defievasion.quoifairemedia.ca Open in urlscan Pro
199.16.130.51  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response defievasion.quoifairemedia.ca/landing-2/	79 KB 22 KB	287ms 208ms	Document text/html	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash edf1f0a503a242dbe10fb926dcd5940633c0f22221144997ca736c2de2fff11d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-encoding br content-length 22151 content-type text/html; charset=UTF-8 date Sun, 11 Jun 2023 13:43:16 GMT link <https://defievasion.quoifairemedia.ca/wp-json/>; rel="https://api.w.org/", <https://defievasion.quoifairemedia.ca/wp-json/wp/v2/pages/13>; rel="alternate"; type="application/json", <https://defievasion.quoifairemedia.ca/?p=13>; rel=shortlink server Apache vary Accept-Encoding
GET H2	200	rellax.min.js Show response cdnjs.cloudflare.com/ajax/libs/rellax/1.0.0/	2 KB 2 KB	49ms 21ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/rellax/1.0.0/rellax.min.js Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2600f7bcf89686ec03aa6958aa9208000581972140aeea4c4ceeeded708625f5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3873857 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 892 last-modified Mon, 04 May 2020 16:15:59 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fbf-9c9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Frh8afPL79oIRpNJbNyZXhY%2BXYQzUbomLrNZP3jnqpX9OrqWC2gndOOg1YLlqbHNEovS689kSencaCd2upsL8oqKUtQEaX1GdpdUDX5PxFZyem1c5O7VgVW%2Fyu8rM37RTAJ%2BWiw2QNQVbbdVwZEMwyNm"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7d5a483c5e857156-YUL expires Fri, 31 May 2024 13:43:17 GMT
GET H2	200	lxy7mrf.css use.typekit.net/	7 KB 1 KB	120ms 25ms	Stylesheet text/css	2600:141b:13::17d7:8252 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/lxy7mrf.css Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 5377770a210962f3d3cda0ea324413d7ddad526e8a2f9ea7a852d61b607e467f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Sun, 11 Jun 2023 13:43:17 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 972
GET H2	200	style.min.css defievasion.quoifairemedia.ca/wp-includes/css/dist/block-library/	95 KB 11 KB	34ms 32ms	Stylesheet text/css	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Thu, 30 Mar 2023 03:28:05 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 11727
GET H2	200	classic-themes.min.css defievasion.quoifairemedia.ca/wp-includes/css/	291 B 219 B	31ms 29ms	Stylesheet text/css	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-includes/css/classic-themes.min.css?ver=6.2.2 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Thu, 30 Mar 2023 03:28:05 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 164
GET H2	200	styles.css defievasion.quoifairemedia.ca/wp-content/plugins/contact-form-7/includes/css/	3 KB 925 B	35ms 33ms	Stylesheet text/css	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Wed, 21 Dec 2022 15:36:01 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 870
GET H2	200	bootstrap.css defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/css/	204 KB 23 KB	51ms 49ms	Stylesheet text/css	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/css/bootstrap.css?ver=6.2.2 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash d982344e6c754765e6fc64e70376c1f3add992390ba5967c5d374440d606a110 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Fri, 21 Jan 2022 02:11:54 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 23493
GET H2	200	slick.css defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/css/	2 KB 551 B	25ms 24ms	Stylesheet text/css	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/css/slick.css?ver=6.2.2 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Fri, 21 Jan 2022 02:11:54 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 484
GET H2	200	slick-theme.css defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/css/	3 KB 799 B	37ms 35ms	Stylesheet text/css	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/css/slick-theme.css?ver=6.2.2 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Fri, 21 Jan 2022 02:11:54 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 767
GET H2	200	style.css defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/	19 KB 2 KB	31ms 30ms	Stylesheet text/css	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/style.css?ver=2.4 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 9237fd803e4344a71327541ae044476056018bcd30fbbede1e56e23528fc75b7 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Tue, 17 Jan 2023 15:51:03 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2135
GET H2	200	jquery.js Show response defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/js/	87 KB 30 KB	60ms 59ms	Script application/javascript	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/js/jquery.js Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Fri, 21 Jan 2022 02:11:54 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 30310
GET H2	200	agence-detectives.png defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/	313 KB 313 KB	18ms 16ms	Image image/png	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Show image Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/agence-detectives.png Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 42abc45cea02335469e6c312ce8ca6de39a68be324af343e3e8e83858bcddc26 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT last-modified Wed, 07 Dec 2022 15:33:31 GMT server Apache accept-ranges bytes content-length 320291 content-type image/png
GET H2	200	detective.png defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/	263 KB 263 KB	19ms 17ms	Image image/png	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Show image Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/detective.png Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 51d3c2fc30a29789856a1d3cd35040f8748bfae37e996c5ac6122e79d9152ad0 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT last-modified Wed, 07 Dec 2022 15:35:09 GMT server Apache accept-ranges bytes content-length 269286 content-type image/png
