www.independanceroyale.com
Open in
urlscan Pro
94.125.108.233
Public Scan
Effective URL: https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=29...
Submission: On October 19 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 30th 2019. Valid for: 3 months.
This is the only time www.independanceroyale.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 51.38.65.210 51.38.65.210 | 16276 (OVH) (OVH) | |
1 | 34.213.251.22 34.213.251.22 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 3 | 54.38.44.2 54.38.44.2 | 16276 (OVH) (OVH) | |
1 2 | 52.212.149.245 52.212.149.245 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 13.225.78.49 13.225.78.49 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 188.165.150.178 188.165.150.178 | 16276 (OVH) (OVH) | |
1 3 | 185.33.223.197 185.33.223.197 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 25 | 94.125.108.233 94.125.108.233 | 47833 (RBSNET AG...) (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2a | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 34.250.157.134 34.250.157.134 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:400c:c00::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a0b:4d07:101::1 2a0b:4d07:101::1 | 44239 (PROINITY ...) (PROINITY PROINITY) | |
2 | 2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 23.38.48.101 23.38.48.101 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 54.37.115.99 54.37.115.99 | 16276 (OVH) (OVH) | |
1 2 | 80.70.210.161 80.70.210.161 | 34913 (DALENYS) (DALENYS) | |
1 | 154.44.178.3 154.44.178.3 | 174 (COGENT-174) (COGENT-174 - Cogent Communications) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 193.0.160.128 193.0.160.128 | 54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.) | |
1 | 212.129.13.31 212.129.13.31 | 12876 (Online SAS) (Online SAS) | |
1 | 185.31.128.129 185.31.128.129 | 54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.) | |
2 | 2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
52 | 24 |
ASN16276 (OVH, FR)
PTR: mta1.mpovonbecitllreae.fr
click.mpovonbecitllreae.fr |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: news.rurgiechie.fr
badodmilqinuieuoc.fr |
ASN16276 (OVH, FR)
PTR: wmsrv.prestasoft-office.pro
wmrm-xao.com | |
affiliation.webmediarm.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-149-245.eu-west-1.compute.amazonaws.com
clk.tradedoubler.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-49.fra2.r.cloudfront.net
vht.tradedoubler.com |
ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com
analytics.tradedoubler.com |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com | |
secure.adnxs.com |
ASN47833 (RBSNET AGORA-HOSTING is a french company offering hosting and Cloud services, FR)
www.independanceroyale.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-157-134.eu-west-1.compute.amazonaws.com
swrap.tradedoubler.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-48-101.deploy.static.akamaitechnologies.com
c1.rfihub.net |
ASN174 (COGENT-174 - Cogent Communications, US)
PTR: xd3.cmailsys.com
calotag.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Domain | Requested by | |
---|---|---|
25 | www.independanceroyale.com |
1 redirects
clk.tradedoubler.com
www.independanceroyale.com |
2 | www.facebook.com |
www.independanceroyale.com
|
2 | fonts.gstatic.com |
www.independanceroyale.com
|
2 | secure.adnxs.com |
1 redirects
www.independanceroyale.com
|
2 | email-reflex.com |
1 redirects
www.independanceroyale.com
|
2 | connect.facebook.net |
swrap.tradedoubler.com
connect.facebook.net |
2 | bp-1c51.kxcdn.com |
click.mpovonbecitllreae.fr
bp-1c51.kxcdn.com |
