urlscan.io logo urlscan.io
SecurityTrails logo

cnt.media-bucket.com Open in urlscan Pro
2606:4700:20::ac43:452e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://15qwr.trk.elasticemail.com/tracking/click?d=3ixPIOH9g07-3H3ZddVio4VHS-7BibGtKTJdJ_hcxZxVVX5AY_b2LWkaolQ9I2fPagEH5A1eq3WNq31...
Effective URL: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZj...
Submission: On October 16 via manual from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 14 domains to perform 41 HTTP transactions. The main IP is 2606:4700:20::ac43:452e, located in United States and belongs to CLOUDFLARENET, US. The main domain is cnt.media-bucket.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 30th 2022. Valid for: a year.
This is the only time cnt.media-bucket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    91.134.146.190 (Colombes, France)

ASN16276 (OVH, FR)
PTR: api.elasticemail.com
15qwr.trk.elasticemail.com
13    15.204.172.76 (Reston, United States)

ASN16276 (OVH, FR)
PTR: carmantelshop.site
carmantelshop.site
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:20::681a:6ad (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
redirecting2.eu
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    185.221.85.3 (Ireland)

ASN206998 (NEW-2, IE)
bam.eu01.nr-data.net
1    2606:4700:3035::6815:21bd (United States)

ASN13335 (CLOUDFLARENET, US)
trk.flowntw.com
1    35.157.74.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-74-22.eu-central-1.compute.amazonaws.com
router.solarsofas.com
1    2606:4700:3037::ac43:ac7b (United States)

ASN13335 (CLOUDFLARENET, US)
router.content-tab.com
13    2606:4700:20::ac43:452e (United States)

ASN13335 (CLOUDFLARENET, US)
cnt.media-bucket.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 media-bucket.com
cnt.media-bucket.com
253 KB
13 carmantelshop.site
carmantelshop.site
358 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
3 redirecting2.eu
redirecting2.eu
196 KB
2 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 8465
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
2 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 content-tab.com
router.content-tab.com
1 KB
1 solarsofas.com
router.solarsofas.com
561 B
1 flowntw.com
trk.flowntw.com
656 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
438 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 343
18 KB
1 ionicframework.com
code.ionicframework.com — Cisco Umbrella Rank: 14188
9 KB
1 elasticemail.com
15qwr.trk.elasticemail.com
368 B
41 14
Domain Requested by
13 cnt.media-bucket.com redirecting2.eu
cnt.media-bucket.com
13 carmantelshop.site 1 redirects carmantelshop.site
3 www.google-analytics.com redirecting2.eu
www.google-analytics.com
3 redirecting2.eu carmantelshop.site
redirecting2.eu
2 bam.eu01.nr-data.net redirecting2.eu
js-agent.newrelic.com
2 fonts.googleapis.com carmantelshop.site
cnt.media-bucket.com
1 fonts.gstatic.com fonts.googleapis.com
1 router.content-tab.com 1 redirects
1 router.solarsofas.com 1 redirects
1 trk.flowntw.com 1 redirects
1 stats.g.doubleclick.net redirecting2.eu
1 js-agent.newrelic.com redirecting2.eu
1 code.ionicframework.com carmantelshop.site
1 15qwr.trk.elasticemail.com 1 redirects
41 14

This site contains links to these domains. Also see Links.

Domain
register.content-tab.com
content-tab.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-01 -
2023-05-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-24 -
2023-02-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Frame ID: 16011C3BEBDB22F56FE1573768DC41B6
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Content-Tab

Page URL History Show full URLs

  1. https://15qwr.trk.elasticemail.com/tracking/click?d=3ixPIOH9g07-3H3ZddVio4VHS-7BibGtKTJdJ_hcxZxVVX5AY_b2LWkaolQ... HTTP 302
    http://carmantelshop.site/ Page URL
  2. http://carmantelshop.site/cl/2288_md/1/113/350/17/504079 HTTP 302
    https://redirecting2.eu/p/ySQ9/48JH/puiM Page URL
  3. https://trk.flowntw.com/click?pid=620&offer_id=2103&sub1=mlClick-qzFnyxKp&sub2=415284 HTTP 302
    https://router.solarsofas.com/click/k5/6ar2Pm8l9ySDmw6YV?sub_id=620&click_id=634bd8f938a0540001dc7a84&var3... HTTP 303
    https://router.content-tab.com/?lp=uxtnc&v=blackfr&sidng=JQOZ0d6Y07lx72omoPMWgB9ztN&aid=6ar2Pm8l9ySDmw6YV&P... HTTP 302
    https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhj... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

