urlscan.io logo urlscan.io
SecurityTrails logo

www.mario-dessuti.fr Open in urlscan Pro
213.186.33.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u.to/PQRDGA
Effective URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Submission: On June 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 26 HTTP transactions. The main IP is 213.186.33.3, located in Quesnoy-sur-Deule, France and belongs to OVH, FR. The main domain is www.mario-dessuti.fr.
This is the only time www.mario-dessuti.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    195.216.243.155 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s5.unet.com
u.to
1    163.172.156.175 (France)

ASN12876 (Online SAS, FR)
PTR: 175-156-172-163.rev.cloud.scaleway.com
ormco.trente-douze.fr
5    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
4    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru
counter.yadro.ru
6    213.186.33.3 (Quesnoy-sur-Deule, France)

ASN16276 (OVH, FR)
PTR: cluster015.ovh.net
www.mario-dessuti.fr
2    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.google.com
1    2606:4700:20::681a:8b7 (United States)

ASN13335 (CLOUDFLARENET, US)
code.tidio.co
3    2606:4700:20::ac43:4703 (United States)

ASN13335 (CLOUDFLARENET, US)
widget-v4.tidiochat.com
4    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 www.mario-dessuti.fr u.to
www.mario-dessuti.fr
5 mc.yandex.ru 1 redirects u.to
mc.yandex.ru
4 www.google-analytics.com www.mario-dessuti.fr
4 counter.yadro.ru 2 redirects
3 widget-v4.tidiochat.com www.mario-dessuti.fr
widget-v4.tidiochat.com
2 fonts.google.com 1 redirects www.mario-dessuti.fr
2 u.to u.to
1 fonts.gstatic.com widget-v4.tidiochat.com
1 fonts.googleapis.com widget-v4.tidiochat.com
1 stats.g.doubleclick.net www.mario-dessuti.fr
1 code.tidio.co 1 redirects
1 ormco.trente-douze.fr 1 redirects
26 12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
u.to
Sectigo RSA Domain Validation Secure Server CA		 2019-08-23 -
2021-08-22		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
mario-dessuti.fr
Let's Encrypt Authority X3		 2020-05-18 -
2020-08-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-17 -
2020-10-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Frame ID: B8D752848AF3B79D1A6BE55372CFB84C
Requests: 22 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com//1_29_3/static/js/widget.f856f416589f50aacd54.js
Frame ID: F2CD45D1F40A7712D08E11BA987E51C2
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,600
Frame ID: 13C5528AB43681908B9805D7ECF64F62
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u.to/PQRDGA Page URL
  2. https://ormco.trente-douze.fr/fr/action?emag=7&url=https://u.to/xzZCGA&email=&name=&action=Click HTTP 302
    https://u.to/xzZCGA Page URL
  3. http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /PrestaShop/i
Overall confidence: 100%
Detected patterns
  • meta generator /PrestaShop/i
Overall confidence: 100%
Detected patterns
  • meta generator /PrestaShop/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

