gh5OSOLAtXumdjm2vslXN9n9TXZ_Pp-TjoySiIlE8Ku1DhqWMJb7wXFA3Yeld_xievemdN0ToRYXaOD58RZi6EldSZd0-df-cxyFj2N8dDR43X7lkz4fVnK5YGm-YIyV2SIk_HxBQvDDhpdFURaMpZXnQnUrKQmt9awUVVKzJE3rZJ5e56qw9d4irfaoHTSwMf-ptuWzMmHRuxelpTnb6MtTlLKEfYhelK6KD9G3qngfrbquxRfcflZuVuZ1klfRu8-fnjYPcdSqI0a_ozia99H6QOaEszT1xJZllSdVET3yHSc1vQZ-jzskpCBH4qAEvsJs_AiTEo-I_fp2BH7SLZmzHd8Nn3rt8BtxLa9bbozE9jrwhZ8w-CJ8DtaGOkP-Jjz1nV9IVtTRXU-mw-jxr4cRgV478v_19m7Uvg9qbu9-_PiE1o6YKHeZQvfE9XHXk4v4KdpwpcGzQqjd2v_fCXxSe6UfuquQI64tF-HSLDS6b9sYRG-dOUHzfSIRAgcQA35zSJq345VfIQMxDCy0HNLJZpPNJ1tMtpzsBMZQT3YODbzR9fPn_wEAAP__acIEyooEAAA= |
|
| dryqsjk.com/ | Name: ClickDataNgFall Value: H4sIAAAAAAAA_0yTbW_bNhDHv4pwQIAWEGTq2VZhFJ6TrEPjYliS5s3e0OTZ5iyT2pGS67X97gNFNfGr0z3o9L_T777DgGSV0dBAmrCEQQzu0iE0LAbbb59-PQujBySHEpodby3GIFoljn9IaCC_DExsD9k8L2qIQXKH0KRVvcgX85ItYhD81HG11746z9NyHoOy6z9Xr73IOO6UGQvqMitjoL5F77EYCKUiFG6D7mAkNGUM1vQkxvw8hpZrqfR-qp68Z2qhAYjB7HZIPpeyal7FsCWuxWEqHpOh9OBcZ5vZbBxLcD0kwpxmY8Hxo-23Si6v5_y7ZyyrlFymRZbN6zQPAbH8Gh5OSOLAtXumdjm2vslXN9n9TXZ_Pp-TjoySiIlE8Ku1DhqWMJb7wXFA3Yeld_xievemdN0ToRYXaOD58RZi6EldSZd0-df-cxyFj2N8dDR43X7lkz4fVnK5YGm-YIyV2SIk_HxBQvDDhpdFURaMpZXnQnUrKQmt9awUVVKzJE3rZJ5e56qw9d4irfaoHTSwMf-ptuWzMmHRuxelpTnb6MtTlLKEfYhelK6KD9G3qngfrbquxRfcflZuVuZ1klfRu8-fnjYPcdSqI0a_ozia99H6QOaEszT1xJZllSdVET3yHSc1vQZ-jzskpCBH4qAEvsJs_AiTEo-I_fp2BH7SLZmzHd8Nn3rt8BtxLa9bbozE9jrwhZ8w-CJ8DtaGOkP-Jjz1nV9IVtTRXU-mw-jxr4cRgV478v_19m7Uvg9qbu9-_PiE1o6YKHeZQvfE9XHXk4v4KdpwpcGzQqjd2v_fCXxSe6UfuquQI64tF-HSLDS6b9sYRG-dOUHzfSIRAgcQA35zSJq345VfIQMxDCy0HNLJZpPNJ1tMtpzsBMZQT3YODbzR9fPn_wEAAP__acIEyooEAAA= |
|
| .kelkoogroup.net/ | Name: kelkooID Value: a4c6293-18703f39ca2-4d907 |
|
| .kelkoogroup.net/ | Name: _ga Value: GA1.2.782961600.1679398509 |
|
| .kelkoogroup.net/ | Name: _gid Value: GA1.2.1815984003.1679398509 |
|
| .kelkoogroup.net/ | Name: datadome Value: 7ms6RVM9QcgOFCvg6~BJ20Y9Rzs4K55VfN_gX7TIoRmlF1n4K-ZsW73eAxhgA7TJDORZEwDjVUbqgBlT062YnPYubWO9GvSxnUo3TkfRnn9PUmQI39ppcyvqVZ_azPQX |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-js.datadome.co
btpnative.com
clickcanv.com
ct.captcha-delivery.com
dd.kelkoogroup.net
dd.prod.captcha-delivery.com
de-go.kelkoogroup.net
dryqsjk.com
geo.captcha-delivery.com
geotrkclknow.com
go.staticvisit.net
js.datadome.co
myckdom.com
p274639.myckdom.com
static.captcha-delivery.com
www.google-analytics.com
api-js.datadome.co
13.224.189.117
18.194.14.91
18.195.173.251
18.66.112.3
18.66.122.7
192.99.158.241
2600:9000:2251:8c00:7:c516:5a80:93a1
2606:4700:3031::6815:52b0
2a00:1450:4001:831::200e
2a06:98c1:3120::3
3.126.48.135
52.117.247.211
65.9.86.56
81.171.22.4
95.211.116.26
03cd31e4d3c37c852aec70f0c5bb40641131ba56ea401ba48b7b5d4c68f3d39a
14925cc0d48089e7391c75a3730073570b2d48b6c838a5983d032e8b393fc0bb
3e60979021e384209bd6adc873bd3e898e443a09f539288ffb5b9e3ec2e34046
4070b603c672c313d3f3c9180f0fdd47aa6ef3392ee2cdb095d84f7d7554583e
5cc703e8bd23d04a0d5c58ce356695fbed0fc7c4571350e889657d54de3fffbe
632b235d2603ea925af126aae565bedaf9919674077fa37b34475a15eec9c930
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
670415a9265c06166a9e53350ea09f416113752897f75323ddffcba7d5eaa434
80fc688606bec56529d6f9cc57b4ccc4ac2b2cf549ef382b1a30f0f5da2935c4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e4d54c14ce63d3e4d711fa10df5548453d50a56367bf3baecf3d0d691a054d7
926a1b696c1c9750e0ce2e24fe7980937ebe43db5076081ea1326c143dd91535
a028b873ea59dce22f2ad131ec24bebe58b7bc37a1f1a46e9a027a4ed623097f
a1a0453837bb412b3ac8d1cc096ef1638b4728d47b4130ef131bf8ffd667cff3
baa3aa2b7f04e1e82e3f59821e216846f7d971ca3fc9e5cc58aadd29fb6de1ff
bd54579f5eb6c2eaa2b552c1d507fefb053285d67c60bf33281ad90a5852da7e
c364121eb37a76ac9c734cd182e669cd85b75b880fedb1e63693414919abcf93
c54cb9a12083d46f17eeeaa0f3fd26a25405f489696bb1cdcd504bea1cf3b9a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed243a7fa712a26559089ad5eadb7bffb314357ac21966fe20f5cef1fb6355b1
fab79f1dfdc7b759da9e1c4d80169bc879352b47bf0cf9352e3eeaed39e55de7