41
Requests

61 %
HTTPS

64 %
IPv6

14
Domains

14
Subdomains

11
IPs

5
Countries

904 kB
Transfer

2704 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://15qwr.trk.elasticemail.com/tracking/click?d=3ixPIOH9g07-3H3ZddVio4VHS-7BibGtKTJdJ_hcxZxVVX5AY_b2LWkaolQ9I2fPagEH5A1eq3WNq31j9wfPyM5pO-rrjXr5LCEzmHtKT4IJRHWHWMy4IgEUd_lCLIqjxrVA-J_INkpubzIUCwEA8X81 HTTP 302
    http://carmantelshop.site/ Page URL
  2. http://carmantelshop.site/cl/2288_md/1/113/350/17/504079 HTTP 302
    https://redirecting2.eu/p/ySQ9/48JH/puiM Page URL
  3. https://trk.flowntw.com/click?pid=620&offer_id=2103&sub1=mlClick-qzFnyxKp&sub2=415284 HTTP 302
    https://router.solarsofas.com/click/k5/6ar2Pm8l9ySDmw6YV?sub_id=620&click_id=634bd8f938a0540001dc7a84&var3=620_415284 HTTP 303
    https://router.content-tab.com/?lp=uxtnc&v=blackfr&sidng=JQOZ0d6Y07lx72omoPMWgB9ztN&aid=6ar2Pm8l9ySDmw6YV&PCTX=634bd8f938a0540001dc7a84&var3=620&var4=agn_352&sub_id=620&click_id=634bd8f938a0540001dc7a84&var3=620_415284 HTTP 302
    https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://15qwr.trk.elasticemail.com/tracking/click?d=3ixPIOH9g07-3H3ZddVio4VHS-7BibGtKTJdJ_hcxZxVVX5AY_b2LWkaolQ9I2fPagEH5A1eq3WNq31j9wfPyM5pO-rrjXr5LCEzmHtKT4IJRHWHWMy4IgEUd_lCLIqjxrVA-J_INkpubzIUCwEA8X81 HTTP 302
  • http://carmantelshop.site/
Request Chain 14
  • http://carmantelshop.site/cl/2288_md/1/113/350/17/504079 HTTP 302
  • https://redirecting2.eu/p/ySQ9/48JH/puiM

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
carmantelshop.site/
Redirect Chain
  • https://15qwr.trk.elasticemail.com/tracking/click?d=3ixPIOH9g07-3H3ZddVio4VHS-7BibGtKTJdJ_hcxZxVVX5AY_b2LWkaolQ9I2fPagEH5A1eq3WNq31j9wfPyM5pO-rrjXr5LCEzmHtKT4IJRHWHWMy4IgEUd_lCLIqjxrVA-J_INkpubzIUC...
  • http://carmantelshop.site/
16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Oct 2022 10:12:06 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
Transfer-Encoding
chunked
X-Powered-By
PHP/7.1.33