26
Requests

77 %
HTTPS

67 %
IPv6

12
Domains

12
Subdomains

11
IPs

5
Countries

799 kB
Transfer

2670 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u.to/PQRDGA Page URL
  2. https://ormco.trente-douze.fr/fr/action?emag=7&url=https://u.to/xzZCGA&email=&name=&action=Click HTTP 302
    https://u.to/xzZCGA Page URL
  3. http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://ormco.trente-douze.fr/fr/action?emag=7&url=https://u.to/xzZCGA&email=&name=&action=Click HTTP 302
  • https://u.to/xzZCGA
Request Chain 3
  • https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/PQRDGA;1591879520234 HTTP 302
  • https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/PQRDGA;1591879520234
Request Chain 6
  • https://counter.yadro.ru/hit;utostat?rhttps%3A//u.to/PQRDGA;s1600*1200*24;uhttps%3A//u.to/xzZCGA%23xfrxxsqhfnpccbfsf;1591879520531 HTTP 302
  • https://counter.yadro.ru/hit;utostat?q;rhttps%3A//u.to/PQRDGA;s1600*1200*24;uhttps%3A//u.to/xzZCGA%23xfrxxsqhfnpccbfsf;1591879520531
Request Chain 7
  • https://mc.yandex.ru/watch/51604940?wmode=7&page-ref=https%3A%2F%2Fu.to%2FPQRDGA&page-url=https%3A%2F%2Fu.to%2FxzZCGA%23xfrxxsqhfnpccbfsf&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591879520235%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200611144520%3Aet%3A1591879521%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1022879118027%3Arqn%3A2%3Arn%3A243613831%3Ahid%3A698123337%3Ads%3A0%2C0%2C53%2C1%2C171%2C0%2C0%2C%2C%2C297%2C%2C%2C%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591879521%3Au%3A1591879520404222723%3At%3ARedirecting HTTP 302
  • https://mc.yandex.ru/watch/51604940/1?wmode=7&page-ref=https%3A%2F%2Fu.to%2FPQRDGA&page-url=https%3A%2F%2Fu.to%2FxzZCGA%23xfrxxsqhfnpccbfsf&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591879520235%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200611144520%3Aet%3A1591879521%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1022879118027%3Arqn%3A2%3Arn%3A243613831%3Ahid%3A698123337%3Ads%3A0%2C0%2C53%2C1%2C171%2C0%2C0%2C%2C%2C297%2C%2C%2C%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591879521%3Au%3A1591879520404222723%3At%3ARedirecting
Request Chain 10
  • http://fonts.google.com/specimen/Roboto HTTP 301
  • https://fonts.google.com/specimen/Roboto
Request Chain 14
  • http://code.tidio.co/91ewz6p9nfeewoatqjx8m1ij7imimhpm.js HTTP 302
  • http://widget-v4.tidiochat.com/1_29_3/static/js/render.f856f416589f50aacd54.js
Request Chain 16
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 18
  • http://www.google-analytics.com/plugins/ua/linkid.js HTTP 307
  • https://www.google-analytics.com/plugins/ua/linkid.js
Request Chain 19
  • http://www.google-analytics.com/plugins/ua/ec.js HTTP 307
  • https://www.google-analytics.com/plugins/ua/ec.js
Request Chain 20
  • http://www.google-analytics.com/collect?v=1&_v=j82&a=274614352&t=pageview&cu=EUR&_s=1&dl=http%3A%2F%2Fwww.mario-dessuti.fr%2Fcache%2Fpurifier%2Fatomz_search%2Fresponse.php%2Fzkp%2Fzmge%2F%3Fstone%3Dc1ta1c1v0mz0ny&ul=en-us&de=UTF-8&dt=Erreur%20404%20-%20Mario%20Dessuti&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIr~&jid=1431455600&gjid=1713087045&cid=1272920860.1591879522&tid=UA-106870467-1&_gid=1941787250.1591879522&z=1188905735 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j82&a=274614352&t=pageview&cu=EUR&_s=1&dl=http%3A%2F%2Fwww.mario-dessuti.fr%2Fcache%2Fpurifier%2Fatomz_search%2Fresponse.php%2Fzkp%2Fzmge%2F%3Fstone%3Dc1ta1c1v0mz0ny&ul=en-us&de=UTF-8&dt=Erreur%20404%20-%20Mario%20Dessuti&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIr~&jid=1431455600&gjid=1713087045&cid=1272920860.1591879522&tid=UA-106870467-1&_gid=1941787250.1591879522&z=1188905735

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set PQRDGA
u.to/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.to/PQRDGA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
dbb391123ef2a3c29917d0b5dd59287603e608f9a796559d47022b6d6ed6fd67

