urlscan.io logo urlscan.io
SecurityTrails logo

www.spectacles.carrefour.fr Open in urlscan Pro
151.101.193.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my.message-factory.com/tk/t/2/916200209618ea/7965358a1/84485f52/73211623e1c/
Effective URL: https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&u...
Submission: On July 20 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 151.101.193.237, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.spectacles.carrefour.fr.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q2 on May 16th 2024. Valid for: a year.
This is the only time www.spectacles.carrefour.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 151.80.34.60 16276 (OVH)
1 2 18.156.167.184 16509 (AMAZON-02)
1 52.85.65.53 16509 (AMAZON-02)
9 151.101.193.237 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.190.10.96 15169 (GOOGLE)
16 7
4    151.80.34.60 (France)

ASN16276 (OVH, FR)
PTR: ns3005210.ip-151-80-34.eu
my.message-factory.com
2    18.156.167.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-167-184.eu-central-1.compute.amazonaws.com
clk.tradedoubler.com
1    52.85.65.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-53.muc50.r.cloudfront.net
vht.tradedoubler.com
9    151.101.193.237 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.spectacles.carrefour.fr
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxthwujgwk.px-cloud.net
Apex Domain
Subdomains		 Transfer
9 carrefour.fr
www.spectacles.carrefour.fr
97 KB
4 message-factory.com
my.message-factory.com
4 KB
3 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 125043
vht.tradedoubler.com — Cisco Umbrella Rank: 165065
15 KB
2 px-cloud.net
collector-pxthwujgwk.px-cloud.net — Cisco Umbrella Rank: 32436
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
156 KB
16 5
Domain Requested by
9 www.spectacles.carrefour.fr www.spectacles.carrefour.fr
4 my.message-factory.com 2 redirects my.message-factory.com
2 collector-pxthwujgwk.px-cloud.net www.spectacles.carrefour.fr
2 clk.tradedoubler.com 1 redirects
1 www.googletagmanager.com www.spectacles.carrefour.fr
1 vht.tradedoubler.com clk.tradedoubler.com
16 6

This site contains no links.

Subject Issuer Validity Valid
my.message-factory.com
R10		 2024-07-18 -
2024-10-16		 3 months crt.sh
*.tradedoubler.com
Amazon RSA 2048 M03		 2023-09-06 -
2024-10-05		 a year crt.sh
www.spectacles.carrefour.fr
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-05-16 -
2025-06-17		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-15 -
2024-09-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
Frame ID: B4C0066363153CBAB84F76B93DEEEA78
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://my.message-factory.com/tk/t/2/916200209618ea/7965358a1/84485f52/73211623e1c/ HTTP 301
    https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=732116... Page URL
  2. https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=732116... HTTP 302
    https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/... Page URL
  3. https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/... HTTP 302
    https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_so... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns

Page Statistics

16
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

271 kB
Transfer

704 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.message-factory.com/tk/t/2/916200209618ea/7965358a1/84485f52/73211623e1c/ HTTP 301
    https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c Page URL
  2. https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c HTTP 302
    https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland Page URL
  3. https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland HTTP 302
    https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://my.message-factory.com/tk/t/2/916200209618ea/7965358a1/84485f52/73211623e1c/ HTTP 301
  • https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c
Request Chain 2
  • https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c HTTP 302
  • https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
tracker.aspx
my.message-factory.com/tk/
Redirect Chain
  • https://my.message-factory.com/tk/t/2/916200209618ea/7965358a1/84485f52/73211623e1c/
  • https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
151.80.34.60 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3005210.ip-151-80-34.eu
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
cf4a47c60e217f8e422cbb6e07fdfc4ae9a64215ec3c822f32e54d3c737a8a6c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
1102
Content-Type
text/html; charset=utf-8
Date
Sat, 20 Jul 2024 00:58:26 GMT
Refresh
0
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Content-Length
263
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 Jul 2024 00:58:26 GMT
Location
https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
browser.js
my.message-factory.com/tk/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.message-factory.com/tk/browser.js
Requested by
Host: my.message-factory.com
URL: https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
151.80.34.60 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3005210.ip-151-80-34.eu
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
88ab33aa6eed72ca5232a79f9f1c159528db6bde2a693e3cc09054e88dbb1778