Redirect headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-ElasticEmail-ApiKey, X-ElasticEmail-BrowserToken, X-ElasticEmail-ImpersonateAs
access-control-allow-origin
*
access-control-expose-headers
X-ElasticEmail-BrowserToken, X-Total-Count, X-ElasticEmail-AccessToken
cache-control
private
content-length
143
content-type
text/html; charset=utf-8
date
Sun, 16 Oct 2022 10:12:15 GMT
location
http://carmantelshop.site/
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-robots-tag
noindex, nofollow
css
fonts.googleapis.com/ 		2 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Lato:400,300,700
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sun, 16 Oct 2022 10:12:06 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sun, 16 Oct 2022 10:12:06 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Fastly-Request-ID
d7eeb55b5a28b3b4bb74d98213a4b5513943ebf0
Date
Sun, 16 Oct 2022 10:12:06 GMT
Content-Encoding
gzip
Via
1.1 varnish
X-Cache-Hits
1
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
82284
X-Cache
HIT
x-proxy-cache
HIT
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
8313
X-Served-By
cache-cdg20735-CDG
Last-Modified
Tue, 28 Jun 2022 16:06:13 GMT
Server
cloudflare
X-GitHub-Request-Id
0841:7FEB:55F3A1:5866A1:6345A1E5
X-Timer
S1665832842.005466,VS0,VE1
ETag
W/"62bb26f5-c854"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGJte62c2f67vnIR3l7ml7OyWQ7HiWT%2Fg2owIs3p2GN4VjVMGk1VDWJE08unJAFhZiCF7bEWRNwVmlIY3GU%2BTcEvZlUe1aJ%2BD8wPxhOnnNEnv%2Fzann%2BWXrdUoaJwRl23CIvtYceOLuQwO5FVDFWx%2BIjEUvgH"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
75b003a57a93f130-CDG
expires
Tue, 11 Oct 2022 17:12:37 GMT
bootstrap.min.css
carmantelshop.site/css/ 		111 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://carmantelshop.site/css/bootstrap.min.css
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:06 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"1bd5b-539c604e55700"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
114011
font-awesome.min.css
carmantelshop.site/css/ 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://carmantelshop.site/css/font-awesome.min.css
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:06 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"55e0-539c604e55700"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21984
owl.carousel.css
carmantelshop.site/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://carmantelshop.site/css/owl.carousel.css
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:06 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"1206-539c604e55700"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4614
animate.css
carmantelshop.site/css/ 		73 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://carmantelshop.site/css/animate.css
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:06 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"12279-539c604e55700"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
74361
main.css
carmantelshop.site/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://carmantelshop.site/css/main.css
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:06 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"4452-539c604e55700"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17490
responsive.css
carmantelshop.site/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://carmantelshop.site/css/responsive.css
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:06 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"80f-539c604e55700"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2063
logo.png
carmantelshop.site/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://carmantelshop.site/images/logo.png
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:07 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"b67-539c604e55700"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2919
logo-2.png
carmantelshop.site/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://carmantelshop.site/images/logo-2.png
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:07 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"c30-539c604e55700"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3120
1.jpg
carmantelshop.site/images/about/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://carmantelshop.site/images/about/1.jpg
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:07 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"c8c7-539c604e55700"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
51399
2.jpg
carmantelshop.site/images/about/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://carmantelshop.site/images/about/2.jpg
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:07 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"889e-539c604e55700"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
34974
3.jpg
carmantelshop.site/images/about/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://carmantelshop.site/images/about/3.jpg
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
HTTP/1.1
Server
15.204.172.76 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
carmantelshop.site
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://carmantelshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:07 GMT
Last-Modified
Thu, 11 Aug 2016 06:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"4c50-539c604e55700"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
19536
puiM
redirecting2.eu/p/ySQ9/48JH/
Redirect Chain
  • http://carmantelshop.site/cl/2288_md/1/113/350/17/504079
  • https://redirecting2.eu/p/ySQ9/48JH/puiM
769 KB
184 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirecting2.eu/p/ySQ9/48JH/puiM
Requested by
Host: carmantelshop.site
URL: http://carmantelshop.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a666a34696a29987a222caadfd212601fa037d2b4864cdf0e173cd668a1daa76

Request headers

Referer
http://carmantelshop.site/#cl/2288_md/1/113/350/17/504079
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
75b003b00eebf13c-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 10:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8blVuFs4w9K6eZe9yk%2F%2Fl5LXu3k480d%2Fi4Le6Y4CYOiZVeZB%2BvB3H65kisqudkn8KYYG%2FmF7%2BJ%2BRnFvGCjTMir3wl0X8wFKDZRBCa6xlpKP1YlJBzSDphNNH2PTgTVuQTODbQphUe%2BYmcZVN14%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex, nofollow

Redirect headers

Connection
Keep-Alive
Content-Length
163
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Oct 2022 10:12:06 GMT
Keep-Alive
timeout=5, max=99
Location
https://redirecting2.eu/p/ySQ9/48JH/puiM#/1/2288_3/17_504079_113_385_md
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
envoirment.js
redirecting2.eu/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redirecting2.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Requested by
Host: redirecting2.eu
URL: https://redirecting2.eu/p/ySQ9/48JH/puiM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172

Request headers

device-memory
8
Referer
https://redirecting2.eu/p/ySQ9/48JH/puiM
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 May 2022 11:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4023
etag
W/"627a4b7c-8078"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnU07NVW7Pd60B4AVKVxl3kORX0Wq1G1rI1yPTvSNOruDRjpddsc3vd9OKRSXKqbmpkCCN5LSRSld9HkUFMfQSmjDF8Qnxy%2B65sZc5j0xAThMQNwly4W84aANf3mt0Ljz80WTayYvEClCsKj9bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b003b33bb8f13c-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		551 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a4410bff1360c1827ee6bc2153b91199c2d8422f5f8ac31c2d6eeff972643b3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: redirecting2.eu
URL: https://redirecting2.eu/p/ySQ9/48JH/puiM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redirecting2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Oct 2022 09:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3372
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 16 Oct 2022 11:15:57 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=388879728&t=pageview&_s=1&dl=https%3A%2F%2Fredirecting2.eu%2Fp%2FySQ9%2F48JH%2FpuiM&dr=http%3A%2F%2Fcarmantelshop.site%2F&ul=en-us&de=UTF-8&dt=redirecting2.eu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=839607471&gjid=66418766&cid=1580880635.1665915129&tid=UA-110090096-2&_gid=2127153643.1665915129&_r=1&_slc=1&z=674007320
Requested by
Host: redirecting2.eu
URL: https://redirecting2.eu/p/ySQ9/48JH/puiM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting2.eu/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 10:12:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redirecting2.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting2.eu/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 10:12:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://redirecting2.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
redirecting2.eu/ 		20 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://redirecting2.eu/finger
Requested by
Host: redirecting2.eu
URL: https://redirecting2.eu/p/ySQ9/48JH/puiM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

