urlscan.io logo urlscan.io
SecurityTrails logo

abo.officiel-des-vacances.com Open in urlscan Pro
185.12.51.170  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://link.news.officiel-des-vacances.com/m/surl/200381/502465/7lP8cdnJe9pYBnwvZPwdDkEV2Skz8dO15-in2eQUicA=/link_2/iaDaNxfhPRo49JD63ZA2PVe...
Effective URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Submission: On April 04 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 7 domains to perform 38 HTTP transactions. The main IP is 185.12.51.170, located in Paris, France and belongs to JEUXVIDEO-NETWORK, FR. The main domain is abo.officiel-des-vacances.com.
This is the only time abo.officiel-des-vacances.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    81.92.125.211 (Belgium)

ASN39905 (ACTITO, BE)
link.news.officiel-des-vacances.com
3    109.232.193.197 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: vps.eulerian.net
eulerian.officiel-des-vacances.com
17    185.12.51.170 (Paris, France)

ASN35717 (JEUXVIDEO-NETWORK, FR)
PTR: vip-odv-lbfront-http2-wan1.wbd.tech
abo.officiel-des-vacances.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
97f63d2197edb9a9269d9a9c87f92ad7.safeframe.googlesyndication.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 officiel-des-vacances.com
link.news.officiel-des-vacances.com
eulerian.officiel-des-vacances.com
abo.officiel-des-vacances.com
340 KB
8 googlesyndication.com
97f63d2197edb9a9269d9a9c87f92ad7.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
40 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
ssl.google-analytics.com — Cisco Umbrella Rank: 282
37 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
126 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 7
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8069
792 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
28 KB
38 7
Domain Requested by
17 abo.officiel-des-vacances.com abo.officiel-des-vacances.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.google-analytics.com 1 redirects abo.officiel-des-vacances.com
www.google-analytics.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 eulerian.officiel-des-vacances.com 1 redirects abo.officiel-des-vacances.com
1 www.google.com tpc.googlesyndication.com
1 97f63d2197edb9a9269d9a9c87f92ad7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 stats.g.doubleclick.net abo.officiel-des-vacances.com
1 ssl.google-analytics.com eulerian.officiel-des-vacances.com
1 www.googletagservices.com abo.officiel-des-vacances.com
1 link.news.officiel-des-vacances.com 1 redirects
38 14

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Frame ID: 01F020C40C79085E98D3B8636923B873
Requests: 30 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 0282A81EBBC78D7283D7E3F0CB8681DA
Requests: 2 HTTP requests in this frame

Frame: https://97f63d2197edb9a9269d9a9c87f92ad7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 643209D4C994D768748B2DE2DF5F1080
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A0681B39F4C061F4CCDFE10D7415F5C6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC7DD10BF0B5E09F343E8344454FF294
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

L'Officiel des Vacances, vous désinscrire...

Page URL History Show full URLs

  1. http://link.news.officiel-des-vacances.com/m/surl/200381/502465/7lP8cdnJe9pYBnwvZPwdDkEV2Skz8dO15-in2eQUicA=/link_2/iaD... HTTP 307
    https://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-name=Desabonnement&eml-ctype=CTYPE&eemail=5b... HTTP 302
    http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

