www.simulationdecredit.fr
Open in
urlscan Pro
2a05:d014:776:a63f:551c:5660:31da:fe01
Public Scan
Submitted URL: https://simulateurcredit.fr/
Effective URL: https://www.simulationdecredit.fr/
Submission: On September 24 via automatic, source certstream-suspicious — Scanned from FR
Effective URL: https://www.simulationdecredit.fr/
Submission: On September 24 via automatic, source certstream-suspicious — Scanned from FR
Summary
This website contacted 20 IPs
in 6 countries
across 18 domains to perform 63 HTTP transactions.
The main IP is 2a05:d014:776:a63f:551c:5660:31da:fe01, located in
Frankfurt am Main, Germany and
belongs to AMAZON-02, US.
The main domain is www.simulationdecredit.fr.
TLS certificate: Issued by R3 on September 6th 2023. Valid for: 3 months.
This is the only time www.simulationdecredit.fr was scanned on urlscan.io!
TLS certificate: Issued by R3 on September 6th 2023. Valid for: 3 months.
This is the only time www.simulationdecredit.fr was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
20
2a05:d014:776:a63f:551c:5660:31da:fe01
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| www.simulationdecredit.fr |
2
2606:4700:3033::ac43:903e
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| privacy.gatekeeperconsent.com | |
| the.gatekeeperconsent.com |
3
2a00:1450:4001:831::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
4
2606:4700:e2::ac40:880f
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| ezodn.com | |
| g.ezodn.com | |
| bshr.ezodn.com |
3
52.209.219.82
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-219-82.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-219-82.eu-west-1.compute.amazonaws.com
| www.devisprox.com | |
| webservice.devisprox.com |
10
108.139.243.110
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-110.mxp63.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-110.mxp63.r.cloudfront.net
| static.devisprox.com |
2
35.205.207.25
(Ascension Island)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
| ads.avads.net |
1
3.127.97.70
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-97-70.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-97-70.eu-central-1.compute.amazonaws.com
| x.bidswitch.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 20 |
simulationdecredit.fr
www.simulationdecredit.fr |
83 KB |
| 13 |
devisprox.com
www.devisprox.com webservice.devisprox.com static.devisprox.com |
178 KB |
| 5 |
ezodn.com
ezodn.com — Cisco Umbrella Rank: 10156 go.ezodn.com — Cisco Umbrella Rank: 11277 g.ezodn.com — Cisco Umbrella Rank: 16262 bshr.ezodn.com — Cisco Umbrella Rank: 13057 |
10 KB |
| 4 |
gatekeeperconsent.com
privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 36248 the.gatekeeperconsent.com — Cisco Umbrella Rank: 27558 |
147 KB |
| 3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683 |
80 KB |
| 3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111 |
259 KB |
| 3 |
leati.com
www.leati.com |
19 KB |
| 2 |
avads.net
2 redirects
ads.avads.net — Cisco Umbrella Rank: 33501 |
940 B |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229 |
86 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
63 KB |
| 2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113 ajax.googleapis.com — Cisco Umbrella Rank: 720 |
32 KB |
| 1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 109 |
185 B |
| 1 |
bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614 |
146 B |
| 1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96 |
21 KB |
| 1 |
google.fr
www.google.fr — Cisco Umbrella Rank: 11696 |
408 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175 |
261 B |
| 1 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2225 |
261 B |
| 1 |
simulateurcredit.fr
1 redirects
simulateurcredit.fr |
316 B |
| 63 | 18 |
| Domain | Requested by | |
|---|---|---|
| 20 | www.simulationdecredit.fr |
www.simulationdecredit.fr
|
| 10 | static.devisprox.com |
webservice.devisprox.com
|
| 3 | maxcdn.bootstrapcdn.com |
webservice.devisprox.com
maxcdn.bootstrapcdn.com |
| 3 | the.gatekeeperconsent.com |
www.simulationdecredit.fr
the.gatekeeperconsent.com |
| 3 | www.googletagmanager.com |
www.simulationdecredit.fr
webservice.devisprox.com www.googletagmanager.com |
| 3 | www.leati.com |
www.simulationdecredit.fr
|
| 2 | ads.avads.net | 2 redirects |
| 2 | connect.facebook.net |
webservice.devisprox.com
connect.facebook.net |
| 2 | webservice.devisprox.com |
www.devisprox.com
webservice.devisprox.com |
| 2 | bshr.ezodn.com |
www.simulationdecredit.fr