device-memory
8
X-NewRelic-ID
VwQAVVBaARACXVVWAwUFUFY=
tracestate
3274699@nr=0-1-3274699-294446110-38fd143f09052bca----1665915129112
traceparent
00-cabe8730f9b283e76ddcabe175d70114-38fd143f09052bca-01
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyNzQ2OTkiLCJhcCI6IjI5NDQ0NjExMCIsImlkIjoiMzhmZDE0M2YwOTA1MmJjYSIsInRyIjoiY2FiZTg3MzBmOWIyODNlNzZkZGNhYmUxNzVkNzAxMTQiLCJ0aSI6MTY2NTkxNTEyOTExMn19
Content-Type
application/json
Referer
https://redirecting2.eu/p/ySQ9/48JH/puiM

Response headers

date
Sun, 16 Oct 2022 10:12:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7h8pNMEvvun%2F4pkiZCRwhQyHCCUwoeS74K1UZZbSMzXryEytBV5wHB41QRryRhmobLKJ26L7yTeKcp1sVvh%2BN2AhFaadqJCzBOKiQY%2BM4e9crWGijaVO3sqB%2BJL7Xvq4T28ojWyjnId1ZK9WrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
75b003b50ce2f110-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nr-spa-1216.min.js
js-agent.newrelic.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: redirecting2.eu
URL: https://redirecting2.eu/p/ySQ9/48JH/puiM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redirecting2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
via
1.1 varnish
date
Sun, 16 Oct 2022 10:12:09 GMT
x-amz-request-id
JX9694FGW6A04BVG
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
ZMcT5Ru0mfLpaG6VchtGeoOj1LltV/oiylr6jLdsDZxN5DZYXMn/YzQsaQfIx26tLi1ELeeYxLA=
x-served-by
cache-cdg20757-CDG
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1665915129.174766,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
10236
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-110090096-2&cid=1580880635.1665915129&jid=839607471&gjid=66418766&_gid=2127153643.1665915129&_u=IEBAAEAAAAAAACAAI~&z=985450774
Requested by
Host: redirecting2.eu
URL: https://redirecting2.eu/p/ySQ9/48JH/puiM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting2.eu/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 16 Oct 2022 10:12:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redirecting2.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
NRJS-6dd3950211b5010cd9b
bam.eu01.nr-data.net/1/ 		49 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRJS-6dd3950211b5010cd9b?a=294444262,294453778&v=1216.487a282&to=MhBSZQoZWkcFVRFYXwtacVIMEVtaS0MLWl4KAl4%3D&rst=2573&ck=1&ref=https://redirecting2.eu/p/ySQ9/48JH/puiM&ap=361&be=2217&fe=2492&dc=2335&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665915126621,%22n%22:0,%22f%22:1651,%22dn%22:1652,%22dne%22:1652,%22c%22:1652,%22s%22:1669,%22ce%22:1693,%22rq%22:1693,%22rp%22:2197,%22rpe%22:2294,%22dl%22:2200,%22di%22:2335,%22ds%22:2335,%22de%22:2335,%22dc%22:2492,%22l%22:2492,%22le%22:2493%7D,%22navigation%22:%7B%7D%7D&fp=2224&fcp=2435&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken
Requested by
Host: redirecting2.eu
URL: https://redirecting2.eu/p/ySQ9/48JH/puiM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.85.3 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redirecting2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 10:12:09 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
3
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQDrpYeXEfMBifZfDUEWo5LWTp8rXWj4azON%2FqOQsHwXMckbAW6EKprCuQgJlZHnajXQFz3XJMBPJmMEVz4NPJbkDtlLV7JD%2FiL2Lgvc6AzMRePIGgsL7GnzldpBpJSM3IgRmOxR"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
CF-Ray
75b003b5d99bd28b-CDG
Primary Request /
cnt.media-bucket.com/uxtnc/fr/
Redirect Chain
  • https://trk.flowntw.com/click?pid=620&offer_id=2103&sub1=mlClick-qzFnyxKp&sub2=415284
  • https://router.solarsofas.com/click/k5/6ar2Pm8l9ySDmw6YV?sub_id=620&click_id=634bd8f938a0540001dc7a84&var3=620_415284
  • https://router.content-tab.com/?lp=uxtnc&v=blackfr&sidng=JQOZ0d6Y07lx72omoPMWgB9ztN&aid=6ar2Pm8l9ySDmw6YV&PCTX=634bd8f938a0540001dc7a84&var3=620&var4=agn_352&sub_id=620&click_id=634bd8f938a0540001d...
  • https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19s...
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Requested by
Host: redirecting2.eu
URL: https://redirecting2.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4c9984ec04efc3e7c1f4e4b589b90b8db89f4700815569ab3710783648cc30

