www.info-independance-royale.com
Open in
urlscan Pro
94.125.108.232
Public Scan
Effective URL: https://www.info-independance-royale.com/styldouche/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&affId=3115545
Submission: On April 21 via manual from FR
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 7th 2020. Valid for: 3 months.
This is the only time www.info-independance-royale.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com
clk.tradedoubler.com | |
swrap.tradedoubler.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-23.fra2.r.cloudfront.net
vht.tradedoubler.com |
ASN47833 (AGORANET AGORA CALYCE is a french company offering hosting and Cloud services, FR)
www.info-independance-royale.com |
ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com
analytics.tradedoubler.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-61-223.deploy.static.akamaitechnologies.com
c1.rfihub.net |
ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com |
Domain | Requested by | |
---|---|---|
27 | www.info-independance-royale.com |
clk.tradedoubler.com
www.info-independance-royale.com tr.e.conso-courrier.com |
4 | www.facebook.com |
www.info-independance-royale.com
|
4 | tr.e.conso-courrier.com |
2 redirects
tr.e.conso-courrier.com
|
3 | bp-1c51.kxcdn.com |
tr.e.conso-courrier.com
bp-1c51.kxcdn.com |
3 | connect.facebook.net |
swrap.tradedoubler.com
connect.facebook.net |
3 | www.google-analytics.com |
1 redirects
www.info-independance-royale.com
www.google-analytics.com |
2 | a.rfihub.com |
c1.rfihub.net
|
2 | app.beampulse.com | |
2 | sibautomation.com |
tr.e.conso-courrier.com
sibautomation.com |
2 | fonts.gstatic.com |
www.info-independance-royale.com
|
2 | secure.adnxs.com |
1 redirects
www.info-independance-royale.com
|
2 | email-reflex.com |
www.info-independance-royale.com
|
2 | stats.g.doubleclick.net |
www.info-independance-royale.com
www.google-analytics.com |
2 | clk.tradedoubler.com |
1 redirects
tr.e.conso-courrier.com
|
1 | in-automate.sendinblue.com |
sibautomation.com
|
1 | 20789423p.rfihub.com |
c1.rfihub.net
|
1 | fo-api.omnitagjs.com |
swrap.tradedoubler.com
|
1 | c1.rfihub.net |
swrap.tradedoubler.com
|
1 | swrap.tradedoubler.com |
www.info-independance-royale.com
|
1 | www.googletagmanager.com |
www.info-independance-royale.com
|
1 | code.jquery.com |
www.info-independance-royale.com
|
1 | fonts.googleapis.com |
www.info-independance-royale.com
|
1 | analytics.tradedoubler.com |
vht.tradedoubler.com
|
1 | vht.tradedoubler.com |
clk.tradedoubler.com
|
65 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
independanceroyale.info-offre.fr |
vimeo.com |
www.facebook.com |
help.twitter.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tradedoubler.com GlobalSign Domain Validation CA - SHA256 - G2 |
2018-12-10 - 2021-01-27 |
2 years | crt.sh |
info-independance-royale.com Let's Encrypt Authority X3 |
2020-03-07 - 2020-06-05 |
3 months | crt.sh |
analytics.tradedoubler.com COMODO RSA Domain Validation Secure Server CA |
2018-02-02 - 2021-02-01 |
3 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-03-01 - 2020-05-30 |
3 months | crt.sh |