|
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | www.facebook.com |
webservice.devisprox.com
|
| 1 | x.bidswitch.net |
webservice.devisprox.com
|
| 1 | www.google-analytics.com |
www.googletagmanager.com
|
| 1 | ajax.googleapis.com |
webservice.devisprox.com
|
| 1 | www.google.fr |
www.simulationdecredit.fr
|
| 1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | region1.analytics.google.com |
www.googletagmanager.com
|
| 1 | www.devisprox.com |
www.simulationdecredit.fr
|
| 1 | g.ezodn.com |
www.simulationdecredit.fr
|
| 1 | go.ezodn.com |
www.simulationdecredit.fr
|
| 1 | ezodn.com |
www.simulationdecredit.fr
|
| 1 | fonts.googleapis.com |
www.simulationdecredit.fr
|
| 1 | privacy.gatekeeperconsent.com |
www.simulationdecredit.fr
|
| 1 | simulateurcredit.fr | 1 redirects |
| 63 | 25 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.leati.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| simulationdecredit.fr R3 |
2023-09-06 - 2023-12-05 |
3 months | crt.sh |
| *.gatekeeperconsent.com GTS CA 1P5 |
2023-09-02 - 2023-12-01 |
3 months | crt.sh |
| leati.com R3 |
2023-09-22 - 2023-12-21 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
| ezodn.com E1 |
2023-08-30 - 2023-11-28 |
3 months | crt.sh |
| *.devisprox.com Amazon RSA 2048 M02 |
2023-09-08 - 2024-10-05 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
| *.google.fr GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
| static.devisprox.com Amazon RSA 2048 M01 |
2023-04-16 - 2024-05-14 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-07-07 - 2023-10-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.simulationdecredit.fr/
Frame ID: 8172C3690056B4E5B26C864758DD199B
Requests: 39 HTTP requests in this frame
Frame:
https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent2&partner=2361913&questionnaire=276&options[ref]=simulationdecredit.fr&options[ref1]=rachat%20de%20credits&ref=simulationdecredit.fr&ref1=rachat%20de%20credits&c=undefined&ws_referer=&
Frame ID: A4E8D7977C2C901C0D7B3FD1635B5575
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Simulation de Crédit.frPage URL History Show full URLs
-
https://simulateurcredit.fr/
HTTP 301
https://www.simulationdecredit.fr/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.leati.com/
Title: © 2023 LEATI
Title: © 2023 LEATI
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://simulateurcredit.fr/
HTTP 301
https://www.simulationdecredit.fr/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 58- https://ads.avads.net/v1/tracking?type=behavior&owner=devisprox&act=visit&market=FR&lang=fr-FR&url=https%3A%2F%2Fwebservice.devisprox.com%2Fformulaire.php%3Felementid%3DDevisProxContent2%26partner%3D2361913%26questionnaire%3D276%26options%5Bref%5D%3Dsimulationdecredit.fr%26options%5Bref1%5D%3Drachat%2520de%2520credits%26ref%3Dsimulationdecredit.fr%26ref1%3Drachat%2520de%2520credits%26c%3Dundefined%26ws_referer%3D%26 HTTP 302
- https://ads.avads.net/v1/tracking?type=behavior&owner=devisprox&act=visit&market=FR&lang=fr-FR&url=https%3A%2F%2Fwebservice.devisprox.com%2Fformulaire.php%3Felementid%3DDevisProxContent2%26partner%3D2361913%26questionnaire%3D276%26options%5Bref%5D%3Dsimulationdecredit.fr%26options%5Bref1%5D%3Drachat%2520de%2520credits%26ref%3Dsimulationdecredit.fr%26ref1%3Drachat%2520de%2520credits%26c%3Dundefined%26ws_referer%3D%26&av_tc= HTTP 302
- https://x.bidswitch.net/sync?dsp_id=352&user_id=5b25bfd7-e5f2-4c3d-9ef0-500fcce1899d&expires=30&user_group=10
63 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.simulationdecredit.fr/ Redirect Chain
|
64 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tcf2_stub.js
privacy.gatekeeperconsent.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
calcul-credit.js
www.simulationdecredit.fr/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
grey.css
www.leati.com/c/css/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
www.simulationdecredit.fr/ |
989 B 541 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome.min.css
www.leati.com/c/lib/fontawesome/pro-5.8.1-web/css/ |
76 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
solid.min.css
www.leati.com/c/lib/fontawesome/pro-5.8.1-web/css/ |
622 B 589 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
226 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
reportads.js
www.simulationdecredit.fr/detroitchicago/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consentsettings.js
ezodn.com/detroitchicago/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cmp.js
