![](/screenshots/1b63abd8-5211-441a-845d-91a34a9ac290.png)
www.regenere8.com
Open in
urlscan Pro
185.34.32.130
Public Scan
Effective URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_sour...
Submission: On April 22 via api from BE — Scanned from FR
Summary
TLS certificate: Issued by R3 on April 3rd 2022. Valid for: 3 months.
This is the only time www.regenere8.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-227-194.eu-west-1.compute.amazonaws.com
er.cloud-media.fr |
ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr |
ASN28855 (OCTOPUCE-AS Customers , FR)
PTR: bluesteelweb2.octopuce.fr
www.regenere8.com | |
www.bluesteel.fr |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-88.fra56.r.cloudfront.net
static.hotjar.com |
ASN28855 (OCTOPUCE-AS Customers , FR)
PTR: bluesteelweb1.octopuce.fr
s2s.nutrisolution.fr |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net
vars.hotjar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
obfity.net
go.obfity.net |
8 KB |
4 |
regenere8.com
www.regenere8.com |
68 KB |
4 |
la-meteo-mail.fr
3 redirects
wtm.la-meteo-mail.fr — Cisco Umbrella Rank: 903202 pws.la-meteo-mail.fr |
4 KB |
3 |
google.fr
www.google.fr — Cisco Umbrella Rank: 15352 |
762 B |
3 |
google.com
analytics.google.com — Cisco Umbrella Rank: 637 www.google.com — Cisco Umbrella Rank: 2 |
1004 B |
3 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 |
2 KB |
3 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 591 script.hotjar.com — Cisco Umbrella Rank: 840 vars.hotjar.com — Cisco Umbrella Rank: 885 |
67 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
59 KB |
3 |
gstatic.com
fonts.gstatic.com |
100 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39 |
2 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 102 |
388 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 137 |
114 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58 |
146 KB |
2 |
bluesteel.fr
www.bluesteel.fr |
4 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212 |
82 KB |
2 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2248 |
42 KB |
2 |
weborama.fr
2 redirects
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9852 |
522 B |
2 |
cloud-media.fr
1 redirects
er.cloud-media.fr — Cisco Umbrella Rank: 235432 |
421 B |
2 |
phywi.org
r.phywi.org — Cisco Umbrella Rank: 106118 |
1 KB |
1 |
nutrisolution.fr
s2s.nutrisolution.fr |
955 B |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 103 |
15 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437 |
8 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 610 |
24 KB |
1 |
s3s-main.net
s3s-main.net — Cisco Umbrella Rank: 180287 |
1 KB |
51 | 24 |
Domain | Requested by | |
---|---|---|
5 | go.obfity.net |
www.regenere8.com
go.obfity.net |
4 | www.regenere8.com |
wtm.la-meteo-mail.fr
www.regenere8.com |
3 | www.google.fr |
www.regenere8.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.regenere8.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | fonts.googleapis.com |
www.regenere8.com
|
3 | wtm.la-meteo-mail.fr | 2 redirects |
2 | www.facebook.com |
www.regenere8.com
|
2 | www.google.com |
www.regenere8.com
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
2 | connect.facebook.net |
s3s-main.net
connect.facebook.net |
2 | www.googletagmanager.com |
www.regenere8.com
www.googletagmanager.com |
2 | www.bluesteel.fr |
www.regenere8.com
|
2 | cdnjs.cloudflare.com |
www.regenere8.com
cdnjs.cloudflare.com |
2 | stackpath.bootstrapcdn.com |
www.regenere8.com
|
2 | redirect.frontend.weborama.fr | 2 redirects |
2 | er.cloud-media.fr |
1 redirects
wtm.la-meteo-mail.fr
|
2 | r.phywi.org |
wtm.la-meteo-mail.fr
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | s2s.nutrisolution.fr |
s3s-main.net
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | cdn.jsdelivr.net |
www.regenere8.com
|
1 | code.jquery.com |
www.regenere8.com
|
1 | pws.la-meteo-mail.fr | 1 redirects |
1 | s3s-main.net | |
51 | 29 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
s3s.fr Sectigo RSA Domain Validation Secure Server CA |
2021-04-21 - 2022-05-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-13 - 2022-07-12 |
a year | crt.sh |
*.phywi.org Gandi Standard SSL CA 2 |
2022-01-13 - 2023-02-13 |
a year | crt.sh |
www.regenere8.com R3 |
2022-04-03 - 2022-07-02 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
go.obfity.net Sectigo RSA Domain Validation Secure Server CA |
2021-11-12 - 2022-12-13 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
www.bluesteel.fr R3 |
2022-03-27 - 2022-06-25 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-01-29 - 2022-04-29 |
3 months | crt.sh |
s2s.nutrisolution.fr R3 |
2022-03-21 - 2022-06-19 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.google.fr GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Frame ID: F33FB2C4200B80A816CAD6FB499CF3B0
Requests: 50 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 3E9A0534B38D4D7BBD18191E356226C0
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/1b63abd8-5211-441a-845d-91a34a9ac290.png)
Page Title
La chose simple que j’ai faite avant de me coucher pour perdre 27 kilosPage URL History Show full URLs
- https://s3s-main.net/fw19c3/19563171/10111665/1637535747.html?p=9c0ca0022c2ff4e81ae0028577f633fa&... Page URL
-
https://wtm.la-meteo-mail.fr/r/eNqFkFtvozAQhX8N%2B9biO%2FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA...