Request headers

Referer
https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Jul 2024 00:58:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2011 20:14:06 GMT
Server
Microsoft-IIS/8.5
ETag
"07b50bc994ccc1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1565
click
clk.tradedoubler.com/
Redirect Chain
  • https://my.message-factory.com/tk/tracker.aspx?v=2&idi=916200209618ea&idl=7965358a1&idm=84485f52&idc=73211623e1c
  • https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertisi...
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.167.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-167-184.eu-central-1.compute.amazonaws.com
Software
TXServerHttp /
Resource Hash
1bbba808d15b6aaa7b6cc01b6ac8af03d4994f7c72dc58fc828c0aee35b95a37

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://my.message-factory.com
Referer
https://my.message-factory.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Form-Factor, Sec-CH-UA-Model, Sec-CH-UA-WoW64
access-control-allow-credentials
true
access-control-allow-origin
https://my.message-factory.com
cache-control
private, max-age=0
content-length
4347
content-type
text/html; charset=ISO-8859-1
date
Sat, 20 Jul 2024 00:58:18 GMT
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
vary
Origin

Redirect headers

Cache-Control
private
Content-Length
430
Content-Type
text/html; charset=utf-8
Date
Sat, 20 Jul 2024 00:58:26 GMT
Location
https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
fpjs.js
vht.tradedoubler.com/fp/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/fpjs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-53.muc50.r.cloudfront.net
Software
Apache /
Resource Hash
5b036ab5052dc73813aa4a472e3046a0fe217f5787d0c322d755a42201050d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Via
1.1 2ba0d127e96dd7ba71375daa47032990.cloudfront.net (CloudFront)
Date
Fri, 19 Jul 2024 03:45:40 GMT
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
MUC50-P6
Age
76361
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8745
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 12 Mar 2024 11:04:52 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
x8cNqSzQ5OT6X2SU1F8Fm4MZPE2OE3GMV-GhhMP2z7RGOrBWWmobkw==
Primary Request 588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=361259&a=2892996&g=25664238&url=https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertisi...
  • https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm...
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3abaa68bc84c3e7d3a6586e8df18cdfd861daae2ba8e10b2e537af1ff3675f8d

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://clk.tradedoubler.com
Referer
https://clk.tradedoubler.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
3809
content-type
text/html; charset=UTF-8
date
Sat, 20 Jul 2024 00:58:18 GMT
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams2100113-AMS, cache-ams2100113-AMS