the.gatekeeperconsent.com/v2/ |
343 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ezoic.png
go.ezodn.com/utilcave_com/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v.js
g.ezodn.com/cmp/v2/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
boise.js
www.simulationdecredit.fr/detroitchicago/ |
926 B 504 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banger.js
www.simulationdecredit.fr/porpoiseant/ |
55 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
abilene.js
www.simulationdecredit.fr/parsonsmaize/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
et.js
www.simulationdecredit.fr/porpoiseant/ |
1 KB 552 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jsloader.php
www.devisprox.com/ |
8 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
stickyfix.js
www.simulationdecredit.fr/detroitchicago/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
drake.js
www.simulationdecredit.fr/beardeddragon/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jellyfish.js
www.simulationdecredit.fr/porpoiseant/ |
37 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mulvane.js
www.simulationdecredit.fr/parsonsmaize/ |
1002 B 568 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
raleigh.js
www.simulationdecredit.fr/detroitchicago/ |
2 KB 786 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vista.js
www.simulationdecredit.fr/detroitchicago/ |
1 KB 504 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tampa.js
www.simulationdecredit.fr/detroitchicago/ |
976 B 531 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
/
bshr.ezodn.com/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nmash.js
www.simulationdecredit.fr/porpoiseant/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
bshr.ezodn.com/ |
9 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gvl.json
the.gatekeeperconsent.com/cmp/ |
425 KB 58 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
olathe.js
www.simulationdecredit.fr/parsonsmaize/ |
2 KB 965 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vitals.js
www.simulationdecredit.fr/tardisrocinante/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chanute.js
www.simulationdecredit.fr/parsonsmaize/ |
21 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
formulaire.php
webservice.devisprox.com/ Frame A4E8 |
591 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
imp.gif
www.simulationdecredit.fr/detroitchicago/ |
43 B 286 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 261 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 261 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.fr/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ Frame A4E8 |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.ws-1472542993.css
static.devisprox.com/css/q_v4/ Frame A4E8 |
97 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min-1464877581.css
static.devisprox.com/css/q_v4/ Frame A4E8 |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-slider.min-1464877635.css
static.devisprox.com/css/q_v4/ Frame A4E8 |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr.min-1353065612.js
static.devisprox.com/js/ Frame A4E8 |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame A4E8 |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame A4E8 |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
close.png
webservice.devisprox.com/img/sites_v4/icons/ Frame A4E8 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min-1456327251.js
static.devisprox.com/js/q_v4/ Frame A4E8 |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-slider.min-1463143300.js
static.devisprox.com/js/q_v4/ Frame A4E8 |
30 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.bootstrap.wizard-1456327251.js
static.devisprox.com/js/q_v4/ Frame A4E8 |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mask.all-1522781044.js
static.devisprox.com/js/q_v4/ Frame A4E8 |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mask-1522921134.js
static.devisprox.com/js/q_v4/ Frame A4E8 |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min-1555092804.js
static.devisprox.com/js/q_v6/ Frame A4E8 |
248 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gvl.json
the.gatekeeperconsent.com/cmp/ |
34 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ Frame A4E8 |
273 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ Frame A4E8 |
197 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ Frame A4E8 |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ Frame A4E8 |
