![](/screenshots/5febbfef-2013-4ddc-8d41-e354f2049969.png)
sejour-magique.plein2kdo.com
Open in
urlscan Pro
52.214.78.115
Public Scan
Effective URL: https://sejour-magique.plein2kdo.com/
Submission: On May 04 via api from CZ — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on February 21st 2024. Valid for: a year.
This is the only time sejour-magique.plein2kdo.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN47890 (UNMANAGED-DEDICATED-SERVERS, GB)
PTR: hostingmailto077.statics.servermail.org
track.mltrck.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-47-120.eu-west-1.compute.amazonaws.com
o231585781.kractipo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-213-157.eu-west-1.compute.amazonaws.com
api.optinproject.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-78-115.eu-west-1.compute.amazonaws.com
sejour-magique.plein2kdo.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-23.fra60.r.cloudfront.net
static.collectoptin.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
static.optinproject.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com |
ASN16509 (AMAZON-02, US)
sdk.privacy-center.org |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-218-24.fra60.r.cloudfront.net
www.datadoghq-browser-agent.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
v3.api.optinproject.com |
ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-55.fra56.r.cloudfront.net
sdk.privacy-center.org |
ASN16509 (AMAZON-02, US)
api.privacy-center.org |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com |
Domain | Requested by | |
---|---|---|
12 | static.collectoptin.com |
sejour-magique.plein2kdo.com
static.collectoptin.com |
9 | v3.api.optinproject.com |
www.datadoghq-browser-agent.com
sejour-magique.plein2kdo.com |
3 | asset.easydmp.net |
sejour-magique.plein2kdo.com
asset.easydmp.net www.datadoghq-browser-agent.com |
3 | www.googletagmanager.com |
sejour-magique.plein2kdo.com
www.googletagmanager.com |
3 | sdk.privacy-center.org |
sejour-magique.plein2kdo.com
sdk.privacy-center.org |
3 | www.google.com |
sejour-magique.plein2kdo.com
www.gstatic.com |
3 | sejour-magique.plein2kdo.com |
1 redirects
sejour-magique.plein2kdo.com
|
3 | api.optinproject.com |
2 redirects
sejour-magique.plein2kdo.com
|
2 | analytics.twitter.com |
sejour-magique.plein2kdo.com
|
2 | t.co |
sejour-magique.plein2kdo.com
|
2 | pagead2.googlesyndication.com |
www.googletagmanager.com
pagead2.googlesyndication.com |
2 | api.privacy-center.org |
www.datadoghq-browser-agent.com
|
2 | static.optinproject.com |
sejour-magique.plein2kdo.com
static.collectoptin.com |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | www.gstatic.com |
www.google.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.datadoghq-browser-agent.com |
sejour-magique.plein2kdo.com
|
1 | cdn.jsdelivr.net |
static.collectoptin.com
|
1 | fonts.googleapis.com |
sejour-magique.plein2kdo.com
|
1 | o231585781.kractipo.com | 1 redirects |
1 | cd-cont.com | 1 redirects |
1 | track.mltrck.com | 1 redirects |
1 | parisdesnyebgtfrdff.pro | 1 redirects |
54 | 24 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.plein2kdo.com Amazon RSA 2048 M02 |
2024-02-21 - 2025-03-21 |
a year | crt.sh |
static.collectoptin.com Amazon RSA 2048 M03 |
2023-11-22 - 2024-12-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
static.optinproject.com Amazon RSA 2048 M03 |
2023-12-17 - 2025-01-14 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
*.privacy-center.org Amazon RSA 2048 M03 |
2024-03-10 - 2025-04-07 |
a year | crt.sh |