Request headers

Host
u.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.8.0
Date
Thu, 11 Jun 2020 12:45:20 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Set-Cookie
lng=en; path=/; expires=Fri, 11-Jun-2021 12:45:20 GMT; domain=.u.to;
Cache-Control
no-cache no-store
Pragma
no-cache
Vary
host
Content-Encoding
gzip
xzZCGA
u.to/
Redirect Chain
  • https://ormco.trente-douze.fr/fr/action?emag=7&url=https://u.to/xzZCGA&email=&name=&action=Click
  • https://u.to/xzZCGA
1 KB
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.to/xzZCGA
Requested by
Host: u.to
URL: https://u.to/PQRDGA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash

Request headers

Host
u.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://u.to/PQRDGA
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lng=en
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://u.to/PQRDGA

Response headers

Server
nginx/1.8.0
Date
Thu, 11 Jun 2020 12:45:20 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Cache-Control
no-cache no-store
Pragma
no-cache
Vary
host
Content-Encoding
gzip

Redirect headers

Date
Thu, 11 Jun 2020 12:45:20 GMT
Server
Apache/2.4.18 (Ubuntu)
Cache-Control
no-cache
Location
https://u.to/xzZCGA
Content-Length
320
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
tag.js
mc.yandex.ru/metrika/ 		359 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: u.to
URL: https://u.to/PQRDGA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/PQRDGA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 12:45:20 GMT
Content-Encoding
br
Last-Modified
Wed, 10 Jun 2020 15:32:49 GMT
Server
nginx/1.14.2
ETag
"5ee0fd21-16bee"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93166
Expires
Thu, 11 Jun 2020 13:45:20 GMT
hit;utostat
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/PQRDGA;1591879520234
  • https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/PQRDGA;1591879520234
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/PQRDGA;1591879520234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.11.1 /
Resource Hash

Request headers

Referer
https://u.to/PQRDGA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 12:45:20 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 11 Jun 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 12:45:20 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/PQRDGA;1591879520234
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 11 Jun 2019 21:00:00 GMT
51604940
mc.yandex.ru/watch/ 		0
0
Primary Request Cookie set /
www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/ 		30 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Requested by
Host: u.to
URL: https://u.to/xzZCGA
Protocol
HTTP/1.1
Server
213.186.33.3 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR),
Reverse DNS
cluster015.ovh.net
Software
Apache / PHP/7.0
Resource Hash
400a6a162d8725b2c9edf36a4902538213b97486702b096c3d124eaaf0e8e9ac

Request headers

Host
www.mario-dessuti.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 12:45:21 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Server
Apache
X-Powered-By
PHP/7.0
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Powered-By
PrestaShop
Set-Cookie
PrestaShop-fd87bb3ec6b1c886806a9460381adf7b=UWiZWVJhSDkPcBds%2FgM0iNdab%2Bnst17PqELDRb6afjgMWS83ts9EVPk56NIJ17DYneHmNr%2FiEptoSNscHF3obRrdgdTMb7bhdhR4Zuq0Hk4WPrgDbCwcGfOiaDKZlIfSiDXvd0KSOdxd%2F0ELfPDiC%2B1oQW6K24hgYfwJ3di8qRQXW6S3PXGjJKhyahMzU9ZkfkbcJ6wBbqsfDj%2FpRMcWRd01oEkoQvwMyuhQTwf4rlOGWHiW7R%2BXh%2BlfJlxtzt2X000192; expires=Wed, 01-Jul-2020 12:45:20 GMT; Max-Age=1727999; path=/; domain=www.mario-dessuti.fr; secure; HttpOnly SERVERID100401=1520200|XuInZ|XuInZ; path=/
X-IPLB-Instance
28303
tag.js
mc.yandex.ru/metrika/ 		359 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: u.to
URL: https://u.to/xzZCGA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/xzZCGA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 12:45:20 GMT
Content-Encoding
br
Last-Modified
Wed, 10 Jun 2020 15:32:49 GMT
Server
nginx/1.14.2
ETag
"5ee0fd21-16bee"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93166
Expires
Thu, 11 Jun 2020 13:45:20 GMT
hit;utostat
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;utostat?rhttps%3A//u.to/PQRDGA;s1600*1200*24;uhttps%3A//u.to/xzZCGA%23xfrxxsqhfnpccbfsf;1591879520531
  • https://counter.yadro.ru/hit;utostat?q;rhttps%3A//u.to/PQRDGA;s1600*1200*24;uhttps%3A//u.to/xzZCGA%23xfrxxsqhfnpccbfsf;1591879520531
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;utostat?q;rhttps%3A//u.to/PQRDGA;s1600*1200*24;uhttps%3A//u.to/xzZCGA%23xfrxxsqhfnpccbfsf;1591879520531
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.11.1 /
Resource Hash

