URL: http://uneselection.fr/
Submission: On December 06 via api from US

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 33 HTTP transactions. The main IP is 188.165.53.185, located in France and belongs to OVH, FR. The main domain is uneselection.fr.
This is the only time uneselection.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 188.165.53.185 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
7 130.211.9.117 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 35.202.21.90 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 151.101.112.157 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.192.151.63 15169 (GOOGLE)
33 14
Domain Requested by
7 static.lpages.co uneselection.fr
4 my.leadpages.net uneselection.fr
3 fonts.gstatic.com my.leadpages.net
ajax.googleapis.com
2 api.leadpages.io js.center.io
2 apis.google.com my.leadpages.net
apis.google.com
2 platform.twitter.com my.leadpages.net
platform.twitter.com
2 connect.facebook.net my.leadpages.net
connect.facebook.net
2 mwilson.lpages.co 1 redirects my.leadpages.net
2 js.center.io uneselection.fr
js.center.io
2 fonts.googleapis.com uneselection.fr
2 uneselection.fr my.leadpages.net
1 staticxx.facebook.com connect.facebook.net
1 ajax.googleapis.com my.leadpages.net
1 lh3.googleusercontent.com uneselection.fr
1 maxcdn.bootstrapcdn.com uneselection.fr
33 15

This site contains links to these domains. Also see Links.

Domain
www.uneselection.fr
Subject Issuer Validity Valid
*.leadpages.net
Go Daddy Secure Certificate Authority - G2
2019-03-11 -
2021-03-11
2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
*.googleapis.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
*.lpages.co
COMODO RSA Domain Validation Secure Server CA
2017-03-23 -
2020-03-22
3 years crt.sh
*.center.io
COMODO RSA Domain Validation Secure Server CA
2017-01-18 -
2020-02-08
3 years crt.sh
*.google.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-11-06 -
2020-02-04
3 months crt.sh
platform.twitter.com
DigiCert SHA2 High Assurance Server CA
2019-08-28 -
2020-09-01
a year crt.sh
*.apis.google.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
*.leadpages.io
Go Daddy Secure Certificate Authority - G2
2019-11-12 -
2021-11-12
2 years crt.sh

This page contains 5 frames:

Primary Page: http://uneselection.fr/
Frame ID: E08816A46DB00862F171E0E06F288F76
Requests: 29 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 27326E34412C0B57D84CC686094CC0B2
Requests: 1 HTTP requests in this frame

Frame: https://mwilson.lpages.co/leadbox/144df2733f72a2:129b596feb46dc/5641978091929600/?lp-in-iframe=1&__fromjs=1
Frame ID: 3FDA3B504C425D369EF1D7E5F464632B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6a44a9d26983bbb5b04ae399f9e496fe.html?origin=http%3A%2F%2Funeselection.fr
Frame ID: 1E7E6491B59E2372048AAABD5E8C31BB
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 3A96785D77D925F59E87E536BC09D0B3
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

33
Requests

82 %
HTTPS

64 %
IPv6

13
Domains

15
Subdomains

14
IPs

5
Countries

534 kB
Transfer

1040 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://mwilson.lpages.co/leadbox/144df2733f72a2:129b596feb46dc/5641978091929600/?lp-in-iframe=1&__fromjs=1 HTTP 301
  • https://mwilson.lpages.co/leadbox/144df2733f72a2:129b596feb46dc/5641978091929600/?lp-in-iframe=1&__fromjs=1
Request Chain 26
  • http://fonts.googleapis.com/css?family=Lora%7CLora%7CRoboto HTTP 307
  • https://fonts.googleapis.com/css?family=Lora%7CLora%7CRoboto

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
uneselection.fr/
13 KB
4 KB
Document
General
Full URL
http://uneselection.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache / PHP/7.0
Resource Hash
e78fa4f6b11f41b1731d7c515aef3b10dfe64e5ea4179fbedf25c74970aff644

Request headers

Host
uneselection.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Dec 2019 20:31:23 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Server
Apache
X-Powered-By
PHP/7.0
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
SERVERID17573=2120154|Xeq6n|Xeq6n; path=/
Cache-control
private
X-IPLB-Instance
17180
leadpage.css
my.leadpages.net/static/lp1539964538/public/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://my.leadpages.net/static/lp1539964538/public/css/leadpage.css
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
77d3809604e07430257f0e33061c601c35708c4de9d2527bf722f0f81bc84a05