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-12 - 2024-12-14 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
core.api.optincollect.com Amazon RSA 2048 M01 |
2023-07-14 - 2024-08-10 |
a year | crt.sh |
api.privacy-center.org Amazon RSA 2048 M02 |
2023-06-13 - 2024-07-11 |
a year | crt.sh |
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-21 - 2024-07-19 |
a year | crt.sh |
ico.easydmp.net R3 |
2024-03-16 - 2024-06-14 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-01-07 - 2025-01-06 |
a year | crt.sh |
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-10-31 - 2024-10-29 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://sejour-magique.plein2kdo.com/
Frame ID: CB1795603B261A29EE1EF4973CD76D30
Requests: 47 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9zZWpvdXItbWFnaXF1ZS5wbGVpbjJrZG8uY29tOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=t62p5qhwqin7
Frame ID: 4960AFB22DA5A8B739A502D03D4A5713
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9zZWpvdXItbWFnaXF1ZS5wbGVpbjJrZG8uY29tOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&sa=landing_4213&cb=qkh76nsise3p
Frame ID: C5C8BA268E1B38B62323FEACD95FAC2E
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/5febbfef-2013-4ddc-8d41-e354f2049969.png)
Page Title
Grand jeu concours Entrées pour disneyland parisPage URL History Show full URLs
-
http://parisdesnyebgtfrdff.pro/
HTTP 307
https://parisdesnyebgtfrdff.pro/ HTTP 307
http://parisdesnyebgtfrdff.pro/ HTTP 302
https://track.mltrck.com/?a=67041&c=315837&mt=3 HTTP 302
https://cd-cont.com/?a=67041&c=315837&oc=174166&sr=t&vt=1714857497667&h=748786008e0a9c9ba60e0b49... HTTP 302
https://o231585781.kractipo.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&las... HTTP 302
https://api.optinproject.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&las... HTTP 302
https://sejour-magique.plein2kdo.com/track?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zi... HTTP 302
https://sejour-magique.plein2kdo.com/ Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/didomi.png)
Detected patterns
- sdk\.privacy-center\.org/.*/loader\.js
Detected patterns
- googlesyndication\.com/
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
![](/vendor/wappa/icons/reCAPTCHA.png)
Detected patterns
- /recaptcha/api\.js
Page Statistics
33 Outgoing links
These are links going to different origins than the main page.
Title: ici
Search URL Search Domain Scan URL
Title: cette page
Search URL Search Domain Scan URL
Title: https://conso.bloctel.fr/
Search URL Search Domain Scan URL
Title: Devenez affilié
Search URL Search Domain Scan URL
Title: cliquant ici
Search URL Search Domain Scan URL
Title: https://support.google.com/analytics/answer/3455585?hl=en.
Search URL Search Domain Scan URL
Title: https://tools.google.com/dlpage/gaoptout.
Search URL Search Domain Scan URL
Title: https://policies.google.com/privacy?hl=fr
Search URL Search Domain Scan URL
Title: https://www.datadoghq.com/legal/cookies/
Search URL Search Domain Scan URL
Title: https://privacy.didomi.io/fr/userdata
Search URL Search Domain Scan URL
Title: https://support.google.com/adwords/answer/1722022?hl=fr
Search URL Search Domain Scan URL
Title: https://liveramp.fr/politique-de-cookies/
Search URL Search Domain Scan URL
Title: https://www.ermes.ai/politique-de-confidentialite/
Search URL Search Domain Scan URL
Title: cliquez ici
Search URL Search Domain Scan URL
Title: cliquez ici
Search URL Search Domain Scan URL
Title: cliquez ici
Search URL Search Domain Scan URL
Title: https://momentum.link/#/privacy