Request headers

Referer
https://u.to/xzZCGA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 12:45:20 GMT
Server
nginx/1.11.1
Content-Type
image/gif
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 11 Jun 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 12:45:20 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;utostat?q;rhttps%3A//u.to/PQRDGA;s1600*1200*24;uhttps%3A//u.to/xzZCGA%23xfrxxsqhfnpccbfsf;1591879520531
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 11 Jun 2019 21:00:00 GMT
1
mc.yandex.ru/watch/51604940/
Redirect Chain
  • https://mc.yandex.ru/watch/51604940?wmode=7&page-ref=https%3A%2F%2Fu.to%2FPQRDGA&page-url=https%3A%2F%2Fu.to%2FxzZCGA%23xfrxxsqhfnpccbfsf&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591879520235%3As...
  • https://mc.yandex.ru/watch/51604940/1?wmode=7&page-ref=https%3A%2F%2Fu.to%2FPQRDGA&page-url=https%3A%2F%2Fu.to%2FxzZCGA%23xfrxxsqhfnpccbfsf&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591879520235%3...
171 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/51604940/1?wmode=7&page-ref=https%3A%2F%2Fu.to%2FPQRDGA&page-url=https%3A%2F%2Fu.to%2FxzZCGA%23xfrxxsqhfnpccbfsf&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591879520235%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200611144520%3Aet%3A1591879521%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1022879118027%3Arqn%3A2%3Arn%3A243613831%3Ahid%3A698123337%3Ads%3A0%2C0%2C53%2C1%2C171%2C0%2C0%2C%2C%2C297%2C%2C%2C%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591879521%3Au%3A1591879520404222723%3At%3ARedirecting
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/xzZCGA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 12:45:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11-Jun-2020 12:45:20 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://u.to
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
171
X-XSS-Protection
1; mode=block
Expires
Thu, 11-Jun-2020 12:45:20 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 12:45:20 GMT
Last-Modified
Thu, 11-Jun-2020 12:45:20 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://u.to
Strict-Transport-Security
max-age=31536000
Location
/watch/51604940/1?wmode=7&page-ref=https%3A%2F%2Fu.to%2FPQRDGA&page-url=https%3A%2F%2Fu.to%2FxzZCGA%23xfrxxsqhfnpccbfsf&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591879520235%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200611144520%3Aet%3A1591879521%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1022879118027%3Arqn%3A2%3Arn%3A243613831%3Ahid%3A698123337%3Ads%3A0%2C0%2C53%2C1%2C171%2C0%2C0%2C%2C%2C297%2C%2C%2C%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591879521%3Au%3A1591879520404222723%3At%3ARedirecting
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 11-Jun-2020 12:45:20 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/xzZCGA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 12:45:20 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 11 Jun 2020 13:45:20 GMT
v_1111_f43e35e058ab788e1a85404ca81f6ca7_all.css
www.mario-dessuti.fr/themes/warehouse/cache/ 		326 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mario-dessuti.fr/themes/warehouse/cache/v_1111_f43e35e058ab788e1a85404ca81f6ca7_all.css
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
HTTP/1.1
Server
213.186.33.3 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR),
Reverse DNS
cluster015.ovh.net
Software
Apache /
Resource Hash
628265315c071040b10c1a1e7e358bc13bc34b0bd1fd7c6845d86b4c76d10a84

