demande.prefon-retraite.fr
Open in
urlscan Pro
185.11.188.210
Public Scan
Effective URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e...
Submission: On February 26 via api from BE
Summary
TLS certificate: Issued by R3 on January 13th 2021. Valid for: 3 months.
This is the only time demande.prefon-retraite.fr was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com
clk.tradedoubler.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-10-47.otp50.r.cloudfront.net
vht.tradedoubler.com |
ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com
analytics.tradedoubler.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-48.fra2.r.cloudfront.net
try.abtasty.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net |
ASN15169 (GOOGLE, US)
adservice.google.com | |
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
dcinfos-cache.abtasty.com | |
ariane.abtasty.com |
ASN16276 (OVH, FR)
asset.easydmp.net | |
sqdt.mconso.fr | |
rtg-sq.hopmailing.com |
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com |
Domain | Requested by | |
---|---|---|
15 | demande.prefon-retraite.fr |
demande.prefon-retraite.fr
|
11 | asset.easydmp.net |
atout.email-match.com
asset.easydmp.net cdn.kdata.fr |
6 | maps.googleapis.com |
demande.prefon-retraite.fr
maps.googleapis.com |
4 | secure.adnxs.com | 3 redirects |
3 | idsync.rlcdn.com | 2 redirects |
3 | code.jquery.com |
demande.prefon-retraite.fr
|
2 | tracking.kdata.fr |
cdn.kdata.fr
|
2 | www.facebook.com |
demande.prefon-retraite.fr
|
2 | maps.gstatic.com |
demande.prefon-retraite.fr
|
2 | bat.bing.com |
demande.prefon-retraite.fr
|
2 | ariane.abtasty.com |
try.abtasty.com
|
2 | connect.facebook.net |
demande.prefon-retraite.fr
connect.facebook.net |
2 | www.google-analytics.com |
demande.prefon-retraite.fr
www.google-analytics.com |
2 | ad.doubleclick.net | 2 redirects |
2 | clk.tradedoubler.com | 1 redirects |
1 | rtg-sq.hopmailing.com |
asset.easydmp.net
|
1 | sqdt.mconso.fr |
asset.easydmp.net
|
1 | cm.g.doubleclick.net | 1 redirects |
1 | cdn.kdata.fr |
clk.tradedoubler.com
|
1 | spl.zeotap.com |
asset.easydmp.net
|
1 | www.google.de |
demande.prefon-retraite.fr
|
1 | www.google.com |
demande.prefon-retraite.fr
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | dcinfos.abtasty.com |
try.abtasty.com
|
1 | dcinfos-cache.abtasty.com |
try.abtasty.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | atout.email-match.com |
demande.prefon-retraite.fr
|
1 | adservice.google.de |
demande.prefon-retraite.fr
|
1 | adservice.google.com | 1 redirects |
1 | try.abtasty.com |
demande.prefon-retraite.fr
|
1 | www.googletagmanager.com |
demande.prefon-retraite.fr
|
1 | cdnjs.cloudflare.com |
demande.prefon-retraite.fr
|
1 | analytics.tradedoubler.com |
vht.tradedoubler.com
|
1 | vht.tradedoubler.com |
clk.tradedoubler.com
|
1 | t.e.mvinfos.com | 1 redirects |
70 | 36 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tradedoubler.com R3 |
2021-01-23 - 2021-04-23 |
3 months | crt.sh |
demande.prefon-retraite.fr R3 |
2021-01-13 - 2021-04-13 |
3 months | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
try.abtasty.com Amazon |
2020-08-25 - 2021-09-24 |
a year | crt.sh |
*.google.de GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
er4.prixdesvoyages.com R3 |
2021-02-06 - 2021-05-07 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
dcinfos-cache.abtasty.com R3 |
2021-01-29 - 2021-04-29 |
3 months | crt.sh |
*.abtasty.com Amazon |
2020-10-21 - 2021-11-19 |
a year | crt.sh |
ariane.abtasty.com R3 |
2021-01-22 - 2021-04-22 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-01-19 - 2021-07-19 |
6 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
atout.easydmp.net R3 |
2021-01-13 - 2021-04-13 |
3 months | crt.sh |
*.kdata.fr RapidSSL RSA CA 2018 |
2019-04-11 - 2021-07-10 |
2 years | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
asset.azdmp.com R3 |
2021-01-15 - 2021-04-15 |
3 months | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Frame ID: 9627EA172C83DFD9E1E5978E1190C815