2 | www.google-analytics.com |
1 redirects
www.independanceroyale.com
|
2 | clk.tradedoubler.com |
1 redirects
badodmilqinuieuoc.fr
|
2 | affiliation.webmediarm.com | 2 redirects |
1 | 20789423p.rfihub.com |
c1.rfihub.net
|
1 | app.beampulse.com | |
1 | a.rfihub.com |
c1.rfihub.net
|
1 | calotag.com |
www.independanceroyale.com
|
1 | fo-api.omnitagjs.com |
swrap.tradedoubler.com
|
1 | c1.rfihub.net |
swrap.tradedoubler.com
|
1 | stats.g.doubleclick.net |
www.independanceroyale.com
|
1 | swrap.tradedoubler.com |
www.independanceroyale.com
|
1 | www.googletagmanager.com |
www.independanceroyale.com
|
1 | code.jquery.com |
www.independanceroyale.com
|
1 | fonts.googleapis.com |
www.independanceroyale.com
|
1 | ib.adnxs.com |
clk.tradedoubler.com
|
1 | analytics.tradedoubler.com |
vht.tradedoubler.com
|
1 | vht.tradedoubler.com |
clk.tradedoubler.com
|
1 | wmrm-xao.com | 1 redirects |
1 | badodmilqinuieuoc.fr |
click.mpovonbecitllreae.fr
|
1 | click.mpovonbecitllreae.fr | |
52 | 27 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.id-interactive.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tradedoubler.com GlobalSign Domain Validation CA - SHA256 - G2 |
2018-12-10 - 2021-01-27 |
2 years | crt.sh |
analytics.tradedoubler.com COMODO RSA Domain Validation Secure Server CA |
2018-02-02 - 2021-02-01 |
3 years | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
independanceroyale.com Let's Encrypt Authority X3 |
2019-09-30 - 2019-12-29 |
3 months | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-10-03 - 2019-12-26 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-10-03 - 2019-12-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-10-03 - 2019-12-26 |
3 months | crt.sh |
*.kxcdn.com Thawte RSA CA 2018 |
2019-07-04 - 2021-09-01 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-09-22 - 2019-12-20 |
3 months | crt.sh |
*.rfihub.net DigiCert SHA2 Secure Server CA |
2019-01-25 - 2020-04-25 |
a year | crt.sh |
omnitagjs.com Sectigo RSA Organization Validation Secure Server CA |
2019-03-26 - 2020-06-23 |
a year | crt.sh |
*.email-reflex.com Go Daddy Secure Certificate Authority - G2 |
2018-12-10 - 2020-01-20 |
a year | crt.sh |
calotag.com COMODO RSA Domain Validation Secure Server CA |
2018-10-26 - 2019-11-25 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2019-10-03 - 2019-12-26 |
3 months | crt.sh |
*.rfihub.com DigiCert SHA2 Secure Server CA |
2019-08-27 - 2020-08-31 |
a year | crt.sh |
cluster-prod.beampulse.com COMODO RSA Domain Validation Secure Server CA |
2017-08-30 - 2019-11-28 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429
Frame ID: E7630692AC658204005CD8AFBEC2ACD7
Requests: 51 HTTP requests in this frame
Frame:
https://20789423p.rfihub.com/ca.html?rfiidc=1871597493007039269&rfiaid=649a2cd09c8140729b2ed679441461d9&ver=9&rb=33863&ca=20789423&_o=33863&_t=20789423&pe=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286%7E%26agspb%3Dwm%26affId%3D3101429&pf=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286%7E%26agspb%3Dwm&ra=017786654436547256
Frame ID: A444324EDBFBF3053E3E26255E7FA258
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=... Page URL
- http://badodmilqinuieuoc.fr/a2bd1c89c35c77dd3e18d970b432e035/8b941cb7ecc6af62e4b71ae1e4ecbfec/FRHn3bumIM... Page URL
-
https://wmrm-xao.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.c...
HTTP 302
http://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.c... HTTP 301
https://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.c... HTTP 302
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/D... Page URL
-
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/D...
