Submitted URL: http://www.multi-prets.com/
Effective URL: https://www.multi-prets.com/
Submission: On October 07 via api from US — Scanned from IT

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 55 HTTP transactions. The main IP is 13.107.246.64, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.multi-prets.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 30th 2024. Valid for: a year.
This is the only time www.multi-prets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 13.107.246.64 8075 (MICROSOFT...)
1 142.250.185.138 15169 (GOOGLE)
2 142.250.185.196 15169 (GOOGLE)
4 172.217.16.200 15169 (GOOGLE)
2 52.85.65.73 16509 (AMAZON-02)
3 142.250.184.227 15169 (GOOGLE)
1 18.66.102.53 16509 (AMAZON-02)
3 38.102.66.79 174 (COGENT-174)
2 157.240.252.13 32934 (FACEBOOK)
3 150.171.30.10 8075 (MICROSOFT...)
2 172.217.18.14 15169 (GOOGLE)
1 13.32.27.54 16509 (AMAZON-02)
1 2 172.217.18.102 15169 (GOOGLE)
3 172.217.18.2 15169 (GOOGLE)
1 142.250.184.230 15169 (GOOGLE)
2 216.239.38.181 15169 (GOOGLE)
2 74.125.71.154 15169 (GOOGLE)
1 18.66.112.15 16509 (AMAZON-02)
2 157.240.252.35 32934 (FACEBOOK)
55 20
Apex Domain
Subdomains
Transfer
16 multi-prets.com
www.multi-prets.com
mp5.multi-prets.com
270 KB
8 doubleclick.net
12462948.fls.doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 192
ad.doubleclick.net — Cisco Umbrella Rank: 150
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
4 KB
6 azureedge.net
brokerwebsitesimage.azureedge.net
devtmaccimage.azureedge.net
1 MB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
409 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 147
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
15 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
275 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
12 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
77 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
61 KB
2 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4674
95 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3185
231 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
55 14
Domain Requested by
13 www.multi-prets.com www.multi-prets.com
4 www.googletagmanager.com www.multi-prets.com
www.googletagmanager.com
3 td.doubleclick.net www.googletagmanager.com
3 bat.bing.com www.multi-prets.com
bat.bing.com
3 mp5.multi-prets.com www.googletagmanager.com
mp5.multi-prets.com
3 devtmaccimage.azureedge.net www.multi-prets.com
3 brokerwebsitesimage.azureedge.net www.multi-prets.com
2 www.facebook.com www.multi-prets.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
2 12462948.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.youtube.com www.multi-prets.com
www.youtube.com
2 connect.facebook.net www.multi-prets.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 sdk.privacy-center.org www.multi-prets.com
sdk.privacy-center.org
2 www.google.com www.multi-prets.com
www.gstatic.com
1 vc.hotjar.io script.hotjar.com
1 ad.doubleclick.net www.multi-prets.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com www.multi-prets.com
55 22
Subject Issuer Validity Valid
*.multi-prets.com
Go Daddy Secure Certificate Authority - G2
2024-09-30 -
2025-10-28
a year crt.sh
upload.video.google.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 04
2024-09-19 -
2025-09-14
a year crt.sh
www.google.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.google-analytics.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M03
2024-03-10 -
2025-04-07
a year crt.sh
*.gstatic.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
mp5.multi-prets.com
R11
2024-08-09 -
2024-11-07
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-07-16 -
2024-10-14
3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03
2024-09-16 -
2025-03-15
6 months crt.sh
*.google.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.doubleclick.net
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-02-07 -
2025-03-08
a year crt.sh

This page contains 6 frames:

Primary Page: https://www.multi-prets.com/
Frame ID: 93499B2BDED92098834ECA2FEEE89FD8
Requests: 54 HTTP requests in this frame

Frame: https://12462948.fls.doubleclick.net/activityi;dc_pre=CL3RzoO9_IgDFSmp_QcdP04jGg;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9181800337z86965904za201zb6965904;gcd=13l3l3l3l1l1;dma=0;tcfd=10000;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2F
Frame ID: 0DBA6005638EE4B3257F3F0B0A7355C4
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9181800337z86965904za201zb6965904;gcd=13l3l3l3l1l1;dma=0;tcfd=10000;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2F
Frame ID: 3D22B68A0731D250020B6A856C48DD0C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfcp9IZAAAAAOwzreB9c0SZXVOP-w7Mm5cUDRjc&co=aHR0cHM6Ly93d3cubXVsdGktcHJldHMuY29tOjQ0Mw..&hl=it&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=v1jchhjkcmqe
Frame ID: 9BDA155B26CB39992A356DCB9404F4DA
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-4PYR949E8H&gacid=133637033.1728311222&gtm=45je4a20v9116799066z86965904za200zb6965904&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=353644046
Frame ID: 3BB00F18513636FBC4660F7DCD0420C1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-EC6BXBMF08&gacid=133637033.1728311222&gtm=45je4a20v872815295z86965904za200zb6965904&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=2012150218
Frame ID: FBD38D319AFCEE708BEBCB115B25270E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Multi-Prêts Hypothèques | Le réseau de courtiers hypothécaires

Page URL History Show full URLs

  1. http://www.multi-prets.com/ HTTP 307
    https://www.multi-prets.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

55
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

22
Subdomains

20
IPs

3
Countries

2579 kB
Transfer

5333 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.multi-prets.com/ HTTP 307
    https://www.multi-prets.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://12462948.fls.doubleclick.net/activityi;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9181800337z86965904za201zb6965904;gcd=13l3l3l3l1l1;dma=0;tcfd=10000;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2F HTTP 302
  • https://12462948.fls.doubleclick.net/activityi;dc_pre=CL3RzoO9_IgDFSmp_QcdP04jGg;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9181800337z86965904za201zb6965904;gcd=13l3l3l3l1l1;dma=0;tcfd=10000;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2F

