urlscan.io logo urlscan.io
SecurityTrails logo

de-go.kelkoogroup.net Open in urlscan Pro
95.211.116.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sacdevolucaodeconsignadoindevido.com/
Effective URL: https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c2425637...
Submission: On March 05 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 6 domains to perform 24 HTTP transactions. The main IP is 95.211.116.26, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is de-go.kelkoogroup.net. The Cisco Umbrella rank of the primary domain is 636570.
TLS certificate: Issued by Thawte RSA CA 2018 on August 25th 2022. Valid for: a year.
This is the only time de-go.kelkoogroup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 213.227.149.211 60781 (LEASEWEB-...)
4 66.165.243.160 29802 (HVC-AS)
4 2a00:1450:400... 15169 (GOOGLE)
4 95.211.116.26 60781 (LEASEWEB-...)
1 13.224.189.20 16509 (AMAZON-02)
1 13.224.189.51 16509 (AMAZON-02)
1 18.194.14.91 16509 (AMAZON-02)
2 13.224.189.117 16509 (AMAZON-02)
3 2600:9000:211... 16509 (AMAZON-02)
1 13.225.78.46 16509 (AMAZON-02)
1 3.66.65.230 16509 (AMAZON-02)
24 12
2    213.227.149.211 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
sacdevolucaodeconsignadoindevido.com
4    66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us
r.redirekted.com
4    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
de-go.kelkoogroup.net
1    13.224.189.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-20.fra2.r.cloudfront.net
dd.kelkoogroup.net
1    13.224.189.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-51.fra2.r.cloudfront.net
ct.captcha-delivery.com
1    18.194.14.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-14-91.eu-central-1.compute.amazonaws.com
geo.captcha-delivery.com
2    13.224.189.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-117.fra2.r.cloudfront.net
dd.prod.captcha-delivery.com
3    2600:9000:211a:9000:7:c516:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.captcha-delivery.com
1    13.225.78.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-46.fra2.r.cloudfront.net
js.datadome.co
1    3.66.65.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-65-230.eu-central-1.compute.amazonaws.com
api-js.datadome.co
Apex Domain
Subdomains		 Transfer
7 captcha-delivery.com
ct.captcha-delivery.com — Cisco Umbrella Rank: 30514
geo.captcha-delivery.com — Cisco Umbrella Rank: 24843
dd.prod.captcha-delivery.com — Cisco Umbrella Rank: 55592
static.captcha-delivery.com — Cisco Umbrella Rank: 29973
141 KB
5 kelkoogroup.net
de-go.kelkoogroup.net — Cisco Umbrella Rank: 636570
dd.kelkoogroup.net — Cisco Umbrella Rank: 311741
38 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
4 redirekted.com
r.redirekted.com
11 KB
2 datadome.co
js.datadome.co — Cisco Umbrella Rank: 5478
api-js.datadome.co — Cisco Umbrella Rank: 4309
55 KB
2 sacdevolucaodeconsignadoindevido.com
sacdevolucaodeconsignadoindevido.com
1 KB
24 6
Domain Requested by
4 de-go.kelkoogroup.net r.redirekted.com
de-go.kelkoogroup.net
4 www.google-analytics.com r.redirekted.com
www.google-analytics.com
de-go.kelkoogroup.net
4 r.redirekted.com sacdevolucaodeconsignadoindevido.com
r.redirekted.com
3 static.captcha-delivery.com geo.captcha-delivery.com
2 dd.prod.captcha-delivery.com geo.captcha-delivery.com
2 sacdevolucaodeconsignadoindevido.com 1 redirects
1 api-js.datadome.co js.datadome.co
1 js.datadome.co geo.captcha-delivery.com
1 geo.captcha-delivery.com ct.captcha-delivery.com
1 ct.captcha-delivery.com de-go.kelkoogroup.net
1 dd.kelkoogroup.net de-go.kelkoogroup.net
24 11

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.kelkoogroup.net
Thawte RSA CA 2018		 2022-08-25 -
2023-09-25		 a year crt.sh
dd.kelkoogroup.net
R3		 2023-02-04 -
2023-05-05		 3 months crt.sh
*.captcha-delivery.com
Amazon RSA 2048 M02		 2023-02-23 -
2023-10-23		 8 months crt.sh
dd.prod.captcha-delivery.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-05-26		 3 months crt.sh
*.datadome.co
Gandi Standard SSL CA 2		 2022-10-13 -
2023-10-21		 a year crt.sh

This page contains 3 frames:

Primary Page: https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d&url=https%3A%2F%2Fm.exactag.com%2Fcl.aspx%3FextProvId%3D100%26extProvApi%3D127910%26extPu%3Dkelkoo%26extLi%3DHerrenmode%26extPGid%3D231%26extPRid%3D95159921%26extID%3D9515992193-35-1706176724%26url%3Dhttps%253A%252F%252Fwww.baur.de%252Fp%252F95159921-35%253Fkk%253Da4c629a-186b0dde2a6-1469ee%2526AffiliateID%253Dkelkoo%2526ActionID%253D231%2526Name%253D95159921%2526NUMSArt%253D44486579%2526NUMSArtPc%253D44932696%2526WKZ%253D79%2526IWL%253D110%2526utm_source%253Dkelkoo%2526utm_medium%253DHerrenmode%2526utm_campaign%253D231%2526utm_content%253D95159921%2526kid%253D6%2526P1%253DMTMyNjE%253D&initiator=timeout
Frame ID: 4E6B2624F1E49FC0118869BB9F8E18A6
Requests: 11 HTTP requests in this frame

