www.wesur.fr
Open in
urlscan Pro
63.35.51.142
Public Scan
Submission: On June 16 via api from CZ — Scanned from FR
Summary
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.
This is the only time www.wesur.fr was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-51-142.eu-west-1.compute.amazonaws.com
www.wesur.fr |
ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-47.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-61-66.eu-west-3.compute.amazonaws.com
chatbot.infra.wesur.fr | |
gtm.infra.wesur.fr |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Domain | Requested by | |
---|---|---|
16 | fonts.gstatic.com |
fonts.googleapis.com
|
16 | cdn.prod.website-files.com |
www.wesur.fr
|
10 | app.termly.io |
www.wesur.fr
app.termly.io |
7 | pagead2.googlesyndication.com |
www.wesur.fr
pagead2.googlesyndication.com www.googletagmanager.com |
5 | chatbot.infra.wesur.fr |
www.wesur.fr
chatbot.infra.wesur.fr |
4 | www.googletagmanager.com |
www.wesur.fr
www.googletagmanager.com |
3 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
2 | www.google.com |
chatbot.infra.wesur.fr
www.gstatic.com |
2 | www.facebook.com |
www.wesur.fr
|
2 | connect.facebook.net |
www.wesur.fr
connect.facebook.net |
1 | unicons.iconscout.com |
chatbot.infra.wesur.fr
|
1 | www.gstatic.com |
www.google.com
|
1 | gtm.infra.wesur.fr |
www.googletagmanager.com
|
1 | cdn.jetboost.io |
www.wesur.fr
|
1 | fonts.googleapis.com |
ajax.googleapis.com
|
1 | d3e54v103j8qbb.cloudfront.net |
www.wesur.fr
|
1 | cdn.jsdelivr.net |
www.wesur.fr
|
1 | ajax.googleapis.com |
www.wesur.fr
|
1 | www.wesur.fr | |
79 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
wesur.fr |
policies.google.com |
app.wesur.fr |
www.google.com |
www.facebook.com |
www.instagram.com |
www.linkedin.com |
twitter.com |
www.tiktok.com |
wesur.notion.site |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.wesur.fr R3 |
2024-05-27 - 2024-08-25 |
3 months | crt.sh |
prod.website-files.com GTS CA 1P5 |
2024-04-26 - 2024-07-25 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
app.termly.io Sectigo RSA Domain Validation Secure Server CA |
2024-05-28 - 2025-06-28 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
*.g.doubleclick.net WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
chatbot.infra.wesur.fr R3 |
2024-05-01 - 2024-07-30 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-03-26 - 2024-06-24 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
cdn.jetboost.io Amazon RSA 2048 M02 |
2024-03-20 - 2025-04-18 |
a year | crt.sh |
gtm.infra.wesur.fr R3 |
2024-06-03 - 2024-09-01 |
3 months | crt.sh |
*.google.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
iconscout.com GTS CA 1P5 |
2024-05-14 - 2024-08-12 |
3 months | crt.sh |
tpc.googlesyndication.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.wesur.fr/guides/que-se-passe-t-il-si-on-clique-sur-un-lien-de-phishing
Frame ID: 80294EF46F8CF3ADC8047B91FF2455D6
Requests: 73 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Frame ID: AF710DC85AF1FAF547C5D74B4B751465
Requests: 1 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6584544162322095&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718558069&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.wesur.fr%2Fguides%2Fque-se-passe-t-il-si-on-clique-sur-un-lien-de-phishing&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_22~31_3~27_14~29_10&aiixl=28_4~31_8~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718558069247&bpp=4&bdt=828&idt=412&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1506547740849&frm=20&pv=2&ga_vid=1864509344.1718558069&ga_sid=1718558070&ga_hid=1420671600&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44795921%2C95331687%2C95334511%2C95334529%2C95334566%2C95334570%2C95334580%2C95334820%2C95335245%2C95334053%2C95335292%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2846708308179727&tmod=516740600&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=446
Frame ID: 7558728E9322DE6C1173E995663C0C97
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le6dKsoAAAAABvKZ6NufT2OdnUAH62gCnFWBJOe&co=aHR0cHM6Ly93d3cud2VzdXIuZnI6NDQz&hl=fr&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=uff9odg655t7
Frame ID: 43240763A11D8E47277B9CDD84A02550
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 84440E00E69103EB6DC4E3D192B9BFA0
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Que se passe-t-il si on clique sur un lien de phishing ?Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
- googleapis\.com/.+webfont
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
26 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Comparez les offres en 2 minutes
Search URL Search Domain Scan URL
Title: Comparez les offres en 2 minutes
Search URL Search Domain Scan URL
Title: Comparez les offres en 2 minutes
Search URL Search Domain Scan URL
Title: Trouver la meilleure offre
Search URL Search Domain Scan URL
Title: Comparez les offres en 2 minutes
Search URL Search Domain Scan URL
Title: Comparez les offres en 2 minutes
Search URL Search Domain Scan URL
Title: Comparez les offres en 2 minutes
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Anticipez cette hausse en comparant les meilleures offres dès maintenant.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: N'attendez pas plus pour comparer et surtout pour changer !