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.multi-prets.com/
Redirect Chain
  • http://www.multi-prets.com/
  • https://www.multi-prets.com/
107 KB
25 KB
Document
General
Full URL
https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3568b8d5b163051bed51eba7da248860fde78da291a7e4bc58e2b33c815a0045

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 07 Oct 2024 14:26:56 GMT
expires
Mon, 07 Oct 2024 14:26:56 GMT
last-modified
Fri, 27 Sep 2024 15:02:33 GMT
vary
Accept-Encoding Accept-Encoding
x-azure-ref
20241007T142656Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m06
x-cache
CONFIG_NOCACHE

Redirect headers

Location
https://www.multi-prets.com/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;700&family=Quicksand:wght@300;400;700&display=swap
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
d95f1ce4cec2a943303bd56dbb4cb6ed606762cfbec119ea9b4b58d5f568a3ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 14:26:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:26:57 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Oct 2024 14:26:57 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
HomeTeaser-2.png
brokerwebsitesimage.azureedge.net/m3brokerimages1/sites/2/2024/06/
674 KB
675 KB
Image
General
Full URL
https://brokerwebsitesimage.azureedge.net/m3brokerimages1/sites/2/2024/06/HomeTeaser-2.png
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8c65d5706e876b3939d28d1080c9c1f0edda085cb520bc42d73a7204bbbf9a91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

x-azure-ref
20241007T142657Z-1764774c4c8rr2m7yytv9gby80000000059g00000000dg3c
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DC91FC5F0A5909
x-fd-int-roxy-purgeid
0
x-ms-request-id
b655834f-501e-0011-41bc-18e506000000
accept-ranges
bytes
x-cache
TCP_REVALIDATED_HIT
content-length
689806
date
Mon, 07 Oct 2024 14:26:57 GMT
content-type
image/png
last-modified
Fri, 21 Jun 2024 14:13:49 GMT
x-ms-blob-type
BlockBlob
style.min.css
www.multi-prets.com/wp-includes/css/dist/block-library/
110 KB
15 KB
Stylesheet
General
Full URL
https://www.multi-prets.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
expires
Tue, 07 Oct 2025 14:26:56 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:56 GMT
x-azure-ref
20241007T142656Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m0x
content-type
text/css; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 10 Sep 2024 20:30:45 GMT
style.css
www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/m3/build/styles/
290 KB
42 KB
Stylesheet
General
Full URL
https://www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/m3/build/styles/style.css?ver=1722548037
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fed2af5deb40c278bae776cf605a3406403f86b5dd438071818698c83d04d1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
expires
Tue, 07 Oct 2025 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142656Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m0y
content-type
text/css; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Thu, 01 Aug 2024 21:33:57 GMT
style.css
www.multi-prets.com/wp-content/cache/background-css/www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/mph/
147 KB
21 KB
Stylesheet
General
Full URL
https://www.multi-prets.com/wp-content/cache/background-css/www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/mph/style.css?ver=1722548037&wpr_t=1727434953
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d2a5def8ef7ed67aad5bb7a752ae2d1b9c1d465b0f06912f9d664c40c09a485

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
expires
Tue, 07 Oct 2025 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142656Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m0z
content-type
text/css; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Mon, 07 Oct 2024 13:54:01 GMT
jquery.min.js
www.multi-prets.com/wp-includes/js/jquery/
86 KB
30 KB
Script
General
Full URL
https://www.multi-prets.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=2592000, public
content-encoding
gzip
expires
Wed, 06 Nov 2024 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142656Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m10
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Mon, 28 Aug 2023 21:14:24 GMT
jquery-migrate.min.js
www.multi-prets.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://www.multi-prets.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=2592000, public
content-encoding
gzip
expires
Wed, 06 Nov 2024 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142656Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m11
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Fri, 09 Jun 2023 09:49:24 GMT
search.svg
www.multi-prets.com/wp-content/themes/m3/images/
415 B
582 B
Image
General
Full URL
https://www.multi-prets.com/wp-content/themes/m3/images/search.svg
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
06e8633d6740e51de9e13f3d529ab00a55b4d0981e5c036687b51577d2107d51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=10368000, public
content-encoding
gzip
expires
Tue, 04 Feb 2025 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142656Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m12
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
last-modified
Thu, 26 Sep 2024 19:41:14 GMT
main.js
www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/m3/build/
88 KB
26 KB
Script
General
Full URL
https://www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/m3/build/main.js?ver=1722548037
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
caced8a15136cb302efdf4409e870c593705a9b300b78ae33289206ad207212f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=2592000, public
content-encoding
gzip
expires
Wed, 06 Nov 2024 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142656Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m13
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Thu, 01 Aug 2024 21:33:57 GMT
script.js
www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/mph/
32 KB
9 KB
Script
General
Full URL
https://www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/mph/script.js?ver=1722548037
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ffb386aa61766d78a4576135bd03ba55a5e0cd1e757eb52ed9dd870b491a25a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=2592000, public
content-encoding
gzip
expires
Wed, 06 Nov 2024 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142657Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m1d
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Thu, 01 Aug 2024 21:33:57 GMT
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lfcp9IZAAAAAOwzreB9c0SZXVOP-w7Mm5cUDRjc
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
ESF /
Resource Hash
48731c8569db524c14300057831f536488124247a0f6db60c132555dc80fbe04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 14:26:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 07 Oct 2024 14:26:57 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
forms.js
www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/m3/build/
100 KB
28 KB
Script
General
Full URL
https://www.multi-prets.com/wp-content/cache/min/2/wp-content/themes/m3/build/forms.js?ver=1722548092
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d782ea0544c82c8f80d5c5cc0598e628b0efd02d96b68d9537cc79c775f243de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=2592000, public
content-encoding
gzip
expires
Wed, 06 Nov 2024 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142657Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m1k
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Thu, 01 Aug 2024 21:34:52 GMT
lazyload.min.js
www.multi-prets.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/
9 KB
3 KB
Script
General
Full URL
https://www.multi-prets.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=2592000, public
content-encoding
gzip
expires
Wed, 06 Nov 2024 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142657Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m1s
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Thu, 26 Sep 2024 19:41:13 GMT
gtm.js
www.googletagmanager.com/
387 KB
119 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-573MTH
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
3e2cabc74ab422371a4573d54143c6710730bead85f4303d600eef475983895b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 07 Oct 2024 14:26:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:26:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
121346
x-xss-protection
0
server
Google Tag Manager
loader.js
sdk.privacy-center.org/e874aa71-5754-45b6-a3e4-b63a7e0ad1cf/
3 KB
2 KB
Script
General
Full URL
https://sdk.privacy-center.org/e874aa71-5754-45b6-a3e4-b63a7e0ad1cf/loader.js?target_type=notice&target=xD8qj6Lc
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-73.muc50.r.cloudfront.net
Software
/
Resource Hash
b7f5d4591f5012efa3b9c37b4db5737cdd8b4e151339cabf5c1e5faa55f7c0eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=7200, public
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:false
content-encoding
br
etag
W/"41442e1aa038b06e9600ad7adbaffea3"
x-amzn-trace-id
Root=1-6703efb2-7cdf9ef435050aba7649e354;Parent=2464b6338267093c;Sampled=0;Lineage=1:eaae1266:0
x-amzn-requestid
a081e1ed-96f2-409a-8f8f-d19464ab4ba3
via
1.1 ca15cd60a1392b6e8be3119969d8a216.cloudfront.net (CloudFront)
x-didomi-configs-version
112
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
jAqKWGv6rdeN71FwHUuXuh8Lbe4znbN0L6OQVDOABj2Q7kn-gyvNSQ==
date
Mon, 07 Oct 2024 14:26:58 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
MUC50-P6
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b81ec491592bf5198d6ae3e8ce1cee58fa9221e9b6706fb567aec1d721ff1ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
183 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/
27 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;700&family=Quicksand:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.multi-prets.com
Referer
https://fonts.googleapis.com/