Frame: http://r.redirekted.com/go?e=04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Frame ID: DD9D56543706BF1F21664D99BBF47A2F
Requests: 4 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d%26url%3Dhttps%253A%252F%252Fm.exactag.com%252Fcl.aspx%253FextProvId%253D100%2526extProvApi%253D127910%2526extPu%253Dkelkoo%2526extLi%253DHerrenmode%2526extPGid%253D231%2526extPRid%253D95159921%2526extID%253D9515992193-35-1706176724%2526url%253Dhttps%25253A%25252F%25252Fwww.baur.de%25252Fp%25252F95159921-35%25253Fkk%25253Da4c629a-186b0dde2a6-1469ee%252526AffiliateID%25253Dkelkoo%252526ActionID%25253D231%252526Name%25253D95159921%252526NUMSArt%25253D44486579%252526NUMSArtPc%25253D44932696%252526WKZ%25253D79%252526IWL%25253D110%252526utm_source%25253Dkelkoo%252526utm_medium%25253DHerrenmode%252526utm_campaign%25253D231%252526utm_content%25253D95159921%252526kid%25253D6%252526P1%25253DMTMyNjE%25253D%26initiator%3Dtimeout&s=35103&e=091cca4d0316ce8da5ce6848f8b6d26ef93272a7d2ef90d76ba7e6fa9bc2e6cc
Frame ID: 79902A80C86F8CD64D67DD9C9150EA61
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kelkoogroup.net

Page URL History Show full URLs

  1. http://sacdevolucaodeconsignadoindevido.com/ Page URL
  2. http://sacdevolucaodeconsignadoindevido.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
    http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591... Page URL
  3. https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliatio... Page URL
  4. https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

24
Requests

67 %
HTTPS

18 %
IPv6

6
Domains

11
Subdomains

12
IPs

4
Countries

267 kB
Transfer

837 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sacdevolucaodeconsignadoindevido.com/ Page URL
  2. http://sacdevolucaodeconsignadoindevido.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3ODAxMTc3NCwiaWF0IjoxNjc4MDA0NTc0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDRuZ2g5bDUyOXVqZDVwb2cwdm1sazciLCJuYmYiOjE2NzgwMDQ1NzQsInRzIjoxNjc4MDA0NTc0ODEyMDk1fQ.C4yrBBCt45_QE_T0tp7SjbQUl3K0ypmBSH7v06IdWKM&sid=eda258a2-bb2e-11ed-bd2d-d90a451b5459 HTTP 302
    http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e Page URL
  3. https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB Page URL
  4. https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d&url=https%3A%2F%2Fm.exactag.com%2Fcl.aspx%3FextProvId%3D100%26extProvApi%3D127910%26extPu%3Dkelkoo%26extLi%3DHerrenmode%26extPGid%3D231%26extPRid%3D95159921%26extID%3D9515992193-35-1706176724%26url%3Dhttps%253A%252F%252Fwww.baur.de%252Fp%252F95159921-35%253Fkk%253Da4c629a-186b0dde2a6-1469ee%2526AffiliateID%253Dkelkoo%2526ActionID%253D231%2526Name%253D95159921%2526NUMSArt%253D44486579%2526NUMSArtPc%253D44932696%2526WKZ%253D79%2526IWL%253D110%2526utm_source%253Dkelkoo%2526utm_medium%253DHerrenmode%2526utm_campaign%253D231%2526utm_content%253D95159921%2526kid%253D6%2526P1%253DMTMyNjE%253D&initiator=timeout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://sacdevolucaodeconsignadoindevido.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3ODAxMTc3NCwiaWF0IjoxNjc4MDA0NTc0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDRuZ2g5bDUyOXVqZDVwb2cwdm1sazciLCJuYmYiOjE2NzgwMDQ1NzQsInRzIjoxNjc4MDA0NTc0ODEyMDk1fQ.C4yrBBCt45_QE_T0tp7SjbQUl3K0ypmBSH7v06IdWKM&sid=eda258a2-bb2e-11ed-bd2d-d90a451b5459 HTTP 302
  • http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e
Request Chain 5
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 7
  • http://www.google-analytics.com/collect?v=1&_v=j99&a=1852173871&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=281268603.1678004577&tid=UA-32454353-1&_gid=1762937576.1678004577&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1049373169 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j99&a=1852173871&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=281268603.1678004577&tid=UA-32454353-1&_gid=1762937576.1678004577&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1049373169

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sacdevolucaodeconsignadoindevido.com/ 		497 B
965 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sacdevolucaodeconsignadoindevido.com/
Protocol
HTTP/1.1
Server
213.227.149.211 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control
max-age=0, private, must-revalidate
connection
close
content-length
497
content-type
text/html; charset=utf-8
date
Sun, 05 Mar 2023 08:22:54 GMT
server
nginx
redirect
r.redirekted.com/
Redirect Chain
  • http://sacdevolucaodeconsignadoindevido.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3ODAxMTc3NCwiaWF0IjoxNjc4MDA0NTc0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDR...
  • http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e
860 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e
Requested by
Host: sacdevolucaodeconsignadoindevido.com
URL: http://sacdevolucaodeconsignadoindevido.com/
Protocol
HTTP/1.1
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 / PHP/8.1.13
Resource Hash
0397cbcfafed5e4aa8ec38461e4c2916869c134a7563c4dd99d214906bafe62a