HTTP 302
https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=29... HTTP 301
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_ca... Page URL
Detected technologies
CentOS (Operating Systems) ExpandDetected patterns
- headers server /CentOS/i
ZURB Foundation (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+foundation[^>"]+css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
AppNexus (Advertising Networks) Expand
Detected patterns
- html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: En savoir plus
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=/MjAxOTEwMTk=/NTFfMzhfNjVfMjA3/15/311628/8752/12047.html Page URL
- http://badodmilqinuieuoc.fr/a2bd1c89c35c77dd3e18d970b432e035/8b941cb7ecc6af62e4b71ae1e4ecbfec/FRHn3bumIMhcvZd/clt/222104/8813/em_esthercuypers@skynet.be_ail/u_aHR0cHMlM0ElMkYlMkZ3bXJtLXhhb2RvdHlwb2ludGNvbSUyRmNsaWNkb3R5cG9pbnRwaHAlM0ZpZGMlM0QyOTc0JTI2aWR2JTNEMzQyNiUyNnR5cGUlM0Q1JTI2Y2FuZCUzRDIwMjI4NiUyNnVybCUzRGh0dHBzJTNBJTJGJTJGY2xrZG90eXBvaW50dHJhZGVkb3VibGVyZG90eXBvaW50Y29tJTJGY2xpY2slM0ZwJTNEMjg1ODgyJTI2YSUzRDMxMDE0MjklMjZnJTNEMjQ1OTE2OTIlMjZ1cmwlM0RodHRwcyUzQSUyRiUyRnd3d2RvdHlwb2ludGluZGVwZW5kYW5jZXJveWFsZWRvdHlwb2ludGNvbSUyRkRPLTMwJTJGaW5kZXhkb3R5cG9pbnRwaHAlM0Z1dG1fc291cmNlJTNEQVJUWTEyJTI2dXRtX21lZGl1bSUzRG1haWwlMjZ1dG1fY2FtcGFpZ24lM0Rkb3VjaGU_rl.html Page URL
-
https://wmrm-xao.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche
HTTP 302
http://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche HTTP 301
https://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche HTTP 302
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm Page URL
-
https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
HTTP 302
https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429 HTTP 301
https://www.independanceroyale.com/demande-information/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm&affId=3101429 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://wmrm-xao.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche HTTP 302
- http://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche HTTP 301
- https://affiliation.webmediarm.com/clic.php?idc=2974&idv=3426&type=5&cand=202286&url=https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche HTTP 302
- https://clk.tradedoubler.com/click?p=285882&a=3101429&g=24591692&url=https://www.independanceroyale.com/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&idc=2974&idv=3426&track=202286~&agspb=wm
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1825138227&t=pageview&_s=1&dl=https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm%26affId%3D3101429&dr=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm&ul=en-us&de=UTF-8&dt=Remplacer%20votre%20baignoire%20n%E2%80%99a%20jamais%20%C3%A9t%C3%A9%20aussi%20simple%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=899244970&gjid=928187612&cid=2013158888.1571475956&tid=UA-4021752-57&_gid=43707349.1571475956&_r=1&z=1743258382 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4021752-57&cid=2013158888.1571475956&jid=899244970&_gid=43707349.1571475956&gjid=928187612&_v=j79&z=1743258382
- https://email-reflex.com/tags/target.php?source=1801 HTTP 302
- https://calotag.com/tk.php?o=3&pid=101&aid=1
- https://secure.adnxs.com/seg?add=11502294&t=2 HTTP 302
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11502294%26t%3D2
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
12047.html
click.mpovonbecitllreae.fr/YWIzYjljYzU3MGI3NWY3YzQ0ODY2ZGJhODQzYzFiYTM/ZXN0aGVyY3V5cGVyc0Bza3luZXQuYmU=/MjAxOTEwMTk=/NTFfMzhfNjVfMjA3/15/311628/8752/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
u_aHR0cHMlM0ElMkYlMkZ3bXJtLXhhb2RvdHlwb2ludGNvbSUyRmNsaWNkb3R5cG9pbnRwaHAlM0ZpZGMlM0QyOTc0JTI2aWR2JTNEMzQyNiUyNnR5cGUlM0Q1JTI2Y2FuZCUzRDIwMjI4NiUyNnVybCUzRGh0dHBzJTNBJTJGJTJGY2xrZG90eXBvaW50dHJhZGV...