Response headers

age
220472
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 01:12:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 01:12:26 GMT
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
28064
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;700&family=Quicksand:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.multi-prets.com
Referer
https://fonts.googleapis.com/

Response headers

age
254846
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 15:39:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 15:39:32 GMT
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33092
x-xss-protection
0
server
sffe
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6e7270a7a43474a98f386e6d787185f7473bef44cd2ac02065fe2da3a7b668d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
GilmerLight.otf
www.multi-prets.com/wp-content/themes/mph/fonts/
99 KB
43 KB
Font
General
Full URL
https://www.multi-prets.com/wp-content/themes/mph/fonts/GilmerLight.otf
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f29ab7190b11cb34a505fdf8e7c83ef5ce4dfeea13a8ab4ae64109b0d9bf93c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.multi-prets.com
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=10368000, public
content-encoding
gzip
expires
Tue, 04 Feb 2025 14:26:57 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:57 GMT
x-azure-ref
20241007T142657Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m22
content-type
font/otf
vary
Accept-Encoding, Accept-Encoding
last-modified
Thu, 26 Sep 2024 19:41:14 GMT
recaptcha__it.js
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/
540 KB
214 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfcp9IZAAAAAOwzreB9c0SZXVOP-w7Mm5cUDRjc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
269e5b24dd9ee843e7d82c5aa67279997a97df01e8a9de509a53d033a8528d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.multi-prets.com
Referer
https://www.multi-prets.com/

Response headers

content-encoding
gzip
age
540758
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:14:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:14:20 GMT
last-modified
Mon, 23 Sep 2024 04:00:50 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
219123
x-xss-protection
0
server
sffe
HomeTeaser-2-66758ac642e83.png
brokerwebsitesimage.azureedge.net/m3brokerimages1/sites/2/2024/06/
674 KB
675 KB
Image
General
Full URL
https://brokerwebsitesimage.azureedge.net/m3brokerimages1/sites/2/2024/06/HomeTeaser-2-66758ac642e83.png
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8c65d5706e876b3939d28d1080c9c1f0edda085cb520bc42d73a7204bbbf9a91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

x-azure-ref
20241007T142658Z-1764774c4c8rr2m7yytv9gby80000000059g00000000dg3u
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DC91FC7B785683
x-fd-int-roxy-purgeid
0
x-ms-request-id
bd99389a-701e-005b-5db8-184689000000
accept-ranges
bytes
x-cache
TCP_REVALIDATED_HIT
content-length
689806
date
Mon, 07 Oct 2024 14:26:58 GMT
content-type
image/png
last-modified
Fri, 21 Jun 2024 14:14:36 GMT
x-ms-blob-type
BlockBlob
logo_fr.svg
www.multi-prets.com/wp-content/themes/mph/assets/images/
9 KB
3 KB
Image
General
Full URL
https://www.multi-prets.com/wp-content/themes/mph/assets/images/logo_fr.svg
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68fba18fc43956cdcccfaded19ae9fdb5e1199712d73237cf6a0f44208cff73f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
max-age=10368000, public
content-encoding
gzip
expires
Tue, 04 Feb 2025 14:26:58 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:26:58 GMT
x-azure-ref
20241007T142658Z-1764774c4c8wdhzhtgp3ngsfx400000005bg000000004m2m
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
last-modified
Thu, 26 Sep 2024 19:41:14 GMT
1.svg
devtmaccimage.azureedge.net/m3brokerimages1-staging/sites/2/2024/02/
3 KB
2 KB
Image
General
Full URL
https://devtmaccimage.azureedge.net/m3brokerimages1-staging/sites/2/2024/02/1.svg
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
603f0a93c5213ce9d9d5136cbceb6c73d89ae00afdf75e2a29432b2b1a05cf69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

