Submitted URL: http://click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=/MjAxOTEwMTk=/NTFfMzhfNjVfMjA3/15/311628/8752/12047.html
Effective URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Submission: On October 19 via api from BE

Summary

This website contacted 24 IPs in 8 countries across 22 domains to perform 52 HTTP transactions.
The main IP is 94.125.108.233, located in Boersch, France and belongs to RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR. The main domain is www.independanceroyale.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 30th 2019. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 51.38.65.210 16276 (OVH)
1 34.213.251.22 16509 (AMAZON-02)
3 3 54.38.44.2 16276 (OVH)
1 2 52.212.149.245 16509 (AMAZON-02)
1 13.225.78.49 16509 (AMAZON-02)
1 188.165.150.178 16276 (OVH)
1 3 185.33.223.197 29990 (ASN-APPNEXUS)
1 25 94.125.108.233 47833 (RBSNET AG...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 34.250.157.134 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a0b:4d07:101::1 44239 (PROINITY ...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 23.38.48.101 20940 (AKAMAI-ASN1)
1 54.37.115.99 16276 (OVH)
1 2 80.70.210.161 34913 (DALENYS)
1 154.44.178.3 174 (COGENT-174)
2 2a00:1450:400... 15169 (GOOGLE)
1 193.0.160.128 54312 (ROCKETFUEL)
1 212.129.13.31 12876 (Online SAS)
1 185.31.128.129 54312 (ROCKETFUEL)
2 2a03:2880:f10... 32934 (FACEBOOK)
52 24
Domain
Subdomains
Transfer
25 independanceroyale.com
1 MB
5 tradedoubler.com
19 KB
3 adnxs.com
3 KB
2 facebook.com
492 B
2 rfihub.com
635 B
2 gstatic.com
28 KB
2 email-reflex.com
674 B
2 facebook.net
88 KB
2 kxcdn.com
147 KB
2 google-analytics.com
18 KB
2 webmediarm.com
1 KB
1 beampulse.com
566 B
1 calotag.com
452 B
1 omnitagjs.com
324 B
1 rfihub.net
7 KB
1 doubleclick.net
102 B
1 googletagmanager.com
29 KB
1 jquery.com
78 KB
1 fonts.googleapis.com
791 B
1 wmrm-xao.com
573 B
1 badodmilqinuieuoc.fr
2 KB
1 mpovonbecitllreae.fr
2 KB
52 22
Domain Requested by
25 www.independanceroyale.com 1 redirects clk.tradedoubler.com
www.independanceroyale.com
2 www.facebook.com www.independanceroyale.com
2 fonts.gstatic.com www.independanceroyale.com
2 secure.adnxs.com 1 redirects www.independanceroyale.com
2 email-reflex.com 1 redirects www.independanceroyale.com
2 connect.facebook.net swrap.tradedoubler.com
connect.facebook.net
2 bp-1c51.kxcdn.com click.mpovonbecitllreae.fr
bp-1c51.kxcdn.com
2 www.google-analytics.com 1 redirects www.independanceroyale.com
2 clk.tradedoubler.com 1 redirects badodmilqinuieuoc.fr
2 affiliation.webmediarm.com 2 redirects
1 20789423p.rfihub.com c1.rfihub.net
1 app.beampulse.com
1 a.rfihub.com c1.rfihub.net
1 calotag.com www.independanceroyale.com
1 fo-api.omnitagjs.com swrap.tradedoubler.com
1 c1.rfihub.net swrap.tradedoubler.com
1 stats.g.doubleclick.net www.independanceroyale.com
1 swrap.tradedoubler.com www.independanceroyale.com
1 www.googletagmanager.com www.independanceroyale.com
1 code.jquery.com www.independanceroyale.com
1 fonts.googleapis.com www.independanceroyale.com
1 ib.adnxs.com clk.tradedoubler.com
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 wmrm-xao.com 1 redirects
1 badodmilqinuieuoc.fr click.mpovonbecitllreae.fr
1 click.mpovonbecitllreae.fr
52 27

This site contains links to these domains. Also see Links.

