urlscan.io logo urlscan.io
SecurityTrails logo

adfeed-sms.fr Open in urlscan Pro
51.103.19.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://adfeed-sms.fr/
Effective URL: https://adfeed-sms.fr/adfeed
Submission: On July 19 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 18 HTTP transactions. The main IP is 51.103.19.220, located in Paris, France and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is adfeed-sms.fr.
TLS certificate: Issued by R3 on July 18th 2023. Valid for: 3 months.
This is the only time adfeed-sms.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 51.103.19.220 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.47 16509 (AMAZON-02)
1 2600:9000:225... ()
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.112.89 16509 (AMAZON-02)
1 63.33.129.53 16509 (AMAZON-02)
18 7
11    51.103.19.220 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adfeed-sms.fr
assets.admin.wellpack.fr
admin.wellpack.fr
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net
serve.albacross.com
1    2600:9000:2250:a400:4:d7e1:700:93a1 (United States)

ASN- ()
sc.lfeeder.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.112.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-89.fra56.r.cloudfront.net
tr.lfeeder.com
1    63.33.129.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-129-53.eu-west-1.compute.amazonaws.com
new-collect.albacross.com
Apex Domain
Subdomains		 Transfer
6 adfeed-sms.fr
adfeed-sms.fr
652 KB
5 wellpack.fr
assets.admin.wellpack.fr
admin.wellpack.fr
9 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
2 lfeeder.com
sc.lfeeder.com — Cisco Umbrella Rank: 15450
tr.lfeeder.com — Cisco Umbrella Rank: 27253
11 KB
2 albacross.com
serve.albacross.com — Cisco Umbrella Rank: 75231
new-collect.albacross.com — Cisco Umbrella Rank: 63582
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
106 KB
18 6
Domain Requested by
6 adfeed-sms.fr 1 redirects adfeed-sms.fr
4 admin.wellpack.fr adfeed-sms.fr
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com adfeed-sms.fr
www.googletagmanager.com
1 new-collect.albacross.com
1 tr.lfeeder.com adfeed-sms.fr
1 sc.lfeeder.com adfeed-sms.fr
1 serve.albacross.com adfeed-sms.fr
1 assets.admin.wellpack.fr adfeed-sms.fr
18 9

This site contains no links.

Subject Issuer Validity Valid
adfeed-sms.fr
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
assets.admin.wellpack.fr
R3		 2023-06-08 -
2023-09-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
admin.wellpack.fr
R3		 2023-07-09 -
2023-10-07		 3 months crt.sh
*.albacross.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
*.lfeeder.com
Amazon RSA 2048 M01		 2023-03-22 -
2024-04-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://adfeed-sms.fr/adfeed
Frame ID: 220E96CBFBB9C9CF15D84CF12F082AFC
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

adfeed

Page URL History Show full URLs

  1. https://adfeed-sms.fr/ HTTP 302
    https://adfeed-sms.fr/adfeed Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