Request headers

Referer
https://redirecting2.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
75b003bbbff4d5c0-CDG
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 10:12:10 GMT
last-modified
Wed, 12 Oct 2022 07:54:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8BbGmgM%2BNdApw123Pdi4c3kMQMkVmQ4Hvg%2BFmdF4fpMygd3%2FDGfem%2B3yVbMiC8nMXtfsqIduS6yKY%2B%2FzzIJwd3RILz8Ho07IhUgn5CwhkKgn%2F8bbQW4g74gseWyqehzbAgOI3XxEq4oHcH9Yw8Qc26T"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b003baa8ff99b7-CDG
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 10:12:10 GMT
location
https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIyGj1h1dr3B%2Bg4NVnYbhDTuQtmO35I%2BxY%2FmTYK3y8HF1Wx6i0d%2F7Y0tSgC4lLcSzDlJmGMaZGu0s4G27jFI8dq7T6r4hdLXdf7fsQXp52e%2B6dGuXEZVkSvT3SEgp4xR%2FR0tMMgaYHZ2AHVAOzQMG7h%2BsPuC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
NRJS-6dd3950211b5010cd9b
bam.eu01.nr-data.net/events/1/ 		24 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-6dd3950211b5010cd9b?a=294444262,294453778&v=1216.487a282&to=MhBSZQoZWkcFVRFYXwtacVIMEVtaS0MLWl4KAl4%3D&rst=2925&ck=1&ref=https://redirecting2.eu/p/ySQ9/48JH/puiM
Requested by
Host: redirecting2.eu
URL: https://redirecting2.eu/p/ySQ9/48JH/puiM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.85.3 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://redirecting2.eu/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 16 Oct 2022 10:12:09 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://redirecting2.eu
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaoJwhkvvkWZM%2BXWBfbdfY6uxZR8%2B%2BUurMN5CGr%2BPsuh3pWw5dMqHwHsjRIFtjw3o%2FwtYCSwt%2FYXIIOwx9%2ByVmBYIsh8YYdwiI9NWsUDaRMZ0akQ%2FoL5xC4HQrdorIQgCeQsCSPS"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
Connection
keep-alive
CF-Ray
75b003b7bb93d28b-CDG
Content-Length
24
NRJS-6dd3950211b5010cd9b
bam.eu01.nr-data.net/events/1/ 		0
0
NRJS-6dd3950211b5010cd9b
bam.eu01.nr-data.net/jserrors/1/ 		0
0
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cba6172988c4f2a636c28d2c46741ebbb03873f482eb038b51ee0c4840c9d13f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 09:26:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Oct 2022 10:12:10 GMT
blackfr.6e18c17250e53e3a985d.css
cnt.media-bucket.com/uxtnc/assets/ 		1 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnt.media-bucket.com/uxtnc/assets/blackfr.6e18c17250e53e3a985d.css
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c99623510191625504427b878024bd47d5098360adeebbaabd7c3856cb0781

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
W/"634672b9-4e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8GNZPeEfyPLtfI0AmzKXRz3haTLMu%2FRK0gesM27B7SNmC74SrJyqXvosZYCyDi7Zn7PpoKmYFJfId4lShZrdLWKBcafRpate3p2XM7kjrBy%2F35lrn36Ckn83pubaPThrHvn5%2BsgX9V3lENb%2BJJ4LRd4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
75b003bca936d5c0-CDG
expires
Tue, 15 Nov 2022 10:10:33 GMT
halloween.6e18c17250e53e3a985d.css
cnt.media-bucket.com/uxtnc/assets/ 		939 B
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnt.media-bucket.com/uxtnc/assets/halloween.6e18c17250e53e3a985d.css
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c1df9f9ce6aa314e396fc576c567d63a3cd68c2099311dafd12da7d22d7202

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
W/"634672b9-3ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UH7iVpG2kMjzRTlT%2F3OEaOe%2FgCzCgJh2hi7DH3O%2FqBFlWcOHotwLHMGx%2FIklusphGCMIhkCdxm6%2FNNkK%2Fuw9IzHe0JT%2FE7g7HYHWSaMM9a1vz6KltRFa5%2F5XUONMb3Xv3iYw0e%2B3lk63VRTk%2F14upLRj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
75b003bca938d5c0-CDG
expires
Tue, 15 Nov 2022 10:10:33 GMT
runtime.5030bea98d9c5c605fcd.js
cnt.media-bucket.com/uxtnc/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.media-bucket.com/uxtnc/assets/runtime.5030bea98d9c5c605fcd.js
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500bb6461e74199b88eef8f2633860bf4ce15963367f817d63ead66381cbde31