Request headers

Referer
http://sacdevolucaodeconsignadoindevido.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Mar 2023 08:22:55 GMT
Server
nginx/1.23.3
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.13

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Sun, 05 Mar 2023 08:22:55 GMT
location
http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e
server
nginx
adren.css
r.redirekted.com/css/ 		243 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://r.redirekted.com/css/adren.css?n=2378614467
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e
Protocol
HTTP/1.1
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 /
Resource Hash
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 08:22:56 GMT
Last-Modified
Sat, 03 Jul 2021 05:46:18 GMT
Server
nginx/1.23.3
ETag
"60dff9aa-f3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
243
adren.min.js
r.redirekted.com/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://r.redirekted.com/js/adren.min.js?n=2378614467
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e
Protocol
HTTP/1.1
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 /
Resource Hash
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 08:22:56 GMT
Last-Modified
Sat, 03 Jul 2021 05:46:18 GMT
Server
nginx/1.23.3
ETag
"60dff9aa-1d68"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7528
go
r.redirekted.com/ Frame DD9D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://r.redirekted.com/go?e=04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/js/adren.min.js?n=2378614467
Protocol
HTTP/1.1
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 / PHP/8.1.13
Resource Hash
b02ef063731eedcf069141f6dadae4775753247812928cd9209b8f37122a8c56

Request headers

Referer
http://r.redirekted.com/redirect?redirect_id=00c50fea79111f6441468f302999dd75&request_id=42548758591876555b0e32ff7abd7a7e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Mar 2023 08:22:56 GMT
Server
nginx/1.23.3
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.13
analytics.js
www.google-analytics.com/ Frame DD9D
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Protocol
H2
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://r.redirekted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 07:17:30 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3926
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 05 Mar 2023 09:17:30 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
collect
www.google-analytics.com/j/ Frame DD9D 		3 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1852173871&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=750968395&gjid=37350273&cid=281268603.1678004577&tid=UA-32454353-1&_gid=1762937576.1678004577&_r=1&_slc=1&z=1100194510
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://r.redirekted.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 08:22:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://r.redirekted.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame DD9D
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j99&a=1852173871&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWj...
  • https://www.google-analytics.com/collect?v=1&_v=j99&a=1852173871&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFW...
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1852173871&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=281268603.1678004577&tid=UA-32454353-1&_gid=1762937576.1678004577&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1049373169
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Protocol
H2
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://r.redirekted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Mar 2023 13:40:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67346
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j99&a=1852173871&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=281268603.1678004577&tid=UA-32454353-1&_gid=1762937576.1678004577&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1049373169
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
offersearchGo
de-go.kelkoogroup.net/ 		35 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB
Requested by
Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=04mWWSFWvbHsyVlL9gxWw1KW8xxsmEGL9IvWtclBk1QsYyaCefGA5bvCvVzXyHGC59Gr8RFWjuxXYMPFe4mW503F8xRsyHaC9gwVskKWvRzs2clF8AUrx5KW9jmXmEQL59Gr-RPX58IA3OKM7cRnYcPX9kmXcflEmp3W7bPXbkmXb03Em8GsOgFLxymX2uJDm4mV9HwC9jmZXE2BmR2KUyaCwuTs7jaL-AaXW13pvRJsXglBlfRLTIQXWEHr-D2F1pUrb13p44mZbVPL0V2VXSFWd8Ss-LPM85mW-blB0DJsmuKF9gRss53p4xxX7LlFeHFq9jUX4yxs2uKL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
17cd95304f9089711af69dfa80cc8cd7030b04d2baf5d7471867c1b1425afd33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://r.redirekted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Charset
utf-8
Content-Length
35514
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Mar 2023 08:22:57 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.234593S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-DataDome-CID
AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw==
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698154_1678004576934_5648947
country
de
leadId
62A001GTRDVRNMKNSJQHA4VVZFF46E
p.png
de-go.kelkoogroup.net/assets/images/ 		68 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de-go.kelkoogroup.net/assets/images/p.png?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 05 Mar 2023 08:22:57 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
leadId
62A001GTRDVRNMKNSJQHA4VVZFF46E
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.00158S
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
private, must-revalidate
clickId
107698154_1678004576934_5648947
country
de
X-Robots-Tag
noindex,nofollow
Content-Length
68
X-XSS-Protection
1; mode=block
tags.js
dd.kelkoogroup.net/ 		71 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/tags.js
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://de-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront), 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
date
Sun, 05 Mar 2023 08:05:47 GMT
x-amz-cf-pop
FRA60-P2, FRA2-C1
age
1031
x-cache
Hit from cloudfront
content-length
55820
last-modified
Thu, 23 Feb 2023 11:03:07 GMT
server
Apache
etag
"42ee3-5f55bf5301cea-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
rBD3njGFhZuoRHgjSpGT23s37_q_Hx28XP0d8Lso9pJv25E7YM0BYg==
expires
Sun, 05 Mar 2023 09:05:46 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fde-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1677921603172%26.sig%3Dw3K8vEkxJugT3GTd1wd5PfXT_Ps-%26affiliationId%3D96965856%26comId%3D100527426%26country%3Dde%26offerId%3De3feb811b5bb3eb7c867b659d33249e8%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Dj3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL%26custom2%3DjKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965856%7C100527426%7C&ul=en-us&de=UTF-8&dt=Weiterleitung%20zu%20baur.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAAABAAAAAC~&cid=974603341.1678004577&tid=UA-168544891-7&_gid=1822006639.1678004577&_r=1&cd1=96965856&cd2=62A001GTRDVRNMKNSJQHA4VVZFF46E&cd3=100527426&cd4=a4c629a-186b0dde2a6-1469ee&cd5=&cd6=96965856%7C100527426%7C&z=2081496148
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://de-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 08:22:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://de-go.kelkoogroup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp
de-go.kelkoogroup.net/ 		0
450 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://de-go.kelkoogroup.net/fp?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