9
Subdomains

7
IPs

4
Countries

802 kB
Transfer

2391 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://adfeed-sms.fr/ HTTP 302
    https://adfeed-sms.fr/adfeed Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request adfeed
adfeed-sms.fr/
Redirect Chain
  • https://adfeed-sms.fr/
  • https://adfeed-sms.fr/adfeed
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adfeed-sms.fr/adfeed
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
5c12d6077097783bb5c33db4155ad02a4a30e5030ac77abff8529cc139559a67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3525
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jul 2023 03:30:47 GMT
Keep-Alive
timeout=5, max=99
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache/2.4.38 (Debian)
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
allow-from *
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Length
358
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jul 2023 03:30:47 GMT
Keep-Alive
timeout=5, max=100
Location
https://adfeed-sms.fr/adfeed
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache/2.4.38 (Debian)
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
allow-from *
X-XSS-Protection
1; mode=block
app.css
adfeed-sms.fr/css/ 		208 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfeed-sms.fr/css/app.css?id=02b7099b33e319e4fa32
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/adfeed
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
440fae5aacfe1510ae35e987cfd745a2c79b51015d891e3e8b88fd5c4ff9ada3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/adfeed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 19 Jul 2023 03:30:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
38502
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jul 2023 17:25:08 GMT
Server
Apache/2.4.38 (Debian)
ETag
"33e16-6003961700cab-gzip"
Vary
Accept-Encoding
X-Frame-Options
allow-from *
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
5fbd11102cad3.png
assets.admin.wellpack.fr/logos/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.admin.wellpack.fr/logos/5fbd11102cad3.png
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/adfeed
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
3607095942abb774aa9c9d1fa67bf4dc9c9e1d2fb94dca549c82b6443f705754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 19 Jul 2023 03:30:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Nov 2020 13:56:32 GMT
Server
Apache/2.4.38 (Debian)
ETag
"1d9c-5b4daad9a6400"
X-Frame-Options
allow-from *
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7580
X-XSS-Protection
1; mode=block
home_2.jpg
adfeed-sms.fr/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfeed-sms.fr/images/home_2.jpg
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/adfeed
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
83a768425de64af5a192167bd171eb421d83ec4252cac0f508faf19808208a5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/adfeed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 19 Jul 2023 03:30:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jul 2023 17:25:08 GMT
Server
Apache/2.4.38 (Debian)
ETag
"99e9-6003961707a0a"
X-Frame-Options
allow-from *
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
39401
X-XSS-Protection
1; mode=block
app.js
adfeed-sms.fr/js/ 		2 MB
490 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfeed-sms.fr/js/app.js?id=d4495805da40ce7ababd
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/adfeed
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
e28bb0367221b9f37ef1e919249214f36861dc08f4380292c827e5c55b2ebdfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/adfeed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 19 Jul 2023 03:30:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jul 2023 17:25:08 GMT
Server
Apache/2.4.38 (Debian)
ETag
"1a22ff-6003961700cab-gzip"
Vary
Accept-Encoding
X-Frame-Options
allow-from *
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
gtm.js
www.googletagmanager.com/ 		119 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKZPMX8
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/adfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
467782edfbedfb2965ec5ce70718707b8a54286b70cd837f01b12c286edd7a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 03:30:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47157
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jul 2023 03:30:47 GMT
webfa-solid-900.woff2
adfeed-sms.fr/fonts/vendor/@fortawesome/fontawesome-free/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://adfeed-sms.fr/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?d824df7eb2e268626a2dd9a6a741ac4e
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/css/app.css?id=02b7099b33e319e4fa32
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adfeed-sms.fr/css/app.css?id=02b7099b33e319e4fa32
Origin
https://adfeed-sms.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 19 Jul 2023 03:30:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jul 2023 17:25:08 GMT
Server
Apache/2.4.38 (Debian)
ETag
"131bc-6003961700cab"
X-Frame-Options
allow-from *
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
78268
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-180903222-1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKZPMX8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63a79665ed7f3c0e9c9521d67dc0d2196b2a15d2315669ed3d1c39ba68ef8f40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 03:30:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61009
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jul 2023 03:30:47 GMT
prospect_volume
admin.wellpack.fr//api/count/ 		162 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.wellpack.fr//api/count/prospect_volume
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/js/app.js?id=d4495805da40ce7ababd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
8cf14a36cee345b1ead185aff9e5fa12b9c26aa54187e99b3da8e2a51581b665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-TOKEN
U22ZQdYd2fv1bCIPeOdZMKpN0D8gbO7M76JZrZmw
accept-language
fr-FR,fr;q=0.9
Authorization
Bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://adfeed-sms.fr/
X-Requested-With
XMLHttpRequest

Response headers

Date
Wed, 19 Jul 2023 03:30:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
Apache/2.4.38 (Debian)
Vary
Authorization
X-Frame-Options
allow-from *
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
X-XSS-Protection
1; mode=block
prospect_volume
admin.wellpack.fr//api/count/ 		162 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.wellpack.fr//api/count/prospect_volume
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/js/app.js?id=d4495805da40ce7ababd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
b7f1aa26ba572dfa9b3e8cbb2ebd7f4fb427484178059da489cc67199db7f5cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-TOKEN
U22ZQdYd2fv1bCIPeOdZMKpN0D8gbO7M76JZrZmw
accept-language
fr-FR,fr;q=0.9
Authorization
Bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://adfeed-sms.fr/
X-Requested-With
XMLHttpRequest