38
Requests

42 %
HTTPS

69 %
IPv6

7
Domains

14
Subdomains

12
IPs

4
Countries

572 kB
Transfer

1101 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link.news.officiel-des-vacances.com/m/surl/200381/502465/7lP8cdnJe9pYBnwvZPwdDkEV2Skz8dO15-in2eQUicA=/link_2/iaDaNxfhPRo49JD63ZA2PVeCOS0ulNlTAlrh8v-0SLKLMUDVpDi9MvjFXlzy3vrOPaFPCeoNk3ZnkK1CCnwhthdQw--msXJqxyhN+w+nlyZT8+qfB8E0+hjf1OfiSm2Bx+YzWTvt68oacnZfsNets+bvHDnbulfuLWAKFYSFYX10CEwefsvIDJYDj3jUlC77bdn2V-C-HSACYG38pXdicS0MEdH1BCrEubgqLCm8Jt9pDr8h1WeADRj3FCJe2n6WQdnA2vLnXtyG8f2f5lfJQtK48wdswTpHyxLEcU5XJUuGz5R5TwnUk0zDjvc5+iVlNMKZy26kNucncN-A3A0p8VmqHjNlCoEHKbEVTyO4rW8= HTTP 307
    https://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-name=Desabonnement&eml-ctype=CTYPE&eemail=5b8b069ef466849c58453a8a12c12a64&eurl=http%3A%2F%2Fabo.officiel-des-vacances.com%2Faccount%2F%3Femail=5b8b069ef466849c58453a8a12c12a64 HTTP 302
    http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://eulerian.officiel-des-vacances.com/ea.js HTTP 307
  • https://eulerian.officiel-des-vacances.com/ea.js
Request Chain 15
  • http://eulerian.officiel-des-vacances.com/col106a/-/1487679456?sd=24&eacti0=w8QJGwZp6DPssZVf7lsyRoPMQ3wwh9SNH1bvBQ--&urlp=%2Fdesabonnement&fra=0&url=http%3A%2F%2Fabo.officiel-des-vacances.com%2Faccount%2F%3Femail%3D5b8b069ef466849c58453a8a12c12a64%26ectrans%3D1&ss=1600x1200& HTTP 307
  • https://eulerian.officiel-des-vacances.com/col106a/-/1487679456?sd=24&eacti0=w8QJGwZp6DPssZVf7lsyRoPMQ3wwh9SNH1bvBQ--&urlp=%2Fdesabonnement&fra=0&url=http%3A%2F%2Fabo.officiel-des-vacances.com%2Faccount%2F%3Femail%3D5b8b069ef466849c58453a8a12c12a64%26ectrans%3D1&ss=1600x1200&
Request Chain 21
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 23
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1585711009&utmhn=abo.officiel-des-vacances.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=L%27Officiel%20des%20Vacances%2C%20vous%20d%C3%A9sinscrire...&utmhid=230624514&utmr=-&utmp=%2Faccount%2F%3Femail%3D5b8b069ef466849c58453a8a12c12a64%26ectrans%3D1&utmht=1649073825195&utmac=UA-28811348-1&utmcc=__utma%3D185335031.554531550.1649073825.1649073825.1649073825.1%3B%2B__utmz%3D185335031.1649073825.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=37078596&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1585711009&utmhn=abo.officiel-des-vacances.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=L%27Officiel%20des%20Vacances%2C%20vous%20d%C3%A9sinscrire...&utmhid=230624514&utmr=-&utmp=%2Faccount%2F%3Femail%3D5b8b069ef466849c58453a8a12c12a64%26ectrans%3D1&utmht=1649073825195&utmac=UA-28811348-1&utmcc=__utma%3D185335031.554531550.1649073825.1649073825.1649073825.1%3B%2B__utmz%3D185335031.1649073825.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=37078596&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28811348-1&cid=554531550.1649073825&jid=37078596&_v=5.7.2&z=1585711009

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
abo.officiel-des-vacances.com/account/
Redirect Chain
  • http://link.news.officiel-des-vacances.com/m/surl/200381/502465/7lP8cdnJe9pYBnwvZPwdDkEV2Skz8dO15-in2eQUicA=/link_2/iaDaNxfhPRo49JD63ZA2PVeCOS0ulNlTAlrh8v-0SLKLMUDVpDi9MvjFXlzy3vrOPaFPCeoNk3ZnkK1CC...
  • https://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-name=Desabonnement&eml-ctype=CTYPE&eemail=5b8b069ef466849c58453a8a12c12a64&eurl=http%3A%2F%2Fabo.officiel-des-vacances.com...
  • http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
c73cc4996d8bc86d2eac2cbbfdbcf1e046c9b03f4e4605f4d9bb6692bd5453a9

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
age
0
cache-control
max-age=2
content-encoding
gzip
content-length
2653
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 12:03:44 GMT
server
Apache
vary
Accept-Encoding
via
1.1 varnish (Varnish/5.0)
x-cache
MISS
x-varnish
28616550
x-vpg-vid
odv-cache3