*.rfihub.net DigiCert SHA2 Secure Server CA |
2020-04-01 - 2021-07-01 |
a year | crt.sh |
omnitagjs.com Sectigo RSA Organization Validation Secure Server CA |
2019-03-26 - 2020-06-23 |
a year | crt.sh |
*.email-reflex.com Go Daddy Secure Certificate Authority - G2 |
2020-01-21 - 2021-01-21 |
a year | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.kxcdn.com Thawte RSA CA 2018 |
2019-07-04 - 2021-09-01 |
2 years | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-01-31 - 2020-10-09 |
8 months | crt.sh |
cluster-prod.beampulse.com GoGetSSL RSA DV CA |
2019-11-20 - 2021-02-17 |
a year | crt.sh |
*.rfihub.com DigiCert SHA2 Secure Server CA |
2019-08-27 - 2020-08-31 |
a year | crt.sh |
*.sendinblue.com COMODO RSA Domain Validation Secure Server CA |
2017-10-30 - 2020-12-12 |
3 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.info-independance-royale.com/styldouche/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&affId=3115545
Frame ID: F21D31412F9EB01BE800415527987304
Requests: 62 HTTP requests in this frame
Frame:
https://sibautomation.com/cm.html?key=8i5w5evibuked1x0i5wwvycr
Frame ID: DB8DC68071BC9E9C2975A74E4B40A02F
Requests: 1 HTTP requests in this frame
Frame:
https://20789423p.rfihub.com/ca.html?rfiidc=1871878969906716341&rfiaid=fdc5c06b42714cb09d6c995c4435206b&ver=9&rb=33863&ca=20789423&_o=33863&_t=20789423&pe=https%3A%2F%2Fwww.info-independance-royale.com%2Fstyldouche%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26affId%3D3115545&pf=https%3A%2F%2Fclk.tradedoubler.com%2F&ra=5580389895080533
Frame ID: F0140D4624F3375713E0B158D161F9BF
Requests: 1 HTTP requests in this frame
Frame:
https://a.rfihub.com/pstats.html?rb=33863&ca=20789423&ri=5a36dde0c4e1c83260ee7a549c54f8c3&rfiidc=1871878969906716341&rfiaid=fdc5c06b42714cb09d6c995c4435206b&stats=%7B%2213488%22%3A%22115%2C1%22%2C%2217243%22%3A%22115%2C1%22%2C%2231937%22%3A%22280%2C1%22%2C%2240977%22%3A%22205%2C1%22%2C%2250495%22%3A%22588%2C1%22%2C%2251433%22%3A%22113%2C1%22%2C%2252220%22%3A%22103%2C1%22%2C%2253707%22%3A%22248%2C1%22%2C%2253935%22%3A%22218%2C1%22%2C%2254497%22%3A%22195%2C1%22%2C%2254651%22%3A%22140%2C2%22%2C%2254863%22%3A%22384%2C1%22%2C%2255065%22%3A%22189%2C1%22%2C%2255073%22%3A%22129%2C1%22%2C%2256659%22%3A%22179%2C1%22%2C%2256885%22%3A%22361%2C1%22%2C%2257347%22%3A%22249%2C2%22%2C%2257363%22%3A%22489%2C1%22%2C%2257895%22%3A%22335%2C1%22%2C%2258143%22%3A%22314%2C2%22%2C%2258553%22%3A%221159%2C2%22%2C%2258561%22%3A%22741%2C2%22%7D&ra=44711042701679093
Frame ID: AB8516B85CC9960DD75ADA4BD1AE1580
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://tr.e.conso-courrier.com/tk/t/2/2171691905c15d/827506b4e2/41645ae30/8111329ec79/
HTTP 301
http://tr.e.conso-courrier.com/tk/tracker.aspx?v=2&idi=2171691905c15d&idl=827506b4e2&idm=41645ae30&idc=8111... Page URL
-
http://tr.e.conso-courrier.com/tk/tracker.aspx?v=2&idi=2171691905c15d&idl=827506b4e2&idm=41645ae30&idc=8111...
HTTP 302
https://clk.tradedoubler.com/click?p=285882&a=3115545&g=24688034&url=https://www.info-independance-royale... Page URL
-
https://clk.tradedoubler.com/click?p=285882&a=3115545&g=24688034&url=https://www.info-independance-royale...
