urlscan.io logo urlscan.io
SecurityTrails logo

reduiremesfactures.com Open in urlscan Pro
54.217.139.175  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://eej.at/eABRX9gK
Effective URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=t...
Submission: On December 01 via manual from HR — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 15 domains to perform 39 HTTP transactions. The main IP is 54.217.139.175, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is reduiremesfactures.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 2nd 2023. Valid for: a year.
This is the only time reduiremesfactures.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.125.128.216 16509 (AMAZON-02)
1 5 54.217.139.175 16509 (AMAZON-02)
3 216.58.212.136 15169 (GOOGLE)
9 169.150.247.40 60068 (CDN77 ^_^)
1 142.250.186.42 15169 (GOOGLE)
1 18.66.97.37 16509 (AMAZON-02)
3 142.250.186.35 15169 (GOOGLE)
1 13.32.27.107 16509 (AMAZON-02)
2 87.248.119.252 34010 (YAHOO-IRD)
5 104.126.37.42 20940 (AKAMAI-ASN1)
1 52.219.170.73 16509 (AMAZON-02)
1 216.239.32.36 15169 (GOOGLE)
6 193.105.74.19 43009 (INFOBIP-AS)
1 176.34.122.11 16509 (AMAZON-02)
1 212.82.100.181 34010 (YAHOO-IRD)
39 14
1    3.125.128.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-128-216.eu-central-1.compute.amazonaws.com
eej.at
5    54.217.139.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-139-175.eu-west-1.compute.amazonaws.com
reduiremesfactures.com
3    216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net
www.googletagmanager.com
9    169.150.247.40 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-40.datapacket.com
img.mediazeen.com
cdn.tagadamedia.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
1    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net
static.hotjar.com
3    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net
script.hotjar.com
2    87.248.119.252 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com
s.yimg.com
5    104.126.37.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-42.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    52.219.170.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com
s3.eu-central-1.amazonaws.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    193.105.74.19 (Frankfurt am Main, Germany)

ASN43009 (INFOBIP-AS, GB)
oneapi.infobip.com
1    176.34.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-122-11.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
Apex Domain
Subdomains		 Transfer
7 mediazeen.com
img.mediazeen.com
1 MB
6 infobip.com
oneapi.infobip.com — Cisco Umbrella Rank: 514875
2 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 617
145 KB
5 reduiremesfactures.com
reduiremesfactures.com
355 KB
3 gstatic.com
fonts.gstatic.com
24 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
216 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 630
7 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700
script.hotjar.com — Cisco Umbrella Rank: 933
61 KB
2 tagadamedia.com
cdn.tagadamedia.com
44 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1308
632 B
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6459
161 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
258 B
1 amazonaws.com
s3.eu-central-1.amazonaws.com
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
913 B
1 eej.at
eej.at — Cisco Umbrella Rank: 626314
499 B
39 15
Domain Requested by
7 img.mediazeen.com reduiremesfactures.com
6 oneapi.infobip.com s3.eu-central-1.amazonaws.com
5 analytics.tiktok.com reduiremesfactures.com
analytics.tiktok.com
5 reduiremesfactures.com 1 redirects reduiremesfactures.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com reduiremesfactures.com
www.googletagmanager.com
2 s.yimg.com reduiremesfactures.com
s.yimg.com
2 cdn.tagadamedia.com reduiremesfactures.com
1 sp.analytics.yahoo.com reduiremesfactures.com
1 content.hotjar.io script.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 s3.eu-central-1.amazonaws.com reduiremesfactures.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com reduiremesfactures.com
1 fonts.googleapis.com reduiremesfactures.com
1 eej.at 1 redirects
39 16

This site contains links to these domains. Also see Links.

Domain
www.bloctel.gouv.fr
Subject Issuer Validity Valid
reduiremesfactures.com
Amazon RSA 2048 M02		 2023-06-02 -
2024-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
img.mediazeen.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
cdn.tagadamedia.com
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-11-06 -
2023-12-27		 2 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-12		 10 months crt.sh
oneapi.infobip.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-12-30 -
2023-12-29		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2023-03-02 -
2024-03-30		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-04-17		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Frame ID: B4C165A970A22CEA99634AB9B9C59094
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Réduire mes factures - L'État finance votre Pompe à Chaleur jusqu'à 10 500€

Page URL History Show full URLs

  1. http://eej.at/eABRX9gK HTTP 302
    https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?hkey=fr-03ce38eb8057bf13d640ff4... HTTP 302
    https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_j... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