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
https://clk.tradedoubler.com
cache-control
private, max-age=0
content-length
460
content-type
text/html; charset=ISO-8859-1
date
Sat, 20 Jul 2024 00:58:18 GMT
location
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
vary
Origin
eps-mgr
www.spectacles.carrefour.fr/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectacles.carrefour.fr/eps-mgr
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
eb1287c893697bf5841e460fe9d96a935606fb8334a8087f752064563942faa8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by
cache-ams2100113-AMS, cache-ams2100113-AMS
date
Sat, 20 Jul 2024 00:58:18 GMT
via
1.1 varnish, 1.1 varnish
server
Varnish
x-timer
S1721437099.693920,VS0,VE0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
content-type
text/javascript
accept-ranges
bytes
content-length
13275
retry-after
0
x-cache-hits
0, 0
shared.js
www.spectacles.carrefour.fr/epsf/asset/ 		941 B
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectacles.carrefour.fr/epsf/asset/shared.js
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edcaab0f54f37e1731f98ccbf0422e80d2a6b4457479d777bbdf99351f56f7c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:58:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
C9HDCRR6W6RDMBJ4
age
790
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
473
x-amz-id-2
jAHbw7JyaHDIb+Cyu91UoKpFfHLjriY7NoHjmCzGRlhw4rOt8M6r4x2Ps3gYpSWdZgqfs+99jmc=
x-served-by
cache-ams2100113-AMS, cache-ams2100113-AMS
last-modified
Mon, 25 Mar 2024 23:07:44 GMT
server
AmazonS3
x-timer
S1721437099.693920,VS0,VE0
etag
"eee109f384fb5028d3ef9bda2bbff4e8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
accept-ranges
bytes
s3-url
/prd2385.tm-prod.distil-template.prod.us-east-1/asset/shared.js
x-cache-hits
15, 0
tm.css
www.spectacles.carrefour.fr/epsf/asset/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spectacles.carrefour.fr/epsf/asset/tm.css
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/epsf/asset/shared.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c7fe5aaa84da023812bc5c48ed832b2dad957175dcd7745d1560ff5f4e85404
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:58:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
K23XT78FC064X648
age
8348
x-cache
HIT, MISS
content-length
3861
x-amz-id-2
YD0UDg6iKQVWTVV4Ur2qQ6Z9ucTyJBX6Jnx6fwlnajTYH+YjBsczh+B2kGaz9hwKi5B/Z/0zHT4=
x-served-by
cache-ams2100113-AMS, cache-ams2100113-AMS
last-modified
Fri, 01 Jul 2022 19:59:50 GMT
server
AmazonS3
x-timer
S1721437099.718457,VS0,VE0
etag
"5b825ed88a2b6030fb1257725104e342"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300
accept-ranges
bytes
s3-url
/prd2385.tm-prod.distil-template.prod.us-east-1/asset/tm.css
x-cache-hits
9, 0
block.js
www.spectacles.carrefour.fr/epsf/asset/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectacles.carrefour.fr/epsf/asset/block.js
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/epsf/asset/shared.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0689336a976a3420c15f84b4ae1beb41747a210fffc85865540cbdeb7a33df0e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:58:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
K23W9WHQ0C50XG48
age
8348
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
2041
x-amz-id-2
jZfS+Pv2WiBikuEz6fRHNS+gW5yNsc1ZmdfRTCkzQEP/hneg5Iv+vHy39LIiSiwl+nk3ah2Mgqo=
x-served-by
cache-ams2100113-AMS, cache-ams2100113-AMS
last-modified
Fri, 21 Jun 2024 15:24:35 GMT
server
AmazonS3
x-timer
S1721437099.719562,VS0,VE0
etag
"967671b39a7266aba77a638b0f471cff"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
accept-ranges
bytes
s3-url
/prd2385.tm-prod.distil-template.prod.us-east-1/asset/block.js
x-cache-hits
11, 0
gtm.js
www.spectacles.carrefour.fr/epsf/asset/ 		449 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectacles.carrefour.fr/epsf/asset/gtm.js
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/epsf/asset/shared.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1567b8679cb973b0af5c82bceed1beb5f098635a3b72f4e12bad7a58c172e8bf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:58:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
TEMM3HK5Q73FGX51
age
81962
x-cache
HIT, MISS
content-length
330
x-amz-id-2
1Pb4KE6xguCI2CjVZcPpKfPeCksgzTcwfR3cJGYbdFgaE/UO7RjAlrIFG0M9SfdbaScGAXGYPsw=
x-served-by
cache-ams2100113-AMS, cache-ams2100113-AMS
last-modified
Fri, 01 Jul 2022 19:59:50 GMT
server
AmazonS3
x-timer
S1721437099.719350,VS0,VE0
etag
"f4edd988dd2e24ca7150975739450508"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
accept-ranges
bytes
s3-url
/prd2385.tm-prod.distil-template.prod.us-east-1/asset/gtm.js
x-cache-hits
324, 0
iamNotaRobot.js
www.spectacles.carrefour.fr/epsf/asset/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectacles.carrefour.fr/epsf/asset/iamNotaRobot.js
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/eps-mgr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dbad30cf628d7e25abcfa081f627b95869c9b4828439b09103affd58b358443
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:58:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
E93HHB1ZA4S45X4Y
age
5978
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
2095
x-amz-id-2
CxBTZjLRsPYacv3E35begb3UkQ7RPmXwq2K6vX4+TKchITCF3uwWzkxhZlKIK1/FxnuNdxSz6Z8=
x-served-by
cache-ams2100113-AMS, cache-ams2100113-AMS
last-modified
Tue, 14 May 2024 14:53:48 GMT
server
AmazonS3
x-timer
S1721437099.721148,VS0,VE0
etag
"de357dbc7393b72dedc16a3e5fcc8ef8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
accept-ranges
bytes
s3-url
/prd2385.tm-prod.distil-template.prod.us-east-1/asset/iamNotaRobot.js
x-cache-hits
210, 0
eps-p
www.spectacles.carrefour.fr/epsf/ 		169 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectacles.carrefour.fr/epsf/eps-p
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/eps-mgr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
425539d7bc6067e358ca9a1130bd89ee881bca5b853a809164b9467375471fc5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sat, 20 Jul 2024 01:06:51 GMT
date
Sat, 20 Jul 2024 00:58:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
content-length
69175
x-served-by
cache-ams2100113-AMS, cache-ams2100113-AMS
last-modified
Sat, 20 Jul 2024 00:04:42 GMT
server
UploadServer
x-timer
S1721437099.721258,VS0,VE2
etag
"53cbea14369f813a8d4016d54826ed5a"
active-cdn
Akamai
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-goog-stored-content-length
69175
accept-ranges
bytes
x-cache-hits
0, 0
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22ec00673207950e1c44bbf855c69917dd994b24e388372aff34756e7f9beb4b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4698b48f1f1a3969de38957652d45bee728a643bba6f5c96248645e7b93b335