Date
Sun, 05 Mar 2023 08:22:57 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
leadId
62A001GTRDVRNMKNSJQHA4VVZFF46E
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.005461S
X-Frame-Options
DENY
Content-Type
text/plain; charset=UTF-8
clickId
107698154_1678004576934_5648947
country
de
X-Robots-Tag
noindex,nofollow
Content-Length
0
X-XSS-Protection
1; mode=block
Primary Request redirect
de-go.kelkoogroup.net/ 		586 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d&url=https%3A%2F%2Fm.exactag.com%2Fcl.aspx%3FextProvId%3D100%26extProvApi%3D127910%26extPu%3Dkelkoo%26extLi%3DHerrenmode%26extPGid%3D231%26extPRid%3D95159921%26extID%3D9515992193-35-1706176724%26url%3Dhttps%253A%252F%252Fwww.baur.de%252Fp%252F95159921-35%253Fkk%253Da4c629a-186b0dde2a6-1469ee%2526AffiliateID%253Dkelkoo%2526ActionID%253D231%2526Name%253D95159921%2526NUMSArt%253D44486579%2526NUMSArtPc%253D44932696%2526WKZ%253D79%2526IWL%253D110%2526utm_source%253Dkelkoo%2526utm_medium%253DHerrenmode%2526utm_campaign%253D231%2526utm_content%253D95159921%2526kid%253D6%2526P1%253DMTMyNjE%253D&initiator=timeout
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
4c9098f791dff1fcc4686af2d8a493c180206ee26fc35514ace6496801610d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://de-go.kelkoogroup.net/offersearchGo?.ts=1677921603172&.sig=w3K8vEkxJugT3GTd1wd5PfXT_Ps-&affiliationId=96965856&comId=100527426&country=de&offerId=e3feb811b5bb3eb7c867b659d33249e8&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJq7fvqaR2ZuyRLdRJqUgvqafmZuE2FltFATcPXwpxZbDTCexlXOgvqaMxXuuJE3D3V1qmp8N2r7tKF8ElLW5KW8LRsyjKF3ZUqVk3pd8IsyjmL&custom2=jKWjuHsytaL9AUruqwqSExZvyRCexFrUAQB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Charset
utf-8
Content-Length
586
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Mar 2023 08:22:57 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.017967S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-DataDome-CID
AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw==
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-XSS-Protection
1; mode=block
c.js
ct.captcha-delivery.com/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.captcha-delivery.com/c.js
Requested by
Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d&url=https%3A%2F%2Fm.exactag.com%2Fcl.aspx%3FextProvId%3D100%26extProvApi%3D127910%26extPu%3Dkelkoo%26extLi%3DHerrenmode%26extPGid%3D231%26extPRid%3D95159921%26extID%3D9515992193-35-1706176724%26url%3Dhttps%253A%252F%252Fwww.baur.de%252Fp%252F95159921-35%253Fkk%253Da4c629a-186b0dde2a6-1469ee%2526AffiliateID%253Dkelkoo%2526ActionID%253D231%2526Name%253D95159921%2526NUMSArt%253D44486579%2526NUMSArtPc%253D44932696%2526WKZ%253D79%2526IWL%253D110%2526utm_source%253Dkelkoo%2526utm_medium%253DHerrenmode%2526utm_campaign%253D231%2526utm_content%253D95159921%2526kid%253D6%2526P1%253DMTMyNjE%253D&initiator=timeout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e4d54c14ce63d3e4d711fa10df5548453d50a56367bf3baecf3d0d691a054d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://de-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 00:09:20 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 14:19:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
29618
etag
"356498c1bc115dd0ca551beaf035d160"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6712
x-amz-cf-id
SQal5a-9XgoYZimjvufclVDloUG27QnLRxJU-23P1_K_CxKzROL2qA==
/
geo.captcha-delivery.com/captcha/ Frame 7990 		324 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d%26url%3Dhttps%253A%252F%252Fm.exactag.com%252Fcl.aspx%253FextProvId%253D100%2526extProvApi%253D127910%2526extPu%253Dkelkoo%2526extLi%253DHerrenmode%2526extPGid%253D231%2526extPRid%253D95159921%2526extID%253D9515992193-35-1706176724%2526url%253Dhttps%25253A%25252F%25252Fwww.baur.de%25252Fp%25252F95159921-35%25253Fkk%25253Da4c629a-186b0dde2a6-1469ee%252526AffiliateID%25253Dkelkoo%252526ActionID%25253D231%252526Name%25253D95159921%252526NUMSArt%25253D44486579%252526NUMSArtPc%25253D44932696%252526WKZ%25253D79%252526IWL%25253D110%252526utm_source%25253Dkelkoo%252526utm_medium%25253DHerrenmode%252526utm_campaign%25253D231%252526utm_content%25253D95159921%252526kid%25253D6%252526P1%25253DMTMyNjE%25253D%26initiator%3Dtimeout&s=35103&e=091cca4d0316ce8da5ce6848f8b6d26ef93272a7d2ef90d76ba7e6fa9bc2e6cc
Requested by
Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.14.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-14-91.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a411df1fc63fddcae3cf1e03bfaa91452f49d9301750207e23fcd91becd69eff