273 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
x.bidswitch.net/ Frame A4E8 Redirect Chain
|
43 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
712457908836773
connect.facebook.net/signals/config/ Frame A4E8 |
130 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ Frame A4E8 |
63 KB 64 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ Frame A4E8 |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
137 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture function| __tcfapi object| __ez boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat function| Round2 function| CalcPret function| CalcMens function| CalcDure function| TabAmort function| AlertError function| CalculCc function| TotalTab function| CalculCR function| gtag object| dataLayer boolean| __ez_conestreq object| adsbygoogle string| ezouid string| ezoTemplate string| ezoFormfactor string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl function| ezCmpLoading number| ezUserChoice function| handleAcceptAllClick function| handleShowDetailsClick function| handleDeclineClick function| handleShowVendorsClick object| __ezCmpConfig boolean| ezgconsent boolean| cmpIsOn string| ezPreRenderCMP string| ezPreRenderCss function| hideEzCmp function| setEzCmpCookie function| handleEzAdBlock function| checkEzAdBlck object| _dp_questionnaires object| ez_ad_units function| __ez_vig_close_wrapper boolean| __inScopeForCCPA function| __uspapi function| __receiveUspapiMessage function| getCookie undefined| __ez_dims boolean| ezCanEngagePage object| cmpCookies object| ezRBA undefined| hREED function| uglipop function| getEzErrorURL function| reportEzError function| __ezDotData function| stickyFix string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL number| ezobv function| ezoSyncToDfp function| ezoGetDFPSlot object| ezomash boolean| ezowwinit function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosetowbids function| ezosethbbids function| ezGetSlotViewedTime function| formatBid function| fetchezoibfh object| ezoibfh number| ezoibfhHF function| adjustHbValues function| handleAmazonPremierAd function| ezorefgsl object| ct object| ezdent object| ezDenty object| ezua object| ezuxgoals function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| _ezfd function| setImmediate function| clearImmediate object| nunjucksPrecompiled object| ezCMP object| ezConsentCategories object| __ezconsent function| ezConsentSettings object| ezoic_mash function| newEzVignette object| _dp_zones object| _dp_iframes boolean| _dp_loading number| DP_Zone_exec number| DP_Q_exec number| DP_Iframe_exec object| DevisProx function| getPosition function| scriptload function| getInternetExplorerVersion number| ie function| GetURLParams function| GetURLVar function| MakeURLParams function| setHeight function| messageHandler object| metricNameMap function| ezlogVital object| webVitals number| ez_tos_track_count number| ez_last_activity_count function| initEzux object| riveted object| ezux object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal string| s string| div_content number| scrolltodefault number| positionTop object| perf_vals20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .simulationdecredit.fr/ | Name: ezoadgid_395002 Value: -1 |
|
| .simulationdecredit.fr/ | Name: ezoref_395002 Value: |
|
| .simulationdecredit.fr/ | Name: ezosuibasgeneris-1 Value: b6d07b73-4f1c-4488-760b-354929b19485 |
|
| .simulationdecredit.fr/ | Name: ezoab_395002 Value: mod82-c |
|
| .simulationdecredit.fr/ | Name: active_template::395002 Value: pub_site.1695589740 |
|
| .simulationdecredit.fr/ | Name: ezopvc_395002 Value: 1 |
|
| .simulationdecredit.fr/ | Name: ezepvv Value: 0 |
|
| .simulationdecredit.fr/ | Name: lp_395002 Value: https://www.simulationdecredit.fr/ |
|
| .simulationdecredit.fr/ | Name: ezovuuidtime_395002 Value: 1695589740 |
|
| .simulationdecredit.fr/ | Name: ezovuuid_395002 Value: 905a06f4-5dfa-43a0-6256-6fc851f5e002 |
|
| .simulationdecredit.fr/ | Name: ezCMPCCS Value: false |
|
| www.simulationdecredit.fr/ | Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200 |
|
| www.simulationdecredit.fr/ | Name: ezohw Value: w%3D1600%2Ch%3D1200 |
|
| www.simulationdecredit.fr/ | Name: ezouspvv Value: 0 |
|
| www.simulationdecredit.fr/ | Name: ezouspva Value: 0 |
|
| .simulationdecredit.fr/ | Name: _ga_YPZJWR4NVJ Value: GS1.1.1695589741.1.0.1695589741.60.0.0 |
|
| .simulationdecredit.fr/ | Name: _ga Value: GA1.1.107807590.1695589741 |
|
