urlscan.io logo urlscan.io
SecurityTrails logo

neofa.com Open in urlscan Pro
213.41.42.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://15hqf.trk.elasticemail.com/tracking/click?d=3MncWeWpmWqQGj7thcW83XGupMtfNg2_o7ODdUt-KbzJ3NCHK7rVpSjrvarGQj0WDHcJHIGVRm998lf...
Effective URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1...
Submission: On June 28 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 25 HTTP transactions. The main IP is 213.41.42.22, located in Lyon, France and belongs to COLT COLT Technology Services Group Limited, GB. The main domain is neofa.com.
TLS certificate: Issued by R3 on April 17th 2023. Valid for: 3 months.
This is the only time neofa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 164.132.95.126 16276 (OVH)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
9 213.41.42.22 8220 (COLT COLT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.235.67.79 14618 (AMAZON-AES)
4 2600:9000:214... 16509 (AMAZON-02)
3 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:261... 16509 (AMAZON-02)
2 18.205.202.96 ()
2 3.208.227.229 ()
25 9
1    164.132.95.126 (Spain)

ASN16276 (OVH, FR)
PTR: api.elasticemail.com
15hqf.trk.elasticemail.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
sendy.neofainvest.com
9    213.41.42.22 (Lyon, France)

ASN8220 (COLT COLT Technology Services Group Limited, GB)
PTR: mail2.uitsem.com
neofa.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.235.67.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-67-79.compute-1.amazonaws.com
form.typeform.com
4    2600:9000:214f:7400:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
renderer-assets.typeform.com
3    2600:9000:2057:4000:9:b3c8:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
font.typeform.com
1    2600:9000:2611:e800:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rudderlabs.com
2    18.205.202.96 (None, )

ASN- ()
rudderstack-control-plane.cdp.prod.data.typeform.com
2    3.208.227.229 (None, )

ASN- ()
rudderstack.cdp.prod.data.typeform.com
Apex Domain
Subdomains		 Transfer
13 typeform.com
form.typeform.com — Cisco Umbrella Rank: 49179
renderer-assets.typeform.com — Cisco Umbrella Rank: 38248
font.typeform.com — Cisco Umbrella Rank: 48311
rudderstack-control-plane.cdp.prod.data.typeform.com
rudderstack.cdp.prod.data.typeform.com
564 KB
9 neofa.com
neofa.com
247 KB
2 gstatic.com
fonts.gstatic.com
65 KB
1 rudderlabs.com
cdn.rudderlabs.com — Cisco Umbrella Rank: 13638
134 KB
1 neofainvest.com
sendy.neofainvest.com
593 B
1 elasticemail.com
15hqf.trk.elasticemail.com
450 B
25 6
Domain Requested by
9 neofa.com neofa.com
4 renderer-assets.typeform.com form.typeform.com
renderer-assets.typeform.com
3 font.typeform.com renderer-assets.typeform.com
font.typeform.com
2 rudderstack.cdp.prod.data.typeform.com form.typeform.com
2 rudderstack-control-plane.cdp.prod.data.typeform.com form.typeform.com
2 form.typeform.com neofa.com
form.typeform.com
2 fonts.gstatic.com neofa.com
1 cdn.rudderlabs.com renderer-assets.typeform.com
1 sendy.neofainvest.com 1 redirects
1 15hqf.trk.elasticemail.com 1 redirects
25 10

This site contains links to these domains. Also see Links.

Domain
www.societe.com
www.facebook.com
www.instagram.com
www.youtube.com
fr.linkedin.com
Subject Issuer Validity Valid
www.neofa.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
typeform.com
Amazon RSA 2048 M02		 2023-06-14 -
2024-07-12		 a year crt.sh
*.typeform.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-10-29		 8 months crt.sh
*.rudderlabs.com
Amazon RSA 2048 M02		 2023-06-14 -
2024-07-12		 a year crt.sh
cdp.prod.data.typeform.com
Amazon RSA 2048 M02		 2023-02-23 -
2024-02-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Frame ID: 8B77659ED1C68F1C2DEB7C31A21266C3
Requests: 15 HTTP requests in this frame

Frame: https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
Frame ID: CCD535F4179C7FBAF94827FD47DBF01A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