Requests: 52 HTTP requests in this frame
Frame:
https://asset.easydmp.net/client_iframe.html?t=224220
Frame ID: 771B7E04650365E540E36A6F59EC2174
Requests: 14 HTTP requests in this frame
Frame:
https://spl.zeotap.com/mapper.js?env=mWeb&zdid=598&zctry=fra&eventType=map
Frame ID: 36AC99C4951D10E880AAC1D506CDCBB5
Requests: 1 HTTP requests in this frame
Frame:
https://asset.easydmp.net/client_iframe.html?t=224220
Frame ID: 579EC155FCAB6B98E6A3CFF29BDE4A65
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://t.e.mvinfos.com/c/?t=ecf9f98-4!s-eez-12x-8x1m4
HTTP 302
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/p... Page URL
-
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/p...
HTTP 302
https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affi... Page URL
Detected technologies
Google Maps (Maps) ExpandDetected patterns
- script /\/\/maps\.googleapis\.com\/maps\/api\/js/i
Google Cloud (CDN) Expand
Detected patterns
- headers via /^1\.1 google$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://t.e.mvinfos.com/c/?t=ecf9f98-4!s-eez-12x-8x1m4
HTTP 302
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom= Page URL
-
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
HTTP 302
https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://t.e.mvinfos.com/c/?t=ecf9f98-4!s-eez-12x-8x1m4 HTTP 302
- https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
- https://ad.doubleclick.net/ddm/activity/src=8702683;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75 HTTP 302
- https://adservice.google.com/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~oref=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php%3Forp%3DDARWIN_MAIL%26email%3D%26nom%3D%26prenom%3D HTTP 302
- https://adservice.google.de/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~oref=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php%3Forp%3DDARWIN_MAIL%26email%3D%26nom%3D%26prenom%3D
- https://idsync.rlcdn.com/461249.gif?partner_uid=161438175070016290 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2MTQzODE3NTA3MDAxNjI5MBAAGg0ItoXmgQYSBQjoBxAAQgBKAA HTTP 307
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
- https://idsync.rlcdn.com/362358.gif?google_gid=CAESED2yw8PKWxVNSrguXBtSz1M&google_cver=1
- https://secure.adnxs.com/getuid?https%3A%2F%2Ftracking.kdata.fr%2Fsync%3Feditor%3Dappnexus%26id_sync%3D$UID%26customer%3Dcapitaldata_crm HTTP 307
- https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftracking.kdata.fr%252Fsync%253Feditor%253Dappnexus%2526id_sync%253D%24UID%2526customer%253Dcapitaldata_crm HTTP 302
- https://tracking.kdata.fr/sync?editor=appnexus&id_sync=4255551043664928740&customer=capitaldata_crm
- https://secure.adnxs.com/setuid?entity=403&code=bdf98fdd-a9a9-4148-861d-98e454662d92 HTTP 307
- https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D403%26code%3Dbdf98fdd-a9a9-4148-861d-98e454662d92
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
click
clk.tradedoubler.com/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefs.js
vht.tradedoubler.com/fp/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
analytics.tradedoubler.com/ |
0 241 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
demandedoc.php
demande.prefon-retraite.fr/page-demande-documentation-65/ Redirect Chain
|
19 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
demande.prefon-retraite.fr/assets/p65/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
code.jquery.com/ui/1.10.3/themes/cupertino/ |
31 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-prefon.gif
demande.prefon-retraite.fr/assets/p65/imgs/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.gif
demande.prefon-retraite.fr/assets/common/imgs/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.2.min.js
code.jquery.com/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.js
code.jquery.com/ui/1.11.4/ |
460 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
td.js