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 12:45:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Mar 2020 14:52:52 GMT
Server
Apache
X-IPLB-Instance
28303
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
56231
Expires
Thu, 18 Jun 2020 12:45:21 GMT
Roboto
fonts.google.com/specimen/
Redirect Chain
  • http://fonts.google.com/specimen/Roboto
  • https://fonts.google.com/specimen/Roboto
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.google.com/specimen/Roboto
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 12:45:21 GMT
X-Content-Type-Options
nosniff
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
application/binary
Location
https://fonts.google.com/specimen/Roboto
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
X-XSS-Protection
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
mario-dessuti-logo-1465818807.jpg
www.mario-dessuti.fr/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mario-dessuti.fr/img/mario-dessuti-logo-1465818807.jpg
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.3 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR),
Reverse DNS
cluster015.ovh.net
Software
Apache /
Resource Hash
73a3b9698defb95e8cf6fd35e19c541fd87f68b3e9f7e3702158ca02ac12813b

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 12:45:21 GMT
last-modified
Tue, 06 Sep 2016 14:33:57 GMT
server
Apache
x-iplb-instance
28341
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11450
expires
Sat, 11 Jul 2020 12:45:21 GMT
Logo-Footer.png
www.mario-dessuti.fr/img/cms/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mario-dessuti.fr/img/cms/Logo-Footer.png
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.3 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR),
Reverse DNS
cluster015.ovh.net
Software
Apache /
Resource Hash
e981df9cb8c9b7f05b98fbda53ec9f6bc20a2a1b716cb49264c684efb1e41171

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 12:45:21 GMT
last-modified
Fri, 07 Jun 2019 09:14:39 GMT
server
Apache
x-iplb-instance
28310
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15226
expires
Sat, 11 Jul 2020 12:45:21 GMT
v_107_cb08a857a7f7fb22e6c42a5f0da89534.js
www.mario-dessuti.fr/themes/warehouse/cache/ 		364 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mario-dessuti.fr/themes/warehouse/cache/v_107_cb08a857a7f7fb22e6c42a5f0da89534.js
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
HTTP/1.1
Server
213.186.33.3 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR),
Reverse DNS
cluster015.ovh.net
Software
Apache /
Resource Hash
787a1f9b83dc95c6f8c377e76166f3b709f7d302bb2b81ca095ea56710cb73bd

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 12:45:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Mar 2020 14:51:11 GMT
Server
Apache
X-IPLB-Instance
28278
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Thu, 18 Jun 2020 12:45:21 GMT
render.f856f416589f50aacd54.js
widget-v4.tidiochat.com/1_29_3/static/js/
Redirect Chain
  • http://code.tidio.co/91ewz6p9nfeewoatqjx8m1ij7imimhpm.js
  • http://widget-v4.tidiochat.com/1_29_3/static/js/render.f856f416589f50aacd54.js
15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widget-v4.tidiochat.com/1_29_3/static/js/render.f856f416589f50aacd54.js
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
831cf0e395a4807c6e20494726bbd430b70f48ba27f03c8992aa8a3a74e08983

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 12:45:21 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Jun 2020 14:37:57 GMT
Server
cloudflare
Age
23
ETag
W/"5ed90745-3ba8"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=691200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5a1b6dc1dc3adfdf-FRA
cf-request-id
034502ed250000dfdff71b7200000001

Redirect headers

Date
Thu, 11 Jun 2020 12:45:21 GMT
CF-Cache-Status
BYPASS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Location
http://widget-v4.tidiochat.com/1_29_3/static/js/render.f856f416589f50aacd54.js
Cache-Control
private, no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5a1b6dbf1c1f062d-FRA
cf-request-id
034502eb6c0000062d5e3c5200000001
fontawesome-webfont.woff2
www.mario-dessuti.fr/themes/warehouse/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.mario-dessuti.fr/themes/warehouse/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/themes/warehouse/cache/v_107_cb08a857a7f7fb22e6c42a5f0da89534.js
Protocol
HTTP/1.1
Server
213.186.33.3 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR),
Reverse DNS
cluster015.ovh.net
Software
Apache /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.mario-dessuti.fr/themes/warehouse/cache/v_1111_f43e35e058ab788e1a85404ca81f6ca7_all.css
Origin
http://www.mario-dessuti.fr