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
W/"634672b8-5e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8P2lNMTZc7VAnrOLypPnG8lBeqnSk5WEP40yMKI0Mh%2B5bIxVRbKCCxe3bkdDYUhdEek5GcrsJ8Fx9cGmQrevlGTiL5s3MMor8awgdhR9GgHkGhQBNLjL9jLYgjdko8YBuWkZP0ydUeLcDGgCVEM5knM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
75b003bcd979d5c0-CDG
expires
Tue, 15 Nov 2022 10:10:33 GMT
app.871710caff21da3568e9.js
cnt.media-bucket.com/uxtnc/assets/ 		625 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.media-bucket.com/uxtnc/assets/app.871710caff21da3568e9.js
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db218f88619ec02dfcebc5c4fc0507999c23b550bd36be48080303a9b38004eb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
W/"634672b8-9c2e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmER2uoaxHDzRm8VeOrGj%2Bh85SEwvRL2gbERXv5dg%2BOkrBVdPkIg8H8zCQ3kqPWgc4piskLdcsqbbsOvB7IlDVT4OmNhmGOpIPbg2yZaXUeqYvctIofYK21i3Wc49uoINSnVJsBRUSdkdku%2FCAP68d%2BC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
75b003bd09cdd5c0-CDG
expires
Tue, 15 Nov 2022 10:10:33 GMT
styles.f8ef976c524f0f22cdb4.js
cnt.media-bucket.com/uxtnc/assets/ 		130 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.media-bucket.com/uxtnc/assets/styles.f8ef976c524f0f22cdb4.js
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae5ada82c1d40fb61a01fb1b4fca7606803157324927b626091054c7a09f605

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
W/"634672b8-82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=658%2BGBSaJ3QTWAus9h3eT0%2BmY4Xd5VV%2Be%2B44fAiSsNr60kt5afETeDxlkN7ubRonh9qX2lNRsBwLBoKqnz7Yb4ucVvSdUaW3Og%2BT5%2BKPf3WmC6%2B70r4avUTd5SIm4CfOBX7zqlJDQIlA8mshpHq5nhMz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
75b003bd3a16d5c0-CDG
expires
Tue, 15 Nov 2022 10:10:33 GMT
styles.6e18c17250e53e3a985d.css
cnt.media-bucket.com/uxtnc/assets/ 		88 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnt.media-bucket.com/uxtnc/assets/styles.6e18c17250e53e3a985d.css
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81337f453d4f31e4c6ff698fc837a49e4efae91053b91237737fe623f0a73a90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
W/"634672b9-15fc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pkLnsmznzE4%2BhPLurT%2FpfgLTASwChimXPrm%2F2BwverNMtQ4QFYgfcYvA3TMW4iyml02FPyN%2Bks4ZT%2Faqk9t1h1o14lCbBJ1AwtGkcBKs3sA2TClPJfigZZfxe0FtrvGrlMsjjTPdCY5aUcr2MsSovLV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
75b003bca939d5c0-CDG
expires
Tue, 15 Nov 2022 10:10:33 GMT
secure-icons_357a714da615929cd342.png
cnt.media-bucket.com/uxtnc/assets/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnt.media-bucket.com/uxtnc/assets/secure-icons_357a714da615929cd342.png
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7474500d78036ac53ad85298737c9bf7f8aa4052d3cc9b3463e4b29cb7757c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/fr/?aid=6ar2Pm8l9ySDmw6YV&v=blackfr&var4=agn_352&hobj=eyJoc2lkIjogIjhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODQiLCAiX19sb2NhdGlvbmNvZGUiOiAiRlIiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAicGF5bWVudF90eXBlIjogImNhcmQiLCAiZG9tYWluIjogImNvbnRlbnQtdGFiLmNvbSIsICJzdWJfaWQiOiAiNjIwIiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
"634672b8-165b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnjtYhmAXEWZDzWzonkZw8YMKBD45KMBE4v%2F5NLL3vBD103Qi77eB1PWLJP%2FmNRBc5SWkByPXXN4rK%2FwLf0rvmnsuTSCqNL%2FXKTOf2KcrM6ibklS4RTLOJRWGSe1TGxlEHuwJqthHZ%2FT5kxUEG%2BuNqBw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
75b003bd4a22d5c0-CDG
content-length
5723
expires
Tue, 15 Nov 2022 10:10:33 GMT
fr_2e53a97cf368caa234af.svg
cnt.media-bucket.com/uxtnc/assets/ 		902 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnt.media-bucket.com/uxtnc/assets/fr_2e53a97cf368caa234af.svg
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/assets/styles.6e18c17250e53e3a985d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99d5375cffd036524ce251e6a41c6a0112ef2139f831cf46402ac721279893c4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/assets/styles.6e18c17250e53e3a985d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
W/"634672b8-386"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKPoBhoNoIIuzwOq8Ne27EdwPhOlNABfUxoQb8BJifED%2BICRpxZTu%2BuL8OSpxZKJnlAdxUxQ31FhkgCTltGSCo8nAwo%2BS5cvqCYWgpTUKX7uBGn6IdCiBTY2xSpxqncCObrzqjdHm%2BBr%2F%2BzsidlLF9ON"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
75b003bddafad5c0-CDG
expires
Tue, 15 Nov 2022 10:10:33 GMT
flame_56f9213f59504caa0da1.png
cnt.media-bucket.com/uxtnc/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnt.media-bucket.com/uxtnc/assets/flame_56f9213f59504caa0da1.png
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/assets/styles.6e18c17250e53e3a985d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4dcb5714a9f4816cb9bd8b31816a0e3abf8bd183f53295d9d04b088ef659430