Redirect headers

Accept-Ranges
none
Cache-Control
max-age=0, private
Connection
Close
Content-Length
0
Date
Mon, 04 Apr 2022 12:03:44 GMT
Location
http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Server
EWS
Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex
X-XSS-Protection
0
jquery-ui.css
abo.officiel-des-vacances.com/account/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://abo.officiel-des-vacances.com/account/jquery-ui.css
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
f6575971bcba221e3f714febc01850311a4f839e080ad39c2f6e41a8a78cbb1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:03:44 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
4309
x-vpg-vid
odv-cache1
last-modified
Thu, 24 Oct 2019 12:26:28 GMT
server
Apache
etag
W/"59c0-595a724895fd4-gzip"
vary
Accept-Encoding
x-varnish
70978997
via
1.1 varnish (Varnish/5.0)
cache-control
max-age=2
access-control-allow-credentials
true
accept-ranges
bytes
content-type
text/css
default.css
abo.officiel-des-vacances.com/account/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://abo.officiel-des-vacances.com/account/default.css
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
d9011d3047dded2efc209c8deddedde3646c3270af7e65b46baa490d725dbe34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:03:44 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
1440
x-vpg-vid
odv-cache1
last-modified
Tue, 18 Aug 2020 08:53:48 GMT
server
Apache
etag
W/"135d-5ad23068e3474-gzip"
vary
Accept-Encoding
x-varnish
69345399
via
1.1 varnish (Varnish/5.0)
cache-control
max-age=2
access-control-allow-credentials
true
accept-ranges
bytes
content-type
text/css
jquery-1.7.2.min.js
abo.officiel-des-vacances.com/account/jscript/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://abo.officiel-des-vacances.com/account/jscript/jquery-1.7.2.min.js
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:03:44 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
33684
x-vpg-vid
odv-cache3
last-modified
Thu, 24 Oct 2019 12:26:30 GMT
server
Apache
etag
W/"17278-595a724acc6af-gzip"
vary
Accept-Encoding
x-varnish
15822978
via
1.1 varnish (Varnish/5.0)
cache-control
max-age=2
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript
jquery-ui-1.8.21.custom.min.js
abo.officiel-des-vacances.com/account/jscript/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://abo.officiel-des-vacances.com/account/jscript/jquery-ui-1.8.21.custom.min.js
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
98a0833dc9ca8a1cc3e7ca57221cdb31ea15a964968e938a697a2c610c1ab0d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:03:44 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
12653
x-vpg-vid
odv-cache1
last-modified
Thu, 24 Oct 2019 12:26:30 GMT
server
Apache
etag
W/"a1b4-595a724a77742-gzip"
vary
Accept-Encoding
x-varnish
70979000
via
1.1 varnish (Varnish/5.0)
cache-control
max-age=2
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript
akezio.js
abo.officiel-des-vacances.com/account/jscript/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://abo.officiel-des-vacances.com/account/jscript/akezio.js
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
db357d831ad97756c03a50ef3e53d1555c66306cc0215d683c9492b1b3d67700

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:03:44 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
1589
x-vpg-vid
odv-cache3
last-modified
Thu, 24 Oct 2019 12:26:30 GMT
server
Apache
etag
W/"116d-595a724a65dff-gzip"
vary
Accept-Encoding
x-varnish
28616553
via
1.1 varnish (Varnish/5.0)
cache-control
max-age=2
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript
ea.js
eulerian.officiel-des-vacances.com/
Redirect Chain
  • http://eulerian.officiel-des-vacances.com/ea.js
  • https://eulerian.officiel-des-vacances.com/ea.js
35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eulerian.officiel-des-vacances.com/ea.js
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
HTTP/1.1
Server
109.232.193.197 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
vps.eulerian.net
Software
EWS /
Resource Hash
05d9f102358c10dfe600b1c0c52898204d713924b07e10363aa568d7246b18c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 12:03:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
EWS
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3600, private
Connection
Keep-Alive
Accept-Ranges
none
X-Robots-Tag
noindex
Keep-Alive
timeout=4
Content-Length
12641
X-XSS-Protection
0
Expires
Mon, 04 Apr 2022 13:03:44 GMT