39
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

16
Subdomains

14
IPs

4
Countries

1976 kB
Transfer

3773 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://eej.at/eABRX9gK HTTP 302
    https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?hkey=fr-03ce38eb8057bf13d640ff4ba64e6cb7&source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3 HTTP 302
    https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sms-instantform-reduire-mes-factures-pac
reduiremesfactures.com/dop/
Redirect Chain
  • http://eej.at/eABRX9gK
  • https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?hkey=fr-03ce38eb8057bf13d640ff4ba64e6cb7&source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
  • https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
63 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.139.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-139-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
24268ab4c493f70418cd8383eac64ebf2c086bdd1752d1d71c1f1ea5588754b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 08:32:20 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding

Redirect headers

cache-control
private, must-revalidate
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 08:32:20 GMT
expires
-1
location
https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
large.css
reduiremesfactures.com/css/dop/ 		206 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reduiremesfactures.com/css/dop/large.css?id=3078520b18d325e07c74
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.139.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-139-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d50a2fcb094579a6f30eb34c8341285b5f14772f581a3cb94d21fb993a7d5b90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 30 Nov 2023 14:54:36 GMT
etag
"33815-60b5fd48be300-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
38420
app.js
reduiremesfactures.com/js/ 		760 KB
229 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reduiremesfactures.com/js/app.js?id=ffa57541f642c39919cc
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.139.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-139-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
01640af25739086d0d6016332e462cb25a3912f31ac7bdb9d4bd59529c927a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 30 Nov 2023 14:54:36 GMT
etag
"bde58-60b5fd48be300-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
66d1317c74117c6798c2f97383ed2cce0b3f276d37ed6b8533024428c56e566f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44167
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 08:32:21 GMT
design-sans-titre-51-2034.png
img.mediazeen.com/media/frd/20/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mediazeen.com/media/frd/20/design-sans-titre-51-2034.png
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.40 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-40.datapacket.com
Software
BunnyCDN-DE1-1075 /
Resource Hash
81b9a7f21c1e89d634751531763aea6093c3f04e395c987d3283491d3e319a70

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
cdn-edgestorageid
1047
x-amz-request-id
W12QECEVPT4K5VTZ
x-amz-server-side-encryption
AES256
cdn-cachedat
11/30/2023 10:30:57
cdn-pullzone
61945
content-length
21908
x-amz-id-2
iBGjNst6ZA1m0jEwxCgvvbZZaCqKwOzD4JXnnVofT2aI65vsV3O4BmklShicgkYlymMIQTw3r2w=
last-modified
Thu, 28 Sep 2023 08:17:52 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
e40bf29705caff27d48b1d9cec76156c
accept-ranges
bytes
cdn-requestcountrycode
AT
cdn-status
200
cdn-requestpullsuccess
True
pompe-chaleur-mobile-1049.png
img.mediazeen.com/media/frd/10/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mediazeen.com/media/frd/10/pompe-chaleur-mobile-1049.png
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.40 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-40.datapacket.com
Software
BunnyCDN-DE1-1075 /
Resource Hash
8e9aedb4274349243efe8eabdd8e1194891b9248d731ceda572b098789b746ff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
cdn-edgestorageid
871
x-amz-request-id
6H330KN6YT9BS61C
cdn-cachedat
12/01/2023 08:32:21
cdn-pullzone
61945
content-length
179180
x-amz-id-2
Q6Yl4QcSXXCrDo7tYThxZX5SsFwmXnXT/CEi4FsyBzumrwVEXVUmn8nXYjattFCQMvmJEBaLHus=
last-modified
Wed, 07 Dec 2022 10:30:33 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
206
content-type
image/png
cdn-cache
MISS
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
e28938ba2dd6f0d48109834c242776fd
accept-ranges
bytes
cdn-requestcountrycode
AT
cdn-status
200
cdn-requestpullsuccess
True
ehawktalon6-conf.js
cdn.tagadamedia.com/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tagadamedia.com/ehawktalon6-conf.js
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.40 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-40.datapacket.com
Software
BunnyCDN-DE1-1075 /
Resource Hash
bb99151eedf65a27347f07ee5996bb6d9466ba95a80e383b5bd7fd55a3e42e14