Search URL Search Domain Scan URL
Title: https://www.facebook.com/about/privacy
Search URL Search Domain Scan URL
Title: https://adara.com/opt-out/
Search URL Search Domain Scan URL
Title: Cliquez ici pour consulter la politique de confidentialité de Facebook
Search URL Search Domain Scan URL
Title: Cliquez ici pour obtenir des informations sur les cookies utilisés par Facebook
Search URL Search Domain Scan URL
Title: http://www.adobe.com/fr
Search URL Search Domain Scan URL
Title: cliquez ici
Search URL Search Domain Scan URL
Title: cliquez ici
Search URL Search Domain Scan URL
Title: cliquez ici
Search URL Search Domain Scan URL
Title: cliquez ici
Search URL Search Domain Scan URL
Title: cliquez ici
Search URL Search Domain Scan URL
Title: https://support.apple.com/fr-fr/HT201265
Search URL Search Domain Scan URL
Title: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DAndroid&hl=fr
Search URL Search Domain Scan URL
Title: https://support.microsoft.com/fr-fr/help/10635/windows-phone-change-privacy-and-other-browser-settings
Search URL Search Domain Scan URL
Title: http://www.youronlinechoices.com/fr/controler-sescookies/
Search URL Search Domain Scan URL
Title: http://www.allaboutcookies.org/
Search URL Search Domain Scan URL
Title: http://www.cnil.fr/vos-droits/vos-traces/les-cookies/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://parisdesnyebgtfrdff.pro/
HTTP 307
https://parisdesnyebgtfrdff.pro/ HTTP 307
http://parisdesnyebgtfrdff.pro/ HTTP 302
https://track.mltrck.com/?a=67041&c=315837&mt=3 HTTP 302
https://cd-cont.com/?a=67041&c=315837&oc=174166&sr=t&vt=1714857497667&h=748786008e0a9c9ba60e0b4925f586ec33c5f1d0&req=https%3A%2F%2Ftrack.mltrck.com%2F%3Fa%3D67041%26c%3D315837%26mt%3D3&mt=3&sip=80.255.7.102&sh=b5a4d690dbced2733af0927c2cef3dc098033e1b HTTP 302
https://o231585781.kractipo.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zipcode=_ZIPCODE_&address=&city=_CITY_&phone=&postback_parameters[var1]=2161cca2b89543e5ad2c6ae39d12f63f1ddbd HTTP 302
https://api.optinproject.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zipcode=_ZIPCODE_&address=&city=_CITY_&phone=&postback_parameters[var1]=2161cca2b89543e5ad2c6ae39d12f63f1ddbd HTTP 302
https://sejour-magique.plein2kdo.com/track?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zipcode=_ZIPCODE_&address=&city=_CITY_&phone=&optinsplid=4213&optinadid=54661&optins2s=iBmP1x9apK8t2V5kQwsTCl6Nz3dipuvJZwhXIBnUZ4kwb5JBXKuTAc8tFIC2pCf7KBNABWHiTSAF22eFPMpxT7PFchjDPjyE2CNEch6mMJE&postback_parameters%5Bvar1%5D=2161cca2b89543e5ad2c6ae39d12f63f1ddbd HTTP 302
https://sejour-magique.plein2kdo.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://api.optinproject.com/targeting/converted/1100.gif HTTP 302
- https://api.optinproject.com/rt/converted/plein2kdo.gif
54 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sejour-magique.plein2kdo.com/ Redirect Chain
|
116 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
static.collectoptin.com/css/ |
1 KB 965 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plein2kdo_ocv2_consent.css
static.collectoptin.com/build/theme_minimalist/ |
77 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
static.collectoptin.com/build/vendor/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
623b24a792a0b.jpeg
static.optinproject.com/sites/2212/landing_mobile_header/ |
114 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-form.png
static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ |
897 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-present.png