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Comparer
Search URL Search Domain Scan URL
Title: Essayer WeSur
Search URL Search Domain Scan URL
Title: 4,9
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Espace Presse & Kit Média
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
79 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
que-se-passe-t-il-si-on-clique-sur-un-lien-de-phishing
www.wesur.fr/guides/ |
81 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wesur.webflow.2c9cb9147.min.css
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/css/ |
367 KB 62 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
318 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
de722e17-5674-4ba5-ac46-8c7916fe625a
app.termly.io/resource-blocker/ |
639 KB 196 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
264 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs-cc.js
cdn.jsdelivr.net/npm/@finsweet/cookie-consent@1/ |
29 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
156 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
651a8bc1eeb2c5d25f534ddf_Contact%20Mail%20Wesur.png
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
223 B 608 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
651a8bc1eeb2c5d25f534f34_icon-6-social-media-saas-x-template.svg
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
416 B 712 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
651a8bc1eeb2c5d25f534f23_icon-4-social-media-saas-x-template.svg
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
651a8bc1eeb2c5d25f534f24_icon-3-social-media-saas-x-template.svg
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
1 KB 983 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
654ceb533c812d5d068724a6_logo-black-p-500.png
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
65f864011c51fb4a2b2d993f_tiktok-6338432_960_720-p-500.webp
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webflow.36a872272.js
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/js/ |
1022 KB 199 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chatbot.js
chatbot.infra.wesur.fr/ |
22 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
34 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
219 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2
fonts.gstatic.com/s/inconsolata/v32/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2
fonts.gstatic.com/s/raleway/v34/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
7 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiDyp8kv8JHgFVrJJLm81xVF9eO.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
207 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jetboost.js
cdn.jetboost.io/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
65f9615f20b5a50f26c4ba7e_meta%20carre%CC%81%20guides-transcode.mp4
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
759 KB 760 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
65f9615f20b5a50f26c4ba7e_meta%20carre%CC%81%20guides-poster-00001.jpg
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
653930f68ff2023ea654490a_wesur%20violet.svg
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
663a2ebb85d1f3124995e5d4_chevron-down.svg
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
506 B 702 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
651a8bc2eeb2c5d25f536e10_Adam.png
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534da2/ |
77 KB 78 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
651a8bc2eeb2c5d25f536ff9_Que%20se%20passe-t-il%20si%20on%20clique%20sur%20un%20lien%20de%20phishing.svg
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534da2/ |
28 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6530f6f72881e69065f3f3e2_Pattern%20(1).-p-1600.png
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
100 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
statistics
app.termly.io/api/v1/snippets/websites/de722e17-5674-4ba5-ac46-8c7916fe625a/ |
3 B 557 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookies
app.termly.io/api/v1/snippets/websites/de722e17-5674-4ba5-ac46-8c7916fe625a/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
health
chatbot.infra.wesur.fr/api/ |
69 B 185 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
943460296599273
connect.facebook.net/signals/config/ |
67 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
882.min.js
app.termly.io/resource-blocker/support/ |
481 B 593 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
en.json
app.termly.io/resource-blocker/i18n/ |
