www.koffer.net
Open in
urlscan Pro
2606:4700:20::ac43:5149
Public Scan
Submitted URL: http://ww3.paycapitalone.com/
Effective URL: https://www.koffer.net/go-travel/flugsocken-l/schwarz?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclic...
Submission: On February 05 via api from US — Scanned from DE
Effective URL: https://www.koffer.net/go-travel/flugsocken-l/schwarz?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclic...
Submission: On February 05 via api from US — Scanned from DE
Summary
This website contacted 11 IPs
in 5 countries
across 12 domains to perform 39 HTTP transactions.
The main IP is 2606:4700:20::ac43:5149, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is www.koffer.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.
This is the only time www.koffer.net was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.
This is the only time www.koffer.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 81.17.18.195 81.17.18.195 | 51852 (PLI-AS) (PLI-AS) | |
| 4 | 66.165.243.160 66.165.243.160 | 29802 (HVC-AS) (HVC-AS) | |
| 1 6 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE) | |
| 2 5 | 95.211.116.27 95.211.116.27 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
| 1 | 99.86.3.118 99.86.3.118 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 35.156.78.174 35.156.78.174 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2606:4700:20:... 2606:4700:20::ac43:5149 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 16 | 2a00:1450:400... 2a00:1450:4001:800::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 5 | 2606:4700:20:... 2606:4700:20::ac43:4102 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 2a00:1450:400... 2a00:1450:400c:c08::9c | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 2a00:1450:400... 2a00:1450:4001:810::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 39 | 11 |
4
66.165.243.160
(Los Angeles, United States)
ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us
ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us
| r.redirekted.com |
6
2a00:1450:4001:810::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
5
95.211.116.27
(Den Helder, Netherlands)
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com
| de-go.kelkoogroup.net |
1
99.86.3.118
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-118.fra6.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-118.fra6.r.cloudfront.net
| js.datadome.co |
1
2a00:1450:4001:82f::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
35.156.78.174
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-78-174.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-78-174.eu-central-1.compute.amazonaws.com
| api-js.datadome.co |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 16 |
ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324 |
215 KB |
| 6 |
google-analytics.com
1 redirects
www.google-analytics.com — Cisco Umbrella Rank: 42 |
40 KB |
| 5 |
betzstatic.com
betzstatic.com |
57 KB |
| 5 |
kelkoogroup.net
2 redirects
de-go.kelkoogroup.net — Cisco Umbrella Rank: 656938 |
33 KB |
| 4 |
redirekted.com
r.redirekted.com — Cisco Umbrella Rank: 569013 |
11 KB |
| 2 |
koffer.net
www.koffer.net |
16 KB |
| 2 |
datadome.co
js.datadome.co — Cisco Umbrella Rank: 8546 api-js.datadome.co — Cisco Umbrella Rank: 8229 |
42 KB |
| 1 |
google.de
www.google.de — Cisco Umbrella Rank: 5557 |
501 B |
| 1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 13 |
594 B |