GET H2	200	MPG_0123_BanniereWEB_FeteEnfants_1920x300_OUT.png defievasion.quoifairemedia.ca/wp-content/uploads/2023/01/	245 KB 245 KB	20ms 18ms	Image image/png	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Show image Full URL https://defievasion.quoifairemedia.ca/wp-content/uploads/2023/01/MPG_0123_BanniereWEB_FeteEnfants_1920x300_OUT.png Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 066c77fc59dc12cfd70ce290942434fa36008492735bce6ad5a0a37e4e82c9e9 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT last-modified Wed, 18 Jan 2023 18:39:23 GMT server Apache accept-ranges bytes content-length 250742 content-type image/png
GET H2	200	MPG_0123_BanniereWEB_FeteEnfants_390x150_OUT.png defievasion.quoifairemedia.ca/wp-content/uploads/2023/01/	32 KB 32 KB	19ms 17ms	Image image/png	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Show image Full URL https://defievasion.quoifairemedia.ca/wp-content/uploads/2023/01/MPG_0123_BanniereWEB_FeteEnfants_390x150_OUT.png Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash c9ea10764171a2fe7bc3d60f434540e51ec603957640cea28867289a7de63ef9 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT last-modified Wed, 18 Jan 2023 18:39:24 GMT server Apache accept-ranges bytes content-length 32835 content-type image/png
GET H2	200	jeux3.png defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/	1 MB 1 MB	20ms 18ms	Image image/png	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Show image Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/jeux3.png Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash f7ca5a69ca9a1e00d270eb573656b40e49e8e185319279acb74333d53a7a7d38 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT last-modified Wed, 14 Dec 2022 15:06:08 GMT server Apache accept-ranges bytes content-length 1097475 content-type image/png
GET H2	200	jeux2.png defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/	252 KB 252 KB	40ms 38ms	Image image/png	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Show image Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/jeux2.png Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 42403af23ba16f0c9b7984be35d84e48ee7cccb2ceb83918e6e09ca6b6b73f1d Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT last-modified Wed, 07 Dec 2022 21:36:40 GMT server Apache accept-ranges bytes content-length 258253 content-type image/png
GET H2	200	jeux1.png defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/	301 KB 302 KB	39ms 38ms	Image image/png	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Show image Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/images/jeux1.png Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash e77195719af25673441cff5b9a134635508ca2c25fbf47c8adf8fced365147c4 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT last-modified Wed, 07 Dec 2022 21:36:40 GMT server Apache accept-ranges bytes content-length 308679 content-type image/png
GET H2	200	index.js Show response defievasion.quoifairemedia.ca/wp-content/plugins/contact-form-7/includes/swv/js/	10 KB 3 KB	19ms 18ms	Script application/javascript	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Wed, 21 Dec 2022 15:36:01 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2909
GET H2	200	index.js Show response defievasion.quoifairemedia.ca/wp-content/plugins/contact-form-7/includes/js/	12 KB 4 KB	20ms 20ms	Script application/javascript	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Wed, 21 Dec 2022 15:36:01 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 3834
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	77ms 21ms	Script text/javascript	2607:f8b0:4006:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.54.0 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::200a Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 07:07:33 GMT content-encoding gzip x-content-type-options nosniff age 110144 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 09 Jun 2024 07:07:33 GMT
GET H2	200	mailoptin.min.js Show response defievasion.quoifairemedia.ca/wp-content/plugins/mailoptin/src/core/src/assets/js/	46 KB 13 KB	44ms 43ms	Script application/javascript	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.54.0 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 68e1489f864ff15fb11ff12f6f6039839b71c7ebaf0025dda4e1acca0383f6a1 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Wed, 21 Dec 2022 15:36:29 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 13396
GET H2	200	main.js Show response defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/js/	1 KB 516 B	20ms 17ms	Script application/javascript	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/js/main.js?ver=1.8 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 45037d30f765467ea874b531fe578fd879e9fdb0166c192f62aac29e2060d1ed Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Wed, 18 Jan 2023 21:30:39 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 461
GET H2	200	slick.js Show response defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/js/	87 KB 14 KB	50ms 47ms	Script application/javascript	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-content/themes/defi-evasion/js/slick.js?ver=1.1 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Fri, 21 Jan 2022 02:11:54 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 14808