static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ |
718 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpo_email.jpg
static.collectoptin.com/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plein2kdo-logo.png
static.collectoptin.com/workflowbundle/sweepstake/v2/FR/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 882 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plein2kdo_ocv2_consent.js
static.collectoptin.com/build/theme_minimalist/ |
2 MB 460 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.simplemodal.js
static.collectoptin.com/build/vendor/jquery-simplemodal/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plein2kdo.gif
api.optinproject.com/rt/converted/ Redirect Chain
|
43 B 459 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4213
sejour-magique.plein2kdo.com/track/visit/2273/ |
0 70 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/ |
84 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
sdk.privacy-center.org/342cc8ab-0603-42a6-88ba-4ae77fbf586c/ |
27 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ |
150 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
623b24a733560.jpeg
static.optinproject.com/sites/2212/landing_background_image/ |
606 KB 607 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
441 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.js
static.collectoptin.com/build/ |
347 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16.js
static.collectoptin.com/build/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.13baec1685caf5c6eeacde774570aa8c3314ba71.js
sdk.privacy-center.org/sdk/13baec1685caf5c6eeacde774570aa8c3314ba71/modern/ |
341 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ |
509 KB 203 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
sessions
v3.api.optinproject.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sessions
v3.api.optinproject.com/ |
45 B 267 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
relocate
v3.api.optinproject.com/pixel/cookie/ |
43 B 182 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ui-gdpr-fr-web.13baec1685caf5c6eeacde774570aa8c3314ba71.js
sdk.privacy-center.org/sdk/13baec1685caf5c6eeacde774570aa8c3314ba71/modern/ |
275 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
events
api.privacy-center.org/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
api.privacy-center.org/v1/ |
0 567 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
222 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mt.js
asset.easydmp.net/mt/squadata/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
284 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
147 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame 4960 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame C5C8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5024
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ads/type/sponsoring/supportlocation/ |
2 B 318 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
5024
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ads/type/sponsoring/supportlocation/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
pagead2.googlesyndication.com/pagead/conversion/10985604376/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 263 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/1/i/ |
43 B 378 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/1/i/ |
43 B 568 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/1/i/ |
43 B 223 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/1/i/ |
43 B 722 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.js
