news.gentside.com
Open in
urlscan Pro
185.68.151.21
Public Scan
Submitted URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f842ef567dec566b21a0190854a716e9&u=https%3A%2F%2Fwtm.p...
Effective URL: https://news.gentside.com/politique/je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art10...
Submission: On July 29 via api from IE — Scanned from FR
Effective URL: https://news.gentside.com/politique/je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art10...
Submission: On July 29 via api from IE — Scanned from FR
Summary
This website contacted 32 IPs
in 6 countries
across 30 domains to perform 97 HTTP transactions.
The main IP is 185.68.151.21, located in
France and
belongs to CERISEMEDIA-AS, FR.
The main domain is news.gentside.com.
The Cisco Umbrella rank of the primary domain is 612507.
TLS certificate: Issued by R3 on July 22nd 2022. Valid for: 3 months.
This is the only time news.gentside.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on July 22nd 2022. Valid for: 3 months.
This is the only time news.gentside.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
34.248.143.82
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-143-82.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-143-82.eu-west-1.compute.amazonaws.com
| er.cloud-media.fr |
2
35.190.24.218
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
| redirect.frontend.weborama.fr |
4
104.96.135.103
(Vienna, Austria)
ASN16625 (AKAMAI-AS, US)
PTR: a104-96-135-103.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-96-135-103.deploy.static.akamaitechnologies.com
| consents.prismamedia.com | |
| www.prismaconnect.fr | |
| api.prismaconnect.fr |
1
172.217.18.2
(United States)
ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
| securepubads.g.doubleclick.net |
2
2a00:1450:4001:827::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
18.66.139.55
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-55.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-55.fra60.r.cloudfront.net
| cdn.privacy-mgmt.com |
2
2606:4700:10::6814:a25
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| sac.ayads.co | |
| geoworker.ayads.co |
1
132.145.239.35
(Frankfurt am Main, Germany)
ASN31898 (ORACLE-BMC-31898, US)
ASN31898 (ORACLE-BMC-31898, US)
| prismamedia.gscontxt.net |
6
108.138.17.17
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-17.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-17.fra56.r.cloudfront.net
| gentside-fr-v3.gentside.com |
2
2a00:1450:4001:80e::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
212.83.160.162
(France)
ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu
ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu
| kvt.cookieless-data.com |
9
34.243.240.54
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
| antenna.ayads.co |
2
2a03:2880:f02d:100:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
54.36.150.182
(Paris, France)
ASN16276 (OVH, FR)
PTR: ip182.ip-54-36-150.eu
ASN16276 (OVH, FR)
PTR: ip182.ip-54-36-150.eu
| static.mediarithmics.com |
1
2a03:2880:f12d:181:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
34.246.166.9
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-166-9.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-166-9.eu-west-1.compute.amazonaws.com
| optchk.ayads.co |
1
185.89.211.84
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
| ib.adnxs.com |
1
52.211.22.81
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-22-81.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-22-81.eu-west-1.compute.amazonaws.com
| ad.360yield.com |
1
52.215.75.192
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-75-192.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-75-192.eu-west-1.compute.amazonaws.com
| pbjs.sskzlabs.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 47 |
gentside.com
3 redirects
news.gentside.com — Cisco Umbrella Rank: 612507 www.gentside.com — Cisco Umbrella Rank: 372704 gentside-fr-v3.gentside.com — Cisco Umbrella Rank: 688246 gentside.com — Cisco Umbrella Rank: 222508 |
279 KB |
| 12 |
ayads.co
sac.ayads.co — Cisco Umbrella Rank: 18351 antenna.ayads.co — Cisco Umbrella Rank: 18637 geoworker.ayads.co — Cisco Umbrella Rank: 45898 optchk.ayads.co — Cisco Umbrella Rank: 19082 |
103 KB |
| 6 |
pmdstatic.net
tra.scds.pmdstatic.net — Cisco Umbrella Rank: 120011 |
64 KB |
| 3 |
prismaconnect.fr
www.prismaconnect.fr — Cisco Umbrella Rank: 171918 api.prismaconnect.fr — Cisco Umbrella Rank: 149208 |
1 KB |
| 3 |
taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 922 trc.taboola.com — Cisco Umbrella Rank: 629 trc-events.taboola.com — Cisco Umbrella Rank: 1495 |