15_Neofaconseil Simuler immobilier | Neofa

Page URL History Show full URLs

  1. https://15hqf.trk.elasticemail.com/tracking/click?d=3MncWeWpmWqQGj7thcW83XGupMtfNg2_o7ODdUt-KbzJ3NCHK7rVpSjrvar... HTTP 302
    https://sendy.neofainvest.com/l/fA4GbwtD9AfGv9bGvXGupQ/LxCSIMmjyXJssEAOY8924wXA/dT5dFuYh7U892ySEBXAy1rAg HTTP 302
    https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->

Page Statistics

25
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

10
Subdomains

9
IPs

4
Countries

1010 kB
Transfer

2914 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://15hqf.trk.elasticemail.com/tracking/click?d=3MncWeWpmWqQGj7thcW83XGupMtfNg2_o7ODdUt-KbzJ3NCHK7rVpSjrvarGQj0WDHcJHIGVRm998lfj8ieE18umXC9wURSsZz-1JPk23NRLSDDc3_vrVKCaWLTImXGshy7_ivcLlD5oF45rQCCrs4X4ae1_QELuxmyh3szgBFKciuTGAc00jUpZ3Jy8Ac6zv-IOg27ti-yiS1gssAoazl0am6v0-Uq7aq6yartcjqpQ3DsR33X1vFrISgPME1wBCw2 HTTP 302
    https://sendy.neofainvest.com/l/fA4GbwtD9AfGv9bGvXGupQ/LxCSIMmjyXJssEAOY8924wXA/dT5dFuYh7U892ySEBXAy1rAg HTTP 302
    https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA.. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
neofa.com/fr/15_neofaconseil-simuler-immobilier/
Redirect Chain
  • https://15hqf.trk.elasticemail.com/tracking/click?d=3MncWeWpmWqQGj7thcW83XGupMtfNg2_o7ODdUt-KbzJ3NCHK7rVpSjrvarGQj0WDHcJHIGVRm998lfj8ieE18umXC9wURSsZz-1JPk23NRLSDDc3_vrVKCaWLTImXGshy7_ivcLlD5oF45rQ...
  • https://sendy.neofainvest.com/l/fA4GbwtD9AfGv9bGvXGupQ/LxCSIMmjyXJssEAOY8924wXA/dT5dFuYh7U892ySEBXAy1rAg
  • https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
362 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.41.42.22 Lyon, France, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
mail2.uitsem.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
66495bb4b702d0dd98bcfbd68e094654988fc0dc2cbfa4645c6b103103cb9f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
max-age=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 14:12:15 GMT
Expires
Wed, 28 Jun 2023 14:12:15 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 28 Jun 2023 14:12:18 GMT
Link
<https://neofa.com/fr/wp-json/>; rel="https://api.w.org/" <https://neofa.com/fr/wp-json/wp/v2/pages/9235>; rel="alternate"; type="application/json" <https://neofa.com/fr/?p=9235>; rel=shortlink
Server
Apache/2.4.41 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7de6860b684b0636-CDG
content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 14:12:15 GMT
location
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4w0x%2FNCCM4rG4hcXVe5btA8EBnOext0bS0CRNreCw7tPCqSW7RhRAdXaBB8x7VW4uEeY4Ua%2BVjyWS2z1lJ%2BGV0dN2lzqMO%2FEQBsi%2FO5YFRcHed980uN3gAFJ3ruLtvdKwiFUCKOlGKXWVIFKa9aTTLjp8Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
x-robots-tag
none
rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://neofa.com/
Origin
https://neofa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 16:17:35 GMT
x-content-type-options
nosniff
age
338084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18212
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 16:17:35 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://neofa.com/
Origin
https://neofa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 16:15:04 GMT
x-content-type-options
nosniff
age
338235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 16:15:04 GMT
icomoon.ttf
neofa.com/wp-content/uploads/fusion-icons/icomoon3/fonts/ 		7 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://neofa.com/wp-content/uploads/fusion-icons/icomoon3/fonts/icomoon.ttf?gmc5rd
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.41.42.22 Lyon, France, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
mail2.uitsem.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3684d105a1cfd149bb54c290307f3d0008014acfee2a4a0985e957617be36dd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Origin
https://neofa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:12:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Mon, 01 Aug 2022 06:36:32 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
font/ttf
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4194
Expires
Thu, 26 Oct 2023 14:12:19 GMT
awb-icons.woff
neofa.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 		20 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://neofa.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.41.42.22 Lyon, France, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
mail2.uitsem.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
370c8c8b69b06cb4193000e87c36d9efb2d55dcf1ef270cdea0ecc47d1aa3a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Origin
https://neofa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:12:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 11 Aug 2022 07:19:14 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
font/woff
Cache-Control
max-age=10368000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12485
Expires
Thu, 26 Oct 2023 14:12:19 GMT
fa-brands-400.woff2