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
content-encoding
gzip
server
Google Frontend
access-control-allow-origin
*
etag
"6c919Q"
content-type
text/css
status
200
x-cloud-trace-context
4c8ee56503fd0b09dc79b58b8b96ca67
cache-control
max-age=7257600, public, max-age=31536000
expires
Sat, 05 Dec 2020 20:31:23 GMT
leadpage.js
my.leadpages.net/static/lp1539964538/public/js/
188 KB
58 KB
Script
General
Full URL
https://my.leadpages.net/static/lp1539964538/public/js/leadpage.js
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
6e86e86f01bd319ca2394293208c90fcc22db6de8dcb25e31dd81705b616cdcd

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 11:26:45 GMT
content-encoding
gzip
server
Google Frontend
age
205478
etag
"QKthyw"
content-type
application/javascript
status
200
x-cloud-trace-context
75f8e38af9a46391aee003278648e436
cache-control
max-age=7257600,public, max-age=31536000
access-control-allow-origin
*
content-length
59380
expires
Thu, 03 Dec 2020 11:26:45 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin
*
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
5041
css
fonts.googleapis.com/
8 KB
822 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,500%7CLora
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
70dbd84c39d46a8c90b27d86f5e69fdd5322433cff81bbacade839c85c14c1ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Dec 2019 20:31:23 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 06 Dec 2019 20:31:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 06 Dec 2019 20:31:23 GMT
normalize.min.css
static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/css/normalize.min.css
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.9.117 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
117.9.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
17eeb5bd00db641f46e7fb79d68325cdb4695b2a5ec0121bbae4586f8c2c3116

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
age
0
status
200
x-guploader-uploadid
AEnB2UqejpWosa_zJhABPU5V3aY3EFsfGOIQ0k3jDIzzDl8vVeNd0qPWHO8pfaKdqs8b3u_bwfYGNvSlwQj2aRZD8-8jpxuFT5O8L6vW7iZX4x9tlc9dIKg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
1935
last-modified
Wed, 12 Jul 2017 18:06:01 GMT
server
UploadServer
etag
"81a52394b85dbb23d9b8593d46a0fce3"
x-goog-hash
crc32c=fPzwkA==, md5=gaUjlLhduyPZuFk9RqD84w==
x-goog-generation
1499882761309097
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, ETag, Expires, Last-Modified
cache-control
public, max-age=3600
x-goog-stored-content-length
1935
accept-ranges
bytes
content-type
text/css
expires
Fri, 06 Dec 2019 21:31:23 GMT
flexslider.css
static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/css/flexslider.css
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.9.117 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
117.9.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d5a9454a1160658807fd1f36a37c07f4df35b122f8833e6ecb6f7e07328fb6db

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
age
0
status
200
x-guploader-uploadid
AEnB2UrHOqfODguWQjNMx6M7fhITnIjkI_UPhP9Mq27nVzXJQ1yrd2hjgOSL-x0boqZBQmNxvSe2JqSCzp3aTsaCqv9zGZse0ddQRWLw78UrwBOcoAb3QKA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
3071
last-modified
Wed, 12 Jul 2017 18:06:00 GMT
server
UploadServer
etag
"cd299b3623ff4a7ac4b4699988aa6e5c"
x-goog-hash
crc32c=ty1GNg==, md5=zSmbNiP/SnrEtGmZiKpuXA==
x-goog-generation
1499882760974211
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, ETag, Expires, Last-Modified
cache-control
public, max-age=3600
x-goog-stored-content-length
3071
accept-ranges
bytes
content-type
text/css
expires
Fri, 06 Dec 2019 21:31:23 GMT
style.css
static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/css/
7 KB
8 KB
Stylesheet
General
Full URL
https://static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/css/style.css
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.9.117 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
117.9.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
295634f4cede448758470e2f5a2766002e96cc3ee8df2786bf4026fadf1e5eef