x-ms-blob-type
BlockBlob
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-azure-ref
20241007T142658Z-1764774c4c8rr2m7yytv9gby80000000059g00000000dg3x
x-fd-int-roxy-purgeid
0
content-encoding
br
x-ms-request-id
c916f37c-901e-0061-27c4-18b2c1000000
x-cache
TCP_MISS
date
Mon, 07 Oct 2024 14:26:58 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Wed, 21 Feb 2024 18:49:04 GMT
2.svg
devtmaccimage.azureedge.net/m3brokerimages1-staging/sites/2/2024/02/
2 KB
1 KB
Image
General
Full URL
https://devtmaccimage.azureedge.net/m3brokerimages1-staging/sites/2/2024/02/2.svg
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
beb26862d55e4bbe430ddfeaddbeab47874cb92e38488bf8f70525459bf46d8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

x-ms-blob-type
BlockBlob
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-azure-ref
20241007T142658Z-1764774c4c8rr2m7yytv9gby80000000059g00000000dg3y
x-fd-int-roxy-purgeid
0
content-encoding
br
x-ms-request-id
14aa7de7-f01e-0048-0fc4-188cb5000000
x-cache
TCP_MISS
date
Mon, 07 Oct 2024 14:26:58 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Wed, 21 Feb 2024 18:49:13 GMT
3.svg
devtmaccimage.azureedge.net/m3brokerimages1-staging/sites/2/2024/02/
4 KB
2 KB
Image
General
Full URL
https://devtmaccimage.azureedge.net/m3brokerimages1-staging/sites/2/2024/02/3.svg
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49c3a10949ba038dcfd74aa49a6faaf08da8edb1cb1b8a82a14732d8cb09b51a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

x-ms-blob-type
BlockBlob
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-azure-ref
20241007T142658Z-1764774c4c8rr2m7yytv9gby80000000059g00000000dg3z
x-fd-int-roxy-purgeid
0
content-encoding
br
x-ms-request-id
8bd7dfbf-101e-008b-63c4-1895ef000000
x-cache
TCP_MISS
date
Mon, 07 Oct 2024 14:26:58 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Wed, 21 Feb 2024 18:49:22 GMT
sdk.341ba26a787131d4168d154a740e6ff39eeb25a0.js
sdk.privacy-center.org/sdk/341ba26a787131d4168d154a740e6ff39eeb25a0/modern/
362 KB
93 KB
Script
General
Full URL
https://sdk.privacy-center.org/sdk/341ba26a787131d4168d154a740e6ff39eeb25a0/modern/sdk.341ba26a787131d4168d154a740e6ff39eeb25a0.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/e874aa71-5754-45b6-a3e4-b63a7e0ad1cf/loader.js?target_type=notice&target=xD8qj6Lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-73.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0dadf5fbe74f588c6bf665ae1e510e4a5fde839d06b8c277e2ca940de2f5002

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"92aa28b3872854bff3dcb0f2fc6644c2-1"
age
444511
via
1.1 ca15cd60a1392b6e8be3119969d8a216.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
7IZBNq5S-IVzgisJKcAnXte7aUhmLD7MwY7EfD-weQYOSSLhy5lRFw==
date
Wed, 02 Oct 2024 10:58:28 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 10:58:17 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P6
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/
313 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EC6BXBMF08&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-573MTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
d0a995a00b88519e769a55c010616e96a138d4d8ea8fcb5c14f390c731b1ec12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 07 Oct 2024 14:27:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:27:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107010
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
317 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4PYR949E8H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-573MTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
adec59c1184426a9f592bf50530f2f53daca99be95c184876e3a5c78610f1a85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 07 Oct 2024 14:27:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:27:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107672
x-xss-protection
0
server
Google Tag Manager
hotjar-2337935.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2337935.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-573MTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-53.fra56.r.cloudfront.net
Software
/
Resource Hash
4f265527cfe012207abc437318ca51cece6216d764cd0438abcc3aca27f8efcd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/7e37e421e177e2c9a2ec8fd0df9c23fa
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
vxMENM4QOW4m_qvIZVjcSN8J6ldzL9K8wts6P_Zz25eckny2lx7X-A==
date
Mon, 07 Oct 2024 14:27:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
ea.js
mp5.multi-prets.com/
39 KB
14 KB
Script
General
Full URL
https://mp5.multi-prets.com/ea.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-573MTH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.102.66.79 Montreal, Canada, ASN174 (COGENT-174, US),
Reverse DNS
Software
EWS /
Resource Hash
43efd9d06ffc5a29cb3b45c57fa77dea7dd8613f29ad4aa69410224874f157a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