HTTP 302
https://wtm.la-meteo-mail.fr/w/559948/39564c48f263b3f97a20af52fd48b15d/1835/105/768940bdf462d1f2eb026686e... HTTP 302
https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-m... Page URL
-
https://pws.la-meteo-mail.fr/ndc/GZ7L86V0?ps_ee=39564c48f263b3f97a20af52fd48b15d&ps_ee=542609b2c7ce1a52b8...
HTTP 302
https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspac... Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
- googleapis\.com/.+webfont
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/Hotjar.png)
Detected patterns
- //static\.hotjar\.com/
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://s3s-main.net/fw19c3/19563171/10111665/1637535747.html?p=9c0ca0022c2ff4e81ae0028577f633fa&u=https%3A%2F%2Fwtm.la-meteo-mail.fr%2Fr%2FeNqFkFtvozAQhX8N%252B9biO%252FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%252F44PH8PQnwL8GKDUV38%252B3X%252FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%252B9O7tQGe%252F5YoQOy%252FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%252B%252FGP0w1e3Lasx%252Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%252BkCrqvpcHR4qUxSQpEu5X%252BAFWmpZP Page URL
-
https://wtm.la-meteo-mail.fr/r/eNqFkFtvozAQhX8N%2B9biO%2FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%2F44PH8PQnwL8GKDUV38%2B3X%2FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%2B9O7tQGe%2F5YoQOy%2FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%2B%2FGP0w1e3Lasx%2Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%2BkCrqvpcHR4qUxSQpEu5X%2BAFWmpZP
HTTP 302
https://wtm.la-meteo-mail.fr/w/559948/39564c48f263b3f97a20af52fd48b15d/1835/105/768940bdf462d1f2eb026686e6e1db12/2/2/a/?u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D HTTP 302
https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D Page URL
-
https://pws.la-meteo-mail.fr/ndc/GZ7L86V0?ps_ee=39564c48f263b3f97a20af52fd48b15d&ps_ee=542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b&ps_g=Mme&ps_a=1963&ps_z=$CODE_POSTAL$&z=1
HTTP 302
https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://wtm.la-meteo-mail.fr/r/eNqFkFtvozAQhX8N%2B9biO%2FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%2F44PH8PQnwL8GKDUV38%2B3X%2FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%2B9O7tQGe%2F5YoQOy%2FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%2B%2FGP0w1e3Lasx%2Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%2BkCrqvpcHR4qUxSQpEu5X%2BAFWmpZP HTTP 302
- https://wtm.la-meteo-mail.fr/w/559948/39564c48f263b3f97a20af52fd48b15d/1835/105/768940bdf462d1f2eb026686e6e1db12/2/2/a/?u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D HTTP 302
- https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D
- https://er.cloud-media.fr/r/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
- https://er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
- https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D{WEBO_CID} HTTP 302
- https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1201091407 HTTP 302
- https://r.phywi.org/webo.gif?md=39564c48f263b3f97a20af52fd48b15d&wb=2ZcXc3Fp7y/0nySm3lazjO
51 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
1637535747.html
s3s-main.net/fw19c3/19563171/10111665/ |
652 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
redirection.html
wtm.la-meteo-mail.fr/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cl.gif
r.phywi.org/ |
43 B 577 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/ Redirect Chain
|
35 B 230 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webo.gif
r.phywi.org/ Redirect Chain
|
43 B 576 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
actu-rm1c.php
www.regenere8.com/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ |
156 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lp1a.css
www.regenere8.com/assets/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 554 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view.js
go.obfity.net/ |
203 B 563 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor2.png
www.regenere8.com/assets/img/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lemon.jpg
www.regenere8.com/assets/img/ |
51 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.slim.min.js
code.jquery.com/ |
69 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ |
59 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bl.js
www.bluesteel.fr/_minisite/v2/assets/js/common/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