Domain
www.id-interactive.fr
Subject / Issuer Validity Valid
*.tradedoubler.com
GlobalSign Domain Validation CA - SHA256 - G2
2018-12-10 -
2021-01-27
2 years
analytics.tradedoubler.com
COMODO RSA Domain Validation Secure Server CA
2018-02-02 -
2021-02-01
3 years
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years
independanceroyale.com
Let's Encrypt Authority X3
2019-09-30 -
2019-12-29
3 months
*.googleapis.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years
*.google-analytics.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
*.g.doubleclick.net
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
*.kxcdn.com
Thawte RSA CA 2018
2019-07-04 -
2021-09-01
2 years
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-09-22 -
2019-12-20
3 months
*.rfihub.net
DigiCert SHA2 Secure Server CA
2019-01-25 -
2020-04-25
a year
omnitagjs.com
Sectigo RSA Organization Validation Secure Server CA
2019-03-26 -
2020-06-23
a year
*.email-reflex.com
Go Daddy Secure Certificate Authority - G2
2018-12-10 -
2020-01-20
a year
calotag.com
COMODO RSA Domain Validation Secure Server CA
2018-10-26 -
2019-11-25
a year
*.google.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
*.rfihub.com
DigiCert SHA2 Secure Server CA
2019-08-27 -
2020-08-31
a year
cluster-prod.beampulse.com
COMODO RSA Domain Validation Secure Server CA
2017-08-30 -
2019-11-28
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 12047.html
click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=/MjAxOTEwMTk=/NTFfMzhfNjVfMjA3/15/311628/8752
1 KB
2 KB
Document
General
Full URL
http://click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=/MjAxOTEwMTk=/NTFfMzhfNjVfMjA3/15/311628/8752/12047.html
Protocol
HTTP/1.1
Server
51.38.65.210 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
mta1.mpovonbecitllreae.fr
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
click.mpovonbecitllreae.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 19 Oct 2019 09:05:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Set-Cookie
PHPSESSID=7pmi3jk7s58rblmr8bki0v4bn4; path=/ mgycpqzeuxvyysgnov=http%3A%2F%2Fbadodmilqinuieuoc.fr%2Fa2bd1c89c35c77dd3e18d970b432e035%2F8b941cb7ecc6af62e4b71ae1e4ecbfec%2FFRHn3bumIMhcvZd%2Fclt%2F222104%2F8813%2Fem_esthercuypers%40skynet.be_ail%2Fu_aHR0cHMlM0ElMkYlMkZ3bXJtLXhhb2RvdHlwb2ludGNvbSUyRmNsaWNkb3R5cG9pbnRwaHAlM0ZpZGMlM0QyOTc0JTI2aWR2JTNEMzQyNiUyNnR5cGUlM0Q1JTI2Y2FuZCUzRDIwMjI4NiUyNnVybCUzRGh0dHBzJTNBJTJGJTJGY2xrZG90eXBvaW50dHJhZGVkb3VibGVyZG90eXBvaW50Y29tJTJGY2xpY2slM0ZwJTNEMjg1ODgyJTI2YSUzRDMxMDE0MjklMjZnJTNEMjQ1OTE2OTIlMjZ1cmwlM0RodHRwcyUzQSUyRiUyRnd3d2RvdHlwb2ludGluZGVwZW5kYW5jZXJveWFsZWRvdHlwb2ludGNvbSUyRkRPLTMwJTJGaW5kZXhkb3R5cG9pbnRwaHAlM0Z1dG1fc291cmNlJTNEQVJUWTEyJTI2dXRtX21lZGl1bSUzRG1haWwlMjZ1dG1fY2FtcGFpZ24lM0Rkb3VjaGU_rl.html
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Length
1083
Connection
close
Content-Type
text/html; charset=UTF-8
Cookie set u_aHR0cHMlM0ElMkYlMkZ3bXJtLXhhb2RvdHlwb2ludGNvbSUyRmNsaWNkb3R5cG9pbnRwaHAlM0ZpZGMlM0QyOTc0JTI2aWR2JTNEMzQyNiUyNnR5cGUlM0Q1JTI2Y2FuZCUzRDIwMjI4NiUyNnVybCUzRGh0dHBzJTNBJTJGJTJGY2xrZG90eXBvaW50dHJhZGV...
badodmilqinuieuoc.fr/a2bd1c89c35c77dd3e18d970b432e035/8b941cb7ecc6af62e4b71ae1e4ecbfec/FRHn3bumIMhcvZd/clt/222104/8813/em_esthercuypers@skynet.be_ail
1 KB
2 KB
Document
General
Full URL
http://badodmilqinuieuoc.fr/a2bd1c89c35c77dd3e18d970b432e035/8b941cb7ecc6af62e4b71ae1e4ecbfec/FRHn3bumIMhcvZd/clt/222104/8813/em_esthercuypers@skynet.be_ail/u_aHR0cHMlM0ElMkYlMkZ3bXJtLXhhb2RvdHlwb2ludGNvbSUyRmNsaWNkb3R5cG9pbnRwaHAlM0ZpZGMlM0QyOTc0JTI2aWR2JTNEMzQyNiUyNnR5cGUlM0Q1JTI2Y2FuZCUzRDIwMjI4NiUyNnVybCUzRGh0dHBzJTNBJTJGJTJGY2xrZG90eXBvaW50dHJhZGVkb3VibGVyZG90eXBvaW50Y29tJTJGY2xpY2slM0ZwJTNEMjg1ODgyJTI2YSUzRDMxMDE0MjklMjZnJTNEMjQ1OTE2OTIlMjZ1cmwlM0RodHRwcyUzQSUyRiUyRnd3d2RvdHlwb2ludGluZGVwZW5kYW5jZXJveWFsZWRvdHlwb2ludGNvbSUyRkRPLTMwJTJGaW5kZXhkb3R5cG9pbnRwaHAlM0Z1dG1fc291cmNlJTNEQVJUWTEyJTI2dXRtX21lZGl1bSUzRG1haWwlMjZ1dG1fY2FtcGFpZ24lM0Rkb3VjaGU_rl.html
Requested by
Host: click.mpovonbecitllreae.fr
URL: http://click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=/MjAxOTEwMTk=/NTFfMzhfNjVfMjA3/15/311628/8752/12047.html
Protocol
HTTP/1.1
Server
34.213.251.22 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
news.rurgiechie.fr
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bbda652e5bc66c917010d3861180782865de0dfa597afacef36395e86be7ca27

Request headers

Host
badodmilqinuieuoc.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=/MjAxOTEwMTk=/NTFfMzhfNjVfMjA3/15/311628/8752/12047.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=/MjAxOTEwMTk=/NTFfMzhfNjVfMjA3/15/311628/8752/12047.html

Response headers

Date
Sat, 19 Oct 2019 09:05:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Set-Cookie
PHPSESSID=m8hb7p7svdpbcljnnc6sp3lme1; expires=Sun, 20-Oct-2019 09:05:35 GMT; path=/ clic167lpmnaostatsfrip144_76_109_30=0; expires=Sat, 19-Oct-2019 09:05:34 GMT; path=/; domain=naostats.fr clic167lpmnaostatsfrip144_76_109_30=222104; path=/; domain=naostats.fr henxbjfbaadqsd=https%3A%2F%2Fwmrm-xao.com%2Fclic.php%3Fidc%3D2974%26idv%3D3426%26type%3D5%26cand%3D202286%26url%3Dhttps%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Length
1171
Connection
close
Content-Type
text/html; charset=ISO-8859-1
Cookie set index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30
Redirect Chain
  • https://wmrm-xao.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_so...
  • http://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/ind...
  • https://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/in...
  • https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track...
5 KB
5 KB
Document
General
Full URL
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
Requested by
Host: badodmilqinuieuoc.fr
URL: http://badodmilqinuieuoc.fr/a2bd1c89c35c77dd3e18d970b432e035/8b941cb7ecc6af62e4b71ae1e4ecbfec/FRHn3bumIMhcvZd/clt/222104/8813/em_esthercuypers@skynet.be_ail/u_aHR0cHMlM0ElMkYlMkZ3bXJtLXhhb2RvdHlwb2ludGNvbSUyRmNsaWNkb3R5cG9pbnRwaHAlM0ZpZGMlM0QyOTc0JTI2aWR2JTNEMzQyNiUyNnR5cGUlM0Q1JTI2Y2FuZCUzRDIwMjI4NiUyNnVybCUzRGh0dHBzJTNBJTJGJTJGY2xrZG90eXBvaW50dHJhZGVkb3VibGVyZG90eXBvaW50Y29tJTJGY2xpY2slM0ZwJTNEMjg1ODgyJTI2YSUzRDMxMDE0MjklMjZnJTNEMjQ1OTE2OTIlMjZ1cmwlM0RodHRwcyUzQSUyRiUyRnd3d2RvdHlwb2ludGluZGVwZW5kYW5jZXJveWFsZWRvdHlwb2ludGNvbSUyRkRPLTMwJTJGaW5kZXhkb3R5cG9pbnRwaHAlM0Z1dG1fc291cmNlJTNEQVJUWTEyJTI2dXRtX21lZGl1bSUzRG1haWwlMjZ1dG1fY2FtcGFpZ24lM0Rkb3VjaGU_rl.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.149.245 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-149-245.eu-west-1.compute.amazonaws.com
Software
TXServerHttp /
Resource Hash
021a64452d74bd0a20ff0370c3b18045b3683d6694ae189c1d2d8989ba9f732c