demande.prefon-retraite.fr/assets//common/js/ |
739 B 795 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
messages_fr.min.js
demande.prefon-retraite.fr/assets//common/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datepick.fr.js
demande.prefon-retraite.fr/assets//common/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dqe_tele.js
demande.prefon-retraite.fr/assets//common/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dqe_mail.js
demande.prefon-retraite.fr/assets//common/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geoloc.js
demande.prefon-retraite.fr/assets//common/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefon.js
demande.prefon-retraite.fr/assets//common/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validation_standard_rgpd.js
demande.prefon-retraite.fr/assets//common/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
131 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
98 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4cf7cf0ad1318c66b9ec0faaf7ac6680.js
try.abtasty.com/ |
390 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefon-logo.jpg
demande.prefon-retraite.fr/assets/p65/imgs/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conserver-votre-niveau-vie.jpg
demande.prefon-retraite.fr/assets/p65/imgs/ |
233 KB 234 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lettre.jpg
demande.prefon-retraite.fr/assets/p65/imgs/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
demandedoc.php%3Forp%3DDARWIN_MAIL%26email%3D%26nom%3D%26prenom%3D
adservice.google.de/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~oref=https:/... Redirect Chain
|
42 B 744 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
emafunc.js
atout.email-match.com/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
91 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
common.js
maps.googleapis.com/maps-api-v3/api/js/44/2/ |
76 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
util.js
maps.googleapis.com/maps-api-v3/api/js/44/2/ |
145 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
controls.js
maps.googleapis.com/maps-api-v3/api/js/44/2/ |
214 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/44/2/ |
43 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
31 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 397 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ua-parser
dcinfos-cache.abtasty.com/v1/ |
112 B 306 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geolocAndWeather.php
dcinfos.abtasty.com/ |
184 B 429 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
ariane.abtasty.com/ |
43 B 344 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 92 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1649879995301842
connect.facebook.net/signals/config/ |
241 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025600998/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1025600998/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1025600998/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.js
asset.easydmp.net/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client_iframe.html
asset.easydmp.net/ Frame 771B |
26 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
etag.php
asset.easydmp.net/ Frame 771B |
0 415 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect_v3.php
asset.easydmp.net/ Frame 771B |
110 B 569 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
etag.php
asset.easydmp.net/ Frame 771B |
84 B 529 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
get_delivery_data.php
asset.easydmp.net/ Frame 771B |
852 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mapper.js
spl.zeotap.com/ Frame 36AC |
73 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.min.js
cdn.kdata.fr/squadata/ Frame 771B |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
362358.gif
idsync.rlcdn.com/ Frame 771B Redirect Chain
|
42 B 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
get_delivery_data.php