X-Robots-Tag
noindex
Cache-Control
max-age=3600, private
Content-Encoding
gzip
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Mon, 07 Oct 2024 15:27:00 GMT
Accept-Ranges
none
Content-Length
13887
Keep-Alive
timeout=4
Date
Mon, 07 Oct 2024 14:27:00 GMT
X-XSS-Protection
0
Content-Type
application/javascript
Vary
User-Agent
Server
EWS
destination
www.googletagmanager.com/gtag/
221 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12462948&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-573MTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
a20e633cacb05d2dfbc4cc9f521a72258dc2b9a67becef948ad54db529252c75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 07 Oct 2024 14:27:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:27:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80736
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
226 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Mon, 07 Oct 2024 14:27:00 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1288, tbw=2935, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
R07EJJb2+We04XAwQ/ip2B2oZIY9vpX2h10n782ltRrDoXVzKo6XPIE77wVBJBkOnuikJ85gL8QqAvc2XMlAYA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?0
bat.js
bat.bing.com/
49 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.30.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"803483b3aaadb1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 05E60F78C8094A95BEFDDED75B0B04DF Ref B: LON212050706019 Ref C: 2024-10-07T14:27:00Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14402
date
Mon, 07 Oct 2024 14:27:00 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 15:43:41 GMT
vary
Accept-Encoding
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
ESF /
Resource Hash
bad110d13f5afadd3866fc99583fca687e923581474246f7969154d28cae5bc0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Mon, 07 Oct 2024 14:27:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
date
Mon, 07 Oct 2024 14:27:00 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
modules.c455055d4255707cc766.js
script.hotjar.com/
224 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.c455055d4255707cc766.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2337935.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
00f9c41f792123ed96bd748bccf04480481b0a283a40fb39d714551772a8d9cd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"00be896dff288cee0f2fab3c81ad1a2f"
age
9834
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
a-htx6tTdIq7k9YEmYTIW6-ihzVuh1pjH2q7sS_-0koOaxehG9Li_g==
date
Mon, 07 Oct 2024 11:43:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 11:42:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56546
x-amz-cf-pop
FRA56-C2
401772477
mp5.multi-prets.com/col24a/-/
4 KB
3 KB
Script
General
Full URL
https://mp5.multi-prets.com/col24a/-/401772477?evariant=1-1&fra=0&url=https%3A%2F%2Fwww.multi-prets.com%2F&environment=mph-corpo&tc=pageview_gtm_261_1&ss=1600x1200&sd=24&
Requested by
Host: mp5.multi-prets.com
URL: https://mp5.multi-prets.com/ea.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.102.66.79 Montreal, Canada, ASN174 (COGENT-174, US),
Reverse DNS
Software
EWS /
Resource Hash
5647bbfd69f30343fbf8e17994492ae66a30c938cfe5149fb13c3bcd79f451b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