badodmilqinuieuoc.fr/a2bd1c89c35c77dd3e18d970b432e035/8b941cb7ecc6af62e4b71ae1e4ecbfec/FRHn3bumIMhcvZd/clt/222104/8813/em_esthercuypers@skynet.be_ail/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
click
clk.tradedoubler.com/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefs.js
vht.tradedoubler.com/fp/ |
9 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
analytics.tradedoubler.com/ |
0 241 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuidj
ib.adnxs.com/ |
11 B 708 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
www.independanceroyale.com/demande-information/DO-30/ Redirect Chain
|
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
www.independanceroyale.com/demande-information/DO-30/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive.css
www.independanceroyale.com/demande-information/DO-30/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 791 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation.css
www.independanceroyale.com/demande-information/DO-30/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twentytwenty.css
www.independanceroyale.com/demande-information/DO-30/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.js
code.jquery.com/ |
262 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.event.move.js
www.independanceroyale.com/demande-information/DO-30/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.twentytwenty.js
www.independanceroyale.com/demande-information/DO-30/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
www.independanceroyale.com/demande-information/DO-30/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
idcookie.js
www.independanceroyale.com/demande-information/DO-30/js/ |
2 KB 948 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
www.independanceroyale.com/demande-information/DO-30/js/ |
8 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-styldouche.png
www.independanceroyale.com/demande-information/DO-30/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vu-a-la-tv.png
www.independanceroyale.com/demande-information/DO-30/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styldouche-apres.jpg
www.independanceroyale.com/demande-information/DO-30/images/ |
370 KB 371 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styldouche-avant.jpg
www.independanceroyale.com/demande-information/DO-30/images/ |
349 KB 350 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icone1.png
www.independanceroyale.com/demande-information/DO-30/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icone2.png
www.independanceroyale.com/demande-information/DO-30/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icone3.png
www.independanceroyale.com/demande-information/DO-30/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icone4.png
www.independanceroyale.com/demande-information/DO-30/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styldouche-siege.jpg
www.independanceroyale.com/demande-information/DO-30/images/ |
317 KB 318 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-IR.png
www.independanceroyale.com/demande-information/DO-30/images/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
artisans-locaux.png
www.independanceroyale.com/demande-information/DO-30/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nf-service.png
www.independanceroyale.com/demande-information/DO-30/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
garantie-10-ans.png
www.independanceroyale.com/demande-information/DO-30/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wrap
swrap.tradedoubler.com/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AS-2316069.js
bp-1c51.kxcdn.com/prj/ |
19 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
37D29145D4861D08363F53EEBB3D44BD.cache.js
bp-1c51.kxcdn.com/listener/ |
346 KB 140 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
103 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lead
fo-api.omnitagjs.com/fo-api/ |
0 324 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grabber.js