| 1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 96 |
488 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
40 KB |
| 1 |
paycapitalone.com
1 redirects
ww3.paycapitalone.com |
456 B |
| 39 | 12 |
| Domain | Requested by | |
|---|---|---|
| 16 | cdn.ampproject.org |
www.koffer.net
cdn.ampproject.org |
| 6 | www.google-analytics.com |
1 redirects
r.redirekted.com
www.google-analytics.com www.googletagmanager.com |
| 5 | betzstatic.com |
www.koffer.net
|
| 5 | de-go.kelkoogroup.net |
2 redirects
r.redirekted.com
de-go.kelkoogroup.net |
| 4 | r.redirekted.com |
r.redirekted.com
|
| 2 | www.koffer.net |
de-go.kelkoogroup.net
cdn.ampproject.org |
| 1 | www.google.de | |
| 1 | www.google.com | 1 redirects |
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | api-js.datadome.co |
js.datadome.co
|
| 1 | www.googletagmanager.com |
de-go.kelkoogroup.net
|
| 1 | js.datadome.co |
de-go.kelkoogroup.net
|
| 1 | ww3.paycapitalone.com | 1 redirects |
| 39 | 13 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.schulranzen.com |
| www.rucksack-spezialist.de |
| www.schulranzen-berater.de |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.google-analytics.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
| *.kelkoogroup.net Thawte RSA CA 2018 |
2021-09-07 - 2022-10-07 |
a year | crt.sh |
| *.datadome.co Gandi Standard SSL CA 2 |
2021-10-12 - 2022-10-21 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-04 - 2022-07-03 |
a year | crt.sh |
| misc-sni.google.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.koffer.net/go-travel/flugsocken-l/schwarz?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Go+Travel+Flugsocken+L+Schwarz
Frame ID: C89891E86552226362E399C1624416EB
Requests: 42 HTTP requests in this frame
Frame:
http://r.redirekted.com/go?e=DwCaxHVbtUMefGr5blBk5GsYumFeLUqvk3p4STsmqvBdfGB74aq1kQsYEaFetlV6x3C5kGVyDaF8uPsWcFL8AzsytwF-IlX503F0DTs7jGFe4mX703pexmXyj3KeHPrty3C55GVxfvEuHPrY53p4NTsYuUL-IvX-bFLRu2Z_pPEmV3XTEwLwbHVybPM55QL80KX99SA78IF9MKr-bFWebwX7D3K-AUAtgFWvNzX-xKB8AUrwcFW4y0XbVlF-AUps1aBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Frame ID: D6C4F506E47D30F7BAC060E6859B0849
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Go Travel Flugsocken L Schwarz | www.koffer.netWarenkorbTelefonTelefonPage URL History Show full URLs
-
http://ww3.paycapitalone.com/
HTTP 302
http://r.redirekted.com/redirect?redirect_id=121c1cc898296a779291ffc46ae34e25&request_id=b9f2ab0f783... Page URL
-
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1643966403830&.sig=trlO8l8T4X.Jv4r4HwF6FoolJlw-&aff...
HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=a17dbf46f9cb561d7755df6e9daf7db0fa4d5427a5243c4d4b00bee1883b... Page URL
-
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e00dd89...
HTTP 303
https://www.koffer.net/go-travel/flugsocken-l/schwarz?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm... Page URL
Detected technologies
Datadome
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
Lightbox
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- lightbox(?:-plus-jquery)?.{0,32}\.js
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
URL: https://www.schulranzen.com/?cart=f107bafd-6d41-423d-88c2-39cd31690ddf
Title: SCHULRANZEN
Title: SCHULRANZEN
Search URL Search Domain Scan URL
URL: https://www.rucksack-spezialist.de/?cart=f107bafd-6d41-423d-88c2-39cd31690ddf
Title: RUCKSÄCKE
Title: RUCKSÄCKE
Search URL Search Domain Scan URL
URL: http://www.schulranzen-berater.de/
Title: Schulranzenberater