20 KB |
| 3 |
phywi.org
r.phywi.org — Cisco Umbrella Rank: 102538 |
2 KB |
| 3 |
people-addict.fr
2 redirects
wtm.people-addict.fr |
4 KB |
| 2 |
mediego.com
api.mediego.com — Cisco Umbrella Rank: 169546 |
8 KB |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155 |
87 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52 |
20 KB |
| 2 |
adnami.io
macro.adnami.io — Cisco Umbrella Rank: 13067 |
29 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93 |
85 KB |
| 2 |
weborama.fr
2 redirects
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10303 |
530 B |
| 2 |
cloud-media.fr
1 redirects
er.cloud-media.fr — Cisco Umbrella Rank: 184209 |
420 B |
| 1 |
sskzlabs.com
pbjs.sskzlabs.com — Cisco Umbrella Rank: 29941 |
380 B |
| 1 |
360yield.com
ad.360yield.com — Cisco Umbrella Rank: 650 |
170 B |
| 1 |
smartadserver.com
www8.smartadserver.com — Cisco Umbrella Rank: 5519 |
324 B |
| 1 |
adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 234 |
853 B |
| 1 |
easydmp.net
asset.easydmp.net — Cisco Umbrella Rank: 54102 |
5 KB |
| 1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
297 B |
| 1 |
img-static.com
1 redirects
www.img-static.com — Cisco Umbrella Rank: 106412 |
715 B |
| 1 |
mediarithmics.com
static.mediarithmics.com — Cisco Umbrella Rank: 40794 |
18 KB |
| 1 |
email-match.com
atout.email-match.com — Cisco Umbrella Rank: 278601 |
4 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72 |
961 B |
| 1 |
cookieless-data.com
kvt.cookieless-data.com — Cisco Umbrella Rank: 18630 |
356 B |
| 1 |
gscontxt.net
prismamedia.gscontxt.net — Cisco Umbrella Rank: 139819 |
470 B |
| 1 |
privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4929 |
45 KB |
| 1 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 |
28 KB |
| 1 |
prismamedia.com
1 redirects
consents.prismamedia.com — Cisco Umbrella Rank: 128991 |
611 B |
| 1 |
s3s-main.net
s3s-main.net — Cisco Umbrella Rank: 191809 |
1 KB |
| 97 | 30 |
| Domain | Requested by | |
|---|---|---|
| 33 | news.gentside.com |
2 redirects
wtm.people-addict.fr
www.gentside.com |
| 9 | antenna.ayads.co | |
| 7 | www.gentside.com |
news.gentside.com
www.gentside.com gentside-fr-v3.gentside.com |
| 6 | tra.scds.pmdstatic.net |
news.gentside.com
tra.scds.pmdstatic.net www.prismaconnect.fr |
| 6 | gentside-fr-v3.gentside.com |
cdn.privacy-mgmt.com
gentside-fr-v3.gentside.com |
| 3 | r.phywi.org |
wtm.people-addict.fr
|
| 3 | wtm.people-addict.fr | 2 redirects |
| 2 | api.prismaconnect.fr |
tra.scds.pmdstatic.net
|
| 2 | api.mediego.com |
news.gentside.com
api.mediego.com |
| 2 | connect.facebook.net |
news.gentside.com
connect.facebook.net |
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | macro.adnami.io |
news.gentside.com
macro.adnami.io |
| 2 | www.googletagmanager.com |
news.gentside.com
|
| 2 | redirect.frontend.weborama.fr | 2 redirects |
| 2 | er.cloud-media.fr |
1 redirects
wtm.people-addict.fr
|
| 1 | trc-events.taboola.com |
cdn.taboola.com
|
| 1 | pbjs.sskzlabs.com |
sac.ayads.co
|
| 1 | ad.360yield.com |
sac.ayads.co
|
| 1 | www8.smartadserver.com |
sac.ayads.co
|
| 1 | ib.adnxs.com |
sac.ayads.co
|
| 1 | optchk.ayads.co |
sac.ayads.co
|
| 1 | geoworker.ayads.co |
sac.ayads.co
|
| 1 | asset.easydmp.net |
atout.email-match.com
|
| 1 | www.facebook.com | |
| 1 | www.prismaconnect.fr |
tra.scds.pmdstatic.net
|
| 1 | trc.taboola.com |
cdn.taboola.com
|
| 1 | www.img-static.com | 1 redirects |
| 1 | static.mediarithmics.com |
news.gentside.com
|
| 1 | atout.email-match.com |
news.gentside.com
|
| 1 | cdn.taboola.com |
news.gentside.com
|
| 1 | gentside.com | 1 redirects |
| 1 | fonts.googleapis.com |
client
|
| 1 | kvt.cookieless-data.com |
sac.ayads.co
|
| 1 | prismamedia.gscontxt.net |
news.gentside.com
|
| 1 | sac.ayads.co |
news.gentside.com
|
| 1 | cdn.privacy-mgmt.com |
news.gentside.com
|
| 1 | securepubads.g.doubleclick.net |
news.gentside.com
|
| 1 | consents.prismamedia.com | 1 redirects |
| 1 | s3s-main.net | |
| 97 | 39 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.gentside.com |
| www.leparisien.fr |
| www.lefigaro.fr |
| www.fondationface.org |
| www.groupecerise.fr |
| www.prismamedia.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| s3s.fr Sectigo RSA Domain Validation Secure Server CA |
2022-04-21 - 2023-05-01 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-11 - 2023-05-11 |
a year | crt.sh |
| *.phywi.org Gandi Standard SSL CA 2 |
2022-01-13 - 2023-02-13 |
a year | crt.sh |
| news.gentside.com R3 |
2022-07-22 - 2022-10-20 |
3 months | crt.sh |
| www.gentside.com R3 |