Strict-Transport-Security
max-age=604800
X-Robots-Tag
noindex
Cache-Control
max-age=0, private
Content-Encoding
gzip
Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
none
Content-Length
1806
Keep-Alive
timeout=4
Date
Mon, 07 Oct 2024 14:27:01 GMT
X-XSS-Protection
0
Content-Type
application/javascript
Vary
User-Agent
Server
EWS
www-widgetapi.js
www.youtube.com/s/player/96d06116/www-widgetapi.vflset/
31 KB
10 KB
Script
General
Full URL
https://www.youtube.com/s/player/96d06116/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
sffe /
Resource Hash
f3554b059089f72c1b2cd5dffd13ce8fa3b75ec10e8a48c088a2b05915d74297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
br
age
406
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 14:20:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:20:14 GMT
last-modified
Wed, 02 Oct 2024 04:15:18 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10294
x-xss-protection
0
server
sffe
activityi;dc_pre=CL3RzoO9_IgDFSmp_QcdP04jGg;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
12462948.fls.doubleclick.net/ Frame 0DBA
Redirect Chain
  • https://12462948.fls.doubleclick.net/activityi;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
  • https://12462948.fls.doubleclick.net/activityi;dc_pre=CL3RzoO9_IgDFSmp_QcdP04jGg;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;...
0
0
Document
General
Full URL
https://12462948.fls.doubleclick.net/activityi;dc_pre=CL3RzoO9_IgDFSmp_QcdP04jGg;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9181800337z86965904za201zb6965904;gcd=13l3l3l3l1l1;dma=0;tcfd=10000;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12462948&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.multi-prets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 14:27:02 GMT
expires
Mon, 07 Oct 2024 14:27:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 14:27:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12462948.fls.doubleclick.net/activityi;dc_pre=CL3RzoO9_IgDFSmp_QcdP04jGg;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9181800337z86965904za201zb6965904;gcd=13l3l3l3l1l1;dma=0;tcfd=10000;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm...
td.doubleclick.net/td/fls/rul/ Frame 3D22
0
0
Document
General
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9181800337z86965904za201zb6965904;gcd=13l3l3l3l1l1;dma=0;tcfd=10000;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12462948&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.multi-prets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 14:27:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
ad.doubleclick.net/
0
2 KB
Image
General
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12462948;type=mph-t0;cat=visit001;ord=9417913535845;npa=0;auiddc=2111307740.1728311220;ps=1;pcor=440065143;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9181800337z86965904za201zb6965904;gcd=13l3l3l3l1l1;dma=0;tcfd=10000;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2F?
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 07 Oct 2024 14:27:01 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"15465368249324468122"}],"aggregatable_trigger_data":[{"filters":[{"14":["13512621"]}],"key_piece":"0x9d0bee9c2a6f3ce","source_keys":["12","13","14","15","16","17","18","19","20","21","18223044","18223045","18223046","18223047","20456968","20456969","20456970","20456971","638506528","638506529","638506530","638506531","638536372","638536373","638536374","638536375","638559508","638559509","638559510","638559511"]},{"key_piece":"0xdad40c97f86de677","not_filters":{"14":["13512621"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","18223044","18223045","18223046","18223047","20456968","20456969","20456970","20456971","638506528","638506529","638506530","638506531","638536372","638536373","638536374","638536375","638559508","638559509","638559510","638559511"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"18223044":218,"18223045":218,"18223046":218,"18223047":21189,"19":65,"20":65,"20456968":327,"20456969":327,"20456970":327,"20456971":31784,"21":6356,"638506528":65,"638506529":65,"638506530":65,"638506531":6356,"638536372":65,"638536373":65,"638536374":65,"638536375":6356,"638559508":65,"638559509":65,"638559510":65,"638559511":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2268198878256931317","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15465368249324468122","filters":[{"14":["13512621"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15465368249324468122","filters":[{"14":["13512621"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15465368249324468122","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15465368249324468122","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12462948"]}}
content-type
image/png
x-xss-protection
0
server
cafe
56377355.js
bat.bing.com/p/action/
371 B
419 B
Script
General
Full URL
https://bat.bing.com/p/action/56377355.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.30.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad52e5275c56da88718ad0fbbf2fed9eb20653427b057143d5ec8c9f68bd8b86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3BF456073DEA4DE0970DB91EEB4AD80F Ref B: LON212050706019 Ref C: 2024-10-07T14:27:01Z
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:27:00 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
anchor
www.google.com/recaptcha/api2/ Frame 9BDA
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfcp9IZAAAAAOwzreB9c0SZXVOP-w7Mm5cUDRjc&co=aHR0cHM6Ly93d3cubXVsdGktcHJldHMuY29tOjQ0Mw..&hl=it&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=v1jchhjkcmqe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zLiPqP-VQxnzd5SOM8LA6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.multi-prets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-zLiPqP-VQxnzd5SOM8LA6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 14:27:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4PYR949E8H&gtm=45je4a20v9116799066z86965904za200zb6965904&_p=1728311217499&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=133637033.1728311222&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.multi-prets.com%2F&sid=1728311222&sct=1&seg=0&dt=Multi-Pr%C3%AAts%20Hypoth%C3%A8ques%20%7C%20Le%20r%C3%A9seau%20de%20courtiers%20hypoth%C3%A9caires&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Multi-prets.com&tfd=7281
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PYR949E8H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.multi-prets.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:27:03 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
548 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4PYR949E8H&cid=133637033.1728311222&gtm=45je4a20v9116799066z86965904za200zb6965904&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PYR949E8H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.multi-prets.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:27:03 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 3BB0
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-4PYR949E8H&gacid=133637033.1728311222&gtm=45je4a20v9116799066z86965904za200zb6965904&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=353644046
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PYR949E8H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.multi-prets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 14:27:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EC6BXBMF08&gtm=45je4a20v872815295z86965904za200zb6965904&_p=1728311217499&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=133637033.1728311222&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.multi-prets.com%2F&sid=1728311222&sct=1&seg=0&dt=Multi-Pr%C3%AAts%20Hypoth%C3%A8ques%20%7C%20Le%20r%C3%A9seau%20de%20courtiers%20hypoth%C3%A9caires&en=page_view&_fv=1&_ss=1&tfd=7633
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EC6BXBMF08&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.multi-prets.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:27:03 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
48 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EC6BXBMF08&cid=133637033.1728311222&gtm=45je4a20v872815295z86965904za200zb6965904&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EC6BXBMF08&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.multi-prets.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 14:27:03 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame FBD3
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-EC6BXBMF08&gacid=133637033.1728311222&gtm=45je4a20v872815295z86965904za200zb6965904&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=2012150218
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EC6BXBMF08&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.multi-prets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 14:27:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
198932828089390
connect.facebook.net/signals/config/
81 KB
17 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/198932828089390?v=2.9.170&r=stable&domain=www.multi-prets.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
39276ce6806e32b94f4d0507c3256277cc7e42ba0f6801078bed33e8262c9e49
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Mon, 07 Oct 2024 14:27:02 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=68, mss=1288, tbw=64786, tp=-1, tpl=-1, uplat=94, ullat=0
pragma
public
x-fb-debug
VhFwTDChai6FMKcL6Wkgh9jXauwarz97V4/PIPUAxc9KfUo1gmKJF5DIUhDMLixr8uVwIPg0hL9Xql7dhorTGQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
2337935
vc.hotjar.io/sessions/
0
231 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/2337935?s=0.25&r=0.059322493956580624
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c455055d4255707cc766.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-15.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
RFM0V10IdtNzu7Wdwd4cJ8-biyoyEg82hSSScEm6HdxQ9eGkhQ7KfA==
date
Mon, 07 Oct 2024 14:27:03 GMT
x-amz-cf-pop
FRA56-P5
1226943652
mp5.multi-prets.com/col24a/multi-prets/
4 KB
2 KB
Script
General
Full URL
https://mp5.multi-prets.com/col24a/multi-prets/1226943652?url=https%3A%2F%2Fwww.multi-prets.com%2F&evariant=1-1&gdpr_customvendor=89&environment=mph-corpo&ss=1600x1200&euidlls=PB2crc3u50x1j1HXVTgYddb3h_SzNFNJPJL.DNDNbxCiFwHMB.f6GA--&fra=0&recurse=1&sd=24&tc=pageview_gtm_261_1&
Requested by
Host: mp5.multi-prets.com
URL: https://mp5.multi-prets.com/ea.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.102.66.79 Montreal, Canada, ASN174 (COGENT-174, US),
Reverse DNS
Software
EWS /
Resource Hash
c54a83df20cbcde05065ff69f4f851292480535f9e48c13320bac580f1f3ef8e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