244 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 633 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view
go.obfity.net/ |
0 0 |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v24/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.bluesteel.fr/_tk/ |
0 63 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unilpclick.js
go.obfity.net/ |
6 KB 7 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
180 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize.js
www.google-analytics.com/gtm/ |
102 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2735377.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.php
s2s.nutrisolution.fr/ |
2 KB 955 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
61f796741cfe1c0001816be9
go.obfity.net/ |
188 B 789 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.0076bf93c385ddf0ff58.js
script.hotjar.com/ |
239 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view
go.obfity.net/ |
0 306 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/741862708/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 349 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 349 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.fr/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 151 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
671812849921469
connect.facebook.net/signals/config/ |
306 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-4924254a9ce4dc9b959b6e4a9b662d60.html
vars.hotjar.com/ Frame 3E9A |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.fr/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/741862708/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.fr/pagead/1p-user-list/741862708/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
118 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer object| currentDate number| day number| month number| year function| $ function| jQuery function| Popper object| bootstrap function| scv function| mnc function| rdmS function| trim function| getCookie function| setCookie function| deleteOneCookie function| deleteAllCookies function| gqs object| d object| w string| p string| u string| dT1 string| dT2 string| pQ string| pC string| bld string| visitorid object| urlParams object| urlParamsTab string| infParams undefined| _tvi string| _blp string| _bldT1 string| _bldT2 string| _bld string| _blpo undefined| _obTracking undefined| _taboolaclickid undefined| _ligTracking undefined| _ks undefined| _stn undefined| _crm undefined| _mforce undefined| _fbclid undefined| _gclid string| _cid undefined| _mxm undefined| _iid undefined| _obclid string| _powerspace function| geturlParams string| genericTracking undefined| _genericTracking object| img function| mobileAndTabletCheck function| loadRedTrackClickTracking function| waitAndTag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| gtag object| fks2sdata function| fks2s object| head object| script string| actualPage string| previousPage string| trackerPage function| redTrk object| campaignIds function| parseBool string| cookieDomain number| cookieDuration boolean| registerViewOncePerSession boolean| lastPaidClickAttribution boolean| firstClickAttribution string| attribution undefined| ourCookie string| rtkClickID function| removeParam string| locSearch undefined| rtkfbp undefined| rtkfbc string| pixelParams string| campaignID object| souceKey string| initialSrc object| rawData function| replaceLink function| setSessionClickID object| rtkxhr string| ip string| ua function| fks2sInit object| gaplugins object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| rtkxhrr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaGlobal function| onYouTubeIframeAPIReady object| google_optimize object| gaData31 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.s3s-main.net/ | Name: wm_welcoming_v2 Value: %2Cfw_19563171%2C%3B3667825856 |
|
.phywi.org/ | Name: pl Value: a%3A1%3A%7Bi%3A0%3Bs%3A40%3A%220284%3A675d59g374c4g%3A8b31bg63ge59c26e05d52%22%3B%7D |
|
.weborama.fr/ | Name: AFFICHE_W Value: 2ULDdoLN@JnZ51 |
|
.cloud-media.fr/ | Name: l_id Value: 39564c48f263b3f97a20af52fd48b15d |
|
.la-meteo-mail.fr/ | Name: pstuid Value: ec60bf57-de2d-4b19-9780-b2dd3bdd95a1 |
|
www.regenere8.com/ | Name: blv Value: BL-KsA68-PY4kLTKNAY-Z6MW0 |
|
www.regenere8.com/ | Name: blc Value: 1 |
|
www.regenere8.com/ | Name: blpc Value: powerspace |
|
www.regenere8.com/ | Name: bl_dT1 Value: FRstandard |
|
www.regenere8.com/ | Name: bl_dT2 Value: default |