Request headers

Host
clk.tradedoubler.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://badodmilqinuieuoc.fr/a2bd1c89c35c77dd3e18d970b432e035/8b941cb7ecc6af62e4b71ae1e4ecbfec/FRHn3bumIMhcvZd/clt/222104/8813/em_esthercuypers@skynet.be_ail/u_aHR0cHMlM0ElMkYlMkZ3bXJtLXhhb2RvdHlwb2ludGNvbSUyRmNsaWNkb3R5cG9pbnRwaHAlM0ZpZGMlM0QyOTc0JTI2aWR2JTNEMzQyNiUyNnR5cGUlM0Q1JTI2Y2FuZCUzRDIwMjI4NiUyNnVybCUzRGh0dHBzJTNBJTJGJTJGY2xrZG90eXBvaW50dHJhZGVkb3VibGVyZG90eXBvaW50Y29tJTJGY2xpY2slM0ZwJTNEMjg1ODgyJTI2YSUzRDMxMDE0MjklMjZnJTNEMjQ1OTE2OTIlMjZ1cmwlM0RodHRwcyUzQSUyRiUyRnd3d2RvdHlwb2ludGluZGVwZW5kYW5jZXJveWFsZWRvdHlwb2ludGNvbSUyRkRPLTMwJTJGaW5kZXhkb3R5cG9pbnRwaHAlM0Z1dG1fc291cmNlJTNEQVJUWTEyJTI2dXRtX21lZGl1bSUzRG1haWwlMjZ1dG1fY2FtcGFpZ24lM0Rkb3VjaGU_rl.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://badodmilqinuieuoc.fr/a2bd1c89c35c77dd3e18d970b432e035/8b941cb7ecc6af62e4b71ae1e4ecbfec/FRHn3bumIMhcvZd/clt/222104/8813/em_esthercuypers@skynet.be_ail/u_aHR0cHMlM0ElMkYlMkZ3bXJtLXhhb2RvdHlwb2ludGNvbSUyRmNsaWNkb3R5cG9pbnRwaHAlM0ZpZGMlM0QyOTc0JTI2aWR2JTNEMzQyNiUyNnR5cGUlM0Q1JTI2Y2FuZCUzRDIwMjI4NiUyNnVybCUzRGh0dHBzJTNBJTJGJTJGY2xrZG90eXBvaW50dHJhZGVkb3VibGVyZG90eXBvaW50Y29tJTJGY2xpY2slM0ZwJTNEMjg1ODgyJTI2YSUzRDMxMDE0MjklMjZnJTNEMjQ1OTE2OTIlMjZ1cmwlM0RodHRwcyUzQSUyRiUyRnd3d2RvdHlwb2ludGluZGVwZW5kYW5jZXJveWFsZWRvdHlwb2ludGNvbSUyRkRPLTMwJTJGaW5kZXhkb3R5cG9pbnRwaHAlM0Z1dG1fc291cmNlJTNEQVJUWTEyJTI2dXRtX21lZGl1bSUzRG1haWwlMjZ1dG1fY2FtcGFpZ24lM0Rkb3VjaGU_rl.html

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0
Content-Type
text/html; charset=ISO-8859-1
Date
Sat, 19 Oct 2019 09:05:54 GMT
P3P
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
Pragma
no-cache
Server
TXServerHttp
Set-Cookie
SYNC=1z11zzegz1ykehazy1571475955913;expires=Sun, 18-Oct-2020 09:05:55 GMT;path=/;domain=.tradedoubler.com
Content-Length
4850
Connection
keep-alive

Redirect headers

Date
Sat, 19 Oct 2019 09:05:55 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
p3p
policyref='./w3c/p3ptrack.xml'
Set-Cookie
IDCandidature[2974]=202286; expires=Sun, 18-Oct-2020 09:05:55 GMT; path=/; domain=affiliation.webmediarm.com MyData[2974]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=affiliation.webmediarm.com IDVisuel[2974]=3426; expires=Sun, 18-Oct-2020 09:05:55 GMT; path=/; domain=affiliation.webmediarm.com
Location
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
prefs.js
vht.tradedoubler.com/fp
9 KB
10 KB
Script
General
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-49.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 27 May 2019 17:21:32 GMT
Via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Age
402263
ETag
"2509-57841106334e6"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
9481
X-Amz-Cf-Id
xTwON_VzUk9SQEYE8jA_SsFsJQAWlEMKMJ1QHAaA1zvfurJv38ZAGg==
Expires
Mon, 03 Jun 2019 17:21:32 GMT
/
analytics.tradedoubler.com
0
241 B
Other
General
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 19 Oct 2019 09:05:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
getuidj
ib.adnxs.com
11 B
708 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Oct 2019 09:05:57 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid
e877888a-335d-4a8c-a299-23c5d389d610
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://clk.tradedoubler.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
/demande-information/DO-30
Redirect Chain
  • https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track...
  • https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
  • https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
14 KB
5 KB
Document
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
2f9979597525e11befc110cbe23210c75f92b7a9fb4361ad8fdc8955ff5787be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
www.independanceroyale.com
:scheme
https
:path
/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
accept-encoding
gzip, deflate, br
Origin
https://clk.tradedoubler.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm

Response headers

status
200
server
nginx/1.15.6
date
Sat, 19 Oct 2019 09:05:56 GMT
content-type
text/html; charset=UTF-8
content-length
4797
vary
Accept-Encoding
content-encoding
gzip
expires
Thu, 24 Oct 2019 09:05:56 GMT
cache-control
max-age=432000 public
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

status
301
server
nginx/1.15.6
date
Sat, 19 Oct 2019 09:05:56 GMT
content-type
text/html; charset=iso-8859-1
content-length
415
location
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
x-content-type-options
nosniff
cache-control
max-age=432000 public
expires
Thu, 24 Oct 2019 09:05:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
styles.css
/demande-information/DO-30/css
5 KB
2 KB
Stylesheet
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/css/styles.css
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
84b2889078de20142e1f77e49eb968f8031eded7320be712864b7187d0fbd1a8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
gzip
last-modified
Fri, 07 Jun 2019 09:06:28 GMT
server
nginx/1.15.6
etag
"13b8-58ab8254d6d00-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=432000, public
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
1595
expires
Thu, 24 Oct 2019 09:05:56 GMT
responsive.css
/demande-information/DO-30/css
2 KB
1 KB
Stylesheet
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/css/responsive.css
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
be6644f8556ed2a5a457033ab827dec34dab365f2435b4a98b1a1615f783e596
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
gzip
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"84f-58ab78df75c40-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=432000, public
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
723
expires
Thu, 24 Oct 2019 09:05:56 GMT
css?family=Lato:300,400,700&display=swap
fonts.googleapis.com
2 KB
791 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
a8df908269a3343a24faefda741524c1c20d9cb408cd02959c5aee0a9d592baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 19 Oct 2019 09:05:56 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sat, 19 Oct 2019 09:05:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Sat, 19 Oct 2019 09:05:56 GMT
foundation.css
/demande-information/DO-30/css
0
0
Stylesheet
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/css/foundation.css
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
404
date
Sat, 19 Oct 2019 09:05:56 GMT
server
nginx/1.15.6
content-length
242
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=iso-8859-1
twentytwenty.css
/demande-information/DO-30/css
6 KB
2 KB
Stylesheet
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/css/twentytwenty.css
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
a81fe509c20bb34ac438c49941b55bc0a435be01b3c6988188f52e6d3ede780e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
gzip
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"1989-58ab78df75c40-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=432000, public
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
1263
expires
Thu, 24 Oct 2019 09:05:56 GMT
jquery-3.2.1.js
code.jquery.com
262 KB
78 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.js
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Origin
https://www.independanceroyale.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 19 Oct 2019 09:05:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2017 19:01:15 GMT
Server
nginx
ETag
W/"58d026fb-41707"
Vary
Accept-Encoding
X-HW
1571475956.dop120.fr8.shc,1571475956.dop120.fr8.t,1571475956.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
79082
jquery.event.move.js
/demande-information/DO-30/js
14 KB
5 KB
Script
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/js/jquery.event.move.js
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
e3d4de6e3610e09163eb3121a533fc4ad904d2e3a0b8a81fde2f656b31c7c8a8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
gzip
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
W/"38c2-58ab78df75c40"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=432000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 24 Oct 2019 09:05:56 GMT
jquery.twentytwenty.js
/demande-information/DO-30/js
5 KB
2 KB
Script
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/js/jquery.twentytwenty.js
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
4041af866e9fc37d7a1ee5b30eaa00000bd0b8a40166d99cc8300604ba25bf3a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
gzip
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
W/"1526-58ab78df75c40"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=432000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 24 Oct 2019 09:05:56 GMT
cookie.js
/demande-information/DO-30/js
2 KB
1 KB
Script
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/js/cookie.js
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
5dfbd5c68143508fdeb8bce19c39618925573ce7ceeaf1f77b3433ca7f07452b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
gzip
last-modified
Fri, 07 Jun 2019 08:24:21 GMT
server
nginx/1.15.6
etag
W/"7c8-58ab78eae7740"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=432000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 24 Oct 2019 09:05:56 GMT
idcookie.js
/demande-information/DO-30/js
2 KB
948 B
Script
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/js/idcookie.js
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
4d16e4530930a50929014d901009c1cf63da20abbda992e8fee188f9aab38e6f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
gzip
last-modified
Fri, 07 Jun 2019 08:24:21 GMT
server
nginx/1.15.6
etag
W/"62c-58ab78eae7740"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=432000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 24 Oct 2019 09:05:56 GMT
form.js
/demande-information/DO-30/js
8 KB
1 KB
Script
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/js/form.js
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
44462de9a5a107bb3dd123bd470bcf33e8e8c488cf195ea881425b5818b8c9c4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
gzip
last-modified
Fri, 07 Jun 2019 08:24:21 GMT
server
nginx/1.15.6
etag
W/"2079-58ab78eae7740"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=432000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 24 Oct 2019 09:05:56 GMT
logo-styldouche.png
/demande-information/DO-30/images
5 KB
5 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/logo-styldouche.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ef5f4cac7b15f6922522298cd23056a024a152715621d1532316fec6053461d5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"1483-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
5251
expires
Thu, 24 Oct 2019 09:05:56 GMT
vu-a-la-tv.png
/demande-information/DO-30/images
8 KB
8 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/vu-a-la-tv.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