Request headers

Referer
https://de-go.kelkoogroup.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sun, 05 Mar 2023 08:22:57 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
f86fbfdb23015464fd1996e8d966d6bb.jpg
dd.prod.captcha-delivery.com/image/2023-03-05/ Frame 7990 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dd.prod.captcha-delivery.com/image/2023-03-05/f86fbfdb23015464fd1996e8d966d6bb.jpg
Requested by
Host: geo.captcha-delivery.com
URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d%26url%3Dhttps%253A%252F%252Fm.exactag.com%252Fcl.aspx%253FextProvId%253D100%2526extProvApi%253D127910%2526extPu%253Dkelkoo%2526extLi%253DHerrenmode%2526extPGid%253D231%2526extPRid%253D95159921%2526extID%253D9515992193-35-1706176724%2526url%253Dhttps%25253A%25252F%25252Fwww.baur.de%25252Fp%25252F95159921-35%25253Fkk%25253Da4c629a-186b0dde2a6-1469ee%252526AffiliateID%25253Dkelkoo%252526ActionID%25253D231%252526Name%25253D95159921%252526NUMSArt%25253D44486579%252526NUMSArtPc%25253D44932696%252526WKZ%25253D79%252526IWL%25253D110%252526utm_source%25253Dkelkoo%252526utm_medium%25253DHerrenmode%252526utm_campaign%25253D231%252526utm_content%25253D95159921%252526kid%25253D6%252526P1%25253DMTMyNjE%25253D%26initiator%3Dtimeout&s=35103&e=091cca4d0316ce8da5ce6848f8b6d26ef93272a7d2ef90d76ba7e6fa9bc2e6cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07b4e614f301105777304b972a8d65bdb652d428f06d863225710e27c4642df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://geo.captcha-delivery.com/
Origin
https://geo.captcha-delivery.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 00:23:49 GMT
x-amz-version-id
vVAJwYqzMxaHuimj6wvoAzdPZPxVR7lq
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA2-C1
age
28750
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12956
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-amz-expiration
expiry-date="Thu, 09 Mar 2023 00:00:00 GMT", rule-id="auto-clean old captchas (7 days)"
last-modified
Wed, 01 Mar 2023 04:51:30 GMT
server
AmazonS3
etag
"7a53b650557b169baf2eebf11bf60405"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options
SAMEORIGIN
accept-ranges
bytes
x-amz-cf-id
rCh-yCrO9efVcK-KgO-Mu9dMNa4lH0Ii5i-U01OABjPRBVUA9L1bLw==
f86fbfdb23015464fd1996e8d966d6bb.frag.png
dd.prod.captcha-delivery.com/image/2023-03-05/ Frame 7990 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dd.prod.captcha-delivery.com/image/2023-03-05/f86fbfdb23015464fd1996e8d966d6bb.frag.png
Requested by
Host: geo.captcha-delivery.com
URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d%26url%3Dhttps%253A%252F%252Fm.exactag.com%252Fcl.aspx%253FextProvId%253D100%2526extProvApi%253D127910%2526extPu%253Dkelkoo%2526extLi%253DHerrenmode%2526extPGid%253D231%2526extPRid%253D95159921%2526extID%253D9515992193-35-1706176724%2526url%253Dhttps%25253A%25252F%25252Fwww.baur.de%25252Fp%25252F95159921-35%25253Fkk%25253Da4c629a-186b0dde2a6-1469ee%252526AffiliateID%25253Dkelkoo%252526ActionID%25253D231%252526Name%25253D95159921%252526NUMSArt%25253D44486579%252526NUMSArtPc%25253D44932696%252526WKZ%25253D79%252526IWL%25253D110%252526utm_source%25253Dkelkoo%252526utm_medium%25253DHerrenmode%252526utm_campaign%25253D231%252526utm_content%25253D95159921%252526kid%25253D6%252526P1%25253DMTMyNjE%25253D%26initiator%3Dtimeout&s=35103&e=091cca4d0316ce8da5ce6848f8b6d26ef93272a7d2ef90d76ba7e6fa9bc2e6cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cef9f2163df63c7f7d976757967393251e9f054153c54eb029e2d76b00f62fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://geo.captcha-delivery.com/
Origin
https://geo.captcha-delivery.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 00:23:49 GMT
x-amz-version-id
pCZrb.zhFfNLDrzZz55uyJ97EH2njSV9
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA2-C1
age
28750
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6600
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-amz-expiration
expiry-date="Thu, 09 Mar 2023 00:00:00 GMT", rule-id="auto-clean old captchas (7 days)"
last-modified
Wed, 01 Mar 2023 04:51:30 GMT
server
AmazonS3
etag
"404252f639f2cacd7cb9222ead2c413e"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options
SAMEORIGIN
accept-ranges
bytes
x-amz-cf-id
VVULtTwk_FTYp3Hj6kHijvgmOz2ArmPUAW6SHkMKoz8X9PI2kLVnZQ==
index.css
static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame 7990 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css
Requested by
Host: geo.captcha-delivery.com
URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d%26url%3Dhttps%253A%252F%252Fm.exactag.com%252Fcl.aspx%253FextProvId%253D100%2526extProvApi%253D127910%2526extPu%253Dkelkoo%2526extLi%253DHerrenmode%2526extPGid%253D231%2526extPRid%253D95159921%2526extID%253D9515992193-35-1706176724%2526url%253Dhttps%25253A%25252F%25252Fwww.baur.de%25252Fp%25252F95159921-35%25253Fkk%25253Da4c629a-186b0dde2a6-1469ee%252526AffiliateID%25253Dkelkoo%252526ActionID%25253D231%252526Name%25253D95159921%252526NUMSArt%25253D44486579%252526NUMSArtPc%25253D44932696%252526WKZ%25253D79%252526IWL%25253D110%252526utm_source%25253Dkelkoo%252526utm_medium%25253DHerrenmode%252526utm_campaign%25253D231%252526utm_content%25253D95159921%252526kid%25253D6%252526P1%25253DMTMyNjE%25253D%26initiator%3Dtimeout&s=35103&e=091cca4d0316ce8da5ce6848f8b6d26ef93272a7d2ef90d76ba7e6fa9bc2e6cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:9000:7:c516:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed243a7fa712a26559089ad5eadb7bffb314357ac21966fe20f5cef1fb6355b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geo.captcha-delivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