HTTP 302
https://www.info-independance-royale.com/styldouche/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=do... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
ZURB Foundation (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+foundation[^>"]+css/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
AppNexus (Advertising Networks) Expand
Detected patterns
- html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: En savoir plus
Search URL Search Domain Scan URL
Title: voir
Search URL Search Domain Scan URL
Title: voir
Search URL Search Domain Scan URL
Title: voir
Search URL Search Domain Scan URL
Title: voir
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tr.e.conso-courrier.com/tk/t/2/2171691905c15d/827506b4e2/41645ae30/8111329ec79/
HTTP 301
http://tr.e.conso-courrier.com/tk/tracker.aspx?v=2&idi=2171691905c15d&idl=827506b4e2&idm=41645ae30&idc=8111329ec79 Page URL
-
http://tr.e.conso-courrier.com/tk/tracker.aspx?v=2&idi=2171691905c15d&idl=827506b4e2&idm=41645ae30&idc=8111329ec79
HTTP 302
https://clk.tradedoubler.com/click?p=285882&a=3115545&g=24688034&url=https://www.info-independance-royale.com/styldouche/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche Page URL
-
https://clk.tradedoubler.com/click?p=285882&a=3115545&g=24688034&url=https://www.info-independance-royale.com/styldouche/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche
HTTP 302
https://www.info-independance-royale.com/styldouche/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche&affId=3115545 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://tr.e.conso-courrier.com/tk/t/2/2171691905c15d/827506b4e2/41645ae30/8111329ec79/ HTTP 301
- http://tr.e.conso-courrier.com/tk/tracker.aspx?v=2&idi=2171691905c15d&idl=827506b4e2&idm=41645ae30&idc=8111329ec79
- http://tr.e.conso-courrier.com/tk/tracker.aspx?v=2&idi=2171691905c15d&idl=827506b4e2&idm=41645ae30&idc=8111329ec79 HTTP 302
- https://clk.tradedoubler.com/click?p=285882&a=3115545&g=24688034&url=https://www.info-independance-royale.com/styldouche/DO-30/index.php?utm_source=ARTY12&utm_medium=mail&utm_campaign=douche
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=684557326&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info-independance-royale.com%2Fstyldouche%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26affId%3D3115545&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&ul=en-us&de=UTF-8&dt=Remplacer%20votre%20baignoire%20n%E2%80%99a%20jamais%20%C3%A9t%C3%A9%20aussi%20simple%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1414030243&gjid=773441189&cid=104434079.1587451069&tid=UA-4021752-57&_gid=700749661.1587451069&_r=1&z=1582727371 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4021752-57&cid=104434079.1587451069&jid=1414030243&_gid=700749661.1587451069&gjid=773441189&_v=j81&z=1582727371
- https://secure.adnxs.com/seg?add=11502294&t=2 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11502294%26t%3D2
65 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
tracker.aspx
tr.e.conso-courrier.com/tk/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
browser.js
tr.e.conso-courrier.com/tk/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click
clk.tradedoubler.com/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefs.js
vht.tradedoubler.com/fp/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
www.info-independance-royale.com/styldouche/DO-30/ Redirect Chain
|
39 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
analytics.tradedoubler.com/ |
0 241 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
www.info-independance-royale.com/styldouche/DO-30/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive.css
www.info-independance-royale.com/styldouche/DO-30/css/ |
2 KB 955 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 577 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation.css
www.info-independance-royale.com/styldouche/DO-30/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twentytwenty.css
www.info-independance-royale.com/styldouche/DO-30/css/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modal.css
www.info-independance-royale.com/styldouche/DO-30/css/ |