Redirect headers

Location
https://eulerian.officiel-des-vacances.com/ea.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abfb1f15c2cb3df79d00d5c685c6840b8f5c91ecebb41650eacb4611aeff6071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 12:03:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1177 / 488 of 1000 / last-modified: 1649070350"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
28206
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Mon, 04 Apr 2022 12:03:44 GMT
ban_top.jpg
abo.officiel-des-vacances.com/account/image-pack/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/ban_top.jpg
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/default.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
32026502b199ecd63e82c0829dfcf34e90067fcad271943cc65717d3e11cef3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache1
date
Mon, 04 Apr 2022 12:03:44 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Tue, 19 Oct 2021 08:49:24 GMT
server
Apache
age
0
etag
"2691e-5ceb0bd0628d9"
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
70979003
accept-ranges
bytes
content-length
157982
smile-cool.png
abo.officiel-des-vacances.com/account/image-pack/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/smile-cool.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/default.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
353ad62da9fb14fcb68fd4668d0f1a8eea47896d6b3f6240c9132879662c45ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache3
date
Mon, 04 Apr 2022 12:03:44 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:30 GMT
server
Apache
age
0
etag
"828-595a724a1ba73"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
15822981
accept-ranges
bytes
content-length
2088
optin-1.png
abo.officiel-des-vacances.com/account/image-pack/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/optin-1.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/default.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
c111ec8ca979346e411d00ed139021c8b0ab79d4bea43b4e4dbc49685c194a36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache1
date
Mon, 04 Apr 2022 12:03:44 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:29 GMT
server
Apache
age
0
etag
"551e-595a7249cd866"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
69345405
accept-ranges
bytes
content-length
21790
optin-2.png
abo.officiel-des-vacances.com/account/image-pack/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/optin-2.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/default.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
b07f343588ad2a83a17ac5616cc8d8780ea2507dc27c1c203456b811f55420ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache3
date
Mon, 04 Apr 2022 12:03:44 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:29 GMT
server
Apache
age
0
etag
"6646-595a7249e302a"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
29385399
accept-ranges
bytes
content-length
26182
optin-3.png
abo.officiel-des-vacances.com/account/image-pack/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/optin-3.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/default.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
7900976fcf3388bd7cfc6a520b91a715c5cb1f88e68ead8615b01e34f34e3323

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache1
date
Mon, 04 Apr 2022 12:03:44 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:30 GMT
server
Apache
age
0
etag
"67ae-595a7249f68ad"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
67763075
accept-ranges
bytes
content-length
26542
optin-4.png
abo.officiel-des-vacances.com/account/image-pack/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/optin-4.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/default.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
60b22cf1d8f8b10cc5c2d9d1397ae2ae95f6cac8d78999cc52d84dc3e5bc7bbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache1
date
Mon, 04 Apr 2022 12:03:44 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:30 GMT
server
Apache
age
0
etag
"61a3-595a724a0d011"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
69345408
accept-ranges
bytes
content-length
24995
smile-happy.png
abo.officiel-des-vacances.com/account/image-pack/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/smile-happy.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/default.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
f2e592cfb9b91a7f19f646e79e6d5ac16e28b430ccc442b03aa46632b143740d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache3
date
Mon, 04 Apr 2022 12:03:44 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:30 GMT
server
Apache
age
0
etag
"813-595a724a20894"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
15822984
accept-ranges
bytes
content-length
2067
smile-unhappy.png
abo.officiel-des-vacances.com/account/image-pack/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/smile-unhappy.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/default.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
73b9bd8cec2295a2c807a20ff7f30744c9cbc957b0a7b0af9dc9cc1695855f57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache3
date
Mon, 04 Apr 2022 12:03:44 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:30 GMT
server
Apache
age
0
etag
"827-595a724a2d3b6"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
29385402
accept-ranges
bytes
content-length
2087
1487679456
eulerian.officiel-des-vacances.com/col106a/-/
Redirect Chain
  • http://eulerian.officiel-des-vacances.com/col106a/-/1487679456?sd=24&eacti0=w8QJGwZp6DPssZVf7lsyRoPMQ3wwh9SNH1bvBQ--&urlp=%2Fdesabonnement&fra=0&url=http%3A%2F%2Fabo.officiel-des-vacances.com%2Facc...
  • https://eulerian.officiel-des-vacances.com/col106a/-/1487679456?sd=24&eacti0=w8QJGwZp6DPssZVf7lsyRoPMQ3wwh9SNH1bvBQ--&urlp=%2Fdesabonnement&fra=0&url=http%3A%2F%2Fabo.officiel-des-vacances.com%2Fac...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eulerian.officiel-des-vacances.com/col106a/-/1487679456?sd=24&eacti0=w8QJGwZp6DPssZVf7lsyRoPMQ3wwh9SNH1bvBQ--&urlp=%2Fdesabonnement&fra=0&url=http%3A%2F%2Fabo.officiel-des-vacances.com%2Faccount%2F%3Femail%3D5b8b069ef466849c58453a8a12c12a64%26ectrans%3D1&ss=1600x1200&
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
HTTP/1.1
Server
109.232.193.197 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
vps.eulerian.net
Software
EWS /
Resource Hash
001bf776a94b5878d3a4ffac1123b4a9347e05923a0339a665eec93041de643b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Mon, 04 Apr 2022 12:03:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
EWS
Strict-Transport-Security
max-age=604800
Content-Type
application/javascript
Cache-Control
max-age=0, private
Connection
Close
Accept-Ranges
none
X-Robots-Tag
noindex
Vary
User-Agent
Content-Length
1368
X-XSS-Protection
0