Response headers

Date
Wed, 19 Jul 2023 03:30:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
Apache/2.4.38 (Debian)
Vary
Authorization
X-Frame-Options
allow-from *
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
X-XSS-Protection
1; mode=block
prospect_volume
admin.wellpack.fr//api/count/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://admin.wellpack.fr//api/count/prospect_volume
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-csrf-token,x-requested-with
Access-Control-Request-Method
POST
Origin
https://adfeed-sms.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type, X-Auth-Token, Origin, Authorization, x-csrf-token, x-requested-with
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
no-cache, private
Connection
close
Date
Wed, 19 Jul 2023 03:30:48 GMT
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache/2.4.38 (Debian)
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
allow-from *
X-XSS-Protection
1; mode=block
prospect_volume
admin.wellpack.fr//api/count/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://admin.wellpack.fr//api/count/prospect_volume
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.103.19.220 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-csrf-token,x-requested-with
Access-Control-Request-Method
POST
Origin
https://adfeed-sms.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type, X-Auth-Token, Origin, Authorization, x-csrf-token, x-requested-with
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
no-cache, private
Connection
close
Date
Wed, 19 Jul 2023 03:30:48 GMT
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache/2.4.38 (Debian)
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
allow-from *
X-XSS-Protection
1; mode=block
track.js
serve.albacross.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serve.albacross.com/track.js
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/adfeed
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
052b57985c4a25bda62643a9c48e12560db4fba3bb428817f03176a317483a9d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 19 Jul 2023 03:29:41 GMT
Content-Encoding
gzip
Via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Last-Modified
Thu, 15 Dec 2022 09:39:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
Age
68
ETag
W/"677b062b7ee7382b7082b87bab179b14"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=120
Connection
keep-alive
X-Amz-Cf-Id
d3fLwpeGl8kLMgREfBZqrFVzXn5xLDlXyAKTE7iCztaXAjH99MqYdw==
lftracker_v1_Xbp1oaEVKMr8EdVj.js
sc.lfeeder.com/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.lfeeder.com/lftracker_v1_Xbp1oaEVKMr8EdVj.js
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/adfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a400:4:d7e1:700:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5aeea53316c845a3f2cfd000c35739d966bbad6e4634d69b81c8639f1fbc08e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
Gly.VpD_Yd7qiK4BMVL0WDCreYqsnGS9
content-encoding
gzip
via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
date
Wed, 19 Jul 2023 03:30:49 GMT
last-modified
Mon, 26 Jun 2023 09:09:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
etag
W/"ab59e1d782d6e80aec3c36b34b49542c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
slZf6oUF-pzTJVgI0lpgCBazMGaDQu-0F1vzuVbHD7WN4etSmtPQ2A==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180903222-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 19 Jul 2023 03:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1571
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 19 Jul 2023 05:04:37 GMT
collect
www.google-analytics.com/j/ 		1 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=774172506&t=pageview&_s=1&dl=https%3A%2F%2Fadfeed-sms.fr%2Fadfeed&ul=en-us&de=UTF-8&dt=adfeed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1146989256&gjid=1393896306&cid=18541614.1689737449&tid=UA-180903222-1&_gid=33841344.1689737449&_r=1&gtm=457e37h0&jsscut=1&z=1382057201
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adfeed-sms.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jul 2023 03:30:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://adfeed-sms.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
tr.lfeeder.com/ 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.lfeeder.com/?sid=Xbp1oaEVKMr8EdVj&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTE4MDkwMzIyMi0xIl0sImdhTWVhc3VyZW1lbnRJZHMiOlsiVUEtMTgwOTAzMjIyLTEiXSwiZ2FDbGllbnRJZHMiOlsiMTg1NDE2MTQuMTY4OTczNzQ0OSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjYxLjMifSwicGFnZVVybCI6Imh0dHBzOi8vYWRmZWVkLXNtcy5mci9hZGZlZWQiLCJwYWdlVGl0bGUiOiJhZGZlZWQiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6ImYzYjUxMmFmMmJhMzA0ZWMiLCJzY3JpcHRJZCI6IlhicDFvYUVWS01yOEVkVmoiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjQ0NjkwZTRmZDQ2YWQ5NmIuMTY4OTczNzQ0ODY5MiIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJvbl9zY3JpcHRfbG9hZCJ9
Requested by
Host: adfeed-sms.fr
URL: https://adfeed-sms.fr/adfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-89.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 03:30:48 GMT
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
LambdaGeneratedResponse from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
fTrPEOh7LboLh2_JWbSs0A_dKqpW9w_wgDgXsY4Kwf7jfFZEcu38xQ==
e.gif
new-collect.albacross.com/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.2&e0=pageview&ci0=e5077b90-787f-eb52-6b8d-ccdac6bdc34e&v0=ac11e648-5537-3c1c-512e-e0bc08093dea&p0=b31fc8ec-d88c-cb9f-2591-7c87e8ff9910&u0=b31fc8ec-d88c-cb9f-2591-7c87e8ff9910&c0=89036607&t0=1689737448495&ur0=https%3A%2F%2Fadfeed-sms.fr%2Fadfeed&ti0=adfeed&re0=1600&re0=1200&o0=landscape-primary
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.129.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-129-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adfeed-sms.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 03:30:51 GMT
content-length
37
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| _ function| Popper function| jQuery function| $ function| axios function| getCookie function| addSecureToken object| __framePainter object| __core-js_shared__ string| _nQc object| ldfdr function| gtag string| GoogleAnalyticsObject function| ga boolean| _nQ_scriptLoaded object| gaplugins object| gaGlobal object| gaData object| __gaConnectorEventsEmitted