date
Sun, 05 Mar 2023 03:43:08 GMT
last-modified
Tue, 09 Jul 2019 14:35:24 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
16792
etag
W/"8ba3717dee9fac12ab09dda082b49fac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
v_6TgPMfYY-TlN7Cjob6Y311vXgrO1EQcA3AqLSV-CoDoiqheECEIg==
font-face.css
static.captcha-delivery.com/common/fonts/roboto/ Frame 7990 		287 B
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.captcha-delivery.com/common/fonts/roboto/font-face.css
Requested by
Host: geo.captcha-delivery.com
URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d%26url%3Dhttps%253A%252F%252Fm.exactag.com%252Fcl.aspx%253FextProvId%253D100%2526extProvApi%253D127910%2526extPu%253Dkelkoo%2526extLi%253DHerrenmode%2526extPGid%253D231%2526extPRid%253D95159921%2526extID%253D9515992193-35-1706176724%2526url%253Dhttps%25253A%25252F%25252Fwww.baur.de%25252Fp%25252F95159921-35%25253Fkk%25253Da4c629a-186b0dde2a6-1469ee%252526AffiliateID%25253Dkelkoo%252526ActionID%25253D231%252526Name%25253D95159921%252526NUMSArt%25253D44486579%252526NUMSArtPc%25253D44932696%252526WKZ%25253D79%252526IWL%25253D110%252526utm_source%25253Dkelkoo%252526utm_medium%25253DHerrenmode%252526utm_campaign%25253D231%252526utm_content%25253D95159921%252526kid%25253D6%252526P1%25253DMTMyNjE%25253D%26initiator%3Dtimeout&s=35103&e=091cca4d0316ce8da5ce6848f8b6d26ef93272a7d2ef90d76ba7e6fa9bc2e6cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:9000:7:c516:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03cd31e4d3c37c852aec70f0c5bb40641131ba56ea401ba48b7b5d4c68f3d39a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geo.captcha-delivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 04 Mar 2023 20:47:13 GMT
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 16:47:07 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
41746
etag
"6fda0c9bdd9b51bc0805fa37f22eb90b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
287
x-amz-cf-id
7Kx6dl_VBbwtmutOYweDn6g3h0zsL2ZkqgYodqaNc4rK-5k7bZIFFg==
loading_spinner.gif
static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame 7990 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/loading_spinner.gif
Requested by
Host: geo.captcha-delivery.com
URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d%26url%3Dhttps%253A%252F%252Fm.exactag.com%252Fcl.aspx%253FextProvId%253D100%2526extProvApi%253D127910%2526extPu%253Dkelkoo%2526extLi%253DHerrenmode%2526extPGid%253D231%2526extPRid%253D95159921%2526extID%253D9515992193-35-1706176724%2526url%253Dhttps%25253A%25252F%25252Fwww.baur.de%25252Fp%25252F95159921-35%25253Fkk%25253Da4c629a-186b0dde2a6-1469ee%252526AffiliateID%25253Dkelkoo%252526ActionID%25253D231%252526Name%25253D95159921%252526NUMSArt%25253D44486579%252526NUMSArtPc%25253D44932696%252526WKZ%25253D79%252526IWL%25253D110%252526utm_source%25253Dkelkoo%252526utm_medium%25253DHerrenmode%252526utm_campaign%25253D231%252526utm_content%25253D95159921%252526kid%25253D6%252526P1%25253DMTMyNjE%25253D%26initiator%3Dtimeout&s=35103&e=091cca4d0316ce8da5ce6848f8b6d26ef93272a7d2ef90d76ba7e6fa9bc2e6cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:9000:7:c516:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fab79f1dfdc7b759da9e1c4d80169bc879352b47bf0cf9352e3eeaed39e55de7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geo.captcha-delivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 05 Mar 2023 03:30:35 GMT
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jul 2018 12:27:34 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
17543
etag
"18be94cf37fa0da67af3c46ddebca50a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
44663
x-amz-cf-id
JmiTfgcHVdhM0F2gyLFZQCK6CcYFcJPJfM4PcL-C5EHzJIrfSjhoPQ==
tags.js
js.datadome.co/ Frame 7990 		268 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.datadome.co/tags.js
Requested by
Host: geo.captcha-delivery.com
URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d%26url%3Dhttps%253A%252F%252Fm.exactag.com%252Fcl.aspx%253FextProvId%253D100%2526extProvApi%253D127910%2526extPu%253Dkelkoo%2526extLi%253DHerrenmode%2526extPGid%253D231%2526extPRid%253D95159921%2526extID%253D9515992193-35-1706176724%2526url%253Dhttps%25253A%25252F%25252Fwww.baur.de%25252Fp%25252F95159921-35%25253Fkk%25253Da4c629a-186b0dde2a6-1469ee%252526AffiliateID%25253Dkelkoo%252526ActionID%25253D231%252526Name%25253D95159921%252526NUMSArt%25253D44486579%252526NUMSArtPc%25253D44932696%252526WKZ%25253D79%252526IWL%25253D110%252526utm_source%25253Dkelkoo%252526utm_medium%25253DHerrenmode%252526utm_campaign%25253D231%252526utm_content%25253D95159921%252526kid%25253D6%252526P1%25253DMTMyNjE%25253D%26initiator%3Dtimeout&s=35103&e=091cca4d0316ce8da5ce6848f8b6d26ef93272a7d2ef90d76ba7e6fa9bc2e6cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
0270c3c72ee7e14a08529b830abcb6673c0fe79606726b1b4089c6b55325bd47
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geo.captcha-delivery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 08:05:46 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1032
x-cache
Hit from cloudfront
content-length
55820
last-modified
Thu, 23 Feb 2023 11:03:07 GMT
server
Apache
etag
"42ee3-5f55bf5301cea-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
3Yl7xIjUYHxj4mzURLsUN_nJ2hKiSlBTt9W08PQPgkPR1MoVx8BJCg==
expires
Sun, 05 Mar 2023 09:05:46 GMT
truncated
/ Frame 7990 		707 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e60979021e384209bd6adc873bd3e898e443a09f539288ffb5b9e3ec2e34046