Title: Schulranzenberater
Search URL Search Domain Scan URL
URL: https://www.schulranzen.com/?cart=
Title: SCHULRANZEN
Title: SCHULRANZEN
Search URL Search Domain Scan URL
URL: https://www.rucksack-spezialist.de/?cart=
Title: RUCKSÄCKE&
Title: RUCKSÄCKE&
Search URL Search Domain Scan URL
URL: https://www.schulranzen.com/p/agbimpr.html
Title: AGBs/Impressum
Title: AGBs/Impressum
Search URL Search Domain Scan URL
URL: https://www.schulranzen.com/p/datenschutz.html
Title: Datenschutzinfo
Title: Datenschutzinfo
Search URL Search Domain Scan URL
URL: https://www.schulranzen.com/p/verbraucherinfo.html
Title: Verbraucherinfo
Title: Verbraucherinfo
Search URL Search Domain Scan URL
URL: https://www.schulranzen.com/p/versand.html
Title: Versandkosten
Title: Versandkosten
Search URL Search Domain Scan URL
URL: https://www.schulranzen.com/p/gutschein.html
Title: Gutschein
Title: Gutschein
Search URL Search Domain Scan URL
URL: https://www.schulranzen.com/p/teilnahmebedingungen.html
Title: Teilnahmebedingungen
Title: Teilnahmebedingungen
Search URL Search Domain Scan URL
URL: https://www.schulranzen.com/p/herstellergarantien.html
Title: Herstellergarantien
Title: Herstellergarantien
Search URL Search Domain Scan URL
URL: https://www.schulranzen.com/p/widerruf.html
Title: Widerruf
Title: Widerruf
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ww3.paycapitalone.com/
HTTP 302
http://r.redirekted.com/redirect?redirect_id=121c1cc898296a779291ffc46ae34e25&request_id=b9f2ab0f783da702605bb8c8ad312edb Page URL
-
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1643966403830&.sig=trlO8l8T4X.Jv4r4HwF6FoolJlw-&affiliationId=96965856&comId=100516862&country=de&offerId=54cf3910297b59ab4baffe5829c508e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=Ns7VPF-AKAaEwq1EzXuIUFlxlV5ZwqbM0XxD2BmRTLaAPqapTsyj3L7gQqx5UWwgxslAJF8gHrakKWjuHsyVFF9gwW&custom2=jKWjuHsyDKL-AaXXqwqSExZvyRCexFrUAQB
HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=a17dbf46f9cb561d7755df6e9daf7db0fa4d5427a5243c4d4b00bee1883b65d45519e3cec28981a084ab8a018dea779823daeb3b0caa9a48bfb6674776689214b87d11f33589c3b2b4a84399f134df334fad87881c226acab1da2114b4d86a907cccec8e54eae2c6cf63c7033c8fd7a1c371c959982654fe81cb78f0a3b7c0c5dd8da9651850d2d0e686deabfa1f5ca449dedaaa21c4c42dc055bad6210d85437857a97002d7a0fd490390024afa47e0dc2a1756640794d7bb26b8a30ca9f037f004b6f7dd23f248da4f646008400e94e1d1e833dbd0cc05945d092b4746c413e6cdbd87a2db519a409f8b7c7add14e34e41787932f0aa40700a17590501984ca01a4ba26eb66532fb947a97cdd84911d833a7058e70228e77c83ad926737e955141e0c4c1cd22895fd5d9d4ac67ba5712368585454f62665082911e97d22bd2d9b7bac943a7957754c4bdeecb64f6d4e83af9f0b95bfabe56beef6b03ad50aae58373aaa9bc5ec9e9872cebfc58e6d1a3663e1168f39b003272fefb909e4802d31bd494d1b52f465986be6b7481f6f52ab0e9499400f78108b5dd3fe1943a08549952b66e5e9ae8706fd4aaac36a939dbff81f8d1f836f13065958f85ba31c54fcbc1df8baa62010a2338bd6f8170a2c90b9b6d4ed089feca9b1c18243fc604167bd8a58edf854f35d997dff44c2465467e76fcc38a554358d7958a2e4c79ed5ccd0a4c0c307363&o= Page URL
-