2022-07-22 - 2022-10-20 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
| *.privacy-mgmt.com R3 |
2022-07-19 - 2022-10-17 |
3 months | crt.sh |
| *.ayads.co Sectigo RSA Domain Validation Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
| *.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-08 - 2022-12-08 |
a year | crt.sh |
| consent.caminteresse.fr R3 |
2022-07-17 - 2022-10-15 |
3 months | crt.sh |
| *.cookieless-data.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2022-03-23 - 2023-03-22 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
| *.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-28 - 2022-12-29 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-05-07 - 2022-08-05 |
3 months | crt.sh |
| er4.galardondelaweb.com R3 |
2022-05-31 - 2022-08-29 |
3 months | crt.sh |
| *.mediarithmics.com Gandi Standard SSL CA 2 |
2022-02-10 - 2023-03-01 |
a year | crt.sh |
| prismamediadigital.com Sectigo RSA Organization Validation Secure Server CA |
2022-04-11 - 2023-04-11 |
a year | crt.sh |
| *.mediego.com R3 |
2022-06-22 - 2022-09-20 |
3 months | crt.sh |
| icd.easydmp.net R3 |
2022-07-25 - 2022-10-23 |
3 months | crt.sh |
| *.adnxs.com GeoTrust ECC CA 2018 |
2022-02-11 - 2023-03-14 |
a year | crt.sh |
| *.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-01-25 - 2023-01-25 |
a year | crt.sh |
| *.360yield.com Amazon |
2022-06-28 - 2023-07-27 |
a year | crt.sh |
| *.sskzlabs.com Amazon |
2021-09-24 - 2022-10-22 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://news.gentside.com/politique/je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gen_article
Frame ID: 896A4F5A8E50E06636F26987C2BA035F
Requests: 88 HTTP requests in this frame
Frame:
https://gentside-fr-v3.gentside.com/index.html?message_id=667092&consentUUID=f9edb849-5c9e-4efd-ad5d-5621b4c5dde7_10&requestUUID=dd6f10e7-869a-49f6-b5b2-ce4b12bfff34&preload_message=true
Frame ID: DD7A76AED4B601E0420295D6DFC442E1
Requests: 6 HTTP requests in this frame
Frame:
https://www.prismaconnect.fr/pmcCheck?version=4.19.4
Frame ID: 97CB5566E9D6ADB0BA4C6010FED261A6
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
"Je prends le métro" : les étonnantes confidences de Jean Castex sur sa nouvelle viePage URL History Show full URLs
- https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f842ef567dec566b21a0190854a716e9&u... Page URL
-
https://wtm.people-addict.fr/r/eNpVkcmOozAQhp%2BGuREWB8ccWiPSJD1Z6CZL0wmXyJgiOAKbARNCnn6c40h1%2BFT%2FX6pt...
HTTP 302
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233b... HTTP 302
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Fnews.gen... Page URL
-
https://news.gentside.com/politique/je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-s...
HTTP 302
https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Fnews.gentside.com&redirectUri=/politique/je-pren... HTTP 302
https://news.gentside.com/?authId=b856773c07ce108a678d208c5f7c8b97&redirectUri=/politique/je-prends-le... HTTP 302
https://news.gentside.com/politique/je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-s... Page URL
Detected technologies
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Prebid
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.com/[^"]*(?:prebid|/pb\.js)
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
URL: https://www.gentside.com/
Search URL Search Domain Scan URL
URL: https://www.gentside.com/news
Title: News
Title: News
Search URL Search Domain Scan URL
URL: https://www.gentside.com/politique/
Title: Politique
Title: Politique
Search URL Search Domain Scan URL
URL: https://www.leparisien.fr/politique/jean-castex-se-confie-a-lheure-de-son-depart-de-matignon-cest-une-nouvelle-ere-qui-souvre-15-05-2022-UNIXCCQ2MNBRFGFOT7WT33E7MY.php?ts=1658998054054
Title: Parisien
Title: Parisien
Search URL Search Domain Scan URL
URL: https://www.lefigaro.fr/flash-actu/l-ancien-premier-ministre-jean-castex-president-de-la-fondation-agir-contre-l-exclusion-20220727
Title: Le Figaro
Title: Le Figaro
Search URL Search Domain Scan URL
URL: https://www.fondationface.org/nouveau-president-castex/
Title: un communiqué
Title: un communiqué
Search URL Search Domain Scan URL
URL: https://www.gentside.com/a-propos-de-nous
Title: À propos de nous
Title: À propos de nous
Search URL Search Domain Scan URL
URL: http://www.groupecerise.fr/#advertising
Title: Publicité
Title: Publicité
Search URL Search Domain Scan URL
URL: https://www.gentside.com/cgu
Title: Conditions Générales
Title: Conditions Générales
Search URL Search Domain Scan URL
URL: http://www.prismamedia.com/charte-pour-la-protection-des-donnees/
Title: Protection des données