d3517bf4ad62b27d760064a6774567e4616629df44473aad8b376e0b25d020b2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"1e7e-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
7806
expires
Thu, 24 Oct 2019 09:05:56 GMT
styldouche-apres.jpg
/demande-information/DO-30/images
370 KB
371 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/styldouche-apres.jpg
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
3a877bb3a96349b2a73a952ee6493db863e8c4b473ff7c1253de2ab8d9f2d4a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"5c8bb-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
379067
expires
Thu, 24 Oct 2019 09:05:56 GMT
styldouche-avant.jpg
/demande-information/DO-30/images
349 KB
350 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/styldouche-avant.jpg
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
d8d31276e8c59731c8fef67ed8d549e2ffc2630bdd8dd303376732b3258fc892
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"574bb-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
357563
expires
Thu, 24 Oct 2019 09:05:56 GMT
icone1.png
/demande-information/DO-30/images
3 KB
3 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/icone1.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
c2946574f76a92222017022e9fc744bbf970fca817cb917fc4e695e10f2a57c8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"bf0-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
3056
expires
Thu, 24 Oct 2019 09:05:56 GMT
icone2.png
/demande-information/DO-30/images
2 KB
2 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/icone2.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
eca727e03526321a5d9d97327f439c417d09218dec9f4338d6d9be57b4553832
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"820-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
2080
expires
Thu, 24 Oct 2019 09:05:56 GMT
icone3.png
/demande-information/DO-30/images
2 KB
2 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/icone3.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
6c5285f0f72ed274fa7444934e04fd6f10e71b67eed54508bac7d526c3137475
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"847-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
2119
expires
Thu, 24 Oct 2019 09:05:56 GMT
icone4.png
/demande-information/DO-30/images
2 KB
3 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/icone4.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
3f69c828195c5b350d5391e3db7e345fbe37e9a29a4604fd834beb5797cb375c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"9c1-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
2497
expires
Thu, 24 Oct 2019 09:05:56 GMT
styldouche-siege.jpg
/demande-information/DO-30/images
317 KB
318 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/styldouche-siege.jpg
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
b0e5be476b2db54c02309e4f1075dac0599ff758323f4667762def3be63de33d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"4f321-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
324385
expires
Thu, 24 Oct 2019 09:05:56 GMT
logo-IR.png
/demande-information/DO-30/images
29 KB
29 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/logo-IR.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
75e9029eb284217406a192496dda083c81d57fc9d7a09fda337a775c2147f4f1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"7492-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
29842
expires
Thu, 24 Oct 2019 09:05:56 GMT
artisans-locaux.png
/demande-information/DO-30/images
16 KB
16 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/artisans-locaux.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
c3b07dcc24e24a18666089aa17b0472c0a96326b02d7b12f5ba98491011c9174
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"3e6e-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
15982
expires
Thu, 24 Oct 2019 09:05:56 GMT
nf-service.png
/demande-information/DO-30/images
9 KB
9 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/nf-service.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
b1174b282f7e0e4f613bb45a454f36899326b0571a23979bdf37160fdb1422ab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"24b3-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
9395
expires
Thu, 24 Oct 2019 09:05:56 GMT
garantie-10-ans.png
/demande-information/DO-30/images
8 KB
8 KB
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/images/garantie-10-ans.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
445aa796b292c7338bbf0abca41d62f83d92c154cd7a7878e06a7bebe2ea4526
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:09 GMT
server
nginx/1.15.6
etag
"20ad-58ab78df75c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
8365
expires
Thu, 24 Oct 2019 09:05:56 GMT
gtm.js?id=GTM-T3TCSKQ
www.googletagmanager.com
84 KB
29 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T3TCSKQ
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
990b98d405c50d7d9cd8bcef7f822f7a383ee3b74a22551d920c1710b64ba005
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29601
x-xss-protection
0
expires
Sat, 19 Oct 2019 09:05:56 GMT
analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4307
date
Sat, 19 Oct 2019 07:54:09 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sat, 19 Oct 2019 09:54:09 GMT
wrap?id=19745
swrap.tradedoubler.com
3 KB
3 KB
Script
General
Full URL
https://swrap.tradedoubler.com/wrap?id=19745
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.157.134 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-157-134.eu-west-1.compute.amazonaws.com
Software
TXServerHttp /
Resource Hash
a445642c5267e083eaa78b6985379925fd33e0f2da5c19cec9dd8035ef6b288c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 19 Oct 2019 09:05:56 GMT
Server
TXServerHttp
P3P
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Content-Length
2782
collect?v=1&aip=1&t=dc&_r=3&tid=UA-4021752-57&cid=2013158888.1571475956&jid=899244970&_gid=43707349.1571475956&gjid=928187612&_v=j79&z=1743258382
stats.g.doubleclick.net/r
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1825138227&t=pageview&_s=1&dl=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4021752-57&cid=2013158888.1571475956&jid=899244970&_gid=43707349.1571475956&gjid=928187612&_v=j79&z=1743258382
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4021752-57&cid=2013158888.1571475956&jid=899244970&_gid=43707349.1571475956&gjid=928187612&_v=j79&z=1743258382
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 19 Oct 2019 09:05:56 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4021752-57&cid=2013158888.1571475956&jid=899244970&_gid=43707349.1571475956&gjid=928187612&_v=j79&z=1743258382
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
AS-2316069.js
bp-1c51.kxcdn.com/prj
19 KB
7 KB
Script
General
Full URL
https://bp-1c51.kxcdn.com/prj/AS-2316069.js
Requested by
Host: click.mpovonbecitllreae.fr
URL: http://click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=/MjAxOTEwMTk=/NTFfMzhfNjVfMjA3/15/311628/8752/12047.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
66f1db359458537481479077b46a7b81e04e38c0c3589124935b069cb769c857