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
content-encoding
br
cdn-edgestorageid
1049
x-amz-request-id
22XKGCG4J7B0SFY1
x-amz-server-side-encryption
AES256
cdn-cachedat
11/15/2023 13:27:53
cdn-pullzone
61945
x-amz-id-2
FzL6Ugzf4eRFRiaudNvphMIf27ZdptynleFB2i7LciI/mfA9MGR8IWSE3TSdE2AD3rnu7+ArWXQ=
last-modified
Wed, 15 Nov 2023 09:52:08 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"338949757aab3e3fbf9acfda3c97c996"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
0bcdca3d7c4b7ffa2e8f356df2a7982f
cdn-requestcountrycode
AT
cdn-status
200
cdn-requestpullsuccess
True
rf-927.png
img.mediazeen.com/media/frd/92/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mediazeen.com/media/frd/92/rf-927.png
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.40 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-40.datapacket.com
Software
BunnyCDN-DE1-1075 /
Resource Hash
4f9d6e5762afba2b6cc16cd5cb781b0fb4d72d50fdfab4f51fef64e7b2f67e4b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
cdn-edgestorageid
1047
x-amz-request-id
W12QS9XRPM55PE6Y
x-amz-server-side-encryption
AES256
cdn-cachedat
11/30/2023 10:30:57
cdn-pullzone
61945
content-length
4240
x-amz-id-2
+/5SiCxcDJwtJwCTX/W1FPSm6k2Vg6sao39aWvHQCH4VtCfv9YWVqvveA3b89Su0uumBHnEV5DE=
last-modified
Wed, 12 Oct 2022 07:58:47 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
b09b1f2782aa1b8bcea7db00df2de7e1
accept-ranges
bytes
cdn-requestcountrycode
AT
cdn-status
200
cdn-requestpullsuccess
True
france-relance-928.png
img.mediazeen.com/media/frd/92/ 		330 KB
330 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mediazeen.com/media/frd/92/france-relance-928.png
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.40 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-40.datapacket.com
Software
BunnyCDN-DE1-1075 /
Resource Hash
10d8ead2ac977a13cec0f4a19cafa35b84ee056de942e486a584640c78ce0e33

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
cdn-edgestorageid
756
x-amz-request-id
W12YKFE5DHES018G
cdn-cachedat
11/30/2023 10:30:57
cdn-pullzone
61945
content-length
337653
x-amz-id-2
EjMDDYsNzSlQ+BpaBL5L13tdufjwxeHMXdvyEJf3gcqqHPp7BsEqcJHvUYgMa2yXm9+UETXewvc=
last-modified
Wed, 12 Oct 2022 07:58:47 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
8f3fb8154cd011933e44eb585ea11766
accept-ranges
bytes
cdn-requestcountrycode
AT
cdn-status
200
cdn-requestpullsuccess
True
logo-maprimerenov-929.png
img.mediazeen.com/media/frd/92/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mediazeen.com/media/frd/92/logo-maprimerenov-929.png
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.40 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-40.datapacket.com
Software
BunnyCDN-DE1-1075 /
Resource Hash
d169d13e521c6ae55bf3890d7cfb8ad3ecd81166bc05908440082c379cba1158

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
cdn-edgestorageid
1049
x-amz-request-id
W12WH9FZHC6NDM7W
cdn-cachedat
11/30/2023 10:30:57
cdn-pullzone
61945
content-length
253667
x-amz-id-2
eD3krfCr+0FeJtiJcWB9gEJsctrJxA9STpXcDO8/c1UIVacec8q+pPrV8PnBBJmpeo56YdgOG2w=
last-modified
Wed, 12 Oct 2022 07:58:47 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
c6b91405fcd2ad8a7e26a83069651291
accept-ranges
bytes
cdn-requestcountrycode
AT
cdn-status
200
cdn-requestpullsuccess
True
france-renov-926.jpg
img.mediazeen.com/media/frd/92/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mediazeen.com/media/frd/92/france-renov-926.jpg
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.40 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-40.datapacket.com
Software
BunnyCDN-DE1-1075 /
Resource Hash
9c9164193c887af74c6a851275b7e9c7e9d60da50dcfa10e3108650e022cdf3b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
cdn-edgestorageid
1076
x-amz-request-id
W12PW43GV664FBQ6
x-amz-server-side-encryption
AES256
cdn-cachedat
11/30/2023 10:30:57
cdn-pullzone
61945
content-length
20416
x-amz-id-2
z4R5cktj/yQfQUQQ7sIpPdLzxRgaUKB7Bp0AurYE86DAI3C/ujn+bSvM+QIYce37/CptNbi3+XA=
last-modified
Wed, 12 Oct 2022 07:58:47 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
39322cce21532de2495f66ced797bb38
accept-ranges
bytes
cdn-requestcountrycode
AT
cdn-status
200
cdn-requestpullsuccess
True
iframeResizer.contentWindow.min.js
cdn.tagadamedia.com/js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tagadamedia.com/js/iframeResizer.contentWindow.min.js
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.40 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-40.datapacket.com
Software
BunnyCDN-DE1-1075 /
Resource Hash
055ac459ba9aeb6dc1f6e44c5cb7026228e7d2a66bd36861ef8d9c775c3e873c