Title: Protection des données
Search URL Search Domain Scan URL
URL: http://www.groupecerise.fr/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f842ef567dec566b21a0190854a716e9&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVkcmOozAQhp%252BGuREWB8ccWiPSJD1Z6CZL0wmXyJgiOAKbARNCnn6c40h1%252BFT%252FX6ptsDzftm1iFZRQx%252FMJJczHUGDk2zM8nRFvmntu4YPlEORZGGPLtwsgxSzzssKxteKxwgUXoSzHngtALMe3sG1J63f%252FVirVdAYKDHepQ8DQTa4gVMdzmDBZ61wjK6743x4038BsWhB5Z1Zg1qBaqaEzQUkhqFAamRSFrhVMcw7mDagwGe0UPMyub82OmkL2d6h0%252FZ3DhbbKsV2MvEmp6spAy17Vl072LQMDhQNUegYurg3IpgKa55wpw8W0bgw0f1lryHlfaytr2H8C00j5VWipqeVF7%252FTqxVkFv3L25qZ7f0HDTyFWVZZmQZlEwzobCh7XJ7HQiyaOXL1uEh%252FrYRbFo8sSH%252F0Z5zvsw%252FaHjh8pPO%252BfrZLPc91sjufHdn30v7NgmYgpGVM7FJ09VbTa7baGO1%252Fygwfl4vpYyFOQBM0%252BHc74axPK8BCvWDsbyeb71JeCfKTPQftVGe%252FnSRpEoj0s0O492pfv%252Bj1zuhI4Cse2Te7R%252BqbQz4D%252BAYdGtHs%253D Page URL
-
https://wtm.people-addict.fr/r/eNpVkcmOozAQhp%2BGuREWB8ccWiPSJD1Z6CZL0wmXyJgiOAKbARNCnn6c40h1%2BFT%2FX6ptsDzftm1iFZRQx%2FMJJczHUGDk2zM8nRFvmntu4YPlEORZGGPLtwsgxSzzssKxteKxwgUXoSzHngtALMe3sG1J63f%2FVirVdAYKDHepQ8DQTa4gVMdzmDBZ61wjK6743x4038BsWhB5Z1Zg1qBaqaEzQUkhqFAamRSFrhVMcw7mDagwGe0UPMyub82OmkL2d6h0%2FZ3DhbbKsV2MvEmp6spAy17Vl072LQMDhQNUegYurg3IpgKa55wpw8W0bgw0f1lryHlfaytr2H8C00j5VWipqeVF7%2FTqxVkFv3L25qZ7f0HDTyFWVZZmQZlEwzobCh7XJ7HQiyaOXL1uEh%2FrYRbFo8sSH%2F0Z5zvsw%2FaHjh8pPO%2BfrZLPc91sjufHdn30v7NgmYgpGVM7FJ09VbTa7baGO1%2Fygwfl4vpYyFOQBM0%2BHc74axPK8BCvWDsbyeb71JeCfKTPQftVGe%2FnSRpEoj0s0O492pfv%2Bj1zuhI4Cse2Te7R%2BqbQz4D%2BAYdGtHs%3D
HTTP 302
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233bd652ee8/19/60/o/?u=https%3A%2F%2Fnews.gentside.com%2Fpolitique%2Fje-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gen_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3 HTTP 302
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Fnews.gentside.com%2Fpolitique%2Fje-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gen_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3 Page URL
-
https://news.gentside.com/politique/je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gen_article
HTTP 302
https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Fnews.gentside.com&redirectUri=/politique/je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html?utm_source=welcomingpeopleaddict%26utm_medium=cpc%26utm_campaign=pmo_gen_article HTTP 302
https://news.gentside.com/?authId=b856773c07ce108a678d208c5f7c8b97&redirectUri=/politique/je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html?utm_source=welcomingpeopleaddict%26utm_medium=cpc%26utm_campaign=pmo_gen_article HTTP 302
https://news.gentside.com/politique/je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gen_article Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://wtm.people-addict.fr/r/eNpVkcmOozAQhp%2BGuREWB8ccWiPSJD1Z6CZL0wmXyJgiOAKbARNCnn6c40h1%2BFT%2FX6ptsDzftm1iFZRQx%2FMJJczHUGDk2zM8nRFvmntu4YPlEORZGGPLtwsgxSzzssKxteKxwgUXoSzHngtALMe3sG1J63f%2FVirVdAYKDHepQ8DQTa4gVMdzmDBZ61wjK6743x4038BsWhB5Z1Zg1qBaqaEzQUkhqFAamRSFrhVMcw7mDagwGe0UPMyub82OmkL2d6h0%2FZ3DhbbKsV2MvEmp6spAy17Vl072LQMDhQNUegYurg3IpgKa55wpw8W0bgw0f1lryHlfaytr2H8C00j5VWipqeVF7%2FTqxVkFv3L25qZ7f0HDTyFWVZZmQZlEwzobCh7XJ7HQiyaOXL1uEh%2FrYRbFo8sSH%2F0Z5zvsw%2FaHjh8pPO%2BfrZLPc91sjufHdn30v7NgmYgpGVM7FJ09VbTa7baGO1%2Fygwfl4vpYyFOQBM0%2BHc74axPK8BCvWDsbyeb71JeCfKTPQftVGe%2FnSRpEoj0s0O492pfv%2Bj1zuhI4Cse2Te7R%2BqbQz4D%2BAYdGtHs%3D HTTP 302
- https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233bd652ee8/19/60/o/?u=https%3A%2F%2Fnews.gentside.com%2Fpolitique%2Fje-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gen_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3 HTTP 302
- https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Fnews.gentside.com%2Fpolitique%2Fje-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gen_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3
- https://er.cloud-media.fr/r/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
- https://er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041
- https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D{WEBO_CID} HTTP 302
- https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1312598651 HTTP 302
- https://r.phywi.org/webo.gif?md=fa8a1598a8c96ef63907647854d52f9e&wb=VeRgTwSnFW5yG7g52K2q.O
- https://gentside.com/img/gs.png HTTP 301
- https://www.gentside.com/img/gs.png
- https://www.img-static.com/CERISE.gif?url=https%3A%2F%2Fnews.gentside.com%2Fpolitique%2Fje-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html HTTP 302
- https://r.phywi.org/CERISE.gif?url=https%3A%2F%2Fnews.gentside.com%2Fpolitique%2Fje-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html