1 KB 892 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.css
www.info-independance-royale.com/styldouche/DO-30/css/ |
87 B 327 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.js
code.jquery.com/ |
262 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.event.move.js
www.info-independance-royale.com/styldouche/DO-30/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.twentytwenty.js
www.info-independance-royale.com/styldouche/DO-30/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
www.info-independance-royale.com/styldouche/DO-30/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
idcookie.js
www.info-independance-royale.com/styldouche/DO-30/js/ |
2 KB 873 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
www.info-independance-royale.com/styldouche/DO-30/js/ |
8 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-styldouche.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vu-a-la-tv.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styldouche-apres.jpg
www.info-independance-royale.com/styldouche/DO-30/images/ |
370 KB 371 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styldouche-avant.jpg
www.info-independance-royale.com/styldouche/DO-30/images/ |
349 KB 350 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icone1.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icone2.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icone3.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icone4.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styldouche-siege.jpg
www.info-independance-royale.com/styldouche/DO-30/images/ |
317 KB 318 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-IR.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
artisans-locaux.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nf-service.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
garantie-10-ans.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
106 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wrap
swrap.tradedoubler.com/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
199 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lead
fo-api.omnitagjs.com/fo-api/ |
0 341 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grabber.js
email-reflex.com/js/ |
0 243 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
target.php
email-reflex.com/tags/ |
43 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 106 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AS-2316069.js
bp-1c51.kxcdn.com/prj/ |
22 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sa.js
sibautomation.com/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
126909554807269
connect.facebook.net/signals/config/ |
523 KB 137 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7200ED72E2C05C284F07D4E6139FD3EF.cache.js
bp-1c51.kxcdn.com/listener/ |
347 KB 140 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cm.html
sibautomation.com/ Frame DB8D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cancel.png
www.info-independance-royale.com/styldouche/DO-30/images/ |
684 B 878 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
op
app.beampulse.com/ |
150 B 566 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idr.js
a.rfihub.com/ |
83 B 680 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
614800285358501
connect.facebook.net/signals/config/ |
524 KB 137 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ca.html
20789423p.rfihub.com/ Frame F014 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p
in-automate.sendinblue.com/ |
0 253 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3F5FF7162D1C6D2798FC908DE4DCC34C.cache.txt
bp-1c51.kxcdn.com/listener/ |
22 KB 8 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
www.info-independance-royale.com/styldouche/DO-30/ |
39 KB 12 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 152 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tr
app.beampulse.com/ |
0 267 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
pstats.html
a.rfihub.com/ Frame AB85 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