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
age
0
status
200
x-guploader-uploadid
AEnB2UqNdUaf7vc5dDDaQ_RuI5TFQ8S1tPSOJw7ItuVXuf2bIQrfo2Oufj-vRRuF-1pHKbD1_hw7IyDaKB9W5JTS8pAmtk9Tlw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
7670
last-modified
Wed, 12 Jul 2017 18:06:01 GMT
server
UploadServer
etag
"ecd44ca7f5b4a76ce1e295ef02ba6676"
x-goog-hash
crc32c=UdSOcg==, md5=7NRMp/W0p2zh4pXvArpmdg==
x-goog-generation
1499882761657420
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, ETag, Expires, Last-Modified
cache-control
public, max-age=3600
x-goog-stored-content-length
7670
accept-ranges
bytes
content-type
text/css
expires
Fri, 06 Dec 2019 21:31:23 GMT
html5shiv.js
static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/js/
9 KB
10 KB
Script
General
Full URL
https://static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/js/html5shiv.js
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.9.117 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
117.9.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e7e8ffb2a39448d06dc71bd3b7015019351fe9b3349fd8ffd483b6cab97928c7

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
age
0
status
200
x-guploader-uploadid
AEnB2UptWRoYfo3yw83S6luvr47gi6DGYk3CWNyUfmA2VK9LAMO8UPqplsPBPswUXVmL7hA5eRT8Sk4lpBna-_2wwd5imB5_Qw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
9498
last-modified
Wed, 12 Jul 2017 18:06:03 GMT
server
UploadServer
etag
"6f9ae49ba54ad8f6751991a0eb0b27e8"
x-goog-hash
crc32c=quwl6Q==, md5=b5rkm6VK2PZ1GZGg6wsn6A==
x-goog-generation
1499882763233774
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, ETag, Expires, Last-Modified
cache-control
public, max-age=3600
x-goog-stored-content-length
9498
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 06 Dec 2019 21:31:23 GMT
jquery-1.9.1.min.js
static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/js/
90 KB
91 KB
Script
General
Full URL
https://static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/js/jquery-1.9.1.min.js
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.9.117 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
117.9.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
age
0
status
200
x-guploader-uploadid
AEnB2UouI4MQyvUzr_kDK7JXw95-R3p0e-N8L210m7gXMdQT4JEXVHUi2Ne71d6jbwqgqZKLX6JJLaqmZ4p3ilh21piz68NyAA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
92630
last-modified
Wed, 12 Jul 2017 18:06:03 GMT
server
UploadServer
etag
"663628f795cb62444143fde1ebdf2b5b"
x-goog-hash
crc32c=LNcosw==, md5=ZjYo95XLYkRBQ/3h698rWw==
x-goog-generation
1499882763675937
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, ETag, Expires, Last-Modified
cache-control
public, max-age=3600
x-goog-stored-content-length
92630
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 06 Dec 2019 21:31:23 GMT
jquery.flexslider-min.js
static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/js/
21 KB
22 KB
Script
General
Full URL
https://static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/js/jquery.flexslider-min.js
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.9.117 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
117.9.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0c853c2cc205bafe5d893017b6a03a2acf0f04a11b85f80605514cf0ae540fe6

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
age
0
status
200
x-guploader-uploadid
AEnB2Ur6qKWrrqKv3qMspOTgcJte-siACItSrPvkdvtdRCt47Vpgu-DYZsxU_VxJFjaJWyoqY4ZG1r_HWxEPLvJ6p0e2vV_VxqnEvun4kdhkxKyajKMYzZ4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
21638
last-modified
Wed, 12 Jul 2017 18:06:04 GMT
server
UploadServer
etag
"9ec3c315b67f434aabc4da58eabc6c3a"
x-goog-hash
crc32c=JVB6kg==, md5=nsPDFbZ/Q0qrxNpY6rxsOg==
x-goog-generation
1499882764336921
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, ETag, Expires, Last-Modified
cache-control
public, max-age=3600
x-goog-stored-content-length
21638
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 06 Dec 2019 21:31:23 GMT
functions.js
static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/js/
4 KB
4 KB
Script
General
Full URL
https://static.lpages.co/TPuy2oTwi4ARD28zZhH3CA/js/functions.js
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.9.117 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
117.9.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0c872ea692f3f55e30692cf76aab38b432c5f797977f0a0ebfab7e8bc3e0f4eb