neofa.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://neofa.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.41.42.22 Lyon, France, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
mail2.uitsem.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Origin
https://neofa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:12:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 11 Aug 2022 07:19:14 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/woff2
Cache-Control
max-age=10368000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Expires
Thu, 26 Oct 2023 14:12:20 GMT
fa-regular-400.woff2
neofa.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://neofa.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.41.42.22 Lyon, France, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
mail2.uitsem.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Origin
https://neofa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:12:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 11 Aug 2022 07:19:14 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
font/woff2
Cache-Control
max-age=10368000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
13287
Expires
Thu, 26 Oct 2023 14:12:20 GMT
fa-solid-900.woff2
neofa.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://neofa.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.41.42.22 Lyon, France, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
mail2.uitsem.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Origin
https://neofa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:12:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 11 Aug 2022 07:19:14 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/woff2
Cache-Control
max-age=10368000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Expires
Thu, 26 Oct 2023 14:12:20 GMT
lazyload.min.js
neofa.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://neofa.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.41.42.22 Lyon, France, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
mail2.uitsem.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:12:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Mon, 26 Jun 2023 09:08:24 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3053
Expires
Thu, 27 Jun 2024 14:12:20 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8be4f03207818401175305f7b009966079c8d00f21e3b20b05c8fe750bbecd5c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9178acdebdf933844857a32e0e89cf0e8621c948dac416a16fec6827e8c0eecc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
LOGO_NEOFA.svg
neofa.com/wp-content/uploads/2022/08/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neofa.com/wp-content/uploads/2022/08/LOGO_NEOFA.svg
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.41.42.22 Lyon, France, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
mail2.uitsem.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dfb60aaea9025e153e5faf5ee9bd0e352ffa8466f96c9c614dbab464f5305204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:12:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 15:52:18 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1168
Expires
Thu, 26 Oct 2023 14:12:20 GMT
neofa-logo-footer.webp
neofa.com/wp-content/uploads/2022/12/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neofa.com/wp-content/uploads/2022/12/neofa-logo-footer.webp
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.41.42.22 Lyon, France, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
mail2.uitsem.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1eb5370e8dc1311192f5d5360b9d9a83f713d389319f6f89be28ef7407adba8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:12:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Last-Modified
Thu, 22 Dec 2022 13:30:41 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1198
Expires
Fri, 28 Jul 2023 14:12:20 GMT
QHpM0EyJ
form.typeform.com/to/ Frame CCD5 		190 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
Requested by
Host: neofa.com
URL: https://neofa.com/fr/15_neofaconseil-simuler-immobilier/?_gl=1*hfrg4x*_ga*MTU3MTc1MDQ2LjE2ODE0NzA0NzM.*_ga_0KDF9D1VRJ*MTY4MjkzMjk1Mi44LjEuMTY4MjkzNTk3MS45LjAuMA..
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.67.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-67-79.compute-1.amazonaws.com
Software
istio-envoy / 7988-7.61.1
Resource Hash
bca204541dd318a4eed1784a40dac785ca908607e17d201a164ce55528a564e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://neofa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers
Location, X-Request-Id
age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy-report-only
report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
content-type
text/html; charset=utf-8
date
Wed, 28 Jun 2023 14:12:20 GMT
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-cache
MISS
x-cache-lookup
HIT
x-envoy-upstream-service-time
142
x-powered-by
7988-7.61.1
x-varnish
119524498
modern-renderer.2c36a39818c1a2ffc41b.js
renderer-assets.typeform.com/ Frame CCD5 		776 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-renderer.2c36a39818c1a2ffc41b.js