Redirect headers

Location
https://eulerian.officiel-des-vacances.com/col106a/-/1487679456?sd=24&eacti0=w8QJGwZp6DPssZVf7lsyRoPMQ3wwh9SNH1bvBQ--&urlp=%2Fdesabonnement&fra=0&url=http%3A%2F%2Fabo.officiel-des-vacances.com%2Faccount%2F%3Femail%3D5b8b069ef466849c58453a8a12c12a64%26ectrans%3D1&ss=1600x1200&
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ui-bg_highlight-soft_100_eeeeee_1x100.png
abo.officiel-des-vacances.com/account/image-pack/ui/ 		90 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/ui/ui-bg_highlight-soft_100_eeeeee_1x100.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/jquery-ui.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
41ff65fb4f9b6f2fa9c9d025c2e9b0c9e09a2aee6f32266d19ee93c8af4dacbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/jquery-ui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache3
date
Mon, 04 Apr 2022 12:03:45 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:31 GMT
server
Apache
age
0
etag
"5a-595a724bb3df5"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
15822987
accept-ranges
bytes
content-length
90
ui-bg_gloss-wave_35_f6a828_500x100.png
abo.officiel-des-vacances.com/account/image-pack/ui/ 		611 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/ui/ui-bg_gloss-wave_35_f6a828_500x100.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/jquery-ui.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
f63f3f9c618292c58b74b67e6b60e7e9018133e2880e2ad30623f3b8f9cbf760