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
content-encoding
br
cdn-edgestorageid
752
x-amz-request-id
73HYP87P21S2CANN
x-amz-server-side-encryption
AES256
cdn-cachedat
10/19/2023 09:08:18
cdn-pullzone
61945
x-amz-id-2
wdyguLToyYUXXPGWsVVbQfQqTq3XxJE9JBuXl7NPexQSKOYPRD7KW2pbrjkrsJdhi1m+jIsx0SA=
last-modified
Thu, 19 Oct 2023 09:07:45 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"530448b7287f94fcad875bd99eb15561"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
37db24b136d380333f089d10d6127f96
cdn-requestcountrycode
AT
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		3 KB
913 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,600,800
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/css/dop/large.css?id=3078520b18d325e07c74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
5b4f6c9a0797dd8f094ab8c5e3597282d8302a58f75165ec6dd2db1ef5b65c34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 08:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 08:32:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 08:32:21 GMT
gtm.js
www.googletagmanager.com/ 		242 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KWNVQ2P
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1729572535870aaaf296e069bc2f81943f310d731c38d231674970844919cd0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83326
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 08:32:21 GMT
hotjar-3449425.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3449425.js?sv=6
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
ac21693513f1332f48df3de2a5fc24fe624755ff6a3d8f6d933f0517510fca4a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 08:32:21 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/928fb87046201d4ba7b5be33af5af735
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
c9rTAZr6lMRm6NjVESMpneYv_fuCZY7HbpGuKpEQh50PpxRxCeka-Q==
travaux-pac-desktop-1-1044.png
img.mediazeen.com/media/frd/10/ 		288 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mediazeen.com/media/frd/10/travaux-pac-desktop-1-1044.png
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.40 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-40.datapacket.com
Software
BunnyCDN-DE1-1075 /
Resource Hash
3d3ce958442c64eab70b396e2ac6033181a024c74ea6f4f0690f0b5bb15c22fd

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
cdn-edgestorageid
1077
x-amz-request-id
6H3FXY0HDB228E94
cdn-cachedat
12/01/2023 08:32:21
cdn-pullzone
61945
content-length
295162
x-amz-id-2
CtrCBgL8gPvhCZEBCFMh4LdNe0s8CZUFTaDYRESvgYpJSLidARHwiYxJieNkQ6qpwrOEGgf7VXs=
last-modified
Tue, 06 Dec 2022 17:26:00 GMT
server
BunnyCDN-DE1-1075
cdn-proxyver
1.04
cdn-requestpullcode
206
content-type
image/png
cdn-cache
MISS
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
b7e6b15eb128da1b6ad2ac0ff543a39e
accept-ranges
bytes
cdn-requestcountrycode
AT
cdn-status
200
cdn-requestpullsuccess
True
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reduiremesfactures.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 21:25:45 GMT
x-content-type-options
nosniff
age
558396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 21:25:45 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reduiremesfactures.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 21:13:02 GMT
x-content-type-options
nosniff
age
559159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 21:13:02 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reduiremesfactures.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 09:28:42 GMT
x-content-type-options
nosniff
age
428619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Nov 2024 09:28:42 GMT
webfa-solid-900.woff2
reduiremesfactures.com/fonts/vendor/@fortawesome/fontawesome-free/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://reduiremesfactures.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?d824df7eb2e268626a2dd9a6a741ac4e
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/css/dop/large.css?id=3078520b18d325e07c74
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.139.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-139-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://reduiremesfactures.com/css/dop/large.css?id=3078520b18d325e07c74
Origin
https://reduiremesfactures.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 30 Nov 2023 14:54:36 GMT
accept-ranges
bytes
etag
"131bc-60b5fd48be300"
content-length
78268
content-type
font/woff2
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-77HTKY36M5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9f62d000b5fede9433735ad58609d45c389fabf751df7aa220f8a58f50a29ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92874
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 08:32:21 GMT
modules.28e3191d8757c557b4b7.js
script.hotjar.com/ 		227 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.28e3191d8757c557b4b7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3449425.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
/
Resource Hash
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
671475
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57395
last-modified
Thu, 23 Nov 2023 14:00:23 GMT
etag
"1ab24a53e715dcb189ab626bacc0e88b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
JqftCjrSJnW_Mz9xNUHObxRtMrBTOtqiGqmHaN-_cD0tgL_AiXH2Aw==
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.252 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:20 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
WFB55TMG35570X8X
age
3
x-amz-server-side-encryption
AES256
x-amz-id-2
ky2Sle63UZBTe/Bvwh1wqH90DdP3xDoAZxG6w6WwEfJVoXus96zNuFNF4Y2dpFrzuDMBcIorQU/BoCu5qDjfdHngn2vB2XHhdRbHJmWB/dQ=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJRII5BC77UDVQ8J63IG&lib=ttq
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
448a0c53ac18d6a51a050a08abad706e74fa0eeccbb599ac12ba0294955be8fd