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
gtm.js
www.googletagmanager.com/ 		451 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K4QMLG
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/epsf/asset/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
597e7f70cdc7067ee758dcfe9f8ef42db9a446a729453e560391c66754077164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.spectacles.carrefour.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:58:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
159371
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jul 2024 00:58:18 GMT
collector
collector-pxthwujgwk.px-cloud.net/api/v2/ 		540 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxthwujgwk.px-cloud.net/api/v2/collector
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/epsf/eps-p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
f10ccb75baf01a9f880870a71ba551df573bbbdfcdb02bb0bf56069257ffe1c9

Request headers

Referer
https://www.spectacles.carrefour.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 20 Jul 2024 00:58:18 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.spectacles.carrefour.fr
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
540
favicon.ico
www.spectacles.carrefour.fr/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.spectacles.carrefour.fr/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
CloudFront /
Resource Hash
cb824cc9dca01ed437bf2c4eb8f542a9a1aed6528c8905f142fb5427f085de61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Jul 2024 00:58:19 GMT
via
1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-queueit-connector
cloudfront
x-amz-cf-pop
AMS1-P2
x-cache
Error from cloudfront, MISS, MISS
x-xss-protection
1; mode=block
x-served-by
cache-ams2100113-AMS, cache-ams2100113-AMS
referrer-policy
same-origin
server
CloudFront
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html
cache-control
max-age=600
feature-policy
midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), payment=()
accept-ranges
bytes
x-amz-cf-id
xfGiq7KmCEidfiMiOyuUITtXaRs9cw3MHnelwLqH4Of0EjE-gc5EMQ==
x-cache-hits
0, 0
collector
collector-pxthwujgwk.px-cloud.net/api/v2/ 		388 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxthwujgwk.px-cloud.net/api/v2/collector
Requested by
Host: www.spectacles.carrefour.fr
URL: https://www.spectacles.carrefour.fr/epsf/eps-p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
fa3f10140d058111be0c89876e2ab828dbb827f6845e1cdc717d7229504cb580

Request headers

Referer
https://www.spectacles.carrefour.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 20 Jul 2024 00:58:19 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.spectacles.carrefour.fr
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
388

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showBlockPage string| rid string| ip string| rr string| host string| action string| ss string| path boolean| umbrella function| isWidget function| getWidgetModeHeader function| ls string| hp function| load object| s string| client_ip string| dt string| h object| d_f string| eps_dg object| pp object| dataLayer object| en object| fr object| it object| es object| en_1 object| fr_1 object| es_1 object| en_mob object| fr_mob object| it_mob object| es_mob function| getCookie function| detectLang function| pxLang function| iamNotaRobotPX function| setGlobalVariables function| loadCommonResources function| iamNotaRobotD function| iamNotaRobot string| _pxAppId object| PXTHwUJgWK object| PX object| google_tag_manager object| google_tag_data function| OptanonDefaultGroupSetting function| setCookieFunc object| TmPixel object| unversionedFiredTags object| gtmCCV