asset.easydmp.net/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gip.php
asset.easydmp.net/ |
47 B 500 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/ |
412 KB 139 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
announcers
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/type/sales/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
collected-data
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
announcers
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/type/sales/ |
122 KB 28 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collected-data
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ |
2 B 275 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
static.collectoptin.com/plein2kdo/images/iconified/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/pagead/conversion/10985604376/?random=1714857500095&cv=11&fst=1714857500095&bg=ffffff&guid=ON&async=1>m=45be4510v896254696z876354608za201&gcs=G100&gcd=13p3p3t2t5&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fsejour-magique.plein2kdo.com%2F&label=7yo6COu3poEYEJiKrPYo&hn=www.googleadservices.com&frm=0&tiba=Grand%20jeu%20concours%20Entr%C3%A9es%20pour%20disneyland%20paris&value=0&bttype=purchase&npa=0&pscdl=denied&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QQ&rfmt=3&fmt=4
Verdicts & Comments Add Verdict or Comment
68 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| gdprAppliesGlobally function| __tcfapi object| DD_RUM function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| webpackJsonp function| setImmediate function| clearImmediate object| didomiEventListeners function| optinBrand function| FormValidate function| PhoneValidator function| DoubleCheckboxValidator function| Validation object| dataLayer object| didomiOnReady object| didomiRemoteConfig string| didomiCountry undefined| didomiRegion object| didomiGeoRegulations object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| OptinClientSponsoring object| OptinCollectSponsoring object| webpackChunkDidomi object| Didomi object| DidomiSanitizing object| didomiState object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| twq function| __easyMetaTagSqudata object| closure_lm_66416 object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| twttr string| [eedmpact] function| eedmpdo object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl28 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cd-cont.com/ | Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ== |
|
.cd-cont.com/ | Name: gdm_sid_v1_3_001 Value: LDdoUodIXyuq1hkL5vs/RsCC0V1z4xeLkmEmH9QDez96zRZVxma499jxUr1NixN07al7gwZjhtxl6taL6Y9d/5h7Ojpltxvl6fqIDCDU11YkOQnLn6mv6ZT1LxsH3zNL4mmHSPMus95YD7+Xsu19IPj+xGtLmA3kbRvxx1Fjk/qFWfeU3IFq0h5tWHA8QuOQPxfy3Ez6NQAVxRooCxoxFDMfFX2Kt8T8pYJqyZT6D4ahcGru51G9L+zZLVsbvwpstvdBE8rGqVaIJTYpM69L3HKSDc8JIDnfUfeAzjKqxZ5qSaKng/RbVVdrS4Uxc2qLAsCIx3mhafqBT/Si5gDpuDk3LzvXgpzVBrdRpmAwf6UHgsOp7u8eAgeEyihnAlLdP0YVWdLsAWuVCR9+UUuT9EZZbKg2/OhzUCFQMIzCNwXeGoLO5+yoP2WoNR7AhSzONRkIj4yJpmyHS+CbVspzVCU0brxiuO7xvqewEsH/fW12q4SVKV/TqcDqBKpq6aWhkA/uii0dRKHSI++s7MCpIKRiEbageGCet6OvJ4j19oW2GMRNelRxBZECIKyeTpVX1c2JNiyvTa0WIoc+DBEFC3u7uTrQYsy9vE9JeygJt2dZpC5STTV+jbKCMfE6m3hy0af3Pz6sNsGu4lwRgpnxvaGJ8U6ZdEik6Iukntey1SbqQQH5OrpVkAsyRW5Jo/o/rKF3sbOD7IJST/Orij0RyXGEx4/MnkZac0tlNmgnvMuL/r/8EnnVEJqIxBgON8j73rUtwgBWC+R5QLMtAopl7X8mXs4HI1PdvVpiRhKndF8IF0n3/rj0oedeFnDl0w57rA79EC5D+URmWdcQqOSnOF7MYfuzcDGkTEWFqju+ZD8hkInI6eEd+UBf5t170GYUuQXkXKcpYxb2RRWKBzFvWYFjLvm5U0d4wQLtDMTtyeieTEGaWcfmN+8vg9CEcgDIBBk10HNsnSoo0Nq5LLZAHWBky3tNaUoNLnPbeG+XbNnJ8nWwNb/fnqzRQ1znKZQKD/L4zIGdaeOj0V82iyLDYIW3H+kYtrrxQSH+SVrX0muxizQmy2rl7A6JfQJVbN3W |