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id
c72f5698.89c4233a
date
Fri, 01 Dec 2023 08:32:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
90,104.126.37.38
server-timing
cdn-cache; desc=MISS, edge; dur=85, origin; dur=5, inner; dur=3
content-length
1306
pragma
no-cache
server
nginx
x-tt-logid
202312010832213FD34EA9300AA9855BD7
x-cache-remote
TCP_MISS from a23-48-200-72.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.48.200.72
x-tt-trace-host
01f3b6313a578b9e0c4abf3c05d858ee1d8a78abc92053c9bedc0ba79c81660bf850c09f22fbcf5914e4e7f944381214a17f8db7b56ef4b76075b7db52ee5401a12a2d2f7ece845a4a97e91ccf03b68f996072e9dd31b90005e5b25058458d6d079e39ddc03c575afc2084fad603f4dc2b
expires
Fri, 01 Dec 2023 08:32:21 GMT
pe.latest-2.js
s3.eu-central-1.amazonaws.com/portal-cdn-production/people-events-sdk/ 		29 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.eu-central-1.amazonaws.com/portal-cdn-production/people-events-sdk/pe.latest-2.js
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.170.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
095d101e32c12df5267800ee8cb85ced1fe5b5ff72f08c344d51c265c16994eb

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 08:32:22 GMT
x-amz-version-id
Geg_NMIAu2MMJ_CaINIVrSQ2rNriPdqg
Last-Modified
Mon, 07 Aug 2023 09:27:27 GMT
Server
AmazonS3
x-amz-request-id
6H380WMZ3768QW76
ETag
"dd955fbc9cd8d4bb1641933f9a893ed5"
x-amz-server-side-encryption
AES256
Content-Type
application/x-javascript
Cache-Control
public,max-age=7200
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
30035
x-amz-id-2
jNgft79g+rFXjhWVP4v9FkInG/+Ix1aL3IrCMYfmv5apCNm2nzGQ6VLDbLJ7+wObvCfkReGDvR0=
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-77HTKY36M5&gtm=45je3bt0v893858178&_p=1701419541194&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1939505585.1701419542&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701419541&sct=1&seg=0&dl=https%3A%2F%2Freduiremesfactures.com%2Fdop%2Fsms-instantform-reduire-mes-factures-pac%3Fsource%3Dsms%26aff_sub%3Dinteret_JC_janv-mai22%26aff_sub3%3Dtgda3&dt=R%C3%A9duire%20mes%20factures%20-%20L%27%C3%89tat%20finance%20votre%20Pompe%20%C3%A0%20Chaleur%C2%A0jusqu%27%C3%A0%2010%20500%E2%82%AC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1132
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77HTKY36M5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:32:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reduiremesfactures.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10015244.json
s.yimg.com/wi/config/ 		2 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10015244.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.252 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
6H37PCR5GMQ11PBQ
age
1
content-length
22
x-amz-id-2
TcwD+YaU4lJkKFy/ewqLAuP3SJbyBgO41lWlVQHFXtVBZKk4FEpWcCMOX0pOgIZIBc3V0Z6A8TA=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
visitors
oneapi.infobip.com/people/1/ 		93 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oneapi.infobip.com/people/1/visitors
Requested by
Host: s3.eu-central-1.amazonaws.com
URL: https://s3.eu-central-1.amazonaws.com/portal-cdn-production/people-events-sdk/pe.latest-2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.105.74.19 Frankfurt am Main, Germany, ASN43009 (INFOBIP-AS, GB),
Reverse DNS
Software
SMS API /
Resource Hash
4c31f2f79d033a693cccdf914688976dfa1c8a6a411d23f71de6f731e48bc2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://reduiremesfactures.com/
accept-language
de-AT,de;q=0.9
Authorization
App fe3a842773f26834b18299038b2855ea-9aaef29f-c66c-4ce2-8ef3-8998b7dded92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
server
SMS API
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=UTF-8
location
/api/v1.0/accounts/564097/visitors/1c868006-293c-46b2-9477-a39b382f160b
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie, visitor-ttl
x-server-id
p4-fr-vise-2.ancotel.local_8080:8080
access-control-allow-credentials
true
visitor-ttl
3888000
access-control-allow-headers
Authorization, Content-Type
content-length
93
x-request-id
1701419541764920162
visitors
oneapi.infobip.com/people/1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oneapi.infobip.com/people/1/visitors
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.105.74.19 Frankfurt am Main, Germany, ASN43009 (INFOBIP-AS, GB),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://reduiremesfactures.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type
access-control-allow-methods
POST
access-control-allow-origin
https://reduiremesfactures.com
access-control-expose-headers
Set-Cookie
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.28e3191d8757c557b4b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
176.34.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-122-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
09057fed4cdf50b6c55c670002ac300edfae6d476f3d4acb358f0f768162dea5