8 Cookies

Domain/Path Name / Value
my.message-factory.com/ Name: ASP.NET_SessionId
Value: kmbkkp4xvlymcro0fzebrflz
.tradedoubler.com/ Name: GUID
Value: 1z11zz189z1cttPIzc08dad499465e9ff1888d114c09ec3ae
.tradedoubler.com/ Name: EH_0
Value: 1z11z1z189z1yUiMIz1eKxyb0QuBlsyFvKJCkSNR4NnXNqV4umwTe4xT%7ajWo.ShalKrDaQ0c04%7a.GGtqHgRJMF
.spectacles.carrefour.fr/ Name: eps_sid
Value: ddaf4c6b743ac1b42a604651fc094f87fdda2dc0
.carrefour.fr/ Name: _gcl_au
Value: 1.1.2037724738.1721437099
.carrefour.fr/ Name: pxcts
Value: 2755c148-4633-11ef-9f3a-d799927f0ff1
.carrefour.fr/ Name: _pxvid
Value: 2755b327-4633-11ef-9f3a-dd664b5d9aab
.carrefour.fr/ Name: _px2
Value: eyJ1IjoiMjc0MzE5ODAtNDYzMy0xMWVmLTg0YjAtYTliNTgwNmI3NjgwIiwidiI6IjI3NTViMzI3LTQ2MzMtMTFlZi05ZjNhLWRkNjY0YjVkOWFhYiIsInQiOjE3MjE0MzczOTk3OTEsImgiOiI5OTE0NTcyMDNkZmJlMDZiMjliYzljZjBmYzkyZjhhMGU1NzI5YjBhZTA3MGE2NTA5MjA4NTMwOWY0MzlhZWZmIn0=

1 Console Messages

Source Level URL
Text
network error URL: https://www.spectacles.carrefour.fr/fr/manifestation/plopsaland-promotion-carrefour-billet/idmanif/588615&utm_source=r_advertising&utm_medium=referral_parteners&utm_campaign=062024_op_parcs_ete&utm_content=plopsaland&tduid=c08dad499465e9ff1888d114c09ec3ae
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clk.tradedoubler.com
collector-pxthwujgwk.px-cloud.net
my.message-factory.com
vht.tradedoubler.com
www.googletagmanager.com
www.spectacles.carrefour.fr
151.101.193.237
151.80.34.60
18.156.167.184
2a00:1450:4001:82f::2008
35.190.10.96
52.85.65.53
0689336a976a3420c15f84b4ae1beb41747a210fffc85865540cbdeb7a33df0e
0dbad30cf628d7e25abcfa081f627b95869c9b4828439b09103affd58b358443
1567b8679cb973b0af5c82bceed1beb5f098635a3b72f4e12bad7a58c172e8bf
1bbba808d15b6aaa7b6cc01b6ac8af03d4994f7c72dc58fc828c0aee35b95a37
22ec00673207950e1c44bbf855c69917dd994b24e388372aff34756e7f9beb4b
3abaa68bc84c3e7d3a6586e8df18cdfd861daae2ba8e10b2e537af1ff3675f8d
425539d7bc6067e358ca9a1130bd89ee881bca5b853a809164b9467375471fc5
597e7f70cdc7067ee758dcfe9f8ef42db9a446a729453e560391c66754077164
5b036ab5052dc73813aa4a472e3046a0fe217f5787d0c322d755a42201050d5f
7c7fe5aaa84da023812bc5c48ed832b2dad957175dcd7745d1560ff5f4e85404
88ab33aa6eed72ca5232a79f9f1c159528db6bde2a693e3cc09054e88dbb1778
cb824cc9dca01ed437bf2c4eb8f542a9a1aed6528c8905f142fb5427f085de61
cf4a47c60e217f8e422cbb6e07fdfc4ae9a64215ec3c822f32e54d3c737a8a6c
e4698b48f1f1a3969de38957652d45bee728a643bba6f5c96248645e7b93b335
eb1287c893697bf5841e460fe9d96a935606fb8334a8087f752064563942faa8
edcaab0f54f37e1731f98ccbf0422e80d2a6b4457479d777bbdf99351f56f7c6
f10ccb75baf01a9f880870a71ba551df573bbbdfcdb02bb0bf56069257ffe1c9
fa3f10140d058111be0c89876e2ab828dbb827f6845e1cdc717d7229504cb580