|
.cd-cont.com/ | Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ== |
|
.cd-cont.com/ | Name: gdm_click_adv_freq_v2_1_001 Value: foYa63xAE1V8RfM9y9fMReUHATTNhQ8EOk8TNEXY2AGg2tQQr7PtTogOYrwGn/+a |
|
.cd-cont.com/ | Name: gdm_click_adv_freq_v1_1_001 Value: foYa63xAE1V8RfM9y9fMReUHATTNhQ8EOk8TNEXY2AGg2tQQr7PtTogOYrwGn/+a |
|
.cd-cont.com/ | Name: gdm_uid_v1_1_001 Value: jeHkqbcFOR2mbnkadQaabjqVafq7tEAJdMnJ83Fw20RzKcmEcO5p7RBVkRGEd7Wz |
|
.cd-cont.com/ | Name: gdm_click_freq_v2_1_001 Value: t0FkT+NieTTfdyRZK3EvRNXqANA55MUC8k8bf/LCZDds/kP+k8PP2rRZymWmYAhu |
|
.cd-cont.com/ | Name: gdm_click_freq_v1_1_001 Value: t0FkT+NieTTfdyRZK3EvRNXqANA55MUC8k8bf/LCZDds/kP+k8PP2rRZymWmYAhu |
|
.cd-cont.com/ | Name: gdm_sid_v2_3_001 Value: LDdoUodIXyuq1hkL5vs/RsCC0V1z4xeLkmEmH9QDez96zRZVxma499jxUr1NixN07al7gwZjhtxl6taL6Y9d/5h7Ojpltxvl6fqIDCDU11YkOQnLn6mv6ZT1LxsH3zNL4mmHSPMus95YD7+Xsu19IPj+xGtLmA3kbRvxx1Fjk/qFWfeU3IFq0h5tWHA8QuOQPxfy3Ez6NQAVxRooCxoxFDMfFX2Kt8T8pYJqyZT6D4ahcGru51G9L+zZLVsbvwpstvdBE8rGqVaIJTYpM69L3HKSDc8JIDnfUfeAzjKqxZ5qSaKng/RbVVdrS4Uxc2qLAsCIx3mhafqBT/Si5gDpuDk3LzvXgpzVBrdRpmAwf6UHgsOp7u8eAgeEyihnAlLdP0YVWdLsAWuVCR9+UUuT9EZZbKg2/OhzUCFQMIzCNwXeGoLO5+yoP2WoNR7AhSzONRkIj4yJpmyHS+CbVspzVCU0brxiuO7xvqewEsH/fW12q4SVKV/TqcDqBKpq6aWhkA/uii0dRKHSI++s7MCpIKRiEbageGCet6OvJ4j19oW2GMRNelRxBZECIKyeTpVX1c2JNiyvTa0WIoc+DBEFC3u7uTrQYsy9vE9JeygJt2dZpC5STTV+jbKCMfE6m3hy0af3Pz6sNsGu4lwRgpnxvaGJ8U6ZdEik6Iukntey1SbqQQH5OrpVkAsyRW5Jo/o/rKF3sbOD7IJST/Orij0RyXGEx4/MnkZac0tlNmgnvMuL/r/8EnnVEJqIxBgON8j73rUtwgBWC+R5QLMtAopl7X8mXs4HI1PdvVpiRhKndF8IF0n3/rj0oedeFnDl0w57rA79EC5D+URmWdcQqOSnOF7MYfuzcDGkTEWFqju+ZD8hkInI6eEd+UBf5t170GYUuQXkXKcpYxb2RRWKBzFvWYFjLvm5U0d4wQLtDMTtyeieTEGaWcfmN+8vg9CEcgDIBBk10HNsnSoo0Nq5LLZAHWBky3tNaUoNLnPbeG+XbNnJ8nWwNb/fnqzRQ1znKZQKD/L4zIGdaeOj0V82iyLDYIW3H+kYtrrxQSH+SVrX0muxizQmy2rl7A6JfQJVbN3W |
|
.cd-cont.com/ | Name: gdm_uid_v2_1_001 Value: jeHkqbcFOR2mbnkadQaabjqVafq7tEAJdMnJ83Fw20RzKcmEcO5p7RBVkRGEd7Wz |
|
.api.optinproject.com/ | Name: OPTINPUID Value: 6636a61a5957e6z54097019 |
|
.api.optinproject.com/ | Name: OPTINPUID-legacy Value: 6636a61a5957e6z54097019 |
|
.api.optinproject.com/ | Name: OPTINPAFF13714 Value: ad|fr|54661|4213|0d9b0b1091d268c| |
|
.api.optinproject.com/ | Name: OPTINPAFF13714-legacy Value: ad|fr|54661|4213|0d9b0b1091d268c| |
|
.api.optinproject.com/ | Name: OPTINPAFFTRACKING Value: 4213 |
|
.api.optinproject.com/ | Name: OPTINPAFFTRACKING-legacy Value: 4213 |
|
sejour-magique.plein2kdo.com/ | Name: PHPSESSID Value: 5b47d8a992bcc1bfb4e139ab31e697cc |
|
.api.optinproject.com/ | Name: OPTINSESSIONUID Value: 1714857499 |
|
.plein2kdo.com/ | Name: didomi_token Value: eyJ1c2VyX2lkIjoiMThmNDU3OGQtY2E5OS02ODQ1LTkwNDMtNmUwNzUyZmE4NjBkIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDRUMjE6MTg6MTkuODE3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA0VDIxOjE4OjE5LjgxN1oiLCJ2ZXJzaW9uIjpudWxsfQ== |
|
sejour-magique.plein2kdo.com/ | Name: sqd_nwvst Value: 1 |
|
sejour-magique.plein2kdo.com/ | Name: sqd_vst Value: 1 |
|
sejour-magique.plein2kdo.com/ | Name: sqd_fp Value: 0_f89ee35fb39a83c7ec2801c6e197102f |
|
.twitter.com/ | Name: guest_id_marketing Value: v1%3A171485750029970058 |
|
.twitter.com/ | Name: guest_id_ads Value: v1%3A171485750029970058 |
|
.twitter.com/ | Name: personalization_id Value: "v1_lfj/3+j0+Y1ksFiu1iz3Lg==" |
|
.twitter.com/ | Name: guest_id Value: v1%3A171485750029970058 |
|
.t.co/ | Name: muc_ads Value: 9fa9f69a-456f-4411-baf3-6b66d218e497 |
|