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf23951cc25d8e980032c37296049aeab632d7be31098a454f61e6c69ecf2d28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
Origin
https://form.typeform.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 08:27:51 GMT
x-amz-version-id
NuAXMzUrbyfFSlEwk1VGcVAmW7Hx258T
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
20671
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 27 Jun 2023 08:29:29 GMT
server
AmazonS3
etag
W/"52f2a4e7ebc71515c21a42509ef6b009"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=2419200
x-amz-cf-id
MqBrDru0eMj5wxc6FigM4u0XYs-jAXC1QJpz_x73HsoZ0mFciOluJw==
vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.0c35a1c1193305df993f.renderer.js
renderer-assets.typeform.com/ Frame CCD5 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.0c35a1c1193305df993f.renderer.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.2c36a39818c1a2ffc41b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:214f:7400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c683a0b24c9732c0eaa4f0e9552d815dde7e4e5eea1270da99e81dd703c950dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-amz-version-id
8nEvP6RUeLElSCHbDuAf2F.1Q50pShVY
content-encoding
gzip
date
Tue, 27 Jun 2023 22:46:07 GMT
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
55575
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 23 Jun 2023 15:22:24 GMT
server
AmazonS3
etag
W/"84ed4a4c21dda7b34914967639b12068"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2419200
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
X3R1sb3Ei3Lf1OVkYXB0yRg9ieMlRAxVu2kFMnkRHvFDCzhLEg1DGw==
vendors~form.19e0945e6a64af398add.renderer.js
renderer-assets.typeform.com/ Frame CCD5 		455 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/vendors~form.19e0945e6a64af398add.renderer.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.2c36a39818c1a2ffc41b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:214f:7400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea0f2a706df173456a6c711ed86ddae82ba22f2ea5f6cd83303aa4700c4964bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-amz-version-id
TjRmDvPywwYExXhEGTbz203b2x4UQ0ey
content-encoding
gzip
date
Wed, 28 Jun 2023 08:27:52 GMT
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
20670
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 27 Jun 2023 07:41:55 GMT
server
AmazonS3
etag
W/"a9d716afcf0db04b5916390109604ad6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2419200
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
eouRmb18Gwmfk_gP6kMU8fujni0t503pgVot1ELne99vdeqz0RXnKQ==
form.ce8b0c49d3e18558d1fb.renderer.js
renderer-assets.typeform.com/ Frame CCD5 		250 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/form.ce8b0c49d3e18558d1fb.renderer.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.2c36a39818c1a2ffc41b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:214f:7400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07b56ae35145242f2df7eb53a543fb6f918f90893af0eb583946d7543904af95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
date
Wed, 28 Jun 2023 08:27:52 GMT
content-encoding
gzip
x-amz-version-id
p.PrzJCCVAonoobue2eJZTotV30kMNMK
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
20670
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 27 Jun 2023 08:29:29 GMT
server
AmazonS3
etag
W/"d69f8f39cb3a7e4f4ecda3d625ca60cd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2419200
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
DNXcb_AkYmt8HOTEuwmV8vdgvUrh5sHRYEPRuQWUP84rqBOQq7MqpA==
index.css
font.typeform.com/dist/google/work-sans/ Frame CCD5 		2 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://font.typeform.com/dist/google/work-sans/index.css
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.2c36a39818c1a2ffc41b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4000:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a7b8ee4e1378b632e64f1c69c7fd2e63bff5e132dfbc1d053be3ab18174f9a6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
F7AJRKH.BXh8oJYPOHEhRJw7M6mrvOdj
content-encoding
gzip
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
date
Fri, 23 Jun 2023 19:36:10 GMT
x-amz-cf-pop
FRA6-C1
age
412835
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Jun 2023 00:24:47 GMT
server
AmazonS3
etag
W/"fc6b6a35924f9c66b56b1d6faed05dd5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=432000
x-amz-cf-id
ryK5UzUc0eQViPgaao0lnZz0-34mUO9tQ7vPoecOqL4W3up63L1JKw==
work-sans-latin-400-normal.woff2
font.typeform.com/dist/google/work-sans/files/ Frame CCD5 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://font.typeform.com/dist/google/work-sans/files/work-sans-latin-400-normal.woff2
Requested by
Host: font.typeform.com
URL: https://font.typeform.com/dist/google/work-sans/index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2057:4000:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36735bc1581d73a919ffd096c0c558d867f6a565ffc185ce5c5ce54b6084d062