Response headers

Date
Thu, 11 Jun 2020 12:45:21 GMT
Last-Modified
Tue, 06 Sep 2016 14:41:44 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
64464
X-IPLB-Instance
28278
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
6542
date
Thu, 11 Jun 2020 10:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 11 Jun 2020 12:56:19 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
widget.f856f416589f50aacd54.js
widget-v4.tidiochat.com//1_29_3/static/js/ Frame F2CD 		1 MB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//1_29_3/static/js/widget.f856f416589f50aacd54.js
Requested by
Host: widget-v4.tidiochat.com
URL: http://widget-v4.tidiochat.com/1_29_3/static/js/render.f856f416589f50aacd54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529f69956919c92536967f4631399fe7d80bf6098291f4043976226331e6d2a5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 12:45:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Jun 2020 14:37:39 GMT
server
cloudflare
age
340
etag
W/"5ed90733-10504e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=691200
cf-ray
5a1b6dc25e27c2bd-FRA
cf-request-id
034502ed780000c2bd6a989200000001
linkid.js
www.google-analytics.com/plugins/ua/
Redirect Chain
  • http://www.google-analytics.com/plugins/ua/linkid.js
  • https://www.google-analytics.com/plugins/ua/linkid.js
2 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 12:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2404
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Thu, 11 Jun 2020 13:05:17 GMT

Redirect headers

Location
https://www.google-analytics.com/plugins/ua/linkid.js
Non-Authoritative-Reason
HSTS
ec.js
www.google-analytics.com/plugins/ua/
Redirect Chain
  • http://www.google-analytics.com/plugins/ua/ec.js
  • https://www.google-analytics.com/plugins/ua/ec.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 12:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
608
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Thu, 11 Jun 2020 13:35:13 GMT

Redirect headers

Location
https://www.google-analytics.com/plugins/ua/ec.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j82&a=274614352&t=pageview&cu=EUR&_s=1&dl=http%3A%2F%2Fwww.mario-dessuti.fr%2Fcache%2Fpurifier%2Fatomz_search%2Fresponse.php%2Fzkp%2Fzmge%2F%3Fstone%3...
  • https://www.google-analytics.com/collect?v=1&_v=j82&a=274614352&t=pageview&cu=EUR&_s=1&dl=http%3A%2F%2Fwww.mario-dessuti.fr%2Fcache%2Fpurifier%2Fatomz_search%2Fresponse.php%2Fzkp%2Fzmge%2F%3Fstone%...
35 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=274614352&t=pageview&cu=EUR&_s=1&dl=http%3A%2F%2Fwww.mario-dessuti.fr%2Fcache%2Fpurifier%2Fatomz_search%2Fresponse.php%2Fzkp%2Fzmge%2F%3Fstone%3Dc1ta1c1v0mz0ny&ul=en-us&de=UTF-8&dt=Erreur%20404%20-%20Mario%20Dessuti&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIr~&jid=1431455600&gjid=1713087045&cid=1272920860.1591879522&tid=UA-106870467-1&_gid=1941787250.1591879522&z=1188905735
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 08:12:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
102786
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j82&a=274614352&t=pageview&cu=EUR&_s=1&dl=http%3A%2F%2Fwww.mario-dessuti.fr%2Fcache%2Fpurifier%2Fatomz_search%2Fresponse.php%2Fzkp%2Fzmge%2F%3Fstone%3Dc1ta1c1v0mz0ny&ul=en-us&de=UTF-8&dt=Erreur%20404%20-%20Mario%20Dessuti&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIr~&jid=1431455600&gjid=1713087045&cid=1272920860.1591879522&tid=UA-106870467-1&_gid=1941787250.1591879522&z=1188905735
Non-Authoritative-Reason
HSTS
collect
stats.g.doubleclick.net/r/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-106870467-1&cid=1272920860.1591879522&jid=1431455600&gjid=1713087045&_gid=1941787250.1591879522&_u=aGBAgEIr~&z=544281382
Requested by
Host: www.mario-dessuti.fr
URL: http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.mario-dessuti.fr/cache/purifier/atomz_search/response.php/zkp/zmge/?stone=c1ta1c1v0mz0ny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 11 Jun 2020 12:45:21 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
tururu.mp3
widget-v4.tidiochat.com// Frame F2CD 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 11 Jun 2020 12:45:21 GMT
cf-cache-status
HIT
age
1268935
status
206
Content-Length
7224
cf-request-id
034502ee4e0000c2bd6a990200000001
pragma
public
Content-Range
bytes 0-7223/7224
last-modified
Wed, 27 May 2020 09:29:41 GMT
server
cloudflare
etag
"5ece3305-1c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
5a1b6dc3b997c2bd-FRA
expires
Wed, 10 Jun 2020 20:16:26 GMT
css
fonts.googleapis.com/ Frame 13C5 		2 KB
533 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_29_3/static/js/widget.f856f416589f50aacd54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3328c6aaae4cfbc244dfb0bb67cfad06595721ac7033c704fa1b2a98d97df0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Jun 2020 10:52:06 GMT
server
ESF
date
Thu, 11 Jun 2020 12:45:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jun 2020 12:45:22 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v20/ Frame 13C5 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v20/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_29_3/static/js/widget.f856f416589f50aacd54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Muli:400,600
Origin
http://www.mario-dessuti.fr