sejour-magique.plein2kdo.com/ | Name: _dd_s Value: rum=0&expire=1714858399702 |
37 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.twitter.com
api.optinproject.com
api.privacy-center.org
asset.easydmp.net
cd-cont.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
o231585781.kractipo.com
pagead2.googlesyndication.com
parisdesnyebgtfrdff.pro
region1.google-analytics.com
sdk.privacy-center.org
sejour-magique.plein2kdo.com
static.ads-twitter.com
static.collectoptin.com
static.optinproject.com
t.co
track.mltrck.com
v3.api.optinproject.com
www.datadoghq-browser-agent.com
www.google.com
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
104.244.42.195
104.244.42.5
13.32.121.23
13.32.99.23
13.33.218.24
142.250.185.196
142.250.186.130
146.75.120.157
192.64.119.94
193.46.255.169
2001:41d0:301:100:145:239:193:53
2001:4860:4802:34::36
2600:9000:2644:6000:d:2044:5c40:93a1
2600:9000:26e8:ce00:5:b7cc:d3c0:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2008
2a04:4e42::485
2a05:d018:483:6110:b9d6:fedf:9bcb:8752
3.161.82.55
34.240.47.120
52.211.159.98
52.214.78.115
54.74.213.157
0da366e3b14625529a4d9eccfd60d0f713a8cbda3c894c643968e5c5c3509267
12dc3c5feae8181fb39f264366806bb585a862fe6011949176c44751324493c5
2038cf73fe87043846884cb93447d69ce157dc0c4884e8d53d1e01adaf4bc94b
211d783817a643ef35a33bf43805fc0bada7e8b93fe8eae9618f726ffd6e64d8
25c343ff7357fab77abc650938440617a06c8f58b1e1884474afbc047d878214
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
357a9af42c012bbfa33f1e3ab348d9bb8b7476fd5035475b345db85be95331a1
45670fc02b2ae90be6e03e58ceb532f43f8fc2b6776c108d18f625ca3c9ff0ca
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e2cbd9b7767c8fd6e6264734ab2b6ed9b23cc5dd6b79ae5de274713ea85080d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
58d6bac3144b31aaf114ba67b09c80cedf0b37c92bfc6e0ae50903c4beaa5a51
62cd0892c2c8b9f050e195babc533fe274efde64a16640d8264f19e1ccbbe43b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ebc1e37979f479e4a5adf9f59016a4b074e8df2837b3564e273dc76bd18df35
705825eeb2ed3a021153d45dd7649534fe49a24ac90b811052a606e108c2ee3a
737866f8ef77bf2b1be9b6191b82d9aa2e6d9730c1c287ba6232e19cad20953b
79b46905ffe08579b649343513623dae575a8dcce41346d36d52268f5e2ab8d4
7bc4c1b886c8d0a2890d2eb7545457959fe1a725c1d25ef27699ecd43c1c3ff9
8899d05475c2e1725c81a1f6c99b21e3392f34891f2ad5bd071d21730fc2d519
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8c46288bada313fb7ff8297230ecbce1974c5746253d2bad2dc6ca7763a377e0
99fc06a1fdfec23d9f7d6a437651a38f4b1f951227c15132b1182746c14c024b
a3a79bbd48f83b76816463cb862547557c3262d886bc939df1fe655ba09b55dd
a84e16510116136b97c252aebb909a373f0a1a999261de6fa97bc2774f3feddb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac057bf1597b81383d0c6c51dec811732e0e022956e3b2bb37524d1e4acc6c34
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ccfd085a2eff689e4b8b6d604dcbc3f672c1fac2664b40d2bd5e40a57088c443
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d2df447d0fc83e1c61b62450fdd6b966c7246464adc032dfe6f42801d97c10c7
d81950bd743eb04170409e1a0ab138858c9f199fcbcd56a3e1c7ecbe83502bf7
d9c7513d8a26f16acc7f2bccbf7e1d9f8e01e5e94a17320cbe2d01c16e19ca4c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e048a879ecd6f26ead96107299b7382945a7dbe6c1f9d67a500974805a0e2489
e0da22a90c016acc7098c88f3715d3b5f19b8970555f82ba453e9530b6dcfc39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed4213ee3f28b05d12a03c80ff8e8afad3c3ddff0e6835cd178be6e5114e30fe
f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62
fc6632403d40ea7ddbc015997667f28a5b4d9ed34079c630e5abdae472015170