|
www.regenere8.com/ | Name: bld Value: CJ-JtA9X-VV0bMX1B0Z-SZnZO |
|
www.regenere8.com/ | Name: cid_bltrk Value: 9017ae1a-e2b4-407b-939b-eb7dbcebcf3d |
|
www.regenere8.com/ | Name: powerspace_tracking Value: 9017ae1a-e2b4-407b-939b-eb7dbcebcf3d |
|
www.regenere8.com/ | Name: entry_prefix Value: part%3Dpowerspace%26data1%3DFRstandard%26utm_campaign%3DRegenerPowerspaceFRstandard%26utm_source%3Dpowerspace%26utm_medium%3Dcpc%26cid%3D9017ae1a-e2b4-407b-939b-eb7dbcebcf3d |
|
www.regenere8.com/ | Name: entry_domain Value: www.regenere8.com |
|
.regenere8.com/ | Name: _gcl_au Value: 1.1.988231206.1650662130 |
|
www.regenere8.com/ | Name: actual_page Value: undefined |
|
www.regenere8.com/ | Name: previous_page Value: |
|
www.regenere8.com/ | Name: test Value: 0 |
|
.www.regenere8.com/ | Name: rtkclickid-store Value: 62631af23eb8670001dffcc8 |
|
.regenere8.com/ | Name: _ga_YCTQFXTTF6 Value: GS1.1.1650662130.1.0.1650662130.60 |
|
.regenere8.com/ | Name: _ga Value: GA1.2.2090214115.1650662131 |
|
.regenere8.com/ | Name: _gid Value: GA1.2.352141064.1650662131 |
|
.regenere8.com/ | Name: _dc_gtm_UA-183901988-1 Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.regenere8.com/ | Name: _hjSessionUser_2735377 Value: eyJpZCI6IjYwZTM0NDQ5LWJjMjgtNTQ4ZC1hZmYxLTkzY2U4NTk4YWRjZSIsImNyZWF0ZWQiOjE2NTA2NjIxMzA2MTYsImV4aXN0aW5nIjpmYWxzZX0= |
|
.regenere8.com/ | Name: _hjFirstSeen Value: 1 |
|
www.regenere8.com/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.regenere8.com/ | Name: _hjSession_2735377 Value: eyJpZCI6IjNkMDViMzJlLTFmOGYtNDZkNy05MGRhLTczNDJjNTY5NDlmMyIsImNyZWF0ZWQiOjE2NTA2NjIxMzA2MzIsImluU2FtcGxlIjpmYWxzZX0= |
|
.regenere8.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.regenere8.com/ | Name: _fbp Value: fb.1.1650662130704.2020753064 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
er.cloud-media.fr
fonts.googleapis.com
fonts.gstatic.com
go.obfity.net
googleads.g.doubleclick.net
pws.la-meteo-mail.fr
r.phywi.org
redirect.frontend.weborama.fr
s2s.nutrisolution.fr
s3s-main.net
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
wtm.la-meteo-mail.fr
www.bluesteel.fr
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.regenere8.com
108.138.17.88
142.250.185.98
18.66.139.28
185.34.32.128
185.34.32.130
2001:41d0:203:9304::
2001:4de0:ac18::1:a:2b
2600:1901:0:37f::a:1
2606:4700:3034::ac43:9272
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9c
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
35.190.16.14
52.222.236.122
63.34.227.194
85.17.54.17
91.190.170.12
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11ba512b874be580a6e253844aa423a26df1f0bdf8e99fb00ad6ea13eac5dac7
1b275c50d1d98b37f05cc74f9d81815139902e53a9055b3761f6b3a0b98e2751
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3df261af2d5a01cf6746d413eac5843328e00a6dafb5a922b81899f8a9f2b562
3e5c6bc4ffab491210b3183ddedf7ac83cc29ff724ccec4de2c60ae4dd0181f6
44d1df995ac74bcd905739cf954eb316330e5583c0828544b85a33033d8a3896
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
555de8abe33e9871a213f6dd80284bd18688a1e3b7f5aa6c8bb8a6aa13dd54b6
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6ef593a46c9378e8c916de3716c94decb553f1f7ea5d75e1370fe31e782c0a0c
6ffb4029120353a7a4668f34191dda6737df5f6a23244b73d7bfd21c8aa19028
797ee5b057d84bb5c7db215b7dc903c02f4e539120b3f7bd87d21bee0acaf400
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aa61f18983685de4980a700f1204713593ed622e31fd5dc534eb3f795d7f6e7
832a9f68685073e8318db12a164566b0baedc599bdf72cca29f9a4c188506053
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
c53e330a44eeda6a2d85f636f7b86483270d12b2181dc294f693345a75cb1b52
c64a00116508e902e97094a1e3a6f81d461cae478982edc06460f5c728378301
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
db2986664cc367652ae37f2ded60f4fa86248121e9be929db1f2cd34089801d4
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
e0fcee6ac31454aa54b3b34ae4d67ee047448466deb205f29fad0324e9548877
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e626f7480ff5b49d5d65ccb092b82e780e6c5df8c58f0cad4dd6145ac7e4fef5
e90c58e3d13d2ffb0f1e7eae6fd1a646cd8b63dad29b5e28e00855277c3cba12
ec616f701447d70f390976ce7205faa4f1acda3c9d2dc3ea8a746c55a6fd0ca1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f375ca68fe0550974a2ad7d1ee3b009a72b0b0a0e75ebd25a8e56f90217e2541
f3a1888363a17ddbdbe2a6265f149b91a0dc6912bd2fd1893fdbcb75d96ce357
f863090ab67a710bd717de480bee57b7ce9fc7f310d0c597743e35123e6556a2