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e00dd89cf8e0db64ecadbc06af8e71219b31edf476bdc8526a7af6f4f0ff4b2386f6db7c4bd212fb207771f90c1914b892b4dc4a027ae225c698fd3fdde9b025000ec55a93d1daab0383f85a96a5b06753404555ef8b80d858397377cad58656191c244b5245382924542bd1579738ce76dc535d86444eb4106a79f2480c82533a9afa112bc3c4734f4efe32b0a8d3d1305bcba05bad57f4647c1719575fb5ea2f7d8f34ed40f381664cad022dad834d11977d10a5aece58b8ea29417800ace1fbb7e57265b11957bc2d9d6f220ef984e81c39778cb37a826b5c1256de90900586ffdca73d2d8acf2164b2980a0f84928663aeb8780daa2f05d044c1c06678e4e2c7b5b3884ba92cd&leadId=dc1-kls-prod-srv-03.prod.dc1.kelkoo.net_1644052234345_870143&clickId=107699101_1644052234300_927438&url=https%3A%2F%2Fwww.koffer.net%2Fgo-travel%2Fflugsocken-l%2Fschwarz%3Fad%3Dkel%26utm_source%3Dkelkoode%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGo%2BTravel%2BFlugsocken%2BL%2BSchwarz&initiator=timeout
HTTP 303
https://www.koffer.net/go-travel/flugsocken-l/schwarz?ad=kel&utm_source=kelkoode&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Go+Travel+Flugsocken+L+Schwarz Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://ww3.paycapitalone.com/ HTTP 302
- http://r.redirekted.com/redirect?redirect_id=121c1cc898296a779291ffc46ae34e25&request_id=b9f2ab0f783da702605bb8c8ad312edb
- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
- http://www.google-analytics.com/collect?v=1&_v=j96&a=326860896&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbtUMefGr5blBk5GsYumFeLUqvk3p4STsmqvBdfGB74aq1kQsYEaFetlV6x3C5kGVyDaF8uPsWcFL8AzsytwF-IlX503F0DTs7jGFe4mX703pexmXyj3KeHPrty3C55GVxfvEuHPrY53p4NTsYuUL-IvX-bFLRu2Z_pPEmV3XTEwLwbHVybPM55QL80KX99SA78IF9MKr-bFWebwX7D3K-AUAtgFWvNzX-xKB8AUrwcFW4y0XbVlF-AUps1aBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1718994369.1644052234&tid=UA-32454353-1&_gid=1526510914.1644052234&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=2147051874 HTTP 307
- https://www.google-analytics.com/collect?v=1&_v=j96&a=326860896&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbtUMefGr5blBk5GsYumFeLUqvk3p4STsmqvBdfGB74aq1kQsYEaFetlV6x3C5kGVyDaF8uPsWcFL8AzsytwF-IlX503F0DTs7jGFe4mX703pexmXyj3KeHPrty3C55GVxfvEuHPrY53p4NTsYuUL-IvX-bFLRu2Z_pPEmV3XTEwLwbHVybPM55QL80KX99SA78IF9MKr-bFWebwX7D3K-AUAtgFWvNzX-xKB8AUrwcFW4y0XbVlF-AUps1aBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1718994369.1644052234&tid=UA-32454353-1&_gid=1526510914.1644052234&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=2147051874
- https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1643966403830&.sig=trlO8l8T4X.Jv4r4HwF6FoolJlw-&affiliationId=96965856&comId=100516862&country=de&offerId=54cf3910297b59ab4baffe5829c508e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=Ns7VPF-AKAaEwq1EzXuIUFlxlV5ZwqbM0XxD2BmRTLaAPqapTsyj3L7gQqx5UWwgxslAJF8gHrakKWjuHsyVFF9gwW&custom2=jKWjuHsyDKL-AaXXqwqSExZvyRCexFrUAQB HTTP 307
- https://de-go.kelkoogroup.net/go?country=de&k=a17dbf46f9cb561d7755df6e9daf7db0fa4d5427a5243c4d4b00bee1883b65d45519e3cec28981a084ab8a018dea779823daeb3b0caa9a48bfb6674776689214b87d11f33589c3b2b4a84399f134df334fad87881c226acab1da2114b4d86a907cccec8e54eae2c6cf63c7033c8fd7a1c371c959982654fe81cb78f0a3b7c0c5dd8da9651850d2d0e686deabfa1f5ca449dedaaa21c4c42dc055bad6210d85437857a97002d7a0fd490390024afa47e0dc2a1756640794d7bb26b8a30ca9f037f004b6f7dd23f248da4f646008400e94e1d1e833dbd0cc05945d092b4746c413e6cdbd87a2db519a409f8b7c7add14e34e41787932f0aa40700a17590501984ca01a4ba26eb66532fb947a97cdd84911d833a7058e70228e77c83ad926737e955141e0c4c1cd22895fd5d9d4ac67ba5712368585454f62665082911e97d22bd2d9b7bac943a7957754c4bdeecb64f6d4e83af9f0b95bfabe56beef6b03ad50aae58373aaa9bc5ec9e9872cebfc58e6d1a3663e1168f39b003272fefb909e4802d31bd494d1b52f465986be6b7481f6f52ab0e9499400f78108b5dd3fe1943a08549952b66e5e9ae8706fd4aaac36a939dbff81f8d1f836f13065958f85ba31c54fcbc1df8baa62010a2338bd6f8170a2c90b9b6d4ed089feca9b1c18243fc604167bd8a58edf854f35d997dff44c2465467e76fcc38a554358d7958a2e4c79ed5ccd0a4c0c307363&o=