12 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/ |
426 KB 144 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
statistics
app.termly.io/api/v1/snippets/websites/de722e17-5674-4ba5-ac46-8c7916fe625a/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
en.json
app.termly.io/resource-blocker/i18n/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
landing
pagead2.googlesyndication.com/pagead/ |
42 B 64 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
325 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
gtm.infra.wesur.fr/g/ |
65 B 224 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 243 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
chatbot.infra.wesur.fr/css/ |
30 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wesur_logo.svg
chatbot.infra.wesur.fr/img/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bot_icon.png
chatbot.infra.wesur.fr/img/ |
277 KB 277 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
388.min.js
app.termly.io/resource-blocker/support/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
636.min.js
app.termly.io/resource-blocker/support/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 973 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/ Frame AF71 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
pagead2.googlesyndication.com/pagead/ Frame 7558 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
270.min.js
app.termly.io/resource-blocker/support/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/ |
518 KB 206 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
solid.css
unicons.iconscout.com/release-pro/v4.0.8/css/ |
53 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame 4324 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
654e111816c68ced7a9b977e_favicon32.png
cdn.prod.website-files.com/651a8bc1eeb2c5d25f534d9c/ |
931 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8444 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240612&jk=2846708308179727&bg=!MDOlM3zNAAb64txl2uI7ADQBe5WfOJ9TEMLxMatgmjdx6hLm6KjIZ68cpkF84VAtmEoJ2cM3pNk4VRs8k9mDtnkw4-dwAgAAALBSAAAAG2gBB34ANWl4wavxwUQpCCdU4WPx9pGNCNIXXQX_Bixhiw6UET-agQmb4l0V1mAF9kRtHZIxS2aELb01CgCP9w1fuDIluzNhrjsfd2lFa4_u_V7QRvHlEXaphE4TFyA5phInhBvEloDOEOcWFy6KI4ldFtITcpw5RK5ZSUppx_Us5hsZRJDR6fPvhagj-dksWsfVWw37nUPsuAnGDXz5Aud2oXHxI4nYfC5EsDXXzG99K6U4IsnSGtnCNBGWWyMf5ZJUJb1Q8gZLy0xVfjaZApRlEm4quKdmCssNyGaMU866xoZT1YuMejm6U80hLMphrfoR_n_mfQjJDYqDeFnZrabVgYrtKKJTvhFiyQvV-gZcqRz6_AgkRusTM8JHE_dILynAzql30X3pgxul3dI4_PnQOqJnXPphKJrwS7I0-Z34oFPyr74ZmIPLa6ZNPGnM3pZj6rMmM0XS65_cglU8yqulMLE0P8JU6yM6hy7OFQMOST22UQiJXRu885gMcujP_HEd0xPhUsbKdFTXmJnax3Wj9qatnGvDancSJYQag8a-P-Av0R4n4LIZIscPJelMoNXc9ubwy4ivmmcFf7vbMLIAEGzKAJJW4AYBqpg0CwqBqT6XJGC7fQGCSJHRtQ2JQuOSvRCQoF-Tmo2GCFVkc2cA57mkjiF_HuHSBoGnwgFGlNBkYGaSV_hdAgvy6WRYg9nqH0vTJH8bm-cirD7AZNkA5cKqeSJIAiLOjFRkdR9TTy_xz3bLrXFGO36BJ6HwIJLNEzBLObqvKnq1VunRJB7DWFBtbO68Ak6rpGLk-N91V_7zoNXsn31TCj9FhjClbuTkWh1UVp-U0yFYwLz6ZS-sZlGkLhI9xe1VA3DsDnz55l1Kn-F30_ZV6lF3uScJ-6BMEgnhF8yII7luxAQYRoC1pC1p1v6NQKwj_UyAKjHv2QDDtu4ScCP4i3l1ssZI_QZpZyc3b_9APP3IzgeeTF7pb3C-E0xRL_rMkE14RkcWsP94hu5fV-tZfab5phXPHZHwkqOjFxCs6Fw3fSiXqTkcnmdJlrnCa9Hjbftx3gejxGM89GX2OECGLTylqzZiWazEUMKb8rS4IN-1SeciRtA32zcZbC0_suu0jXtEDgiUQOuy9LmVy07qs7IEnh5N6bYdHbY
Verdicts & Comments Add Verdict or Comment
72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage object| WebFont function| gtag object| dataLayer function| fbq function| _fbq object| webpackChunk_termly_web_resource_blocker boolean| TERMLY_RESOURCE_BLOCKER_LOADED object| Termly function| getUpdatedCookieWhitelistByTermly function| getCookieWhitelistByTermly object| __REACT_INTL_CONTEXT__ string| JETBOOST_SITE_ID function| convertToSnakeCase object| __WEBFLOW_CURRENCY_SETTINGS number| randomIndex object| randomText function| $ function| jQuery function| tram object| Webflow function| objectFitPolyfill object| informationCTA object| footerElement function| hideElement function| showElement function| displayPreferenceModal function| termlyUnblockingCookies function| JetboostBootstrap object| Jetboost object| FsCC object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager string| google_user_agent_client_hint object| gaGlobal object| termlyCookies function| onYouTubeIframeAPIReady function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_936034 object| GoogleGcLKhOms2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.wesur.fr/ | Name: csrf_token Value: a5983738-e59e-45d3-9d5b-8286753d537a |
|