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:14 GMT
content-encoding
gzip
status
200
last-modified
Fri, 18 Oct 2019 12:14:39 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"5da9acaf-4aed"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3
expires
Fri, 18 Oct 2019 13:03:49 GMT
37D29145D4861D08363F53EEBB3D44BD.cache.js
bp-1c51.kxcdn.com/listener
346 KB
140 KB
Script
General
Full URL
https://bp-1c51.kxcdn.com/listener/37D29145D4861D08363F53EEBB3D44BD.cache.js
Requested by
Host: bp-1c51.kxcdn.com
URL: https://bp-1c51.kxcdn.com/prj/AS-2316069.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
572867af834611242a7ad1fd90210e7bcca65658b2ec1621dcc2ecbc98ff8493

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:14 GMT
content-encoding
gzip
status
200
last-modified
Tue, 15 Oct 2019 09:19:48 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"5da58f34-56784"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Wed, 14 Oct 2020 09:24:20 GMT
fbevents.js
connect.facebook.net/en_US
103 KB
22 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: swrap.tradedoubler.com
URL: https://swrap.tradedoubler.com/wrap?id=19745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
22458
x-xss-protection
0
pragma
public
x-fb-debug
EtBRAqS4wknWTY71uNaY3B8+UZaQBR9i0bzSflLaP6ixj65yBnhXSoyeyw40dINS38JZkKpXgYHoYubxTIqufw==
x-fb-trip-id
1970646000
x-frame-options
DENY
date
Sat, 19 Oct 2019 09:05:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
tc.min.js
c1.rfihub.net/js
20 KB
7 KB
Script
General
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: swrap.tradedoubler.com
URL: https://swrap.tradedoubler.com/wrap?id=19745
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.101 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-101.deploy.static.akamaitechnologies.com
Software
Jetty(9.0.6.v20130930) /
Resource Hash
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 19 Oct 2019 09:05:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2019 06:34:16 GMT
Server
Jetty(9.0.6.v20130930)
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
6375
Expires
Sat, 19 Oct 2019 10:05:56 GMT
lead?campaign=e2c4f9d8debb20aeab9b2dbff3dfb947&uid=5aa48eed5d66936d2f0890d8d2415ce3&type=js
fo-api.omnitagjs.com/fo-api
0
324 B
Script
General
Full URL
https://fo-api.omnitagjs.com/fo-api/lead?campaign=e2c4f9d8debb20aeab9b2dbff3dfb947&uid=5aa48eed5d66936d2f0890d8d2415ce3&type=js
Requested by
Host: swrap.tradedoubler.com
URL: https://swrap.tradedoubler.com/wrap?id=19745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.37.115.99 , France, ASN16276 (OVH, FR),
Reverse DNS
fo-api-fra01.omnitagjs.com
Software
ayl-lb-fra01 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Sat, 19 Oct 2019 09:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ayl-lb-fra01
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-type
application/javascript; charset=UTF-8
content-length
23
expires
0
grabber.js?source=1801
email-reflex.com/js
0
243 B
Image
General
Full URL
https://email-reflex.com/js/grabber.js?source=1801
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.70.210.161 , France, ASN34913 (DALENYS, FR),
Reverse DNS
email-reflex.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 19 Oct 2019 09:05:56 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
tk.php?o=3&pid=101&aid=1
calotag.com
Redirect Chain
  • https://email-reflex.com/tags/target.php?source=1801
  • https://calotag.com/tk.php?o=3&pid=101&aid=1
43 B
452 B
Image
General
Full URL
https://calotag.com/tk.php?o=3&pid=101&aid=1
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.44.178.3 , United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
xd3.cmailsys.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 19 Oct 2019 09:05:56 GMT
Server
Apache/2.4.25 (Debian)
Connection
Keep-Alive
P3P
policyref="/w3c/p3p.xml", CP="ALL DSP COR CUR OUR SAMi BUS ONL TST"
Keep-Alive
timeout=2, max=100
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://calotag.com/tk.php?o=3&pid=101&aid=1
Date
Sat, 19 Oct 2019 09:05:56 GMT
Server
nginx
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
bounce?%2Fseg%3Fadd%3D11502294%26t%3D2
secure.adnxs.com
Redirect Chain
  • https://secure.adnxs.com/seg?add=11502294&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11502294%26t%3D2
43 B
1017 B
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11502294%26t%3D2
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Oct 2019 09:05:58 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.9:80
AN-X-Request-Uuid
5ee08877-6345-4bff-a6ed-fd59c4e0d063
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Oct 2019 09:05:58 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid
3c80c0ee-c267-488f-8136-71d9d87770ca
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11502294%26t%3D2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Origin
https://www.independanceroyale.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 18:22:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:39 GMT
server
sffe
age
657795
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13912
x-xss-protection
0
expires
Sat, 10 Oct 2020 18:22:41 GMT
126909554807269?v=2.9.5&r=stable
connect.facebook.net/signals/config
280 KB
65 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/126909554807269?v=2.9.5&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
eddf1c06e664d842a4997bd7775bb6e61a961e11c0baa418ec0dd55f07936c5b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
iNpOhUWn8LewltUfyRBmaOj9L9RK3j1HPzDEnSn3m9u91dUAPs7F2BtT8NwzesrpwVbm0ZDym+Uyd441pkODQQ==
x-fb-trip-id
1970646000
x-frame-options
DENY
date
Sat, 19 Oct 2019 09:05:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl
a.rfihub.com
83 B
635 B
Script
General
Full URL
https://a.rfihub.com/idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash
49db7a00cbc85f53a7218310b4a1a3d2df042eb9deb773c39d28b1366018f928