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
age
0
status
200
x-guploader-uploadid
AEnB2UrRvtcO3U8VeGWEYz0ygQHsRI5DA21XRUsoZgTy9q7tBMfMH25_j6-wWP4aggY335irtEM8Uxnqq9IFe30UlqmkC8m1Jz6LoZaK9whyafu-2dZzjp8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
3726
last-modified
Wed, 12 Jul 2017 18:06:02 GMT
server
UploadServer
etag
"6c14b93aea3527a64a7aa00b6b768db7"
x-goog-hash
crc32c=kHv2xg==, md5=bBS5Ouo1J6ZKeqALa3aNtw==
x-goog-generation
1499882762535377
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, ETag, Expires, Last-Modified
cache-control
public, max-age=3600
x-goog-stored-content-length
3726
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 06 Dec 2019 21:31:23 GMT
hWfzCljXDLS8xv9BMT_9JDfhcd12LmSgy2T47kWFY2OzWP9eUCNKSb0JdX_e1nSRYztHFzQ6d2lQfvZ1GAVYbmE=s0
lh3.googleusercontent.com/
100 KB
101 KB
Image
General
Full URL
http://lh3.googleusercontent.com/hWfzCljXDLS8xv9BMT_9JDfhcd12LmSgy2T47kWFY2OzWP9eUCNKSb0JdX_e1nSRYztHFzQ6d2lQfvZ1GAVYbmE=s0
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
97d392634a33d7c0506c3484960e237fe6b946cb9371e9ccfb6a8ab6c82a3576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Dec 2019 20:31:24 GMT
X-Content-Type-Options
nosniff
Server
fife
ETag
"v1"
Vary
Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="unnamed.jpg"
Timing-Allow-Origin
*
Content-Length
102523
X-XSS-Protection
0
Expires
Sat, 07 Dec 2019 20:31:24 GMT
tracking.js
my.leadpages.net/static/lp1539964538/min/
5 KB
2 KB
Script
General
Full URL
http://my.leadpages.net/static/lp1539964538/min/tracking.js
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
7012f1541cb0ed45a482e67f39b098cf451bf25776fc67311ffbe1e56223d825

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Dec 2019 20:31:23 GMT
Content-Encoding
gzip
Server
Google Frontend
ETag
"6c919Q"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Cloud-Trace-Context
91074d629e5be9ae49dbcfda97e2401e
Cache-Control
max-age=7257600, public, max-age=31536000
Expires
Sat, 05 Dec 2020 20:31:23 GMT
center.js
js.center.io/
12 KB
5 KB
Script
General
Full URL
https://js.center.io/center.js
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3adb60545bd82c9e4963d5bb1a08138b66c931262fb4852ca38219c430762e0a

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:03 GMT
content-encoding
gzip
server
Google Frontend
age
20
etag
"1wcOuA"
content-type
application/javascript
status
200
x-cloud-trace-context
3c748e4448f975328808a84192c0ebac
cache-control
public, max-age=300
content-length
5099
expires
Fri, 06 Dec 2019 20:36:03 GMT
identify.html
js.center.io/ Frame 2732
0
0
Document
General
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

:method
GET
:authority
js.center.io
:scheme
https
:path
/identify.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://uneselection.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://uneselection.fr/

Response headers

status
200
date
Fri, 06 Dec 2019 20:28:19 GMT
expires
Fri, 06 Dec 2019 20:33:19 GMT
etag
"1wcOuA"
x-cloud-trace-context
e0e68068090effc41426dbbc2571b69b
content-type
text/html
content-encoding
gzip
server
Google Frontend
content-length
1698
age
184
cache-control
public, max-age=300
pixel
my.leadpages.net/analytics/
3 KB
4 KB
Image
General
Full URL
http://my.leadpages.net/analytics/pixel?id=144df2733f72a2%3A129b596feb46dc&uuid=cf04f007-46c6-4d9e-eadc-00da8bcb3d91&type=view&served_by=leadpages&
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
9369f922128497b7d3b1c63920ea443dfa52ab87d010b682d4ead4837ca6f819

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cloud-Trace-Context
dccef307291c60319563b528a11053d1
Cache-Control
no-cache
Expires
Fri, 06 Dec 2019 20:31:24 GMT
Server
Google Frontend
Date
Fri, 06 Dec 2019 20:31:24 GMT
Content-Length
3215
Content-type
image/gif
/
uneselection.fr/
13 KB
13 KB
Image
General
Full URL
http://uneselection.fr/
Requested by
Host: my.leadpages.net
URL: https://my.leadpages.net/static/lp1539964538/public/js/leadpage.js
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache / PHP/7.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Dec 2019 20:31:23 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.0
X-IPLB-Instance
18183
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: my.leadpages.net
URL: https://my.leadpages.net/static/lp1539964538/public/js/leadpage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,500%7CLora
Origin
http://uneselection.fr