asset.easydmp.net/ Frame 771B |
131 B 850 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get
sqdt.mconso.fr/tmpPds/ Frame 771B |
28 B 415 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.js
asset.easydmp.net/js/ Frame 771B |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tag
tracking.kdata.fr/ Frame 771B |
574 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client_iframe.html
asset.easydmp.net/ Frame 579E |
26 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
tracking.kdata.fr/ Frame 771B Redirect Chain
|
35 B 404 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Frame 771B Redirect Chain
|
43 B 845 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect_v3.php
asset.easydmp.net/ Frame 579E |
237 B 676 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
etag.php
asset.easydmp.net/ Frame 771B |
212 B 636 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get
rtg-sq.hopmailing.com/tmpPds/ Frame 579E |
27 B 413 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 207 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
ariane.abtasty.com/ |
43 B 106 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
85 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| _dqeLive object| _dqeTel object| _dqeStuff function| verifTel function| nettel function| ValideTel function| visuTel function| zeroFormTel function| gestionAccentTel object| _dqeMail function| verifMail function| netmail function| ValideMail function| visuMail function| change_email function| zeroFormMail function| gestionAccentMail undefined| placeSearch object| autocomplete object| componentForm function| initAutocomplete function| fillInAddress function| geolocate function| isDate function| isValidEmailAddress function| isValidTelephone function| verif_mail function| verif_tel function| init_page function| wait object| validation string| axel number| a string| ema_critere function| w_emasend number| ema_id_site string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer function| fbq function| _fbq object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _abtasty boolean| ABTastyInstanciated object| ABTasty function| relaunchABTasty function| ABTastyUrlMatchingCondition function| ABTastyPageView object| abtasty function| ABTastyClickTracking function| ABTastyEvent function| ABTastyStartTest object| uetq object| __e3_ function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| emabbstr function| emasend string| [eedmpact] function| eedmpdo boolean| easydmp_load_lib object| [eedmpmt] object| _xdc_8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.prefon-retraite.fr/ | Name: _fbp Value: fb.1.1614381750293.1837062800 |
|
.prefon-retraite.fr/ | Name: _uetvid Value: 7f0e0e70788911ebab8161a669906550 |
|
.prefon-retraite.fr/ | Name: _uetsid Value: 7f0e0190788911eb9aa5cb78b3f33802 |
|
.prefon-retraite.fr/ | Name: _ga Value: GA1.2.136520513.1614381750 |
|
.prefon-retraite.fr/ | Name: _gat Value: 1 |
|
.prefon-retraite.fr/ | Name: ABTastySession Value: sen%3D1__referrer%3Dhttps%3A//clk.tradedoubler.com/__landingPage%3Dhttps%3A//demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php%3Forp%3DDARWIN%5C_MAIL%26utm%5C_source%3Daffiliation%26utm%5C_medium%3De-mail%26utm%5C_campaign%3Daffiliation-lp65%26email%3D%26nom%3D%26prenom%3D |
|
.prefon-retraite.fr/ | Name: ABTasty Value: uid%3D21022700223070180%26fst%3D1614381750180%26pst%3Dnull%26cst%3D1614381750180%26ns%3D1%26pvt%3D1%26pvis%3D1%26th%3D |
|
.prefon-retraite.fr/ | Name: _gid Value: GA1.2.381148819.1614381750 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.tradedoubler.com
ariane.abtasty.com
asset.easydmp.net
atout.email-match.com
bat.bing.com
cdn.kdata.fr
cdnjs.cloudflare.com
clk.tradedoubler.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dcinfos-cache.abtasty.com
dcinfos.abtasty.com
demande.prefon-retraite.fr
googleads.g.doubleclick.net
idsync.rlcdn.com
maps.googleapis.com
maps.gstatic.com
rtg-sq.hopmailing.com
secure.adnxs.com
spl.zeotap.com