- https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Go%20Travel%20Flugsocken%20L%20Schwarz%20%7C%20www.koffer.net&sr=1600x1200&_utmht=1644052236591&cid=amp-0rQ44C96L_rIkjEWPxrA0Q&tid=UA-22037971-1&dl=https%3A%2F%2Fwww.koffer.net%2Fgo-travel%2Fflugsocken-l%2Fschwarz%3Fad%3Dkel%26utm_source%3Dkelkoode%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGo%2BTravel%2BFlugsocken%2BL%2BSchwarz&dr=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Da17dbf46f9cb561d7755df6e9daf7db0fa4d5427a5243c4d4b00bee1883b65d45519e3cec28981a084ab8a018dea779823daeb3b0caa9a48bfb6674776689214b87d11f33589c3b2b4a84399f134df334fad87881c226acab1da2114b4d86a907cccec8e54eae2c6cf63c7033c8fd7a1c371c959982654fe81cb78f0a3b7c0c5dd8da9651850d2d0e686deabfa1f5ca449dedaaa21c4c42dc055bad6210d85437857a97002d7a0fd490390024afa47e0dc2a1756640794d7bb26b8a30ca9f037f004b6f7dd23f248da4f646008400e94e1d1e833dbd0cc05945d092b4746c413e6cdbd87a2db519a409f8b7c7add14e34e41787932f0aa40700a17590501984ca01a4ba26eb66532fb947a97cdd84911d833a7058e70228e77c83ad926737e955141e0c4c1cd22895fd5d9d4ac67ba5712368585454f62665082911e97d22bd2d9b7bac943a7957754c4bdeecb64f6d4e83af9f0b95bfabe56beef6b03ad50aae58373aaa9bc5ec9e9872cebfc58e6d1a3663e1168f39b003272fefb909e4802d31bd494d1b52f465986be6b7481f6f52ab0e9499400f78108b5dd3fe1943a08549952b66e5e9ae8706fd4aaac36a939dbff81f8d1f836f13065958f85ba31c54fcbc1df8baa62010a2338bd6f8170a2c90b9b6d4ed089feca9b1c18243fc604167bd8a58edf854f35d997dff44c2465467e76fcc38a554358d7958a2e4c79ed5ccd0a4c0c307363%26o%3D&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.3033588681457562&_r=1&a=2746&z=0.3847825098909421 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-22037971-1&cid=amp-0rQ44C96L_rIkjEWPxrA0Q&jid=0.3033588681457562&_v=a1&z=0.3847825098909421 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22037971-1&cid=amp-0rQ44C96L_rIkjEWPxrA0Q&jid=0.3033588681457562&_v=a1&z=0.3847825098909421 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22037971-1&cid=amp-0rQ44C96L_rIkjEWPxrA0Q&jid=0.3033588681457562&_v=a1&z=0.3847825098909421&slf_rd=1&random=1026578447
39 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
redirect
r.redirekted.com/ Redirect Chain
|
814 B 1022 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adren.css
r.redirekted.com/css/ |
243 B 479 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adren.min.js
r.redirekted.com/js/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
go
r.redirekted.com/ Frame D6C4 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ Frame D6C4 Redirect Chain
|
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ Frame D6C4 |
2 B 145 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/ Frame D6C4 Redirect Chain
|
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
go
de-go.kelkoogroup.net/ Redirect Chain
|
27 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p.png
de-go.kelkoogroup.net/assets/images/ |
68 B 625 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tags.js
js.datadome.co/ |
226 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
107 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
fp
de-go.kelkoogroup.net/ |
0 441 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
api-js.datadome.co/js/ |
50 B 227 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
schwarz
www.koffer.net/go-travel/flugsocken-l/ Redirect Chain
|
55 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v0.js
cdn.ampproject.org/ |