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7990 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c54cb9a12083d46f17eeeaa0f3fd26a25405f489696bb1cdcd504bea1cf3b9a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7990 		634 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a028b873ea59dce22f2ad131ec24bebe58b7bc37a1f1a46e9a027a4ed623097f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7990 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
670415a9265c06166a9e53350ea09f416113752897f75323ddffcba7d5eaa434

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
7a6cbfeb-3eb0-4207-a237-6129d9be98d1
https://geo.captcha-delivery.com/ Frame 7990 		251 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://geo.captcha-delivery.com/7a6cbfeb-3eb0-4207-a237-6129d9be98d1
Requested by
Host: geo.captcha-delivery.com
URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAMb7CGELoZ5YAX9PHgw%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt&t=fe&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dde%26k%3D612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d%26url%3Dhttps%253A%252F%252Fm.exactag.com%252Fcl.aspx%253FextProvId%253D100%2526extProvApi%253D127910%2526extPu%253Dkelkoo%2526extLi%253DHerrenmode%2526extPGid%253D231%2526extPRid%253D95159921%2526extID%253D9515992193-35-1706176724%2526url%253Dhttps%25253A%25252F%25252Fwww.baur.de%25252Fp%25252F95159921-35%25253Fkk%25253Da4c629a-186b0dde2a6-1469ee%252526AffiliateID%25253Dkelkoo%252526ActionID%25253D231%252526Name%25253D95159921%252526NUMSArt%25253D44486579%252526NUMSArtPc%25253D44932696%252526WKZ%25253D79%252526IWL%25253D110%252526utm_source%25253Dkelkoo%252526utm_medium%25253DHerrenmode%252526utm_campaign%25253D231%252526utm_content%25253D95159921%252526kid%25253D6%252526P1%25253DMTMyNjE%25253D%26initiator%3Dtimeout&s=35103&e=091cca4d0316ce8da5ce6848f8b6d26ef93272a7d2ef90d76ba7e6fa9bc2e6cc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
926a1b696c1c9750e0ce2e24fe7980937ebe43db5076081ea1326c143dd91535

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length
251
Content-Type
text/javascript
/
api-js.datadome.co/js/ Frame 7990 		241 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.65.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-65-230.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
4ccb0091233dfa6a92b3789b5983d759fa295aa07efd03a7eee2769317d32e21

Request headers

Referer
https://geo.captcha-delivery.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 08:22:59 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
241
expires
0

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| dd undefined| isIframeLoaded undefined| maxTimeoutMs undefined| initialTime function| iframeOnload

9 Cookies

Domain/Path Name / Value
.sacdevolucaodeconsignadoindevido.com/ Name: sid
Value: eda258a2-bb2e-11ed-bd2d-d90a451b5459
r.redirekted.com/ Name: uuid
Value: 1303262468807579904
.redirekted.com/ Name: _ga
Value: GA1.2.281268603.1678004577
.redirekted.com/ Name: _gid
Value: GA1.2.1762937576.1678004577
.redirekted.com/ Name: _gat
Value: 1
.kelkoogroup.net/ Name: kelkooID
Value: a4c629a-186b0dde2a6-1469ee
.kelkoogroup.net/ Name: _ga
Value: GA1.2.974603341.1678004577
.kelkoogroup.net/ Name: _gid
Value: GA1.2.1822006639.1678004577
.kelkoogroup.net/ Name: datadome
Value: 2t7onIxLmhoSK4EqzW9pA2DlfvHC55i1C9qnnUjYStLeenuguIQ5r8yFXE1yPcY9ZAmwKLwrs~2Vbjh5gBCejssSlcLkpvK~2LMygfMe9ecWXEF7tGjDO8PFPUbXVaTt