sqdt.mconso.fr
stats.g.doubleclick.net
t.e.mvinfos.com
tracking.kdata.fr
try.abtasty.com
vht.tradedoubler.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.224.195.48
142.250.185.226
142.250.185.230
142.250.186.34
145.239.192.103
145.239.193.53
164.132.142.74
185.11.188.210
188.165.150.178
2001:4de0:ac19::1:b:2b
2606:4700:10::6816:1957
2606:4700::6810:135e
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:400c:c07::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:71c0:2000::e
34.120.207.148
34.252.227.171
34.95.109.120
35.244.231.49
37.252.172.37
46.105.203.81
52.85.10.47
0230797e54d0649c0e667ad5c761091c7b5d06eb05ed9b62b96a6e2fe37d926a
027cec7ec5e88eafcde1cf16ae99344dd90c27bbd64b159212f3f16251e0fe4a
07a6bdc7007d0b30cc6924d875aa5c2728b7d1e05d86a5d6063cd8420484fc2a
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f0ac01d9292425b4f7c3a54d9bf0ed77eb4c0ea444e016e9c53028f31d956a
110973afe37ac008e0b5da625081cbdbe0da67ee31159d507bdd3f836c570b1e
11f1c7b3e4eb2d346def6823e055aee661de59428f76533df9a49606d8be855a
14dd5240c7357c64bb8496e0ed60c20ee9b21001058fc574516b877815202d77
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
186c0ac30a759e7c014ca6540a5a3e22b82d1175fe972270790252ef309095a4
189d5d3ba204aa13939748767787b30efaea3679f5f7baa83a83b6a9d7b298aa
20a50025b9af7e94bc49d39fbcd68e17c1fb458bb41467757b19f8dcc0876181
2887f9103e3c3bf8041c5e35092960514f529abe62129e0b38df65cc2be526fe
2a2c345436409e3c1e2bcb9183f46b2244af8daada471760f62fdef8f5fc5c29
37286ec8db5bfcce32cca42e7ca5bed7a8a656e8ebdcea8e00dc71831b1353c6
381ee76ae5f41504a474435e21186861bc700590f74baed06fd137a6e70019eb
3b606ddaa0745188104b1209c9308343fcdd48f430067463f0aa388199ff6fb0
3deee6610f77fd496332c038d1c4a1a010e3735e4549c2aefd94c06c59d889dd
42032ffebf225507d2ae40244e8ec83c543494e18f1196fb86773caab99c24e7
45efac1dd62963593e74de8595ca4d708d480d9057abb9aa7f9a29e1ae420c7d
4b57bffba36d682a200466d49f1eb3589edf0194796c0e5be8cb26a53551e354
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f42ffd06f99282f34c8879189cf277bd1dc8292bd906798698a36e452794a02
4ff4d85a1c01a81087bbeb9d15d75389807d0a467481b955ec57c55886ead264
50308c844f977821494824a6fc1009ae55984c72052893c8169c1229b3649222
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5c50fc095ff17fc72aee7a0270bf1cdd9410e7a3c015e9f4ee6945001ccada
78a4f8afab4723c6be74ae8fa55ec1bf41f4ba6233b0722433a4cfb167fb3b30
88ed2bbb39378f4e18036d693530f1c764dc1547a36fc2b71be17aa6cc5901ea
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
9d048201fe1053c295226f817e7d8891dd4bfdfffb354dad1c708c4726e06043
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a0752f694a8641c19ab6a70cef6277d5706c3f74f0624fff520951266a5446e5
a1bae009635440bc18f0af4dc1ff7db0a79917134618e4bbe17247f3d8932046
a36c42c553d161be0176320c85f177e85f00517fdac9bf7852fcfc4e9f7753c3
a4ab2829c6214372961f0bd5b9536a2a62ee07b2307e8e226eb937ae233d74ce
a5239cb8d80d402be0054daaf6803449bd9d7115c877469cddaae6d11446c5ff
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
b5a4a90b3159faf1bb138413b0bc1c40de056c147d467444ff8a0699746befc5
b85077bd38ec768da71c0bb4532a6d264993534a187f9943da294c67e6ac6991
ba622e86a75f1d66d2a671f704cbadf1b079ad5afec8ca4d5dd3d94dd3499d73
be4436e1985d20b9a819702ef5559861a4ef3d2e1b918c46254338eaf21fed0f
bf441416f6f55d6f8c08f3aae3843ddb070e8b85e9837bbc17759b713a799dde
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d508d4f6e89e7080a6acf4c2161aba7feb6cf114c2fead9451d2da66c0a626d8
d7ff20cb4f90a841573aef52d242ddb9865be992bf4883774ec2338ecb10b2ae
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
de9e3d1d99a57979c8358cd4e9f2b5e1f99b5ec9f37c245d96a752271d0c67b6
df025d15e481d31b7a4d63a9c256a34ff4d9044945bb73a192da3b2ef40c5c94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec80bea1355db7f5c5bf4f88741f7afe90a744f652f9358ba761da2783495ba2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae7eb1ee84e8e66b07aa67e81264e2ebd3d18ce0d5b6be85774f1455c98f1a
f4597c19f633ee2282afaae8ace31deca2abe4a98d96f372c0f63c6a857628c5