97 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
108890695.html
s3s-main.net/fw19c3/21805526/22531599/ |
726 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
redirection.html
wtm.people-addict.fr/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cl.gif
r.phywi.org/ |
43 B 582 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/ Redirect Chain
|
35 B 230 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webo.gif
r.phywi.org/ Redirect Chain
|
43 B 581 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
je-prends-le-metro-les-etonnantes-confidences-de-jean-castex-sur-sa-nouvelle-vie_art102635.html
news.gentside.com/politique/ Redirect Chain
|
31 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Nunito-Regular.woff2
www.gentside.com/assets/fonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Nunito-Black.woff2
www.gentside.com/assets/fonts/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Nunito-Bold.woff2
www.gentside.com/assets/fonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.af801c8e.js
www.gentside.com/assets/ |
121 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
df954685d18b.css
www.gentside.com/assets/ |
49 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
0 28 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
25 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gs.24e65a43.png
www.gentside.com/assets/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8b13981c49e4.js
news.gentside.com/assets/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d15912ec6db1.js
news.gentside.com/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a28fc2e11343.js
news.gentside.com/assets/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c0f4a42d7a3e.js
news.gentside.com/assets/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2286ab37c5dc.js
news.gentside.com/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
886173e69c37.js
news.gentside.com/assets/ |
576 B 769 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
732b96ade4d6.js
news.gentside.com/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4b16bb2d5fb9.js
news.gentside.com/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a6b54792488f.js
news.gentside.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c3b6e96d71b3.js
news.gentside.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a00543dbf92d.js
news.gentside.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0ca2c16bb389.js
news.gentside.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f320cd9281ab.js
news.gentside.com/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5ccc916d958a.js
news.gentside.com/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
139 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/ |
155 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsm.macro.1793fd6b-8ad5-4224-a88c-46ec81f174ff.js
macro.adnami.io/macro/spec/ |
31 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prebid
sac.ayads.co/sublime/31786/ |
376 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
106 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
channels.cgi
prismamedia.gscontxt.net/multizone/ |
392 B 470 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
native-message
gentside-fr-v3.gentside.com/wrapper/tcfv2/v1/gdpr/ |
196 KB 15 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
native-message
gentside-fr-v3.gentside.com/wrapper/tcfv2/v1/gdpr/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsm.macro.rmb.js
macro.adnami.io/macro/gen/ |
83 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
c
kvt.cookieless-data.com/api/v1/public/p/28662/d/33/ |
114 B 356 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
antenna.ayads.co/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.html
gentside-fr-v3.gentside.com/ Frame DD7A |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Notice.a2194.css
gentside-fr-v3.gentside.com/ Frame DD7A |
32 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
polyfills.d36c5.js
gentside-fr-v3.gentside.com/ Frame DD7A |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Notice.0b008.js
gentside-fr-v3.gentside.com/ Frame DD7A |
211 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b8f34582eae6.js
news.gentside.com/assets/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a0207976b03c.js
news.gentside.com/assets/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
48ae588038a5.js
news.gentside.com/assets/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ Frame DD7A |
1 KB 961 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gs.png