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Thu, 12 Nov 2020 09:05:56 GMT
Cache-Control
public, max-age=33696000
Server
Jetty(9.0.6.v20130930)
Content-Type
application/javascript
Content-Length
83
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cancel.png
/demande-information/DO-30
684 B
947 B
Image
General
Full URL
https://www.independanceroyale.com/demande-information/DO-30/cancel.png
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.108.233 Boersch, France, ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
5519e660f46c85caaf44066b9995f61b1521aaff0e643081cb31e5469bf7b4e6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 07 Jun 2019 08:24:21 GMT
server
nginx/1.15.6
etag
"2ac-58ab78eae7740"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=432000, public
accept-ranges
bytes
content-length
684
expires
Thu, 24 Oct 2019 09:05:56 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Origin
https://www.independanceroyale.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 07:22:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
697397
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14176
x-xss-protection
0
expires
Sat, 10 Oct 2020 07:22:39 GMT
op?__=k1xc7kig&mi=0&co=0&hk=AS-2316069&seg=0-3-4&ret=ref&d=DESKTOP&url=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php&re=https%3A%2F%2Fclk.tradedoubler.com%2Fcli...
app.beampulse.com
150 B
566 B
Script
General
Full URL
https://app.beampulse.com/op?__=k1xc7kig&mi=0&co=0&hk=AS-2316069&seg=0-3-4&ret=ref&d=DESKTOP&url=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php&re=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm&v=3-0-0&du_project_exec_metrics=4&du_listener_load_metrics=50&du_listener_exec_metrics=3&du_open_send_metrics=125&du_config_init_metrics=19&ph=1972&sh=1200
Requested by
Host:
URL: listener-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.13.31 , France, ASN12876 (Online SAS, FR),
Reverse DNS
app.beampulse.com
Software
/
Resource Hash
95892386ad65b02b9a490a90f0cfa2ea062864e9861c73a33afbf09cfcc190fc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,must-revalidate
transfer-encoding
chunked
Access-Control-Allow-Headers
Origin, Content-Type, Content-Range, Cookie
Keep-Alive
timeout=10
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cookie set ca.html?rfiidc=1871597493007039269&rfiaid=649a2cd09c8140729b2ed679441461d9&ver=9&rb=33863&ca=20789423&_o=33863&_t=20789423&pe=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%...
20789423p.rfihub.com
0
0
Document
General
Full URL
https://20789423p.rfihub.com/ca.html?rfiidc=1871597493007039269&rfiaid=649a2cd09c8140729b2ed679441461d9&ver=9&rb=33863&ca=20789423&_o=33863&_t=20789423&pe=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286%7E%26agspb%3Dwm%26affId%3D3101429&pf=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286%7E%26agspb%3Dwm&ra=017786654436547256
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.129 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host
20789423p.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Accept-Encoding
gzip, deflate, br
Cookie
rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDYwMDcwtjQysxTiM9QNLC1x8c4JNnY0q0yS4jU0NTc0MTe1NDUzMzAFABTDsrU0AAAA; ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDYwMDcwtjQysxTiM9QNLC1x8c4JNnY0q0wCAHYbmHslAAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDYwMDcwtjQysxTiM9QNLC1x8c4JNnY0q0yS4jU0NTc0MTe1NDUzMzAFABTDsrU0AAAA;Path=/;Domain=.rfihub.com;Expires=Thu, 12-Nov-2020 09:05:56 GMT ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDYwMDcwtjQysxTiM9QNLC1x8c4JNnY0q0wCAHYbmHslAAAA;Path=/;Domain=.rfihub.com eud=H4sIAAAAAAAAAJvFyGtoam5oYm5qaWpmYWS4Co1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4RuPjOaeSyo_Fto_E2saOZzo_kPjb9IGJX_CI0PAO_gveFQAQAA;Path=/;Domain=.rfihub.com;Expires=Thu, 12-Nov-2020 09:05:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Server
Jetty(9.0.6.v20130930)
?id=126909554807269&ev=PageView&dl=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%...
www.facebook.com/tr
44 B
245 B
Image
General
Full URL
https://www.facebook.com/tr/?id=126909554807269&ev=PageView&dl=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm%26affId%3D3101429&rl=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm&if=false&ts=1571475956895&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=30&fbp=fb.1.1571475956894.1697246422&it=1571475956552&coo=false&rqm=GET
Requested by
Host: www.independanceroyale.com
URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Sat, 19 Oct 2019 09:05:56 GMT
?id=126909554807269&ev=Microdata&dl=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974...
www.facebook.com/tr
44 B
247 B
Image
General
Full URL
https://www.facebook.com/tr/?id=126909554807269&ev=Microdata&dl=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm%26affId%3D3101429&rl=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm&if=false&ts=1571475958397&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Remplacer%20votre%20baignoire%20n%E2%80%99a%20jamais%20%C3%A9t%C3%A9%20aussi%20simple%20!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=stable&ec=1&o=30&fbp=fb.1.1571475958397.1979965780&it=1571475956552&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 19 Oct 2019 09:05:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Sat, 19 Oct 2019 09:05:58 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 2
  • https://wmrm-xao.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_so...
  • http://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/ind...
  • https://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/in...
  • https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track...
Request 6
  • https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track...
  • https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
  • https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Request 34
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1825138227&t=pageview&_s=1&dl=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4021752-57&cid=2013158888.1571475956&jid=899244970&_gid=43707349.1571475956&gjid=928187612&_v=j79&z=1743258382
Request 41
  • https://email-reflex.com/tags/target.php?source=1801
  • https://calotag.com/tk.php?o=3&pid=101&aid=1
Request 42
  • https://secure.adnxs.com/seg?add=11502294&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11502294%26t%3D2

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| $ function| jQuery function| affiche function| numerique function| check string| GoogleAnalyticsObject function| ga object| TDConf object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe number| __as_prj_start boolean| __as_localStorage_available string| __as_v string| __as_hk number| __as_ra number| __as_ac_ra number| __as_vival string| __as_tu string| __as_cfgbase string| __as_prjroot string| __as_progbase boolean| __as_synch boolean| __as_ign_qparams boolean| __as_rtm_visit boolean| __as_rtm_page boolean| __as_active object| __as_seg object| __as_value object| __as_act object| __as_var object| __as_exp number| __as_prj_stop boolean| __as_localStorage_only object| XtraCookie function| __as_may_run_listener number| __as_listener_load function| listener object| __gwt_activeModules function| __gwt_getMetaProperty function| __gwt_isKnownPropertyValue object| $wnd boolean| __as_rng function| __as_cssSelector boolean| __bp_jquery_injection function| __as_jQuery function| jQueryBP function| __as_runWithJQueryUi boolean| __as_open undefined| __as_error object| bowser string| eReflexPxl string| eReflexTgt string| lbcHost string| OmnitagPxl function| fbq function| _fbq function| _rfi function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| __as_doOp string| __as_ui number| __as_pageid number| __as_ltra object| detectZoom function| md5 object| pako