Strict-Transport-Security
max-age=604800
X-Robots-Tag
noindex
Cache-Control
max-age=0, private
Content-Encoding
gzip
Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
none
Content-Length
1801
Keep-Alive
timeout=4
Date
Mon, 07 Oct 2024 14:27:02 GMT
X-XSS-Protection
0
Content-Type
application/javascript
Vary
User-Agent
Server
EWS
0
bat.bing.com/action/
0
288 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=56377355&Ver=2&mid=bc28e8af-43bc-4c3a-acf1-aaa813523b11&sid=3894fcc084b811efab5635eb5828a701&vid=3895065084b811ef95e20f7fcd7b56a6&vids=1&msclkid=N&pi=918639831&lg=it-IT&sw=1600&sh=1200&sc=24&tl=Multi-Pr%C3%AAts%20Hypoth%C3%A8ques%20%7C%20Le%20r%C3%A9seau%20de%20courtiers%20hypoth%C3%A9caires&p=https%3A%2F%2Fwww.multi-prets.com%2F&r=&lt=3181&evt=pageLoad&sv=1&cdb=AQAU&rn=829403
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.30.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E58FD6CCB4A24A51AB6CBC0209FB5841 Ref B: LON212050706019 Ref C: 2024-10-07T14:27:03Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 14:27:02 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=198932828089390&ev=PageView&dl=https%3A%2F%2Fwww.multi-prets.com&rl=&if=false&ts=1728311223304&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12316&fbp=fb.1.1728311223273.336312432862185402&cs_est=true&pm=1&hrl=d0aa99&ler=empty&cdl=API_unavailable&it=1728311222727&coo=false&cs_cc=1&rqm=GET
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1288, tbw=2918, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 07 Oct 2024 14:27:04 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=198932828089390&ev=PageView&dl=https%3A%2F%2Fwww.multi-prets.com&rl=&if=false&ts=1728311223304&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12316&fbp=fb.1.1728311223273.336312432862185402&cs_est=true&pm=1&hrl=d0aa99&ler=empty&cdl=API_unavailable&it=1728311222727&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: www.multi-prets.com
URL: https://www.multi-prets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423040185767705498"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 14:27:04 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
72I9oJYh71uJhgIFA1535Ae71K4wQ7v5Dk9ToX/356zSqQGZj8LENSF7DtzLdFm6Dnw5S6VOhG5gYf1cQIB9iA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423040185767705498", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1288, tbw=3236, tp=-1, tpl=-1, uplat=52, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
Favicon-2023-150x150.png
brokerwebsitesimage.azureedge.net/m3brokerimages1/sites/2/2023/03/
2 KB
2 KB
Other
General
Full URL
https://brokerwebsitesimage.azureedge.net/m3brokerimages1/sites/2/2023/03/Favicon-2023-150x150.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
420fbdd8e7bb2898cc6138d75fec858438e06702c5a37d6f71989e33c1117076

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.multi-prets.com/

Response headers

x-azure-ref
20241007T142706Z-1764774c4c8rr2m7yytv9gby80000000059g00000000dg9h
x-ms-blob-committed-block-count
1
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB1B572963F838
x-fd-int-roxy-purgeid
0
x-ms-request-id
c3febeb8-401e-0050-0761-16bde2000000
accept-ranges
bytes
x-cache
TCP_REVALIDATED_HIT
content-length
1943
date
Mon, 07 Oct 2024 14:27:06 GMT
content-type
image/png
last-modified
Thu, 02 Mar 2023 19:48:57 GMT
x-ms-blob-type
AppendBlob

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| jQuery object| dataLayer object| didomiConfig function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| rocket_lazyload_css_data object| __WP_CONFIG__ number| uidEvent object| regeneratorRuntime object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| LazyLoad object| didomiRemoteConfig string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| fbq function| _fbq object| uetq object| images object| iframes boolean| is_iframe object| rocket_lazy object| ytTracker function| onYouTubeIframeAPIReady object| webpackChunkDidomi object| Didomi object| didomiOnReady object| didomiEventListeners function| __uspapi object| DidomiSanitizing function| __tcfapi object| didomiState object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| _oEa object| _oEaW object| _oEaXp function| EA_event function| EA_button function| EA_link function| EA_download function| EA_productevent function| EA_productbutton function| EA_productlink function| EA_productdownload function| EA_contextflag function| EA_tageventadd function| EA_tagisearchadd function| EA_taguparam function| EA_tagheatmap function| EA_heatmap function| EA_tagemail function| EA_tagproduct function| EA_tagerror function| EA_tagreferrer function| EA_referrer function| EA_tag function| EA_tagmulti function| EA_action_out_in function| EA_action_out function| EA_action_in function| EA_action_ref function| EA_shoppingcartestimate function| EA_shoppingcart function| EA_shoppingcartadd function| EA_shoppingcarthook function| EA_shoppingcartamount function| EA_estimate function| EA_newcustomer function| EA_blockpromo function| EA_view function| EA_tpclickposition function| EA_tpclickproduct function| EA_tpclick function| EA_dyntpclick function| EA_tpclickurl function| EA_dyntpclickurl function| EA_tpview function| EA_tpviewprd function| EA_dyntpview function| EA_tpviewurl function| EA_dyntpviewurl function| EA_click function| EA_clickoutposition function| EA_clickoutproduct function| EA_clickout function| EA_clickouturl function| EA_viewout function| EA_viewouturl function| EA_collectorurl function| EA_collector function| EA_merchandiser function| EA_jsversion object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| UET function| UET_init function| UET_push object| ueto_d5a9f73024 object| recaptcha object| closure_lm_479765 object| gaGlobal