86 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer function| $ function| jQuery function| affiche function| numerique function| check string| GoogleAnalyticsObject function| ga object| TDConf object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| eReflexPxl string| eReflexTgt string| lbcHost string| OmnitagPxl function| fbq function| _fbq function| _rfi object| google_tag_manager function| postscribe object| sib object| sendinblue number| __as_prj_start boolean| __as_localStorage_available string| __as_v string| __as_hk number| __as_ra number| __as_ac_ra number| __as_vival string| __as_tu string| __as_cfgbase string| __as_prjroot string| __as_progbase boolean| __as_synch boolean| __as_ign_qparams boolean| __as_rtm_visit boolean| __as_rtm_page boolean| __as_active object| __as_seg number| __as_srchances boolean| __as_showAllData string| __as_id_js object| __as_value object| __as_act object| __as_var object| __as_exp number| __as_prj_stop boolean| __as_localStorage_only object| XtraCookie function| __as_may_run_listener number| __as_listener_load function| listener object| __gwt_activeModules function| __gwt_getMetaProperty function| __gwt_isKnownPropertyValue object| $wnd boolean| __as_rng function| __as_cssSelector boolean| __bp_jquery_injection function| __as_jQuery function| jQueryBP function| __as_runWithJQueryUi boolean| __as_open undefined| __as_error object| bowser function| __as_doOp function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP string| __as_ui number| __as_pageid number| __as_ltra object| detectZoom function| md5 object| pako function| CssSelector function| documentParser function| DomObserver object| __as_domObserver object| __as_webPageRecorder27 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNrQwByILSzNLSwMzc0MzYxNDIT5DXYMgw8CyyMgcd_fMAileQ1MLcxNTQwMzSyAGACFNaMI0AAAA |
|
.info-independance-royale.com/ | Name: __as_7f9aff0b-24e4-4fee-9621-2f416fa576c3s Value: false |
|
.info-independance-royale.com/ | Name: __as_ltch Value: 90 |
|
.rfihub.com/ | Name: eud Value: H4sIAAAAAAAAAJvFyGtoamFuYmpoYGZpZGK2Co1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4RuPjOaeSyo_Fto_E2saOZzo_kPjb9IGJX_CI0PAAU3o59QAQAA |
|
.info-independance-royale.com/ | Name: __as_seg_order Value: %5B0%2C%201%2C%202%2C%203%2C%204%2C%205%2C%206%2C%2010%2C%2011%2C%2012%2C%2013%2C%2014%2C%2015%2C%2016%2C%2017%2C%2018%2C%2019%2C%2020%2C%2021%2C%2022%2C%2023%2C%2024%2C%2025%2C%2026%2C%2029%2C%2030%2C%2031%2C%2034%2C%2035%2C%2042%2C%2043%2C%2044%2C%2045%2C%2046%5D |
|
.info-independance-royale.com/ | Name: __as_mi Value: 1 |
|
.info-independance-royale.com/ | Name: __as_lp Value: https%3A%2F%2Fwww.info-independance-royale.com%2Fstyldouche%2FDO-30%2Findex.php%3Futm_source%3DARTY12%26utm_medium%3Dmail%26utm_campaign%3Ddouche%26affId%3D3115545 |
|
.info-independance-royale.com/ | Name: __as_oginv Value: https%3A%2F%2Fclk.tradedoubler.com%2F |
|
.info-independance-royale.com/ | Name: __as_at_visit Value: 0 |
|
.info-independance-royale.com/ | Name: __as_reset Value: 1618987068861 |
|
.info-independance-royale.com/ | Name: __as_ogins Value: https%3A%2F%2Fclk.tradedoubler.com%2F |
|
.info-independance-royale.com/ | Name: __as_vra Value: 88 |
|
.info-independance-royale.com/ | Name: __as_seg Value: 0-3-4 |
|
.info-independance-royale.com/ | Name: __as_vr Value: 1 |
|
.info-independance-royale.com/ | Name: __as_7f9aff0b-24e4-4fee-9621-2f416fa576c3r Value: true |
|
.www.info-independance-royale.com/ | Name: sib_cuid Value: 84aa70ac-8fc5-47cc-85b0-2d111c41020b |
|
.info-independance-royale.com/ | Name: _gat Value: 1 |
|
.info-independance-royale.com/ | Name: __as_rng Value: 6 |
|
.info-independance-royale.com/ | Name: __as_ui Value: 7f9aff0b-24e4-4fee-9621-2f416fa576c3 |
|
.info-independance-royale.com/ | Name: __as_vpv Value: 1 |
|
.info-independance-royale.com/ | Name: _fbp Value: fb.1.1587451069035.1776063297 |
|
.info-independance-royale.com/ | Name: _gid Value: GA1.2.700749661.1587451069 |
|
.rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNrQwByILSzNLSwMzc0MzYxNDIT5DXYMgw8CyyMgcd_fMAgBBYwPhJQAAAA |
|
.info-independance-royale.com/ | Name: _gat_UA-4021752-57 Value: 1 |
|
sibautomation.com/ | Name: uuid Value: 8c847ce8-4c65-41c7-9c33-7a3d39ead920 |
|
.info-independance-royale.com/ | Name: __as_ledt Value: 1587451069026 |