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/assets/styles.6e18c17250e53e3a985d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
"634672b8-4a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdeT6K4iT%2BoArhaEZ85ilFlLMRVtdfRHAClfF5mZTtqfSxPnZx8j0iyLoSYG1jUa9mX%2Fj0pDuJtb%2FTH266Qs6lFADoqplSJi761Pkh1zkOwtb%2FMrcnrVrYpfT1YbTNQfc7QpxO74An3sWG6TfIGECkQh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
75b003bddb00d5c0-CDG
content-length
1184
expires
Tue, 15 Nov 2022 10:10:33 GMT
chat-cloud_e005fd9033aef2dae328.svg
cnt.media-bucket.com/uxtnc/assets/ 		840 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnt.media-bucket.com/uxtnc/assets/chat-cloud_e005fd9033aef2dae328.svg
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/assets/styles.6e18c17250e53e3a985d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3812d9fe7f51a8a1bfd54ccaedb67ed667c4a6c099d645786074642622d52fd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/assets/styles.6e18c17250e53e3a985d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
W/"634672b8-348"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSZ5r9R%2BjBv%2BOqxI4xMWmLB1%2BDLDTBNm8LRx4IGY6syueNlcngCpRUS1f3S9EJ2o8b4ra5YKkxhXR1rnl7syc70oWzzA75ukxlehVcaKJ%2FhPryZ1NOQoPuSyP1rRJ5iFnzZGha0mlszdILg4RL9kPlDg"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
75b003bddb04d5c0-CDG
expires
Tue, 15 Nov 2022 10:10:33 GMT
iphon14pro-desktop_3d6425d96a884902d312.png
cnt.media-bucket.com/uxtnc/assets/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnt.media-bucket.com/uxtnc/assets/iphon14pro-desktop_3d6425d96a884902d312.png
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/assets/styles.6e18c17250e53e3a985d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fa9a6df29eca602b6dc01d4f5e2f464d7003b0e65196b9234331e2d45492b4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/assets/styles.6e18c17250e53e3a985d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 07:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97
etag
"634672b8-94de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XWpxG8zAvkDwVuoLH6j7N4O4%2FTzlzySBJnrTM9%2BM4zNVPyflMJGbQFpb%2BcMcV81jHCKDWKmx3KXicF8JSIQPI%2BSrFU8etSpLiEAt5ALxJV46Rl8rTrVMvNlXSoTDGHHTiqcQsEXeoZpxn8I3evViMad"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
75b003bddb06d5c0-CDG
content-length
38110
expires
Tue, 15 Nov 2022 10:10:33 GMT
badge_bf_d8a3bdc7ef6780cc1f30.svg
cnt.media-bucket.com/uxtnc/assets/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnt.media-bucket.com/uxtnc/assets/badge_bf_d8a3bdc7ef6780cc1f30.svg
Requested by
Host: cnt.media-bucket.com
URL: https://cnt.media-bucket.com/uxtnc/assets/blackfr.6e18c17250e53e3a985d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dffba73f657bc3fcac1e202cacb51b2b9db4cd1f06cd45803e172d6adec4c4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cnt.media-bucket.com/uxtnc/assets/blackfr.6e18c17250e53e3a985d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:12:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 12 Oct 2022 07:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634672b8-21e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrDwo98bbuAtz4x%2FnzyVUUkp0GtkS7m6uGjUeEKIpmT2rZ%2BqMvY3VMqsnWKvwAYpTd9O3yvyfc1OXzkMNfZAQh3i4yVf3GAJKARuLoZmpzNM1YPLyElR71V11BYG9Y4HNTud3wSC2l5BKFsz%2FFBHiNYg"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
75b003bddb07d5c0-CDG
expires
Tue, 15 Nov 2022 10:12:10 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cnt.media-bucket.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 18:50:34 GMT
x-content-type-options
nosniff
age
487296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 18:50:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.eu01.nr-data.net
URL
https://bam.eu01.nr-data.net/events/1/NRJS-6dd3950211b5010cd9b?a=294444262,294453778&v=1216.487a282&to=MhBSZQoZWkcFVRFYXwtacVIMEVtaS0MLWl4KAl4%3D&rst=3707&ck=1&ref=https://redirecting2.eu/p/ySQ9/48JH/puiM
Domain
bam.eu01.nr-data.net
URL
https://bam.eu01.nr-data.net/jserrors/1/NRJS-6dd3950211b5010cd9b?a=294444262,294453778&v=1216.487a282&to=MhBSZQoZWkcFVRFYXwtacVIMEVtaS0MLWl4KAl4%3D&rst=3708&ck=1&ref=https://redirecting2.eu/p/ySQ9/48JH/puiM