Request headers

Referer
https://font.typeform.com/dist/google/work-sans/index.css
Origin
https://form.typeform.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
oaYYo.NvBkJX_MZ1wEinuQD3LcOPr1Mh
date
Wed, 28 Jun 2023 01:34:47 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
age
46053
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
18008
last-modified
Tue, 20 Jun 2023 00:23:38 GMT
server
AmazonS3
etag
"0afb9a3180e1a2305b50a4c0b1475fd1"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=432000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
1FRcGkkp7M9-zkmNj2WzsKIilat6c9yJYX1FIBgru29t_GsI_KFvYQ==
work-sans-latin-700-normal.woff2
font.typeform.com/dist/google/work-sans/files/ Frame CCD5 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://font.typeform.com/dist/google/work-sans/files/work-sans-latin-700-normal.woff2
Requested by
Host: font.typeform.com
URL: https://font.typeform.com/dist/google/work-sans/index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2057:4000:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5033d0ab1a85abdd2b36a2c79083ee3b18bdddd2d2c6c45b937f726fe1ee9dd

Request headers

Referer
https://font.typeform.com/dist/google/work-sans/index.css
Origin
https://form.typeform.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
FulcfGZx6GuAGwOYtcexURfg.5z0HvLC
date
Tue, 27 Jun 2023 03:55:51 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
age
125837
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
18780
last-modified
Tue, 20 Jun 2023 00:23:38 GMT
server
AmazonS3
etag
"b05fd74392895aedec91f4af0c635706"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=432000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
RdLXWYoKc2VH-rM53B5S6YDNL2C99nqxueNgC8vYrKBkDmtmaBlfKQ==
view-form-open
form.typeform.com/forms/QHpM0EyJ/insights/events/v3/ Frame CCD5 		2 B
898 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://form.typeform.com/forms/QHpM0EyJ/insights/events/v3/view-form-open
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.67.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-67-79.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Jun 2023 14:12:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-backend
papi
server
istio-envoy
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
x-release
5378579316
content-type
application/json
access-control-allow-origin
https://form.typeform.com
access-control-expose-headers
Location, X-Request-Id
x-envoy-upstream-service-time
5
x-service
insights-3.0
x-commit-sha
345143adbb984ec76d23dc9eb7f09331bc2bbfb3
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
content-length
2
x-build-date
2023-06-26T15:11:33+02:00
rudder-analytics.min.js
cdn.rudderlabs.com/v1/ Frame CCD5 		467 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rudderlabs.com/v1/rudder-analytics.min.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.19e0945e6a64af398add.renderer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2611:e800:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e31fcd40a8a22729a399d91613e089c4420778068b944585008530dfe3ee2f1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:56:38 GMT
content-encoding
gzip
via
1.1 c7fb0ef8cc8bb7055eaaaf9c7fa117ce.cloudfront.net (CloudFront)
last-modified
Mon, 29 May 2023 08:37:45 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
946
x-amz-server-side-encryption
AES256
etag
W/"65c4d4ade45e1dcd64e310e0429062fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
T7_jIw_BwlJmGDOJcPRzDUjlOVu7pSjrM2_gw0Ip5UDQPVzvzx0zeA==
/
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame CCD5 		610 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.33.0
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.202.96 -, , ASN (),
Reverse DNS
Software
uvicorn /
Resource Hash
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028

Request headers

Referer
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
accept-language
fr-FR,fr;q=0.9
Authorization
Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 14:12:23 GMT
access-control-allow-credentials
true
server
uvicorn
content-length
610
content-type
application/json
/
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.33.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.202.96 -, , ASN (),
Reverse DNS
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://form.typeform.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://form.typeform.com
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 28 Jun 2023 14:12:23 GMT
server
uvicorn
vary
Origin
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.227.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymousid,authorization,content-type
Access-Control-Request-Method
POST
Origin
https://form.typeform.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Anonymousid, Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://form.typeform.com
access-control-max-age
900
content-length
0
date
Wed, 28 Jun 2023 14:12:24 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame CCD5 		2 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.227.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://form.typeform.com/to/QHpM0EyJ?typeform-embed-id=07103662306313208&typeform-embed=embed-widget&typeform-source=neofa.com&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
accept-language
fr-FR,fr;q=0.9
Authorization
Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
AnonymousId
MTczYjk1N2EtYjllMi00MjNmLWFlYzctYjIwMjVhOGE5OTIy
Content-Type
application/json