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/jquery-ui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache3
date
Mon, 04 Apr 2022 12:03:45 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:31 GMT
server
Apache
age
0
etag
"263-595a724baa1b3"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
33656043
accept-ranges
bytes
content-length
611
ui-icons_ffffff_256x240.png
abo.officiel-des-vacances.com/account/image-pack/ui/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://abo.officiel-des-vacances.com/account/image-pack/ui/ui-icons_ffffff_256x240.png
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/jquery-ui.css
Protocol
HTTP/1.1
Server
185.12.51.170 Paris, France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
vip-odv-lbfront-http2-wan1.wbd.tech
Software
Apache /
Resource Hash
5481ff09a63fde681b23c842a9acd3181b6998dc711f675c529f028dd3020ad5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/account/jquery-ui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vpg-vid
odv-cache1
date
Mon, 04 Apr 2022 12:03:45 GMT
via
1.1 varnish (Varnish/5.0)
last-modified
Thu, 24 Oct 2019 12:26:32 GMT
server
Apache
age
0
etag
"1111-595a724be5add"
x-cache
MISS
content-type
image/png
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
69345411
accept-ranges
bytes
content-length
4369
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Apr 2023 12:02:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		98 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=abo.officiel-des-vacances.com
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
855a83608df2ae9baf516e0affde4e844c9c034a27dd1e40aae7f810adc3d60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 12:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86
x-xss-protection
0
expires
Mon, 04 Apr 2022 12:03:45 GMT
analytics.js
www.google-analytics.com/ Frame 0282
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1735
date
Mon, 04 Apr 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 04 Apr 2022 13:34:50 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: eulerian.officiel-des-vacances.com
URL: http://eulerian.officiel-des-vacances.com/col106a/-/1487679456?sd=24&eacti0=w8QJGwZp6DPssZVf7lsyRoPMQ3wwh9SNH1bvBQ--&urlp=%2Fdesabonnement&fra=0&url=http%3A%2F%2Fabo.officiel-des-vacances.com%2Faccount%2F%3Femail%3D5b8b069ef466849c58453a8a12c12a64%26ectrans%3D1&ss=1600x1200&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4370
date
Mon, 04 Apr 2022 10:50:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 04 Apr 2022 12:50:55 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1585711009&utmhn=abo.officiel-des-vacances.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1585711009&utmhn=abo.officiel-des-vacances.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmf...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28811348-1&cid=554531550.1649073825&jid=37078596&_v=5.7.2&z=1585711009
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28811348-1&cid=554531550.1649073825&jid=37078596&_v=5.7.2&z=1585711009
Requested by
Host: abo.officiel-des-vacances.com
URL: http://abo.officiel-des-vacances.com/account/?email=5b8b069ef466849c58453a8a12c12a64&ectrans=1
Protocol
H2
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 04 Apr 2022 12:03:45 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 12:03:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28811348-1&cid=554531550.1649073825&jid=37078596&_v=5.7.2&z=1585711009
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=abo.officiel-des-vacances.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 12:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=abo.officiel-des-vacances.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 12:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		875 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499836192416935&correlator=3759279673510490&eid=31063377&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=21704963%2CMegaban_desabo%2CBlock_desabo&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x250&ifi=1&adks=3274510674%2C1377263860&sfv=1-0-38&ecs=20220404&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1649073825244&lmt=1649073825&dlt=1649073824776&idt=434&biw=1600&bih=1200&adxs=386%2C591&adys=163%2C1591&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&url=http%3A%2F%2Fabo.officiel-des-vacances.com%2Faccount%2F%3Femail%3D5b8b069ef466849c58453a8a12c12a64%26ectrans%3D1&frm=20&vis=1&scr_x=0&scr_y=0&psz=829x90%7C710x250&msz=728x-1%7C300x-1&fws=0%2C4&ohw=0%2C845&ga_vid=1993912002.1649073825&ga_sid=1649073825&ga_hid=230624514&ga_fc=false&btvi=0%7C1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a64294ec4884f1e9c61cc18380e24f2fb65a38b4db8d32985f1d1a8c7b0a6817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
267
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://abo.officiel-des-vacances.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
97f63d2197edb9a9269d9a9c87f92ad7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6432 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://97f63d2197edb9a9269d9a9c87f92ad7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 12:03:45 GMT
expires
Tue, 04 Apr 2023 12:03:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ Frame 0282 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1037403315&t=pageview&_s=1&dl=http%3A%2F%2Fabo.officiel-des-vacances.com%2Faccount%2F%3Femail%3D5b8b069ef466849c58453a8a12c12a64%26ectrans%3D1&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_utma=185335031.554531550.1649073825.1649073825.1649073825.1&_utmz=185335031.1649073825.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1649073825285&_u=IQBCAAABAAAAAC~&jid=535856858&gjid=349000302&cid=554531550.1649073825&tid=UA-28811348-2&_gid=1174035664.1649073825&_r=1&_slc=1&z=937512525