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| languageOptions object| config object| webpackChunkusertive function| jQuery function| $ object| Landify function| _ boolean| __MOCKS__

9 Cookies

Domain/Path Name / Value
redirecting2.eu/ Name: 11b89db74b56b4ba918674d36e95a672
Value: 11b89db74b56b4ba918674d36e95a672
.redirecting2.eu/ Name: _ga
Value: GA1.2.1580880635.1665915129
.redirecting2.eu/ Name: _gid
Value: GA1.2.2127153643.1665915129
.redirecting2.eu/ Name: _gat
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: 2080ddf6c08fd2d3
trk.flowntw.com/ Name: afclick
Value: 634bd8f938a0540001dc7a84
trk.flowntw.com/ Name: afoffers
Value: {"2103":1665915129}
router.content-tab.com/ Name: air3_site_cookie
Value: 1579d9eb1c6f8fe342115862aa7019dc26d64b53gAWVRAAAAAAAAACMQDhjOWVjMjY5N2JmMTk2NzZjOTVhNjcyZTRiZWU2NmM2Njg0ZDlhYTZhMmM4NTYzODYwZWUwNDdhYmQ0MGRjODSULg==
cnt.media-bucket.com/ Name: session_id
Value: 5d26ecf8335e479eaa729766f67f4297

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15qwr.trk.elasticemail.com
bam.eu01.nr-data.net
carmantelshop.site
cnt.media-bucket.com
code.ionicframework.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
redirecting2.eu
router.content-tab.com
router.solarsofas.com
stats.g.doubleclick.net
trk.flowntw.com
www.google-analytics.com
bam.eu01.nr-data.net
15.204.172.76
151.101.2.137
185.221.85.3
2606:4700:20::681a:6ad
2606:4700:20::ac43:452e
2606:4700:3035::6815:21bd
2606:4700:3037::ac43:ac7b
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a06:98c1:3121::3
35.157.74.22
91.134.146.190
14c1df9f9ce6aa314e396fc576c567d63a3cd68c2099311dafd12da7d22d7202
1e4c9984ec04efc3e7c1f4e4b589b90b8db89f4700815569ab3710783648cc30
28c99623510191625504427b878024bd47d5098360adeebbaabd7c3856cb0781
3ae5ada82c1d40fb61a01fb1b4fca7606803157324927b626091054c7a09f605
500bb6461e74199b88eef8f2633860bf4ce15963367f817d63ead66381cbde31
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
81337f453d4f31e4c6ff698fc837a49e4efae91053b91237737fe623f0a73a90
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
99d5375cffd036524ce251e6a41c6a0112ef2139f831cf46402ac721279893c4
9a4410bff1360c1827ee6bc2153b91199c2d8422f5f8ac31c2d6eeff972643b3
9dffba73f657bc3fcac1e202cacb51b2b9db4cd1f06cd45803e172d6adec4c4f
9f7474500d78036ac53ad85298737c9bf7f8aa4052d3cc9b3463e4b29cb7757c
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172
a3812d9fe7f51a8a1bfd54ccaedb67ed667c4a6c099d645786074642622d52fd
a666a34696a29987a222caadfd212601fa037d2b4864cdf0e173cd668a1daa76
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
cba6172988c4f2a636c28d2c46741ebbb03873f482eb038b51ee0c4840c9d13f
d4dcb5714a9f4816cb9bd8b31816a0e3abf8bd183f53295d9d04b088ef659430
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db218f88619ec02dfcebc5c4fc0507999c23b550bd36be48080303a9b38004eb
f9fa9a6df29eca602b6dc01d4f5e2f464d7003b0e65196b9234331e2d45492b4