www.gentside.com/img/ Frame DD7A Redirect Chain
|
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
09a3f3a0e7de.js
news.gentside.com/assets/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9beffe2d7a35.js
news.gentside.com/assets/ |
655 B 848 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1bf1d8a5d33e.js
news.gentside.com/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
023849c151b0.js
news.gentside.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
91a1f2641a06.js
news.gentside.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3a6af5953834.js
news.gentside.com/assets/ |
1 KB 960 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e9eebeb054c1.js
news.gentside.com/assets/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7c15df236600.js
news.gentside.com/assets/ |
630 B 823 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
736c75832579.js
news.gentside.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
398cb6348c47.js
news.gentside.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
87d098b5ab6b.js
news.gentside.com/assets/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e67b0f061909.js
news.gentside.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c3f4073018a8.js
news.gentside.com/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1132096/ |
57 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.js
connect.facebook.net/fr_FR/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
emafunc.js
atout.email-match.com/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.min.js
static.mediarithmics.com/tag/1/ |
55 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.js
tra.scds.pmdstatic.net/pmc-starter/4/ |
55 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CERISE.gif
r.phywi.org/ Redirect Chain
|
43 B 581 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
agent.js
api.mediego.com/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sdk.js
connect.facebook.net/fr_FR/ |
296 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
trc.taboola.com/1132096/trc/3/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
visit
api.mediego.com/1.0/track/ |
88 B 437 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pmc_conf_prod_b8ccf2181f12690c219e.js
tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/ |
377 B 538 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bookmark-statics.js
tra.scds.pmdstatic.net/bookmark/4/js/ |
65 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pmcCheck
www.prismaconnect.fr/ Frame 97CB |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
buttons__ee177a243460b9ce75bc.js
tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
notificationsCenterBundle.js
tra.scds.pmdstatic.net/pmc-kit-components/6/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
client.js
asset.easydmp.net/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.js
tra.scds.pmdstatic.net/pmc-api-front-client/4/ Frame 97CB |
54 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ping
api.prismaconnect.fr/prd/ Frame 97CB |
17 B 239 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
ping
api.prismaconnect.fr/prd/ Frame |
0 0 |
Preflight
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
geoworker.ayads.co/ |
1 B 243 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
optchk.ayads.co/ |
16 B 279 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
prebid
ib.adnxs.com/ut/v3/ |
160 B 853 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ac
www8.smartadserver.com/ |
0 324 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
pb
ad.360yield.com/ |
0 170 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
antenna.ayads.co/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
antenna.ayads.co/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
antenna.ayads.co/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
antenna.ayads.co/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
notify
pbjs.sskzlabs.com/ |
171 B 380 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
antenna.ayads.co/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
antenna.ayads.co/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
antenna.ayads.co/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
antenna.ayads.co/ |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
unip
trc-events.taboola.com/1132096/log/3/ |
0 248 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