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://abo.officiel-des-vacances.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 12:03:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://abo.officiel-des-vacances.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1d5a16b42663499a617d8b320037d2554d2abb6a5f81d626531866644858e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 12:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10625
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 12:03:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A068 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
296
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 11:58:49 GMT
expires
Tue, 04 Apr 2023 11:58:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BC7D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a942e36114a48c5d16d918ae8fe7e523007d4d2cb4ed99f77aedec3092c8c7c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xQQCT2omEKZC6NmzcFCisw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-xQQCT2omEKZC6NmzcFCisw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 12:03:45 GMT
expires
Mon, 04 Apr 2022 12:03:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame BC7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=4499836192416935&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
pagead2.googlesyndication.com/bg/ Frame A068 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 07:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
15861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13731
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 07:39:24 GMT
generate_204
tpc.googlesyndication.com/ Frame A068 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?F98ZjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:03:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=4499836192416935&bg=!WVqlWh7NAAZku-1yRLs7ACkAdvg8WloBhDlG-O0gzHsEqTDKADW1wVrlSM2ziC43mcKSi1pv6PEzPgIAAABYUgAAAAJoAQeZAvDeTERCHg5UiHTbGtIKk9RuRoEJYloJQrzh5PzXZvH4ixGxp1WBWYDFJNya7drg_XpIHItU0N7dirtO4Xc2qnbfsx5lVUD9ah6VBG3snANUplNaAkaPDaa6Erung03XjlMnbdc97o7vjQzliURZHpGI51RZcubNq861ryZ8nZvRao08vKL3IPafB3UEUoGWMwNLSIGYOEQKomRP3a2G8Tr_3DNXtGkhkckQ1M4DWZVxClGTl0AQ-byVtOfLyYz6_36MI_rgdeGt1h1ifWEVv1jNeh-ctnQiWeF2pjqk6ckepJYO_81odwiat3Fx40-EQAv8_A_hoe7WvYeDoMqOLIcteMfeQBAidDnQcd3_nAwJMh4Je_tNrI4ICq0o55UG8xC3GYLDZCqZyDlHHTyUegBTufRnMNcD6Wh-X44-TSJcSDa1yzHmNaqyfO4mf1MI6yVNDABKVH0b7y-bSnx9okhG6DMi_Y1ZdeUIsUkhpkRreIeMlzGZPBZ1hajcgQknN9jKa1KVzW1FypIyKSGFpVcXy8npMm-I2JuIeS_CvfpozOIkJyEB-uqrW80PRvYWL4W9sRy7CSM3KlSO3DFdgIsqgPWgR3fpYOzPRa9kNnno1OKD0zl7u0Ul7Sm4gyG339w3ehSReWKoKgnB7dAL-QXImIE0ASwtUXXZr913T8kAJhobM2UPC5TtHWlQCoW3uwHzbEVvIRRP_n9Jo2HCdVXbUhRYT70jATZUMjh6TsXyEuTe1G8ftolLqr8BiUJrbiXZ-q8J5jHMlGcKPIzuq3uOrE18Oh1MAzM8OLUSDVgO-tr5MkovK_n13_JJSx0eiW56X_GZdW_NUIr3Ux5xZUNw_JDoHbCeJRqIjIBX3pr8pHhEQQRUMUXCcY7PM0ptltuin66X8CtiyIVzD7LFIuhL6TQ3eKEyRajSh6j9PWDARX1jy-6lblUVcbzArGg6v7nMIkg-C14fsomShUN6VYNQrPb2mf2ic3xvEu_O9TWu5g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://abo.officiel-des-vacances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 12:03:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| DP_jQuery_1649073824906 function| waitBlockAjax function| processAjax function| attachResponse object| googletag object| _oEa object| _oEaW object| _oEaXp function| EA_event function| EA_button function| EA_link function| EA_download function| EA_productevent function| EA_productbutton function| EA_productlink function| EA_productdownload function| EA_contextflag function| EA_tageventadd function| EA_tagisearchadd function| EA_taguparam function| EA_tagheatmap function| EA_heatmap function| EA_tagemail function| EA_tagproduct function| EA_tagerror function| EA_tagreferrer function| EA_referrer function| EA_tag function| EA_tagmulti function| EA_action_out_in function| EA_action_out function| EA_action_in function| EA_action_ref function| EA_shoppingcartestimate function| EA_shoppingcart function| EA_shoppingcartadd function| EA_shoppingcarthook function| EA_shoppingcartamount function| EA_estimate function| EA_newcustomer function| EA_blockpromo function| EA_view function| EA_tpclickposition function| EA_tpclickproduct function| EA_tpclick function| EA_dyntpclick function| EA_tpclickurl function| EA_dyntpclickurl function| EA_tpview function| EA_tpviewprd function| EA_dyntpview function| EA_tpviewurl function| EA_dyntpviewurl function| EA_click function| EA_clickoutposition function| EA_clickoutproduct function| EA_clickout function| EA_clickouturl function| EA_viewout function| EA_viewouturl function| EA_collectorurl function| EA_collector function| EA_merchandiser function| EA_jsversion number| eflash string| EA_param string| dateText object| dateIso object| ggeac object| google_js_reporting_queue object| _EaCP object| _gaq object| _gat object| gaGlobal undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
.officiel-des-vacances.com/ Name: etuix
Value: 6Idi7GjfwSMXEmRH52MNxDKSt8RSB0ef90tsl20Rnajyza2PmchfIw--
.officiel-des-vacances.com/ Name: __utma
Value: 185335031.554531550.1649073825.1649073825.1649073825.1
.officiel-des-vacances.com/ Name: __utmc
Value: 185335031
.officiel-des-vacances.com/ Name: __utmz
Value: 185335031.1649073825.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.officiel-des-vacances.com/ Name: __utmt
Value: 1
.officiel-des-vacances.com/ Name: __utmb
Value: 185335031.1.10.1649073825
.officiel-des-vacances.com/ Name: _ga
Value: GA1.2.554531550.1649073825
.officiel-des-vacances.com/ Name: _gid
Value: GA1.2.1174035664.1649073825
.officiel-des-vacances.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.officiel-des-vacances.com/ Name: __gads
Value: ID=75be58e9076490b9-22f6a3ce6dcd00a6:T=1649073825:S=ALNI_MZf5sGRSN_iCU7sJ035OqojR15kLg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