9 Cookies

Domain/Path Name / Value
adfeed-sms.fr/ Name: XSRF-TOKEN
Value: eyJpdiI6Iit6WXNaaXUyNkRiWVdnNkJLQ1pTeUE9PSIsInZhbHVlIjoiS1BLQXBUVDNcLytieXIyUHpIckJoQng1TDN2cEROWVNCS05FeU5Fa0M4YjRUNVFsXC9ua0RHc3VtaVFPK0E0XC9ITiIsIm1hYyI6ImFiM2FlZWEyOGQ1Zjc2NmNkM2VmMWQzOTkyNWUzZjE3M2U0OWNlYzk5YzdlZTI0OTA2YjE3YjY1YmExMzU1MzQifQ%3D%3D
adfeed-sms.fr/ Name: wellpack_front_session
Value: eyJpdiI6IkpVYXprWlc1RVlORGZ1eExRMEw1d0E9PSIsInZhbHVlIjoib0tjOEQyTUFaTE5IRm1mcWJXclFJdFFLMVpSUHJTdVlFdUlidUZqZ28xSHBCUFwvMUdqd1lVcTk0WGVBQ2hoT3ciLCJtYWMiOiI0MmU1ZjIxZjA4ZWMzNzQ4NDA3NTQ4ZmNmMzIxMmEzZDgzN2U0YmQ4Y2VhYTdhMjY4ZWU4YTdiZDA3ZDQ4MjU0In0%3D
adfeed-sms.fr/ Name: hYBL5EcHBvIOoW2RYFalxptS4aYUPPKwMMwnF7oT
Value: eyJpdiI6IjNhZnppQXBZa1VpSStDSjJKa25sQnc9PSIsInZhbHVlIjoiSmU0T0JuaW9LWlZ2Sk9wZkluYzdnT2Q5dUh6MU5Zb0FGWllaN1NlRVdjNm5tQ1I5dzJBS1JrNm8zcmhxQkxTVk4ySlZ6V1lzdkNlSWpBNkpsMXhTQkwyM0YwaU5aNG5FUVU3OVM2aXlMdXlhREtSU3FEMlE2TDJ3dzkwb05RMDZEMmtydjc5czRkYVd4QUdhYVNod1Nqd2hGd0tLOGdpbHg2dEtVV0UrM1JwbGtwdHNSNU9QSkNpa3hOaUV3ZTZHR2FyQmNVc3FRS3BySEJTVVl4aDdERjIzeVgwaml1dGlrYm9kUUhLUjZNeTVLSlRDYllITGFkazI1QjJJUTdDK2E3anhrVWZoZzQ0dnl1UUdoRzZyUXJaZko2SjRYSkE0VUdiQ1VWWlltTUJKemJkSWsrbllhXC9ZY3UwS2lZNG9UOFJ2ZU83TGM1MHYxTERyV2NtSUtVREN6Qjh3UDd4THJadVVsME1VZXkzS0laeVwvbVpwS0xxQ1dSOWVWdzN4aVRzdjZQOU1CVEdUQ1RzVzFoMVhwQmgyaTc1cjJVc1Q4XC9yTVR5dTJmRWg2ajFLZTNZRFwvY1EzMlh4Q091QlwvaDNnSVM0enI2RmNtOVVMTGlHdnd5WWQ0Sis1STlMZVg3czNESHVMeDdJeVBvUndPZHZvMTY1bThaZTk0T2lqQzM4N0wrekdcLzdjVnVHWmsxYVB2cFh5bE8xb2k1VFJvR3dWb3VlZ3FMd1VUeFhSenIzQUlJSFByVjZxZ3J3OHdEcjJiaEhWV3VNdFl3YzhKaU13WkNYb3VLTitOWWU1RmZ5MndJaDhhYkZ3akY2UDZWaDM2a1E2azZraW5FakgxWTN0d0p5YnFSdUJGSks2azZVK1JPaE4zcHBIM1VxMlg4bWI0WWtSQTFKcmFkTGkyWDNmamNTZm0wMzgwaGhBSUpTV1I2NllMakpRQ2xmNGVUNEw0UEpFdWNibXpsMUt4SzZcLzBDQ1MrZzBlMHhoaXFQNmVYRmhqWTlwTmlFTHErbVZoTSIsIm1hYyI6ImM4OTYzZjEwMzg4YTQyNGQ3MTkyYjA1ZTdjNGQ0OTUwMTQ4YzM5NTMwZTY3NjM4NzMxOWIyZjkzYTllNTU5MGMifQ%3D%3D
adfeed-sms.fr/ Name: nQ_cookieId
Value: e5077b90-787f-eb52-6b8d-ccdac6bdc34e
adfeed-sms.fr/ Name: nQ_userVisitId
Value: ac11e648-5537-3c1c-512e-e0bc08093dea
.adfeed-sms.fr/ Name: _ga
Value: GA1.2.18541614.1689737449
.adfeed-sms.fr/ Name: _gid
Value: GA1.2.33841344.1689737449
.adfeed-sms.fr/ Name: _gat_gtag_UA_180903222_1
Value: 1
.adfeed-sms.fr/ Name: _lfa
Value: LF1.1.44690e4fd46ad96b.1689737448692