.wesur.fr/ | Name: _fbp Value: fb.1.1718558069440.944606736980629147 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
app.termly.io
cdn.jetboost.io
cdn.jsdelivr.net
cdn.prod.website-files.com
chatbot.infra.wesur.fr
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gtm.infra.wesur.fr
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
unicons.iconscout.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.wesur.fr
pagead2.googlesyndication.com
104.18.28.243
104.18.31.234
142.250.185.194
15.188.61.66
172.217.18.4
172.64.153.29
2001:4860:4802:34::36
216.239.34.36
2600:9000:2447:4000:1d:7a82:2900:93a1
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::485
52.222.232.47
63.35.51.142
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0522342e119b8566df658796d4e320180e09ea3e9fe17e8eb093d4b5a7c204af
0a3cb8e70dfe503b8cd036761a7490fff86becc902600b63fc13bfd1aa8100e8
0cd32e7b2a3984f53a1cabc7d99dd06aa1b7f2a981d88dde98ce0a31545c14f9
0ecde6450e6396dd4f1e3884e3d77817d5d0effd503d2e2c517b6f4605ed3f0c
0f9ca34a30d1dc83632165fca7e424615d393fbc4034cef2a1d8292511e0d6d2
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
1dc1b699145f275d63812a964a710a9412ff2ebf08fab421f0b0dbc4c1160c51
1eea0642ed2d77aed266ebe3cc6810f12f5d828a7829524f2b3e550776743c24
25c4c0518d209944d1da84520223b307a07aad570bdebea0d046f86c4bf054f1
29de03aaf7a0844578daef59eabdbd1cfe9257873765938cc51a3c9a3af843b4
2b36193d9664a645489ebce613823e5e4fd49ab8faffb9bc4e9203319d5d5e8a
323bdc4b394aaf7983339dafaddb7c1a0e331ad4f2a94fe3a9f91e7f6912b96e
3f3cd898943b026a13346c3259ebd91bf02fe245d5ccd152ce7f544257986865
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
4417c37f24855b5e86eda2c8ae84bf28e1934daabd47aa6e9357edaba97ebd42
45a618edba464db70ffcf2e7c3bb014d55d58fef4b9df767a420535de234c951
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
4897c320118f76b301a32a6c0d363edeaa2e003529a1708bde8261968e39c11c
555bc9fc719f219432bc8707e3c3dbc212b306103213b2972055333fd9e6a7f9
5e612f5323b9107c109d9c929927b492b2c6d1ae8a81c8fd234083e101f17865
5e8ad6cd3e4a5c42ac3f045d501377b781fcb0511c9401f3abde8e9fbfb5df50
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642ff609f0d98fdde459e2210ef8adc012a24e5fbf60e02fe96f5ad6010b5bb2
6c2221f802f674c7344121891361fe6e4384ea9afeadc23eb3fbc3a589894bb5
6d7965b1d3038356757285c04435c10ebfdc9ec0dd587ae981974e5afe9d141a
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
727b73d1d342053ed6cc86a510cd05a9387ae927c297c600ad09b1ebe5e578a1
731f69307091b5166911787c26e375a40f9f1a241ab4e34e0a0a9f5ade977a4f
7778359917c498dbbb925a1de005b90371061ba366ced2e966ec8c94f4ee6a17
77f97bff163f3369c1cbb70e657e6ec3f2185892222cdd3efa455e1889473527
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7a1f3bb15c38c8f49525ec98444e2e5ff9c53197ec8700490c29df3901332965
7c45a2c4ef659b00844a080921f33e86d9ab502fd4d0adc77e81cdd0e0f4efd6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
80a2b8b70b7f340337f5ff79c060f73c6fdae5d89295b1b715990d56022bc2ba
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
87458deb86bdc0464778d1c56df2df46df9f5f71d9a609307468238164e2e46f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
976014bd58ee594808a4d1db2836ab6768239bbee380c6264c57f1806e04c9a8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab2a50786d85e4975366196174f98f43c78c80055b8158378f776767a89905c7
ac9e754d1f7449281f8833bfa50abee127a7e8b3d4609d6d86824a5f8df17d3e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b78633982a2f7d1a4097f529137b010e75c1c0704a5bda17034c2893ef6fcf22
b7c0d2846ca2e38582d6d062a4fa2d4065a7bf79e1c9aa0a6163c611483e5807
b814abc69c59b324367b80992946e1aa44ae761c7d1bc08201f14b2daeb49368
bdeed7650697bd478a6b0591a9ea29664b04a6681a4f9f7c4c2d3d10cdae42a7
c85cf2912f74d7ebcc4831b9b5ec5265b551ab8192465c7e4e51937479fcc044
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdd8de6e98516a55ee340c39fbc59064e6c5cda2173f6d968c8bbd60cf781051
df44fc96b7aba6a923455ac5415c690d9dcdbca86d3dbace9c01184238031f67
e215c151c85aa9619fd928ecf0adbc9d33c4d8b3e4e83289efac6b758dc27183
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c301df2ff44e66134413ea66e9b368e84f9190ff999d589db3b17a363fc159
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
eb7083683da9292c5129dccd294582adabfac4b2707b28548a4395f14b46e60a
ed79248088783dd5be147808b6f904dc55122f18e80cc0780da3d3e6152ea1b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e5f3ecff0a811d4a1a9e735e35cce74032209d4b36c20dab13fae967e1adaa
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc612cebc5317f545229ede10987e6c07f3d1c7f7ffc6d59b63b5e068f11851d
fccc1498800c295fde2e8e924c82cfe30c87445fb7d3968597ef229c52481771