email-reflex.com/js/ |
0 243 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tk.php
calotag.com/ Redirect Chain
|
43 B 452 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
43 B 1017 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
126909554807269
connect.facebook.net/signals/config/ |
280 KB 65 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idr.js
a.rfihub.com/ |
83 B 635 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cancel.png
www.independanceroyale.com/demande-information/DO-30/ |
684 B 947 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
op
app.beampulse.com/ |
150 B 566 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ca.html
20789423p.rfihub.com/ Frame A444 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
76 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer function| $ function| jQuery function| affiche function| numerique function| check string| GoogleAnalyticsObject function| ga object| TDConf object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe number| __as_prj_start boolean| __as_localStorage_available string| __as_v string| __as_hk number| __as_ra number| __as_ac_ra number| __as_vival string| __as_tu string| __as_cfgbase string| __as_prjroot string| __as_progbase boolean| __as_synch boolean| __as_ign_qparams boolean| __as_rtm_visit boolean| __as_rtm_page boolean| __as_active object| __as_seg object| __as_value object| __as_act object| __as_var object| __as_exp number| __as_prj_stop boolean| __as_localStorage_only object| XtraCookie function| __as_may_run_listener number| __as_listener_load function| listener object| __gwt_activeModules function| __gwt_getMetaProperty function| __gwt_isKnownPropertyValue object| $wnd boolean| __as_rng function| __as_cssSelector boolean| __bp_jquery_injection function| __as_jQuery function| jQueryBP function| __as_runWithJQueryUi boolean| __as_open undefined| __as_error object| bowser string| eReflexPxl string| eReflexTgt string| lbcHost string| OmnitagPxl function| fbq function| _fbq function| _rfi function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| __as_doOp string| __as_ui number| __as_pageid number| __as_ltra object| detectZoom function| md5 object| pako22 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rfihub.com/ | Name: eud Value: H4sIAAAAAAAAAJvFyGtoam5oYm5qaWpmYWS4Co1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4RuPjOaeSyo_Fto_E2saOZzo_kPjb9IGJX_CI0PAO_gveFQAQAA |
|
.rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNrQwNzS1NDexNDYwMDcwtjQysxTiM9QNLC1x8c4JNnY0q0yS4jU0NTc0MTe1NDUzMzAFABTDsrU0AAAA |
|
.independanceroyale.com/ | Name: _fbp Value: fb.1.1571475956894.1697246422 |
|
.independanceroyale.com/ | Name: __as_ledt Value: 1571475956661 |
|
.independanceroyale.com/ | Name: __as_mi Value: 1 |
|
.independanceroyale.com/ | Name: __as_seg_order Value: %5B0%2C%201%2C%202%2C%203%2C%204%2C%205%2C%206%2C%2010%2C%2011%2C%2012%2C%2013%2C%2014%2C%2015%2C%2016%2C%2017%2C%2018%2C%2019%2C%2020%2C%2021%2C%2022%2C%2023%2C%2024%2C%2025%2C%2026%2C%2031%5D |
|
.independanceroyale.com/ | Name: __as_lp Value: https%3A%2F%2Fwww.independanceroyale.com%2Fdemande-information%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm%26affId%3D3101429 |
|
.independanceroyale.com/ | Name: __as_at_visit Value: 0 |
|
.independanceroyale.com/ | Name: __as_vra Value: 17 |
|
.independanceroyale.com/ | Name: __as_vr Value: 1 |
|
.rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNzS1NDexNDYwMDcwtjQysxTiM9QNLC1x8c4JNnY0q0wCAHYbmHslAAAA |
|
.independanceroyale.com/ | Name: __as_vpv Value: 1 |
|
.independanceroyale.com/ | Name: _gat Value: 1 |
|
.independanceroyale.com/ | Name: __as_rng Value: 64 |
|
.independanceroyale.com/ | Name: __as_ui Value: cde604b2-0cd8-4672-a00d-c2b7c2db2020 |
|
.independanceroyale.com/ | Name: __as_ltch Value: 58 |
|
.independanceroyale.com/ | Name: __as_oginv Value: https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm |
|
.independanceroyale.com/ | Name: __as_reset Value: 1603011956451 |
|