273 KB 70 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
koffer.svg
betzstatic.com/images/logos/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
go-travel.png
betzstatic.com/i/logos_new/ |
916 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0799_001.jpg
betzstatic.com/i/prod/xl/GT/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-form-0.1.js
cdn.ampproject.org/v0/ |
50 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-analytics-0.1.js
cdn.ampproject.org/v0/ |
110 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-install-serviceworker-0.1.js
cdn.ampproject.org/v0/ |
10 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-social-share-0.1.js
cdn.ampproject.org/v0/ |
15 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-accordion-0.1.js
cdn.ampproject.org/v0/ |
18 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
amp-fx-collection-0.1.js
cdn.ampproject.org/v0/ |
18 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
amp-lightbox-0.1.js
cdn.ampproject.org/v0/ |
26 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
amp-carousel-0.1.js
cdn.ampproject.org/v0/ |
38 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
amp-list-0.1.js
cdn.ampproject.org/v0/ |
43 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
amp-date-countdown-0.1.js
cdn.ampproject.org/v0/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
amp-mustache-latest.js
cdn.ampproject.org/v0/ |
42 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
amp-animation-0.1.js
cdn.ampproject.org/v0/ |
83 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
STOERUNG.jpg
betzstatic.com/images/banner/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012201212122003/v0/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
amp-loader-0.1.js
cdn.ampproject.org/rtv/012201212122003/v0/ |
13 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
953 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
394 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
595 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
227 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
440 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
157 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
149 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
NTAxNjMyNjAwODAyMQ==
www.koffer.net/api/offer/ |
1 KB 861 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
001.jpg
betzstatic.com/i/must/m/GT/ |
72 B 501 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
googleanalytics.json
cdn.ampproject.org/rtv/012201212122003/v0/analytics-vendors/ |
2 KB 812 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 501 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .paycapitalone.com/ | Name: sid Value: 78c7466a-8663-11ec-8893-c66d9d70102a |
|
| r.redirekted.com/ | Name: uuid Value: 5094068375954892800 |
|
| .redirekted.com/ | Name: _ga Value: GA1.2.1718994369.1644052234 |
|
| .redirekted.com/ | Name: _gid Value: GA1.2.1526510914.1644052234 |
|
| .redirekted.com/ | Name: _gat Value: 1 |
|
| .kelkoogroup.net/ | Name: referer Value: http%3A%2F%2Fr.redirekted.com%2F |
|
| .kelkoogroup.net/ | Name: kelkooID Value: a4c6361-17ec926405a-88569 |
|
| .kelkoogroup.net/ | Name: lastSearchedKeyword Value: a3dkPUdvIFRyYXZlbCBGbHVnc29ja2VuIEwgU2Nod2Fyenx0cz0xNjQ0MDUyMjM0MzQ5fGNhdElkPTEwODgwMXxjb21JZD0xMDA1MTY4NjI= |
|
| .de-go.kelkoogroup.net/ | Name: _ga Value: GA1.3.1504522078.1644052235 |
|
| .de-go.kelkoogroup.net/ | Name: _gid Value: GA1.3.1953868488.1644052235 |