Response headers

access-control-allow-origin
https://form.typeform.com
date
Wed, 28 Jun 2023 14:12:24 GMT
access-control-allow-credentials
true
content-length
2
vary
Origin
content-type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend undefined| href function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| RocketPreloadLinksConfig object| fusionJSVars object| fusionLightboxVideoVars object| fusionVideoGeneralVars object| fusionVideoBgVars object| fusionLightboxVars object| avadaLiveSearchVars object| fusionFlexSliderVars object| fusionAnimationsVars object| fusionContainerVars object| avadaSelectVars object| avadaToTopVars object| avadaHeaderVars object| avadaMenuVars object| fusionTypographyVars object| fusionScrollToAnchorVars object| fusionVideoVars object| lazyLoadOptions function| LazyLoad

3 Cookies

Domain/Path Name / Value
.typeform.com/ Name: tf_respondent_cc
Value: {%22groups%22:[%222%22]%2C%22timestamp%22:%222023-06-28T14:12:22.142Z%22%2C%22implicitConsent%22:true}
.typeform.com/ Name: attribution_user_id
Value: caa609fd-6551-4fd1-866b-9e9430805ae0
form.typeform.com/ Name: AWSALBTGCORS
Value: k078zRihWjjtIZU1hiZ499C9T7LfJEEWsWcHt7aFsCzSdfutQlX1HKJNIyNj0tidaWlBV/2IcQmjnALXJfteBGL2eE5CIzMRlkPGf0cd10lQtgiaKLyE5PVacrCWIJ3KdfRJSR1BngZtiWaTGNci+HqBmZy/3+5IbVUjIJd8Gxg5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15hqf.trk.elasticemail.com
cdn.rudderlabs.com
font.typeform.com
fonts.gstatic.com
form.typeform.com
neofa.com
renderer-assets.typeform.com
rudderstack-control-plane.cdp.prod.data.typeform.com
rudderstack.cdp.prod.data.typeform.com
sendy.neofainvest.com
164.132.95.126
18.205.202.96
18.235.67.79
213.41.42.22
2600:9000:2057:4000:9:b3c8:b180:93a1
2600:9000:214f:7400:4:f6ce:61c0:93a1
2600:9000:2611:e800:16:a497:9700:93a1
2a00:1450:4001:812::2003
2a06:98c1:3120::3
3.208.227.229
07b56ae35145242f2df7eb53a543fb6f918f90893af0eb583946d7543904af95
0a7b8ee4e1378b632e64f1c69c7fd2e63bff5e132dfbc1d053be3ab18174f9a6
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
1eb5370e8dc1311192f5d5360b9d9a83f713d389319f6f89be28ef7407adba8c
36735bc1581d73a919ffd096c0c558d867f6a565ffc185ce5c5ce54b6084d062
3684d105a1cfd149bb54c290307f3d0008014acfee2a4a0985e957617be36dd1
370c8c8b69b06cb4193000e87c36d9efb2d55dcf1ef270cdea0ecc47d1aa3a61
3e31fcd40a8a22729a399d91613e089c4420778068b944585008530dfe3ee2f1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
66495bb4b702d0dd98bcfbd68e094654988fc0dc2cbfa4645c6b103103cb9f8a
83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99
8be4f03207818401175305f7b009966079c8d00f21e3b20b05c8fe750bbecd5c
9178acdebdf933844857a32e0e89cf0e8621c948dac416a16fec6827e8c0eecc
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
a5033d0ab1a85abdd2b36a2c79083ee3b18bdddd2d2c6c45b937f726fe1ee9dd
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bca204541dd318a4eed1784a40dac785ca908607e17d201a164ce55528a564e3
bf23951cc25d8e980032c37296049aeab632d7be31098a454f61e6c69ecf2d28
c683a0b24c9732c0eaa4f0e9552d815dde7e4e5eea1270da99e81dd703c950dc
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9
dfb60aaea9025e153e5faf5ee9bd0e352ffa8466f96c9c614dbab464f5305204
ea0f2a706df173456a6c711ed86ddae82ba22f2ea5f6cd83303aa4700c4964bb
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a