| .ads.avads.net/ | Name: av-sess-id-299 Value: 326ecbe9-6d0f-4754-a563-0d399165866b |
|
| .ads.avads.net/ | Name: av-mid Value: 5b25bfd7-e5f2-4c3d-9ef0-500fcce1899d |
|
| .ads.avads.net/ | Name: av-tp-bsw Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=63072000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.avads.net
ajax.googleapis.com
bshr.ezodn.com
connect.facebook.net
ezodn.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
go.ezodn.com
maxcdn.bootstrapcdn.com
privacy.gatekeeperconsent.com
region1.analytics.google.com
simulateurcredit.fr
static.devisprox.com
stats.g.doubleclick.net
the.gatekeeperconsent.com
webservice.devisprox.com
www.devisprox.com
www.facebook.com
www.google-analytics.com
www.google.fr
www.googletagmanager.com
www.leati.com
www.simulationdecredit.fr
x.bidswitch.net
108.139.243.110
2001:4860:4802:32::178
2001:4860:4802:34::36
213.186.33.40
2606:4700:3033::6815:1c30
2606:4700:3033::ac43:903e
2606:4700::6812:bcf
2606:4700:e2::ac40:880f
2606:4700:e2::ac40:890f
2a00:1450:4001:800::200a
2a00:1450:4001:801::200a
2a00:1450:4001:810::2003
2a00:1450:4001:813::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9d
2a01:e0d:1:2:58bf:f9b6:0:1
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d014:776:a63f:551c:5660:31da:fe01
3.127.97.70
35.205.207.25
52.209.219.82
034bd144eefe11e882cd5fe552bbea6c38d550c8c6d940d16a2a8b17ebdf09a3
079f59405da9aed3725440b658577d5b8f974dc7cc3a87f9cbe0dc82d235c13d
07a54e49f65745ec3e0c0bfec9c0005b787370f8f65476b8da936e14d9ceaaa1
0cb4792a0716974a6c528e39fec3d71f9ccf3bd94c599c087d27601990e801ad
10c5779cae461daba4b2f636f90df6cbf420e8c3dbe5a326bd937e7392c2b8df
182facfddeb9c53a31c6459578826317948ab5b9bcd1e4254962799d7888a95d
1881a48768f34020521b9e3681b7cd4ab7e0ef2497df01adfdb57ecf7c76a151
1bbfddb74da7d40dbd584efab39d6f5a5059ad9e89fa11caff92e19773289d7e
1fdc51b8285e31d62e9b2ced409b82643b8413d4b13a50d1191c12166688d0bd
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e9a06e9d3865fc17cadfb36a38b95d2ab0cb8326c8cd82260280b55c98e89f8
45b522212abbe05e3f49f6fa0bd20248dc362e0d46f372dd9a69a538ecd418ac
4be64e1347dde250c9fae19069a4aaa453866c4ecba280322ba77dfa4845c4c3
4e62dbc64f2a1867658085d8a8e4aca4acf326c5f49e27a89ed7a2787ca12128
52a43e84aa0c36f49aa06f672bb8b6b888f79283792545f516c4eb4db8d5b85c
52a7240bf6d58796cdb26d0c6909712f8307b9c9361e6d91b691c2e70696d2a6
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ff1abf6d216b971f09eb56f35e360eded9b8dececc76645987dda7a1944dea9
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
758219ff772ec7d4ba9c047f6751b59515cb0aafc90a3523569a6d2802c66b9a
77d4443c370fb7376f3c5d0bff46a5c38d9f6933c66a7d6dd20c6ad0d97a9a03
7af805fc2bda263e9826c3433adb07b0e8881afecb62d611961d767d68c3ac05
7c1198d6f8e5383d6f488446097d963b03e86641618d944610a02bb9b6e4427f
85f4e34130299ad75219e636a4ba4ef407e3d129ed8a561c2838f82464a80aaf
86b6c32b356bc42230311850a8983358469e0da69dd5885a15f655b07f696e5d
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be
87143a6e228aa2039004935d4159d5e1e8ff3b6762e2d5ceeab72c04f0fb178f
8bda09f8b4ad205fc0c53b850c619c4496a25ef3fd2ff094cfb261316d00fca1
8ea2e4feba6e6cebe9c4f9aa481a9cc2f83cf56dd330132e552c82ce213a29c8
8edfe43588521b97d092c3ff37db2a8c82637fc0b0393f53feadb76627ede548
922fab982efa6c1289777a7b6772ca7fe40de1a485ac3c8093d7ba68adf39269
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
990830e01bc9e633124a39b5cf2f5bdcfcdf8afa6686d43b8e90334dce690c00
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
b0dc9f241ec7f0549db655a6d4aaa8c5540e5c82a1c908b8b83750e6853cd2cf
b6e50abba6c3fccf3f42e90890b3a8d118ee06fa84d8a438ba6903422fb04fdf
b72299720c47009e48c4e0e9f7932c1bf66be187dd2f9b59e6c3bb9e31d21fc0
bbb126b9e8714be02d4544356d79477cf8ff397bf1cc527ac6c353d4c9084dff
c0d7410d5a609344ffe86a71c14012be3aa5a299cfc0ee13aad39dcad2cbe95a
cb0f844a186359bc21313ace1647e9ddea8562a88ee335a71fadbf7576a7f217
cb27c6cd026e3f4d11ad71f549bcf89e80f029df5ea759589fd23fa62687f14d
cf7b60f0266203692c10652982e8dca98c76802f98e915b365338df329bb75d6
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e038f1f0fa2418ddd7e1ca0c236bb17e442c4c145e0cdd8da09dfedf1cb4bc64
e36def921225a123f927c8df4ab574919bf8745b0cbaf992f7e3f2de511d749a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f081d30db41a6cd553b2d53125d45f352fdb9e3c4a8b800e8345af988e7d4749
f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64
fb3bf13f585531396fb5b278292098b34d19e4180f2a49a4be672318a03487d4
fbffcff4c61f5f283a8c71f14d63095064ecbeda8045d0935276e7c29eb924e7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e