78 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| __tcfapi object| cherryStore object| webpackChunk_cherry_websites object| regeneratorRuntime object| environmentHelper object| loggerHelper object| dataLayer object| _sp_ function| gdprHelper object| pmsCoreAds object| adsmtag object| sublime object| gaEvents function| gtag string| google_analytics_uacct object| googletag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ayads object| pbjs function| sublimeCb1659096554656 string| format string| mode object| adsm boolean| alignOnScroll object| skinOptions object| sideskinOptions object| gaplugins object| gaGlobal object| gaData object| _sp_queue object| gs_channels object| adsDisplayHelper object| _tfa string| ema_critere function| w_emasend string| ema_id_site object| scimhtiraidem object| prisma_g object| ceriseLayer function| pmcstarter object| FB function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| mediego object| webpackChunkPmcAPIClient undefined| PmcAPIClient object| mics boolean| emabbstr function| emasend function| BookmarkClient function| Bookmark object| webpackChunk boolean| notifCenterActive object| bookmark object| __buffer string| [eedmpact] function| eedmpdo boolean| easydmp_load_lib function| sublimeOptchk21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .s3s-main.net/ | Name: wm_welcoming_v2 Value: %2Cfw_21805526%2C%3B3469739958 |
|
| .phywi.org/ | Name: pl Value: a%3A1%3A%7Bi%3A0%3Bs%3A40%3A%22627gb9b26%3A9b9d%3A7fg74%3A18758965e63g%3Af8cca1%22%3B%7D |
|
| .weborama.fr/ | Name: AFFICHE_W Value: -0wXSZR1WzD-74 |
|
| .cloud-media.fr/ | Name: l_id Value: fa8a1598a8c96ef63907647854d52f9e |
|
| news.gentside.com/ | Name: STSK8S Value: 29 |
|
| .prismamedia.com/ | Name: authId Value: b856773c07ce108a678d208c5f7c8b97 |
|
| .gentside.com/ | Name: authId Value: b856773c07ce108a678d208c5f7c8b97 |
|
| www.gentside.com/ | Name: STSK8S Value: 16 |
|
| .gentside.com/ | Name: _ga Value: GA1.2.640464489.1659096555 |
|
| .gentside.com/ | Name: _gid Value: GA1.2.24238265.1659096555 |
|
| .gentside.com/ | Name: _gat_gtag_UA_193071607_1 Value: 1 |
|
| news.gentside.com/ | Name: _sp_v1_uid Value: 1:899:67db7613-3524-4eed-97a0-42dace16f1da |
|
| news.gentside.com/ | Name: _sp_v1_data Value: 2:503452:1659096554:0:1:0:1:0:0:_:-1 |
|
| news.gentside.com/ | Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKBjDwQw6A2FqfyWADYf5_yVwAAAA%3D%3D |
|
| news.gentside.com/ | Name: _sp_v1_opt Value: 1: |
|
| news.gentside.com/ | Name: _sp_v1_consent Value: 1!0:-1:-1:-1:-1:-1 |
|
| news.gentside.com/ | Name: _sp_v1_csv Value: null |
|
| news.gentside.com/ | Name: _sp_v1_lt Value: 1: |
|
| .gentside.com/ | Name: consentUUID Value: f9edb849-5c9e-4efd-ad5d-5621b4c5dde7_10 |
|
| gentside.com/ | Name: STSK8S Value: 29 |
|
| .api.mediego.com/ | Name: mediego-uid Value: 4879660130244331834 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.360yield.com
antenna.ayads.co
api.mediego.com
api.prismaconnect.fr
asset.easydmp.net
atout.email-match.com
cdn.privacy-mgmt.com
cdn.taboola.com
connect.facebook.net
consents.prismamedia.com
er.cloud-media.fr
fonts.googleapis.com
gentside-fr-v3.gentside.com
gentside.com
geoworker.ayads.co
ib.adnxs.com
kvt.cookieless-data.com
macro.adnami.io
news.gentside.com
optchk.ayads.co
pbjs.sskzlabs.com
prismamedia.gscontxt.net
r.phywi.org
redirect.frontend.weborama.fr
s3s-main.net
sac.ayads.co
securepubads.g.doubleclick.net
static.mediarithmics.com
tra.scds.pmdstatic.net
trc-events.taboola.com
trc.taboola.com
wtm.people-addict.fr
www.facebook.com
www.gentside.com
www.google-analytics.com
www.googletagmanager.com
www.img-static.com
www.prismaconnect.fr
www8.smartadserver.com
104.96.135.103
108.138.17.17
132.145.239.35
141.226.228.48
151.101.129.44
172.217.18.2
18.66.139.55
185.68.148.12
185.68.151.21
185.86.137.113
185.89.211.84
192.229.221.61
2001:41d0:202:100:145:239:192:103
2001:41d0:203:836d::
2001:41d0:301:100:145:239:193:53
212.83.160.162
2606:4700:10::6814:a25
2606:4700::6812:5ba
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2008
2a00:1450:400e:80e::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3120::c
34.243.240.54
34.246.166.9
34.248.143.82
35.190.24.218
51.75.129.233
52.211.22.81
52.215.75.192
54.36.150.182
91.190.170.12
013f333e54e89e717e506667a8c8dc08e6474f3deb2f9acf4c60deb1252a84c6
025b87374ea406c7020d1e7db7a5c03c0f8a4d2785aa6901dd4fcf23757bbb73
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
08b73d128170a14d87c3830d47806e2d3a519df056323c6b41cd384141c29140
102ba735d312774f79a4af3df6bf95d92362681cc1d66fbcbd724bc0f21bea2b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12bb36b3d19728d96bda48825506b982f3738f3627581b86735e4df8288165c0
142b969467269647098c8e37e4d4087425792239ab2f7b294b68e647db46d9a1
149a07706d2ec93719a69b7ee1a9b2bf023d427096ae498a7c915cdf0444f08e