97f63d2197edb9a9269d9a9c87f92ad7.safeframe.googlesyndication.com
abo.officiel-des-vacances.com
adservice.google.com
adservice.google.de
eulerian.officiel-des-vacances.com
link.news.officiel-des-vacances.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
109.232.193.197
142.250.185.98
185.12.51.170
2a00:1450:4001:808::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9c
81.92.125.211
001bf776a94b5878d3a4ffac1123b4a9347e05923a0339a665eec93041de643b
05d9f102358c10dfe600b1c0c52898204d713924b07e10363aa568d7246b18c9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
32026502b199ecd63e82c0829dfcf34e90067fcad271943cc65717d3e11cef3a
353ad62da9fb14fcb68fd4668d0f1a8eea47896d6b3f6240c9132879662c45ff
41ff65fb4f9b6f2fa9c9d025c2e9b0c9e09a2aee6f32266d19ee93c8af4dacbf
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5481ff09a63fde681b23c842a9acd3181b6998dc711f675c529f028dd3020ad5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
60b22cf1d8f8b10cc5c2d9d1397ae2ae95f6cac8d78999cc52d84dc3e5bc7bbd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
73b9bd8cec2295a2c807a20ff7f30744c9cbc957b0a7b0af9dc9cc1695855f57
7900976fcf3388bd7cfc6a520b91a715c5cb1f88e68ead8615b01e34f34e3323
7f1d5a16b42663499a617d8b320037d2554d2abb6a5f81d626531866644858e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855a83608df2ae9baf516e0affde4e844c9c034a27dd1e40aae7f810adc3d60e
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
98a0833dc9ca8a1cc3e7ca57221cdb31ea15a964968e938a697a2c610c1ab0d6
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64294ec4884f1e9c61cc18380e24f2fb65a38b4db8d32985f1d1a8c7b0a6817
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a942e36114a48c5d16d918ae8fe7e523007d4d2cb4ed99f77aedec3092c8c7c0
abfb1f15c2cb3df79d00d5c685c6840b8f5c91ecebb41650eacb4611aeff6071
b07f343588ad2a83a17ac5616cc8d8780ea2507dc27c1c203456b811f55420ba
c111ec8ca979346e411d00ed139021c8b0ab79d4bea43b4e4dbc49685c194a36
c73cc4996d8bc86d2eac2cbbfdbcf1e046c9b03f4e4605f4d9bb6692bd5453a9
d9011d3047dded2efc209c8deddedde3646c3270af7e65b46baa490d725dbe34
db357d831ad97756c03a50ef3e53d1555c66306cc0215d683c9492b1b3d67700
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e592cfb9b91a7f19f646e79e6d5ac16e28b430ccc442b03aa46632b143740d
f63f3f9c618292c58b74b67e6b60e7e9018133e2880e2ad30623f3b8f9cbf760
f6575971bcba221e3f714febc01850311a4f839e080ad39c2f6e41a8a78cbb1f