GET H2	200	p.css p.typekit.net/	5 B 172 B	50ms 21ms	Stylesheet text/css	2600:141b:13::17d7:8252 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=lxy7mrf&ht=tk&f=24539.24540.24543.24544.24545.24546.24547.24548.24549.24552&a=85906128&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/lxy7mrf.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers accept-language en-CA,en;q=0.9 Referer https://use.typekit.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:17 GMT last-modified Thu, 09 Mar 2023 17:19:04 GMT server nginx etag "640a1508-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	wp-emoji-release.min.js Show response defievasion.quoifairemedia.ca/wp-includes/js/	18 KB 5 KB	40ms 39ms	Script application/javascript	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2 Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/landing-2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language en-CA,en;q=0.9 Referer https://defievasion.quoifairemedia.ca/landing-2/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br last-modified Thu, 30 Mar 2023 03:28:05 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 4647
GET H2	200	l use.typekit.net/af/5d97ff/00000000000000007735f999/30/	47 KB 47 KB	112ms 27ms	Font application/font-woff2	2600:141b:13::17d7:8252 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/5d97ff/00000000000000007735f999/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/lxy7mrf.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89 Request headers Referer https://use.typekit.net/lxy7mrf.css Origin https://defievasion.quoifairemedia.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:17 GMT server nginx etag "b4c0d041408776d043674f518c911c68d4f73f57" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 48312
GET H2	200	l use.typekit.net/af/b718ff/00000000000000007735f98d/30/	46 KB 47 KB	111ms 26ms	Font application/font-woff2	2600:141b:13::17d7:8252 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/b718ff/00000000000000007735f98d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/lxy7mrf.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1 Request headers Referer https://use.typekit.net/lxy7mrf.css Origin https://defievasion.quoifairemedia.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:17 GMT server nginx etag "8eb51f23928374af36bf65f02757cd5be6775093" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 47332
GET H2	200	l use.typekit.net/af/2e2409/00000000000000007735f990/30/	47 KB 47 KB	139ms 55ms	Font application/font-woff2	2600:141b:13::17d7:8252 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/2e2409/00000000000000007735f990/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/lxy7mrf.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash d2d865fcf643038c59b703d5b9a798b53f4030327fe815ab68ad08164fa36e89 Request headers Referer https://use.typekit.net/lxy7mrf.css Origin https://defievasion.quoifairemedia.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:17 GMT server nginx etag "eb41ae6731ba7de6af7e8136e618ab15c001786b" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 47772
GET H2	200	schema Show response defievasion.quoifairemedia.ca/wp-json/contact-form-7/v1/contact-forms/16/feedback/	244 B 460 B	148ms 145ms	Fetch application/json	199.16.130.51 PLANETHOSTER-8
General Check archive.org Show headers Download Go to Full URL https://defievasion.quoifairemedia.ca/wp-json/contact-form-7/v1/contact-forms/16/feedback/schema Requested by Host: defievasion.quoifairemedia.ca URL: https://defievasion.quoifairemedia.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.130.51 , Canada, ASN53589 (PLANETHOSTER-8, CA), Reverse DNS hybrid3049.ca.ns.planethoster.net Software Apache / Resource Hash 0856b353e299e95d042e522d6d9628f85b963ca5bd8f503a831f3e05def7252e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, */*;q=0.1 Referer https://defievasion.quoifairemedia.ca/landing-2/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 13:43:16 GMT content-encoding br x-content-type-options nosniff server Apache allow GET vary Origin,Accept-Encoding content-type application/json; charset=UTF-8 access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link x-robots-tag noindex link <https://defievasion.quoifairemedia.ca/wp-json/>; rel="https://api.w.org/" access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type content-length 159

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| Rellax object| _wpemojiSettings function| $ function| jQuery object| swv object| wpcf7 object| WebFont object| mailoptin_globals function| moFormRecaptchaLoadCallback object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
defievasion.quoifairemedia.ca
p.typekit.net
use.typekit.net
199.16.130.51
2600:141b:13::17d7:8252
2606:4700::6811:180e
2607:f8b0:4006:80c::200a
012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89
066c77fc59dc12cfd70ce290942434fa36008492735bce6ad5a0a37e4e82c9e9
0856b353e299e95d042e522d6d9628f85b963ca5bd8f503a831f3e05def7252e
0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
2600f7bcf89686ec03aa6958aa9208000581972140aeea4c4ceeeded708625f5
42403af23ba16f0c9b7984be35d84e48ee7cccb2ceb83918e6e09ca6b6b73f1d
42abc45cea02335469e6c312ce8ca6de39a68be324af343e3e8e83858bcddc26
45037d30f765467ea874b531fe578fd879e9fdb0166c192f62aac29e2060d1ed
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51d3c2fc30a29789856a1d3cd35040f8748bfae37e996c5ac6122e79d9152ad0
5377770a210962f3d3cda0ea324413d7ddad526e8a2f9ea7a852d61b607e467f
68e1489f864ff15fb11ff12f6f6039839b71c7ebaf0025dda4e1acca0383f6a1
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
9237fd803e4344a71327541ae044476056018bcd30fbbede1e56e23528fc75b7
987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
c9ea10764171a2fe7bc3d60f434540e51ec603957640cea28867289a7de63ef9
d2d865fcf643038c59b703d5b9a798b53f4030327fe815ab68ad08164fa36e89
d982344e6c754765e6fc64e70376c1f3add992390ba5967c5d374440d606a110
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e77195719af25673441cff5b9a134635508ca2c25fbf47c8adf8fced365147c4
edf1f0a503a242dbe10fb926dcd5940633c0f22221144997ca736c2de2fff11d
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f7ca5a69ca9a1e00d270eb573656b40e49e8e185319279acb74333d53a7a7d38
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700