17eb9793dbc77cc15418d2f78a00d8344b7962ccc41ab7c39f520ea090c300ba
1c650e1c388ca6f4e8dd9fab45bd69a85febf0213497a12b4461c69aa948a6db
1dcf2801ffb65a4199808fc9c81a49a05b63a7716337c89a8b5c94a1e95c02c0
25d0d776652cd7baa2509b6b610903f75f2a7a1ef1d0048991130ad1a016c676
28e6614b81f248cc681119fd191ebf05ad757f71fdfaa6c98d85d4cc1a980019
2997980f5123809df680cb8d42133e3e32cb394d2afa95138bc0775e6ee93e73
2bb5cd686191820926b3014f29af97f55c117892b0723ea0bf6639242f75be25
2d046a2227dd836270aa1ac5d5ff8cd3056d66e2d72242a6db4c17a085468776
34b1073b252d55d0de59f94b48ea38a6145002763d12f9caf7d62b6d72c47140
3820f1c81939c53e7a44c694258a9893aeabc35fb2e8b1de7d6d173bb33beaba
3928aa513b32706876d3ed41a83588300c37abdf2032ccedfb81230e4b3f082e
397fb7fad165c8945c32fc6354a0ba1ab1f703261d51d4bb668b79dbe0bf9a3c
39ec981a6de107820e1955ed75b5f8f0fa01b6bfef75a70c5cad8efcde54c854
41c1ff9ccd82da1bfc4dc4006a62ec23a330cee2ab52a7b23c11f1afbe313074
49120de5d47bd735b7fe51736fde6bfd75dcdadbe3862c7eff507f27214ad6c2
4d7a099ba21debced2967ac44ef7028f2d95de14c158816749a29d08f8fd2d2f
5042958a644731f9a448e5d80973424ce54566e0ea95ab2a1f7c33251b0e571b
51cd20cbb2c5e74c8b23c00ad7ea5fc75d2beabb048db2fd0eebbb6cbd2bcbc4
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5ab88d38ee83606f968a5eb5128d5ec84b50c86e58e8db60a9c0317c082f71c3
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
628e7b3c12a4fb73bbdd7597b22c80f091d6dd4db6fdffd14874246e527887c4
6855b14fd66e9a2a20847242e4aaccd61a298df0ee79302e309b4fb8381c0381
698eb44b09a7cabea7a9e2e2033417bb1318a703f140db0db5b27398d841f7df
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8ea3ef422f16de6e74984306909eed1dba78929fad2c29428ab3688f03aca6
6d837bb24970d47156d737614c76045d5ac3284741ef2f35d7b3361a001db050
725372587b4af6b965d650a923bf16949d340790de6b36a165d5ce10d347b88b
73555305d418f121b965b879b14b8a60a2642c9ca918b7a43e87d6ccea5781de
77760c8bd5c4a66cd047d267874d928bfbc0ca249afc3c9422b33f1351b090b3
77ca07b711d2bf1e5a08a928c073e6aac0be8c58ebc0599ba4e5552ab4fc92b1
78a0bd21f6c3cfc7c9b3d2e535118b0c061b196eed59620a4f0f01c01a5cf2a4
7bc489263d9e8eab2beb79b9338a9debbcb611624f3586356e85b2560667679a
7fa793078a6cc2f11d04ff0e56b0ee0bef92dccbbbedf2e94b0d42b5dd617459
819fdac1f595755c01aa578d2e34a121a3f5f0db796cc868e3af21199e2c50db
869d747f2bf6b7f0c75ea35b9c806658e2d812731bdaef414bb707243f292a73
9408be658ddfc6ec2f04f3a6c48fac9258c99351aa21c76cd51121d230921161
96f5eab24a4d0af93b2b05eca6429ee2ca5437d22c4d66f05053c69d56255551
9766a93524f5849ca6f7b8a745b5292944331808f590574b22b66b40b199f077
97db2344e9240450d8f68c72e7c65be2cceaa694b6c339ac4119b0f435d6bc2b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19902ebc637c5a3838bf9f88dfc6283956799c4c0811b24a62e8b4754edc327
a3ad3d602a0987d8185de3991969fe5d6691df32017a1ccfbfff6e5bdef8b236
a6fe1dd7d282534c2f18a07d11e8fd1e02985d347c1b612ddfaa73a0aa8e7f66
a7a7d8f3574e670dd9832995a2fd3e0bc53141f8b375701410f81e0709c5590d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa49a2521b2956d837f060a009cf45cae9e673833b8bd62cb0b2a4615135ba9a
ac11597da08b9f0d728e05f01678b31c8a3867ecdcef83484ff6b37ec978000f
ac5522701b649bbcf86cafc1b1f383b1748b82445a45513deebbef7bebf05f34
af4890616e2592127c1a960844cd95ffa26eaafc548ab5b2f93ecbef9fb7f371
b2a3fa9d97b24771e1580f4a741c073d6bd2501e7f54e49efbffaca94af0e298
b5716b195bf554b3a4e89277f0dc1bf17252908703fc242c0427031887340bc1
b72aa0acb602287be430628349290211e5564c90be022c544a4ffaeff983a6b5
c183a662fd835f7df344032705c233e8d1d5e4dcb258274a2e9d9676254421cc
c49b0ffe3580e083f2d2a5f1150f5979d715a21229c1e2165b2c90619648b780
ca8ba89b97247e0435dbfcf74625d517bd26d5e9b41ffbd5f96d735d4e43b75a
cc1aab67dc180eb99d972ec99fd1627bd7c6dab4749dca4dcd2f2c0e325d2d9d
ce53afd7d179fc783727841871226344d9d345fec3661f08e45155c380257124
d07c218cf2ede8daec9179c818dce7dce1e65d78ae24c9e9bf08f26f42386077
d27846182ed3ee4ee4da78e9f9c429c9cdd8193b045fd002b5e63d5e56700e02
d81a85bc33ed2344751a50042dc0b3bcee1a54d135ec11ebe21177751e33ccbf
db01426d4f348ff67bcc5cb9f509c95a26d535276a21ee45003bfa1b2aa169fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e7e82128cedcaa20da758cade4846fafec86abfb3ec54cc4751bdb78b4675d
e6cedb03c2807cccd2ea3bfdb71c40fd1d7bd6721e9d1d17ffdd9fc8f3af2bf8
e963922ca3eeec6857c268c086af4826982e734888cd8b88e7c68a4a0a8a738d
e99bd8fa92f81b980b3f76264ce84d2495d678abb77335067fc180f9bab2a8d7
f380a2ddb5a06f0afecce7307f6e638c1877b9a2aa46260b114b510ca51b295f
f54483c65c1625b40a4a27cdb5e87e24246b5e912992ee68cee0924170b2ec34
f7313116e41a66a468a9ad7814f56c7efad410cbdd2593c5ab00b646eea5cd0e
faa1445175132fd284778e98a575a24029b60825eec8d666e4a33e1f1906c455
fc54dce84c86b8a9ee08a5a308928bd29d2afc0901456ab8b4c466a69001f028