.independanceroyale.com/ | Name: __as_seg Value: 0-3-4 |
|
.independanceroyale.com/ | Name: _gid Value: GA1.2.43707349.1571475956 |
|
.independanceroyale.com/ | Name: __as_ogins Value: https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D285882%26a%3D3101429%26g%3D24591692%26url%3Dhttps%3A%2F%2Fwww.independanceroyale.com%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26idc%3D2974%26idv%3D3426%26track%3D202286~%26agspb%3Dwm |
|
.independanceroyale.com/ | Name: _ga Value: GA1.2.2013158888.1571475956 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20789423p.rfihub.com
a.rfihub.com
affiliation.webmediarm.com
analytics.tradedoubler.com
app.beampulse.com
badodmilqinuieuoc.fr
bp-1c51.kxcdn.com
c1.rfihub.net
calotag.com
click.mpovonbecitllreae.fr
clk.tradedoubler.com
code.jquery.com
connect.facebook.net
email-reflex.com
fo-api.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
secure.adnxs.com
stats.g.doubleclick.net
swrap.tradedoubler.com
vht.tradedoubler.com
wmrm-xao.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.independanceroyale.com
13.225.78.49
154.44.178.3
185.31.128.129
185.33.223.197
188.165.150.178
193.0.160.128
2001:4de0:ac19::1:b:2a
212.129.13.31
23.38.48.101
2a00:1450:4001:80b::2003
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a0b:4d07:101::1
34.213.251.22
34.250.157.134
51.38.65.210
52.212.149.245
54.37.115.99
54.38.44.2
80.70.210.161
94.125.108.233
021a64452d74bd0a20ff0370c3b18045b3683d6694ae189c1d2d8989ba9f732c
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
2f9979597525e11befc110cbe23210c75f92b7a9fb4361ad8fdc8955ff5787be
3a877bb3a96349b2a73a952ee6493db863e8c4b473ff7c1253de2ab8d9f2d4a9
3f69c828195c5b350d5391e3db7e345fbe37e9a29a4604fd834beb5797cb375c
4041af866e9fc37d7a1ee5b30eaa00000bd0b8a40166d99cc8300604ba25bf3a
44462de9a5a107bb3dd123bd470bcf33e8e8c488cf195ea881425b5818b8c9c4
445aa796b292c7338bbf0abca41d62f83d92c154cd7a7878e06a7bebe2ea4526
49db7a00cbc85f53a7218310b4a1a3d2df042eb9deb773c39d28b1366018f928
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d16e4530930a50929014d901009c1cf63da20abbda992e8fee188f9aab38e6f
5519e660f46c85caaf44066b9995f61b1521aaff0e643081cb31e5469bf7b4e6
572867af834611242a7ad1fd90210e7bcca65658b2ec1621dcc2ecbc98ff8493
5dfbd5c68143508fdeb8bce19c39618925573ce7ceeaf1f77b3433ca7f07452b
66f1db359458537481479077b46a7b81e04e38c0c3589124935b069cb769c857
6c5285f0f72ed274fa7444934e04fd6f10e71b67eed54508bac7d526c3137475
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
75e9029eb284217406a192496dda083c81d57fc9d7a09fda337a775c2147f4f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b2889078de20142e1f77e49eb968f8031eded7320be712864b7187d0fbd1a8
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
95892386ad65b02b9a490a90f0cfa2ea062864e9861c73a33afbf09cfcc190fc
990b98d405c50d7d9cd8bcef7f822f7a383ee3b74a22551d920c1710b64ba005
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a445642c5267e083eaa78b6985379925fd33e0f2da5c19cec9dd8035ef6b288c
a81fe509c20bb34ac438c49941b55bc0a435be01b3c6988188f52e6d3ede780e
a8df908269a3343a24faefda741524c1c20d9cb408cd02959c5aee0a9d592baf
b0e5be476b2db54c02309e4f1075dac0599ff758323f4667762def3be63de33d
b1174b282f7e0e4f613bb45a454f36899326b0571a23979bdf37160fdb1422ab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbda652e5bc66c917010d3861180782865de0dfa597afacef36395e86be7ca27
be6644f8556ed2a5a457033ab827dec34dab365f2435b4a98b1a1615f783e596
c2946574f76a92222017022e9fc744bbf970fca817cb917fc4e695e10f2a57c8
c3b07dcc24e24a18666089aa17b0472c0a96326b02d7b12f5ba98491011c9174
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
d3517bf4ad62b27d760064a6774567e4616629df44473aad8b376e0b25d020b2
d8d31276e8c59731c8fef67ed8d549e2ffc2630bdd8dd303376732b3258fc892
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d4de6e3610e09163eb3121a533fc4ad904d2e3a0b8a81fde2f656b31c7c8a8
eca727e03526321a5d9d97327f439c417d09218dec9f4338d6d9be57b4553832
eddf1c06e664d842a4997bd7775bb6e61a961e11c0baa418ec0dd55f07936c5b
ef5f4cac7b15f6922522298cd23056a024a152715621d1532316fec6053461d5