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfeed-sms.fr
admin.wellpack.fr
assets.admin.wellpack.fr
new-collect.albacross.com
sc.lfeeder.com
serve.albacross.com
tr.lfeeder.com
www.google-analytics.com
www.googletagmanager.com
13.32.99.47
18.66.112.89
2600:9000:2250:a400:4:d7e1:700:93a1
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
51.103.19.220
63.33.129.53
052b57985c4a25bda62643a9c48e12560db4fba3bb428817f03176a317483a9d
3607095942abb774aa9c9d1fa67bf4dc9c9e1d2fb94dca549c82b6443f705754
440fae5aacfe1510ae35e987cfd745a2c79b51015d891e3e8b88fd5c4ff9ada3
467782edfbedfb2965ec5ce70718707b8a54286b70cd837f01b12c286edd7a58
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
5c12d6077097783bb5c33db4155ad02a4a30e5030ac77abff8529cc139559a67
63a79665ed7f3c0e9c9521d67dc0d2196b2a15d2315669ed3d1c39ba68ef8f40
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
83a768425de64af5a192167bd171eb421d83ec4252cac0f508faf19808208a5f
8cf14a36cee345b1ead185aff9e5fa12b9c26aa54187e99b3da8e2a51581b665
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7f1aa26ba572dfa9b3e8cbb2ebd7f4fb427484178059da489cc67199db7f5cb
c5aeea53316c845a3f2cfd000c35739d966bbad6e4634d69b81c8639f1fbc08e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e28bb0367221b9f37ef1e919249214f36861dc08f4380292c827e5c55b2ebdfb