18 Cookies

Domain/Path Name / Value
www.multi-prets.com/ Name: pll_language
Value: fr
.multi-prets.com/ Name: _gcl_au
Value: 1.1.2111307740.1728311220
.youtube.com/ Name: YSC
Value: IIQ7uRpiuk4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 8BTbTGkbkFY
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgMg%3D%3D
.multi-prets.com/ Name: etuix
Value: PB2crc3u50x1j1HXVTgYddb3h_SzNFNJPJL.DNDNbxCiFwHMB.f6GA--
.doubleclick.net/ Name: ar_debug
Value: 1
.multi-prets.com/ Name: _ga_4PYR949E8H
Value: GS1.1.1728311222.1.0.1728311222.60.0.0
.multi-prets.com/ Name: _ga
Value: GA1.1.133637033.1728311222
.doubleclick.net/ Name: IDE
Value: AHWqTUlHE3OYQ2PBELH9BGmLl1fcLc9rOY1UNckAaa5P9p8GB4pZyUR2tNBiJVjBtVU
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.multi-prets.com/ Name: _ga_EC6BXBMF08
Value: GS1.1.1728311222.1.0.1728311222.60.0.0
.multi-prets.com/ Name: _hjSessionUser_2337935
Value: eyJpZCI6IjJhNWYyYzBlLTY0MmUtNTM4Yy05YWJjLTM3YzA4MWIzNmIxMSIsImNyZWF0ZWQiOjE3MjgzMTEyMjI4NzUsImV4aXN0aW5nIjpmYWxzZX0=
.multi-prets.com/ Name: _hjSession_2337935
Value: eyJpZCI6IjhkM2Y2Yjg5LTI3ZGItNDkyZC05ZWYyLTFhOTk5YjhhOTAwYiIsImMiOjE3MjgzMTEyMjI4NzYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.multi-prets.com/ Name: _uetsid
Value: 3894fcc084b811efab5635eb5828a701
.multi-prets.com/ Name: _uetvid
Value: 3895065084b811ef95e20f7fcd7b56a6
.bing.com/ Name: MUID
Value: 3F6D7CBD53946EE2199D69AC52ED6F31
.multi-prets.com/ Name: _fbp
Value: fb.1.1728311223273.336312432862185402

1 Console Messages

Source Level URL
Text
javascript warning URL: https://www.multi-prets.com/
Message:
The resource https://brokerwebsitesimage.azureedge.net/m3brokerimages1/sites/2/2024/06/HomeTeaser-2.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12462948.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
bat.bing.com
brokerwebsitesimage.azureedge.net
connect.facebook.net
devtmaccimage.azureedge.net
fonts.googleapis.com
fonts.gstatic.com
mp5.multi-prets.com
script.hotjar.com
sdk.privacy-center.org
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
vc.hotjar.io
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.multi-prets.com
www.youtube.com
13.107.246.64
13.32.27.54
142.250.184.227
142.250.184.230
142.250.185.138
142.250.185.196
150.171.30.10
157.240.252.13
157.240.252.35
172.217.16.200
172.217.18.102
172.217.18.14
172.217.18.2
18.66.102.53
18.66.112.15
216.239.38.181
38.102.66.79
52.85.65.73
74.125.71.154
00f9c41f792123ed96bd748bccf04480481b0a283a40fb39d714551772a8d9cd
06e8633d6740e51de9e13f3d529ab00a55b4d0981e5c036687b51577d2107d51
1fed2af5deb40c278bae776cf605a3406403f86b5dd438071818698c83d04d1f
1ffb386aa61766d78a4576135bd03ba55a5e0cd1e757eb52ed9dd870b491a25a
269e5b24dd9ee843e7d82c5aa67279997a97df01e8a9de509a53d033a8528d4b
3568b8d5b163051bed51eba7da248860fde78da291a7e4bc58e2b33c815a0045
39276ce6806e32b94f4d0507c3256277cc7e42ba0f6801078bed33e8262c9e49
3e2cabc74ab422371a4573d54143c6710730bead85f4303d600eef475983895b
420fbdd8e7bb2898cc6138d75fec858438e06702c5a37d6f71989e33c1117076
43efd9d06ffc5a29cb3b45c57fa77dea7dd8613f29ad4aa69410224874f157a8
48731c8569db524c14300057831f536488124247a0f6db60c132555dc80fbe04
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
49c3a10949ba038dcfd74aa49a6faaf08da8edb1cb1b8a82a14732d8cb09b51a
4f265527cfe012207abc437318ca51cece6216d764cd0438abcc3aca27f8efcd
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5647bbfd69f30343fbf8e17994492ae66a30c938cfe5149fb13c3bcd79f451b3
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
603f0a93c5213ce9d9d5136cbceb6c73d89ae00afdf75e2a29432b2b1a05cf69
68fba18fc43956cdcccfaded19ae9fdb5e1199712d73237cf6a0f44208cff73f
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
7d2a5def8ef7ed67aad5bb7a752ae2d1b9c1d465b0f06912f9d664c40c09a485
8b81ec491592bf5198d6ae3e8ce1cee58fa9221e9b6706fb567aec1d721ff1ef
8c65d5706e876b3939d28d1080c9c1f0edda085cb520bc42d73a7204bbbf9a91
a20e633cacb05d2dfbc4cc9f521a72258dc2b9a67becef948ad54db529252c75
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad52e5275c56da88718ad0fbbf2fed9eb20653427b057143d5ec8c9f68bd8b86
adec59c1184426a9f592bf50530f2f53daca99be95c184876e3a5c78610f1a85
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7f5d4591f5012efa3b9c37b4db5737cdd8b4e151339cabf5c1e5faa55f7c0eb
bad110d13f5afadd3866fc99583fca687e923581474246f7969154d28cae5bc0
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
beb26862d55e4bbe430ddfeaddbeab47874cb92e38488bf8f70525459bf46d8c
c0dadf5fbe74f588c6bf665ae1e510e4a5fde839d06b8c277e2ca940de2f5002
c54a83df20cbcde05065ff69f4f851292480535f9e48c13320bac580f1f3ef8e
c6e7270a7a43474a98f386e6d787185f7473bef44cd2ac02065fe2da3a7b668d
caced8a15136cb302efdf4409e870c593705a9b300b78ae33289206ad207212f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d0a995a00b88519e769a55c010616e96a138d4d8ea8fcb5c14f390c731b1ec12
d782ea0544c82c8f80d5c5cc0598e628b0efd02d96b68d9537cc79c775f243de
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a
d95f1ce4cec2a943303bd56dbb4cb6ed606762cfbec119ea9b4b58d5f568a3ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f29ab7190b11cb34a505fdf8e7c83ef5ce4dfeea13a8ab4ae64109b0d9bf93c3
f3554b059089f72c1b2cd5dffd13ce8fa3b75ec10e8a48c088a2b05915d74297
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5