22 Cookies

Domain/Path Name / Value
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAJvFyGtoam5oYm5qaWpmYWS4Co1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4RuPjOaeSyo_Fto_E2saOZzo_kPjb9IGJX_CI0PAO_gveFQAQAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQwNzS1NDexNDYwMDcwtjQysxTiM9QNLC1x8c4JNnY0q0yS4jU0NTc0MTe1NDUzMzAFABTDsrU0AAAA
.independanceroyale.com/ Name: _fbp
Value: fb.1.1571475956894.1697246422
.independanceroyale.com/ Name: __as_ledt
Value: 1571475956661
.independanceroyale.com/ Name: __as_mi
Value: 1
.independanceroyale.com/ Name: __as_seg_order
Value: %5B0%2C%201%2C%202%2C%203%2C%204%2C%205%2C%206%2C%2010%2C%2011%2C%2012%2C%2013%2C%2014%2C%2015%2C%2016%2C%2017%2C%2018%2C%2019%2C%2020%2C%2021%2C%2022%2C%2023%2C%2024%2C%2025%2C%2026%2C%2031%5D
.independanceroyale.com/ Name: __as_lp
Value: https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm%26affId%3D3101429
.independanceroyale.com/ Name: __as_at_visit
Value: 0
.independanceroyale.com/ Name: __as_vra
Value: 17
.independanceroyale.com/ Name: __as_vr
Value: 1
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQwNzS1NDexNDYwMDcwtjQysxTiM9QNLC1x8c4JNnY0q0wCAHYbmHslAAAA
.independanceroyale.com/ Name: __as_vpv
Value: 1
.independanceroyale.com/ Name: _gat
Value: 1
.independanceroyale.com/ Name: __as_rng
Value: 64
.independanceroyale.com/ Name: __as_ui
Value: cde604b2-0cd8-4672-a00d-c2b7c2db2020
.independanceroyale.com/ Name: __as_ltch
Value: 58
.independanceroyale.com/ Name: __as_oginv
Value: https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm
.independanceroyale.com/ Name: __as_reset
Value: 1603011956451
.independanceroyale.com/ Name: __as_seg
Value: 0-3-4
.independanceroyale.com/ Name: _gid
Value: GA1.2.43707349.1571475956
.independanceroyale.com/ Name: __as_ogins
Value: https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm
.independanceroyale.com/ Name: _ga
Value: GA1.2.2013158888.1571475956

2 Console Messages

Source Level URL
Text
console-api log URL: listener-0.js, Line 1314, Column26
Message:
Started UA detection
console-api log URL: listener-0.js, Line 1313, Column3438
Message:
[object Object]

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

20789423p.rfihub.com
a.rfihub.com
affiliation.webmediarm.com
analytics.tradedoubler.com
app.beampulse.com
badodmilqinuieuoc.fr
bp-1c51.kxcdn.com
c1.rfihub.net
calotag.com
click.mpovonbecitllreae.fr
clk.tradedoubler.com
code.jquery.com
connect.facebook.net
email-reflex.com
fo-api.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
secure.adnxs.com
stats.g.doubleclick.net
swrap.tradedoubler.com
vht.tradedoubler.com
wmrm-xao.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.independanceroyale.com


13.225.78.49
154.44.178.3
185.31.128.129
185.33.223.197
188.165.150.178
193.0.160.128
2001:4de0:ac19::1:b:2a
212.129.13.31
23.38.48.101
2a00:1450:4001:80b::2003
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a0b:4d07:101::1
34.213.251.22
34.250.157.134
51.38.65.210
52.212.149.245
54.37.115.99
54.38.44.2
80.70.210.161
94.125.108.233

021a64452d74bd0a20ff0370c3b18045b3683d6694ae189c1d2d8989ba9f732c
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
2f9979597525e11befc110cbe23210c75f92b7a9fb4361ad8fdc8955ff5787be
3a877bb3a96349b2a73a952ee6493db863e8c4b473ff7c1253de2ab8d9f2d4a9
3f69c828195c5b350d5391e3db7e345fbe37e9a29a4604fd834beb5797cb375c
4041af866e9fc37d7a1ee5b30eaa00000bd0b8a40166d99cc8300604ba25bf3a
44462de9a5a107bb3dd123bd470bcf33e8e8c488cf195ea881425b5818b8c9c4
445aa796b292c7338bbf0abca41d62f83d92c154cd7a7878e06a7bebe2ea4526
49db7a00cbc85f53a7218310b4a1a3d2df042eb9deb773c39d28b1366018f928
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d16e4530930a50929014d901009c1cf63da20abbda992e8fee188f9aab38e6f
5519e660f46c85caaf44066b9995f61b1521aaff0e643081cb31e5469bf7b4e6
572867af834611242a7ad1fd90210e7bcca65658b2ec1621dcc2ecbc98ff8493
5dfbd5c68143508fdeb8bce19c39618925573ce7ceeaf1f77b3433ca7f07452b
66f1db359458537481479077b46a7b81e04e38c0c3589124935b069cb769c857
6c5285f0f72ed274fa7444934e04fd6f10e71b67eed54508bac7d526c3137475
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
75e9029eb284217406a192496dda083c81d57fc9d7a09fda337a775c2147f4f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b2889078de20142e1f77e49eb968f8031eded7320be712864b7187d0fbd1a8
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
95892386ad65b02b9a490a90f0cfa2ea062864e9861c73a33afbf09cfcc190fc
990b98d405c50d7d9cd8bcef7f822f7a383ee3b74a22551d920c1710b64ba005
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a445642c5267e083eaa78b6985379925fd33e0f2da5c19cec9dd8035ef6b288c
a81fe509c20bb34ac438c49941b55bc0a435be01b3c6988188f52e6d3ede780e
a8df908269a3343a24faefda741524c1c20d9cb408cd02959c5aee0a9d592baf
b0e5be476b2db54c02309e4f1075dac0599ff758323f4667762def3be63de33d
b1174b282f7e0e4f613bb45a454f36899326b0571a23979bdf37160fdb1422ab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbda652e5bc66c917010d3861180782865de0dfa597afacef36395e86be7ca27
be6644f8556ed2a5a457033ab827dec34dab365f2435b4a98b1a1615f783e596
c2946574f76a92222017022e9fc744bbf970fca817cb917fc4e695e10f2a57c8
c3b07dcc24e24a18666089aa17b0472c0a96326b02d7b12f5ba98491011c9174
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
d3517bf4ad62b27d760064a6774567e4616629df44473aad8b376e0b25d020b2
d8d31276e8c59731c8fef67ed8d549e2ffc2630bdd8dd303376732b3258fc892
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d4de6e3610e09163eb3121a533fc4ad904d2e3a0b8a81fde2f656b31c7c8a8
eca727e03526321a5d9d97327f439c417d09218dec9f4338d6d9be57b4553832
eddf1c06e664d842a4997bd7775bb6e61a961e11c0baa418ec0dd55f07936c5b
ef5f4cac7b15f6922522298cd23056a024a152715621d1532316fec6053461d5