|
| .de-go.kelkoogroup.net/ | Name: _gat_UA-168544891-7 Value: 1 |
|
| .kelkoogroup.net/ | Name: datadome Value: yK4cVMwP_4ECy4c2adfEEP0pbCnfUUnGGLu3sfe5P._lwiuzuAUzEdnwWHPesDH_hJiS_U2LxoGRm34lF8X33sO5k5Q-ejElSOMQsWIFBTUKUVs8Rh3A0SgmDMZ4LV1 |
|
| www.koffer.net/ | Name: session1 Value: MTY0NDA1MjIzNXx4V051NVpGTEEzSzZvT012OFdvTnZndFBNU2FRdG1pNDJiTkNyNmJqS1FWRldmUkdaLVI4dWd2bDA5TlJSMGptQ0Yyb3VKaUUxY1dNVEVxaFpGZkpsQ1dwa0lSMlMyMDBuVHBSU1RxY2ZGUmlHWDg9fKgzJC4Jn8jxrX3NcfxIGmYYhtYvfM9RSYWspA5gfWF4 |
|
| .koffer.net/ | Name: _ga Value: amp-0rQ44C96L_rIkjEWPxrA0Q |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-js.datadome.co
betzstatic.com
cdn.ampproject.org
de-go.kelkoogroup.net
js.datadome.co
r.redirekted.com
stats.g.doubleclick.net
ww3.paycapitalone.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.koffer.net
2606:4700:20::ac43:4102
2606:4700:20::ac43:5149
2a00:1450:4001:800::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c08::9c
35.156.78.174
66.165.243.160
81.17.18.195
95.211.116.27
99.86.3.118
0a1476deb35776673f620ad3f1f080b974012d7bbf0d3e9d7fbf24109ce94cf7
0afd92d55e96229b3d143af15c1c9e2d78a45cd7ee3eedf494f866b2fa7d35f9
0b001ca23739d840833dbb72c198f6ca7a32348b62e5a7d6026c7bdd4ac48875
1c4287a637e4812cd6ed2535d79f5b4dd69d9ef1388c73e75542453c5a1a5236
1f595bacd27952d1562d460eab25cadf7f46916d941fa76eb6c606e4c4296cf5
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2ebd9c4d5eef481f210c782d4f8adfb2d40b253af25d2b306dd6e4fd3b87c6fc
34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02
39e913409c8e5b5a68e06aef984eb2786b1335b51234f2cf2918249e91e13712
41ee58fb12c8a5b3869ffb5a34e0756d06b7c033befa640f545ad1918cbe84f7
4f05d69e43fe72cb0f0e763bff4eb877c8f675703e6a6a67f1c045acee6e89a6
5241421cb944a9898967f0e866774dccb4dd56ae27fdd2753b09a6711def1612
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
587b386386aa313a34c96cf6e8ca4b78519e0f0462ef729cb8a3cb7d01e67d25
595b960730ca8807f02032a21d8bdd86b27bbe5c7dfa5dd6e2ca3a8bb8def082
59ea1b2ea52f0c9f56d1d86574f2ce8518d5f14d497f2079f572a1303b794deb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
68568d1d6e191193193329b9d3a3d717be285b91409f6394c7137e372d5c74dc
69991d6aa0d3f215264346318a63df255a50d28e649eb4dd228d0fb306b2e1c9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d0face2098d0fa848160df6ef72f02ea3db05b57d4fd01b21b5f5cf83344bf0
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
816962ad51ffc88817a5d1eeeae45f28bd66eb58d2d60cb535b415db1fca5ff0
8420024eb5e439a7044abf871689237906055817e82fe6b1e7d69cfacfea8413
8cc0ba6d102259126b885087099c833576341ec3077888ab165679e698edda9e
8fc4f2c3167630a67e825cf4cdc0001fae212ae5d13b2609245d030d731ec11d
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9e732c0535a0d8501df59c4a7b24861e543f978886ab70ec83ebdf591167cb96
a0c631a1db60905f43970969fa0180918354522f7a2e9b71d40be5b9f7b5e5b5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
abf66c29b32b2d1ec026140f3cc72b7cfffd86396abbe306b16fdf350e032fad
af736f44f340cd1d2a3eef4c078a6039af179a66beb1440a2e2d5eac92a2a856
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
bf84d38c2f1f81c85b53d9471a6387792b0e5ea8fc37b4979bc3bb6910234b63
d132846133612bc745d29af4b8930d19b28cb8e99c32f499a2c3c8fdb943a7dd
d90c96bfc370d347c270ac59842f247df84f835ad707a80aa60b68d4ca400a7a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa
e817fb2eac4b0b6da14b3efafaddb1657ea6ef8c3954617df569bf6a8920cde8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629