Response headers

date
Wed, 10 Jun 2020 14:46:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 23:41:33 GMT
server
sffe
age
79112
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Thu, 10 Jun 2021 14:46:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.ru
URL
https://mc.yandex.ru/watch/51604940?wmode=7&page-url=https%3A%2F%2Fu.to%2FPQRDGA&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591879520020%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200611144520%3Aet%3A1591879521%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1022879118027%3Arqn%3A1%3Arn%3A836443616%3Ahid%3A508382553%3Ads%3A1%2C149%2C54%2C0%2C0%2C0%2C0%2C%2C%2C215%2C%2C%2C%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591879521%3Au%3A1591879520404222723%3At%3ARedirecting

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| CUSTOMIZE_TEXTFIELD string| FancyboxI18nClose string| FancyboxI18nNext string| FancyboxI18nPrev boolean| PS_CATALOG_MODE boolean| ajax_allowed boolean| ajax_popup boolean| ajaxsearch string| baseDir string| baseUri string| blocksearch_type number| comparator_max_item object| comparedProductsIds boolean| contentOnly boolean| countdownEnabled object| currency number| currencyBlank number| currencyFormat number| currencyRate string| currencySign string| customizationIdMessage string| delete_txt number| displayList string| freeProductTranslation string| freeShippingTranslation number| generated_date number| grid_size_lg number| grid_size_lg2 number| grid_size_md number| grid_size_md2 number| grid_size_ms number| grid_size_ms2 number| grid_size_sm number| grid_size_sm2 number| grid_size_xs number| grid_size_xs2 boolean| hasDeliveryAddress boolean| highDPI number| id_lang string| img_dir boolean| instantsearch boolean| iqit_carousel_auto string| iqit_carousel_load boolean| iqit_lazy_load boolean| iqit_mobile_header_sticky number| iqit_mobile_header_style boolean| iqit_sidebarh boolean| iqit_thumbs_position string| iqitcountdown_days string| iqitcountdown_hours string| iqitcountdown_minutes string| iqitcountdown_seconds boolean| iqitmegamenu_swwidth number| isGuest number| isLogged boolean| isMobile boolean| isPreloaderEnabled boolean| isRtl string| max_item string| min_item string| more_products_search string| page_name string| placeholder_blocknewsletter number| priceDisplayMethod number| priceDisplayPrecision boolean| quickView string| removingLinkText number| roundMode string| search_url string| static_token string| toBeDetermined string| token boolean| usingSecureMode function| formatedNumberToFloat function| formatNumber function| formatCurrency function| ps_round_helper function| ps_log10 function| ps_round_half_up function| ps_round function| autoUrl function| autoUrlNoList function| toggle function| toggleMultiple function| showElemFromSelect function| openCloseAllDiv function| toggleDiv function| toggleButtonValue function| toggleElemValue function| addBookmark function| writeBookmarkLink function| writeBookmarkLinkObject function| checkCustomizations function| emptyCustomizations function| ceilf function| floorf function| setCurrency function| isArrowKey function| removeQuotes