|
.info-independance-royale.com/ | Name: _ga Value: GA1.2.104434079.1587451069 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20789423p.rfihub.com
a.rfihub.com
analytics.tradedoubler.com
app.beampulse.com
bp-1c51.kxcdn.com
c1.rfihub.net
clk.tradedoubler.com
code.jquery.com
connect.facebook.net
email-reflex.com
fo-api.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
in-automate.sendinblue.com
secure.adnxs.com
sibautomation.com
stats.g.doubleclick.net
swrap.tradedoubler.com
tr.e.conso-courrier.com
vht.tradedoubler.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.info-independance-royale.com
104.108.61.223
13.224.194.23
185.107.232.249
185.255.84.150
185.33.221.89
185.47.116.11
188.165.150.177
193.0.160.129
2001:4de0:ac19::1:b:1b
212.129.13.31
2606:4700:3035::6818:7cd2
2a00:1450:4001:806::200a
2a00:1450:4001:818::2008
2a00:1450:4001:819::200e
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a0b:4d07:101::1
34.95.109.120
80.70.210.161
94.125.108.232
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b35305c30f3fc1c4f98d0105dc7d0ab6c9c6c2aa700c46d5ef67c5a996195b
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
26c74c796f6e02a51c29fb361b569d8010cd6409b19e8d20133f3c8261b0edf3
2f220735682253606c6f4b885706516109a48fbd522f9928c717ae7864f0ae8e
2f3dbd6837080c0b33a13d06fa50510790c240aca7287cf5d8c3037690ec4a26
38f758cbd4c0a62de64cd31e57cae98cc992fbd210efcb342ebfb8d95bbfc1f1
3a877bb3a96349b2a73a952ee6493db863e8c4b473ff7c1253de2ab8d9f2d4a9
3b92386bf96e3a6acc71ed320843e938d5135f9f453efe31ea20a24895db2c45
3e0a1054cab496cc4821cbb1956968182f1b167173549a20f7ee972fc8ee8774
3f69c828195c5b350d5391e3db7e345fbe37e9a29a4604fd834beb5797cb375c
4041af866e9fc37d7a1ee5b30eaa00000bd0b8a40166d99cc8300604ba25bf3a
44462de9a5a107bb3dd123bd470bcf33e8e8c488cf195ea881425b5818b8c9c4
445aa796b292c7338bbf0abca41d62f83d92c154cd7a7878e06a7bebe2ea4526
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5519e660f46c85caaf44066b9995f61b1521aaff0e643081cb31e5469bf7b4e6
5dfbd5c68143508fdeb8bce19c39618925573ce7ceeaf1f77b3433ca7f07452b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5285f0f72ed274fa7444934e04fd6f10e71b67eed54508bac7d526c3137475
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
738fa35118f7dac85c617d5dee7154f92a9b6c1374cd56ec9002dec567128cd1
75e9029eb284217406a192496dda083c81d57fc9d7a09fda337a775c2147f4f1
76809062001a3be247b56d9f85f6d645578b12fa937d49023be1edec6b241d32
76cec500423b3a8be3f26fa9cd24cb11b0596464d15f2929f1cb345b2f17b67c
7c153b0d78618185751bd4a14cfb68da7a8e3c9b8b6a37d663eabf995599b9bf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b2889078de20142e1f77e49eb968f8031eded7320be712864b7187d0fbd1a8
8768a7103a7f56e11e3cda1c693c7aa35299c0f273ad2f9ce8e4183685dbfa4e
88ab33aa6eed72ca5232a79f9f1c159528db6bde2a693e3cc09054e88dbb1778
9416e876045698e4ef22c60a9220b3253dad38eb0b36029b48f22b9e20d23e65
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a445642c5267e083eaa78b6985379925fd33e0f2da5c19cec9dd8035ef6b288c
a81fe509c20bb34ac438c49941b55bc0a435be01b3c6988188f52e6d3ede780e
a8df908269a3343a24faefda741524c1c20d9cb408cd02959c5aee0a9d592baf
aaba762e314520f358e36802bd1098ed6ef4504e1be6b029a0858cceeae6f652
b0e5be476b2db54c02309e4f1075dac0599ff758323f4667762def3be63de33d
b1174b282f7e0e4f613bb45a454f36899326b0571a23979bdf37160fdb1422ab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc97f83f2e5d71fc4eafe0340fc57e5eb15923ba1745c853fb8d15aec8822e39
be6644f8556ed2a5a457033ab827dec34dab365f2435b4a98b1a1615f783e596
c2946574f76a92222017022e9fc744bbf970fca817cb917fc4e695e10f2a57c8
c3b07dcc24e24a18666089aa17b0472c0a96326b02d7b12f5ba98491011c9174
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
d3517bf4ad62b27d760064a6774567e4616629df44473aad8b376e0b25d020b2
d8d31276e8c59731c8fef67ed8d549e2ffc2630bdd8dd303376732b3258fc892
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d4de6e3610e09163eb3121a533fc4ad904d2e3a0b8a81fde2f656b31c7c8a8
e5039b518f065358cc870b0ca2c9600bb54f08c8c702df002b24a315d6f40d8d
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eca727e03526321a5d9d97327f439c417d09218dec9f4338d6d9be57b4553832
ef5f4cac7b15f6922522298cd23056a024a152715621d1532316fec6053461d5