Request headers

Referer
https://reduiremesfactures.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 08:32:21 GMT
content-length
56
vary
Origin
content-type
application/json
main.MTdjYzNiZDU2MA.js
analytics.tiktok.com/i18n/pixel/static/ 		397 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJRII5BC77UDVQ8J63IG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id
89c42418
date
Fri, 01 Dec 2023 08:32:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202311090731269DFE9262F7CE1AE7E72D
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
014180c1b37eddca8e54ac1a7d395ce7715048e8a1793aff10a86a694e1a7e85b294d4179dae9c55d8a6970b5d9e52768129554676b6ccacbeecb68a8a21211b3b4888301bfbbf1d480412cb99e96bbb5b2f81c615810089fc190d6a2b485ac8a5
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=17
content-length
108174
sp.pl
sp.analytics.yahoo.com/ 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2001%20Dec%202023%2008%3A32%3A21%20GMT&n=-1&b=R%C3%A9duire%20mes%20factures%20-%20L%27%C3%89tat%20finance%20votre%20Pompe%20%C3%A0%20Chaleur%C2%A0jusqu%27%C3%A0%2010%20500%E2%82%AC&.yp=10015244&f=https%3A%2F%2Freduiremesfactures.com%2Fdop%2Fsms-instantform-reduire-mes-factures-pac%3Fsource%3Dsms%26aff_sub%3Dinteret_JC_janv-mai22%26aff_sub3%3Dtgda3&enc=UTF-8&yv=1.15.1&tagmgr=gtm
Requested by
Host: reduiremesfactures.com
URL: https://reduiremesfactures.com/dop/sms-instantform-reduire-mes-factures-pac?source=sms&aff_sub=interet_JC_janv-mai22&aff_sub3=tgda3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:32:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 01 Dec 2023 08:32:21 GMT
sessions
oneapi.infobip.com/people/1/ 		286 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oneapi.infobip.com/people/1/sessions
Requested by
Host: s3.eu-central-1.amazonaws.com
URL: https://s3.eu-central-1.amazonaws.com/portal-cdn-production/people-events-sdk/pe.latest-2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.105.74.19 Frankfurt am Main, Germany, ASN43009 (INFOBIP-AS, GB),
Reverse DNS
Software
SMS API /
Resource Hash
ee1f65b5f90a5a8ebe995e06a7abfad2ef65e741c61d5ba433ae71495617aced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://reduiremesfactures.com/
accept-language
de-AT,de;q=0.9
Authorization
App fe3a842773f26834b18299038b2855ea-9aaef29f-c66c-4ce2-8ef3-8998b7dded92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 01 Dec 2023 08:32:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
server
SMS API
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
content-type
application/json;charset=utf-8
access-control-allow-origin
https://reduiremesfactures.com
access-control-expose-headers
Set-Cookie
access-control-allow-credentials
true
x-request-id
1701419541860680835
sessions
oneapi.infobip.com/people/1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oneapi.infobip.com/people/1/sessions
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.105.74.19 Frankfurt am Main, Germany, ASN43009 (INFOBIP-AS, GB),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://reduiremesfactures.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type
access-control-allow-methods
POST
access-control-allow-origin
https://reduiremesfactures.com
access-control-expose-headers
Set-Cookie
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
identify_bb163.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://reduiremesfactures.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id
89c4249c
date
Fri, 01 Dec 2023 08:32:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231109073127516758C986DC33DFD9A5
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
014180c1b37eddca8e54ac1a7d395ce7715048e8a1793aff10a86a694e1a7e85b2afc7d9db99d51beb50669848a3f2a9b3fb457d3904dec909b090691496411534f6c38000ced9b7e2fe367b4c632bc879b55a5d88147333a8016508a61ae8fb49
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
content-length
35971
pixel
analytics.tiktok.com/api/v2/ 		0
652 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reduiremesfactures.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
89c424d3
date
Fri, 01 Dec 2023 08:32:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing
inner; dur=36, cdn-cache; desc=MISS, edge; dur=5, origin; dur=129
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023120108322166EB5F009BF10108C789
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
129,104.126.37.38
x-tt-trace-host
01f3b6313a578b9e0c4abf3c05d858ee1d3bcfdb256f8cbc71ae33f2db9954cd106b913cfeb847bbfd665850f5152548491fbfdca923f3b5cfc34193351801371d08e4621927e734637413bf42814b0ef7f3b710057ea3df0fc1b656f7254ba613
access-control-allow-headers
Authorization,*
expires
Fri, 01 Dec 2023 08:32:22 GMT
pageViews
oneapi.infobip.com/peopleevents/1/persons/1c868006-293c-46b2-9477-a39b382f160b/ 		114 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oneapi.infobip.com/peopleevents/1/persons/1c868006-293c-46b2-9477-a39b382f160b/pageViews?personIdentifierType=visitor_id
Requested by
Host: s3.eu-central-1.amazonaws.com
URL: https://s3.eu-central-1.amazonaws.com/portal-cdn-production/people-events-sdk/pe.latest-2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.105.74.19 Frankfurt am Main, Germany, ASN43009 (INFOBIP-AS, GB),
Reverse DNS
Software
SMS API /
Resource Hash
5680cd2119e3528b5fe4839bf46da6b820e8fb0ac7ba8580fc00afcc2bd6ef8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://reduiremesfactures.com/
accept-language
de-AT,de;q=0.9
ib-meta-session-id
65699a1532af9331a06d6e2a
Authorization
App fe3a842773f26834b18299038b2855ea-9aaef29f-c66c-4ce2-8ef3-8998b7dded92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 01 Dec 2023 08:32:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
server
SMS API
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie, visitor-ttl
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
content-length
114
x-request-id
1701419541973510837
pageViews
oneapi.infobip.com/peopleevents/1/persons/1c868006-293c-46b2-9477-a39b382f160b/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oneapi.infobip.com/peopleevents/1/persons/1c868006-293c-46b2-9477-a39b382f160b/pageViews?personIdentifierType=visitor_id
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.105.74.19 Frankfurt am Main, Germany, ASN43009 (INFOBIP-AS, GB),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,ib-meta-session-id
Access-Control-Request-Method
POST
Origin
https://reduiremesfactures.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, ib-meta-session-id
access-control-allow-methods
POST
access-control-allow-origin
https://reduiremesfactures.com
access-control-expose-headers
Set-Cookie
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
act
analytics.tiktok.com/api/v2/pixel/ 		0
793 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reduiremesfactures.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1d8a07aa.89c425e2
date
Fri, 01 Dec 2023 08:32:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
110,104.126.37.38
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=24, inner; dur=21
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202312010832227DD81DB8F7DC103190C0
x-cache-remote
TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
24,23.220.105.199
x-tt-trace-host
01f3b6313a578b9e0c4abf3c05d858ee1d8a78abc92053c9bedc0ba79c81660bf81c0ff7c8f7296e5b4fa49980717c3c5c183e81794ffec735dd3398327b6d71a65629f19951e47e3eea3b4efde3eb52cba622f969342d854d1eefd60c5fdf41ea125bbce257ca225cfbce41f563ed59db
access-control-allow-headers
Authorization,*
expires
Fri, 01 Dec 2023 08:32:22 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| setImmediate function| clearImmediate function| jQuery function| $ function| axios object| app string| gtm_application_slug string| gtm_application_url string| gtm_operation_slug string| gtm_source string| gtm_instance string| app_locale string| app_instance object| operation_settings function| gtag object| dataLayer function| hj object| _hjSettings object| eHawkTalonSettings object| Talon object| regeneratorRuntime object| translations object| google_tag_manager object| google_tag_data object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| dotq string| TiktokAnalyticsObject object| ttq string| PeopleEventsObject object| pe object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| YAHOO object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly

11 Cookies

Domain/Path Name / Value
reduiremesfactures.com/ Name: contest_session
Value: KDTptZWOPFwg6N5ZU0t2bTmj2m4wqVJl59TNev1u
.reduiremesfactures.com/ Name: _gcl_au
Value: 1.1.1451904793.1701419541
.reduiremesfactures.com/ Name: _ga_77HTKY36M5
Value: GS1.1.1701419541.1.0.1701419541.0.0.0
.reduiremesfactures.com/ Name: _ga
Value: GA1.1.1939505585.1701419542
.reduiremesfactures.com/ Name: _hjFirstSeen
Value: 1
.reduiremesfactures.com/ Name: _hjIncludedInSessionSample_3449425
Value: 1
.reduiremesfactures.com/ Name: _hjSession_3449425
Value: eyJpZCI6ImZhZGNhZjRlLWMwYmMtNDViZC1hNDc2LWUxOTI3MTIwZmFiMCIsImNyZWF0ZWQiOjE3MDE0MTk1NDE2ODQsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.reduiremesfactures.com/ Name: _hjSessionUser_3449425
Value: eyJpZCI6IjU5NGZiOTQyLTE1ZDUtNWNlNC1iNTc4LTE1MzBjOGFmYjc4OCIsImNyZWF0ZWQiOjE3MDE0MTk1NDE2ODIsImV4aXN0aW5nIjp0cnVlfQ==
.reduiremesfactures.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.tiktok.com/ Name: _ttp
Value: 2YvwpHyhXzUz9Asjv4VG8z0Wovb
.yahoo.com/ Name: A3
Value: d=AQABBBWaaWUCEOfruYtNfxU1y0ikP3swD4oFEgEBAQHramVzZe4MxyMA_eMAAA&S=AQAAAtja-xi0lybkKp4EPKyaTXI

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdn.tagadamedia.com
content.hotjar.io
eej.at
fonts.googleapis.com
fonts.gstatic.com
img.mediazeen.com
oneapi.infobip.com
reduiremesfactures.com
region1.google-analytics.com
s.yimg.com
s3.eu-central-1.amazonaws.com
script.hotjar.com
sp.analytics.yahoo.com
static.hotjar.com
www.googletagmanager.com
104.126.37.42
13.32.27.107
142.250.186.35
142.250.186.42
169.150.247.40
176.34.122.11
18.66.97.37
193.105.74.19
212.82.100.181
216.239.32.36
216.58.212.136
3.125.128.216
52.219.170.73
54.217.139.175
87.248.119.252
01640af25739086d0d6016332e462cb25a3912f31ac7bdb9d4bd59529c927a38
055ac459ba9aeb6dc1f6e44c5cb7026228e7d2a66bd36861ef8d9c775c3e873c
09057fed4cdf50b6c55c670002ac300edfae6d476f3d4acb358f0f768162dea5
095d101e32c12df5267800ee8cb85ced1fe5b5ff72f08c344d51c265c16994eb
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8ead2ac977a13cec0f4a19cafa35b84ee056de942e486a584640c78ce0e33
1729572535870aaaf296e069bc2f81943f310d731c38d231674970844919cd0f
24268ab4c493f70418cd8383eac64ebf2c086bdd1752d1d71c1f1ea5588754b7
3d3ce958442c64eab70b396e2ac6033181a024c74ea6f4f0690f0b5bb15c22fd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448a0c53ac18d6a51a050a08abad706e74fa0eeccbb599ac12ba0294955be8fd
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4c31f2f79d033a693cccdf914688976dfa1c8a6a411d23f71de6f731e48bc2a6
4f9d6e5762afba2b6cc16cd5cb781b0fb4d72d50fdfab4f51fef64e7b2f67e4b
5680cd2119e3528b5fe4839bf46da6b820e8fb0ac7ba8580fc00afcc2bd6ef8d
5b4f6c9a0797dd8f094ab8c5e3597282d8302a58f75165ec6dd2db1ef5b65c34
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
66d1317c74117c6798c2f97383ed2cce0b3f276d37ed6b8533024428c56e566f
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81b9a7f21c1e89d634751531763aea6093c3f04e395c987d3283491d3e319a70
8e9aedb4274349243efe8eabdd8e1194891b9248d731ceda572b098789b746ff
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9c9164193c887af74c6a851275b7e9c7e9d60da50dcfa10e3108650e022cdf3b
9f62d000b5fede9433735ad58609d45c389fabf751df7aa220f8a58f50a29ed7
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
ac21693513f1332f48df3de2a5fc24fe624755ff6a3d8f6d933f0517510fca4a
bb99151eedf65a27347f07ee5996bb6d9466ba95a80e383b5bd7fd55a3e42e14
d169d13e521c6ae55bf3890d7cfb8ad3ecd81166bc05908440082c379cba1158
d50a2fcb094579a6f30eb34c8341285b5f14772f581a3cb94d21fb993a7d5b90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1f65b5f90a5a8ebe995e06a7abfad2ef65e741c61d5ba433ae71495617aced
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149