function| sprintf function| fancyMsgBox function| fancyChooseBox function| toggleLayer function| openCloseLayer function| updateTextWithEffect function| dbg function| print_r function| in_array function| isCleanHtml function| getStorageAvailable boolean| responsiveflag function| highdpiInit function| scrollCompensate function| responsiveResize function| blockHover function| fadeSwapSrc function| is_touch_device function| quick_view function| bindGrid function| display function| dropDown function| dropDownMobileHeader function| stickyMobileHeader function| accordionFooter function| accordion function| bindUniform function| openBranch function| closeBranch function| toggleBranch object| ajaxCart function| HoverWatcher function| crossselling_serialScroll object| instantSearchQueries function| tryToCloseInstantSearch function| stopInstantSearchQueries object| cbpHorizontalMenu object| cbpVerticalmenu boolean| isStickMenu function| BT_GAnalyticsPro function| submitGuestkbInfo function| showStuff function| $ function| jQuery object| jQuery11100580475336658316 object| Modernizr object| classie object| SENTRY_RELEASE object| tidioChatApi object| BTGA string| cookie_lifetime string| hiding_effect string| cookie_name string| kb_gdpr_checkbox_mand string| kb_gdpr_field_required string| kb_active string| kb_inactive string| GoogleAnalyticsObject function| ga number| compensante object| leftColumnBlocks string| elementClick string| elementSlide string| activeClass string| melementClick string| melementSlide string| mactiveClass object| $dropdownsWrapper string| test object| storage number| currentlevel object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.mario-dessuti.fr/ Name: _gid
Value: GA1.2.1941787250.1591879522
.mario-dessuti.fr/ Name: _gat
Value: 1
.mario-dessuti.fr/ Name: _ga
Value: GA1.2.1272920860.1591879522
www.mario-dessuti.fr/ Name: SERVERID100401
Value: 1520200|XuInZ|XuInZ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.tidio.co
counter.yadro.ru
fonts.google.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
ormco.trente-douze.fr
stats.g.doubleclick.net
u.to
widget-v4.tidiochat.com
www.google-analytics.com
www.mario-dessuti.fr
mc.yandex.ru
163.172.156.175
195.216.243.155
213.186.33.3
2606:4700:20::681a:8b7
2606:4700:20::ac43:4703
2a00:1450:4001:801::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9d
2a02:6b8::1:119
88.212.201.210
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
400a6a162d8725b2c9edf36a4902538213b97486702b096c3d124eaaf0e8e9ac
529f69956919c92536967f4631399fe7d80bf6098291f4043976226331e6d2a5
628265315c071040b10c1a1e7e358bc13bc34b0bd1fd7c6845d86b4c76d10a84
73a3b9698defb95e8cf6fd35e19c541fd87f68b3e9f7e3702158ca02ac12813b
787a1f9b83dc95c6f8c377e76166f3b709f7d302bb2b81ca095ea56710cb73bd
831cf0e395a4807c6e20494726bbd430b70f48ba27f03c8992aa8a3a74e08983
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
d3328c6aaae4cfbc244dfb0bb67cfad06595721ac7033c704fa1b2a98d97df0d
dbb391123ef2a3c29917d0b5dd59287603e608f9a796559d47022b6d6ed6fd67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e981df9cb8c9b7f05b98fbda53ec9f6bc20a2a1b716cb49264c684efb1e41171