1 Console Messages

Source Level URL
Text
network error URL: https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d321109c24256376ada6249e96f9f80ea2bdeb954f67293c172272bdc93729c6f5c5c866ee59d58223bcb2180fcb44ad7c15da233de78beb427b5dcd408eeb9ddbff64aa1cc5c73e501936e585c5a4b92d71b2438a6556e0bf18fff9dec93bd1e30068c0d6cd3158c0876cdcc16568b98988bc67a68976b4f0c4da8edbb3706685aa31e80f4dd5eff05f810008d0e73dd29d8958e8e5eb218278273c7c5995383c0d7a6686e372e32cacb6c48cc01ffe28c20aec4616bcebd8a818af90deafed46d2b3134fe08d419d6a6081252c5e93bf4ec62e20c05dafe293ce922bb994671615ef3fff0d27c8a6e2c9382d7d99aa427e8951c336906e913617122c2223e22960f77f58e2b4e165fc50b2cd0be9462ea06e66b9092e96f5d9370986a74c0be11185b7f214aac5dd78514ced04565a8ea9df6905bc4d7a96f1353ede4f49847112af86e38c54a3afc1fc5c35a15a8ac2db31292ab11de6d1dbd03fa50012810d0441384013c0c094f2b3bb9a3a3b457cfdc7871d6e659b49ea66c49eebc3c8719dfb403a6d5333bc58353d510f12da60d2d&url=https%3A%2F%2Fm.exactag.com%2Fcl.aspx%3FextProvId%3D100%26extProvApi%3D127910%26extPu%3Dkelkoo%26extLi%3DHerrenmode%26extPGid%3D231%26extPRid%3D95159921%26extID%3D9515992193-35-1706176724%26url%3Dhttps%253A%252F%252Fwww.baur.de%252Fp%252F95159921-35%253Fkk%253Da4c629a-186b0dde2a6-1469ee%2526AffiliateID%253Dkelkoo%2526ActionID%253D231%2526Name%253D95159921%2526NUMSArt%253D44486579%2526NUMSArtPc%253D44932696%2526WKZ%253D79%2526IWL%253D110%2526utm_source%253Dkelkoo%2526utm_medium%253DHerrenmode%2526utm_campaign%253D231%2526utm_content%253D95159921%2526kid%253D6%2526P1%253DMTMyNjE%253D&initiator=timeout
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
ct.captcha-delivery.com
dd.kelkoogroup.net
dd.prod.captcha-delivery.com
de-go.kelkoogroup.net
geo.captcha-delivery.com
js.datadome.co
r.redirekted.com
sacdevolucaodeconsignadoindevido.com
static.captcha-delivery.com
www.google-analytics.com
13.224.189.117
13.224.189.20
13.224.189.51
13.225.78.46
18.194.14.91
213.227.149.211
2600:9000:211a:9000:7:c516:5a80:93a1
2a00:1450:400d:80a::200e
3.66.65.230
66.165.243.160
95.211.116.26
0270c3c72ee7e14a08529b830abcb6673c0fe79606726b1b4089c6b55325bd47
0397cbcfafed5e4aa8ec38461e4c2916869c134a7563c4dd99d214906bafe62a
03cd31e4d3c37c852aec70f0c5bb40641131ba56ea401ba48b7b5d4c68f3d39a
07b4e614f301105777304b972a8d65bdb652d428f06d863225710e27c4642df8
17cd95304f9089711af69dfa80cc8cd7030b04d2baf5d7471867c1b1425afd33
1cef9f2163df63c7f7d976757967393251e9f054153c54eb029e2d76b00f62fb
3e60979021e384209bd6adc873bd3e898e443a09f539288ffb5b9e3ec2e34046
4c9098f791dff1fcc4686af2d8a493c180206ee26fc35514ace6496801610d41
4ccb0091233dfa6a92b3789b5983d759fa295aa07efd03a7eee2769317d32e21
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
670415a9265c06166a9e53350ea09f416113752897f75323ddffcba7d5eaa434
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e4d54c14ce63d3e4d711fa10df5548453d50a56367bf3baecf3d0d691a054d7
926a1b696c1c9750e0ce2e24fe7980937ebe43db5076081ea1326c143dd91535
a028b873ea59dce22f2ad131ec24bebe58b7bc37a1f1a46e9a027a4ed623097f
a411df1fc63fddcae3cf1e03bfaa91452f49d9301750207e23fcd91becd69eff
b02ef063731eedcf069141f6dadae4775753247812928cd9209b8f37122a8c56
c54cb9a12083d46f17eeeaa0f3fd26a25405f489696bb1cdcd504bea1cf3b9a7
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed243a7fa712a26559089ad5eadb7bffb314357ac21966fe20f5cef1fb6355b1
fab79f1dfdc7b759da9e1c4d80169bc879352b47bf0cf9352e3eeaed39e55de7