Response headers

date
Tue, 19 Nov 2019 01:14:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1538215
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Wed, 18 Nov 2020 01:14:28 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: my.leadpages.net
URL: https://my.leadpages.net/static/lp1539964538/public/js/leadpage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,500%7CLora
Origin
http://uneselection.fr

Response headers

date
Thu, 21 Nov 2019 15:36:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1313702
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:36:21 GMT
/
mwilson.lpages.co/leadbox/144df2733f72a2:129b596feb46dc/5641978091929600/ Frame 3FDA
Redirect Chain
  • http://mwilson.lpages.co/leadbox/144df2733f72a2:129b596feb46dc/5641978091929600/?lp-in-iframe=1&__fromjs=1
  • https://mwilson.lpages.co/leadbox/144df2733f72a2:129b596feb46dc/5641978091929600/?lp-in-iframe=1&__fromjs=1
0
0
Document
General
Full URL
https://mwilson.lpages.co/leadbox/144df2733f72a2:129b596feb46dc/5641978091929600/?lp-in-iframe=1&__fromjs=1
Requested by
Host: my.leadpages.net
URL: https://my.leadpages.net/static/lp1539964538/public/js/leadpage.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.202.21.90 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
mwilson.lpages.co
:scheme
https
:path
/leadbox/144df2733f72a2:129b596feb46dc/5641978091929600/?lp-in-iframe=1&__fromjs=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://uneselection.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://uneselection.fr/

Response headers

status
200
date
Fri, 06 Dec 2019 20:31:24 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
etag
W/"56cc59a50463dbbfebe28efec9fdc7f1"
last-modified
Tue, 23 Oct 2018 05:22:37 GMT
x-cache
MISS, MISS
cache-control
no-cache
server
Leadpages
strict-transport-security
max-age=15768000
content-encoding
br

Redirect headers

Date
Fri, 06 Dec 2019 20:31:24 GMT
Content-Type
text/html
Content-Length
166
Connection
keep-alive
Location
https://mwilson.lpages.co/leadbox/144df2733f72a2:129b596feb46dc/5641978091929600/?lp-in-iframe=1&__fromjs=1
Server
Leadpages
Strict-Transport-Security
max-age=15768000
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/
13 KB
6 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js?_=1575664283824
Requested by
Host: my.leadpages.net
URL: https://my.leadpages.net/static/lp1539964538/public/js/leadpage.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Dec 2019 20:31:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
5437
X-XSS-Protection
0
Expires
Sat, 05 Dec 2020 20:31:23 GMT
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: my.leadpages.net
URL: https://my.leadpages.net/static/lp1539964538/public/js/leadpage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
188b35760813ab0b289105fd977d41ba04c36d7953ad221558cd6eda76a65a52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
v0lvy+a8m9QHQ2+2gBUtCg==
status
200
date
Fri, 06 Dec 2019 20:31:23 GMT
expires
Fri, 06 Dec 2019 20:39:49 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
1780
x-fb-debug
M0gDghNDkpm6xZrIluea4E2u6mPtEMvmoZYfW4qqrDovLo0BVLiczbvKRj2ZFRcKTEaSLNEQ3i0PtGHpNOJlEQ==
x-fb-trip-id
1475214379
x-fb-content-md5
bf0734d48d195fe5f5221601aa267830
etag
"277988c9120dcf3beec4d068a0e1d73b"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/
96 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: my.leadpages.net
URL: https://my.leadpages.net/static/lp1539964538/public/js/leadpage.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
13c88608140b103dd0eb9040e4466efcb7b0a1d7784bdd802c702e3a25fea222

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
content-encoding
gzip
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
28852
x-served-by
cache-iad2126-IAD, cache-hhn4077-HHN
last-modified
Tue, 26 Nov 2019 18:14:56 GMT
etag
"6448d12e510c748220c730e694411504+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
plusone.js
apis.google.com/js/
48 KB
19 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js?onload=onPlusOneLoadCallback
Requested by
Host: my.leadpages.net
URL: https://my.leadpages.net/static/lp1539964538/public/js/leadpage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
bb33c28c6f597edc73d5175644249475411fb114bdb864e9cab20694a2df83bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Dec 2019 20:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-RC/Z2EHE/pGfA1nezPTpUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"e070f6a2ab82e9eb795934eee8706274"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Fri, 06 Dec 2019 20:31:23 GMT
all.js
connect.facebook.net/en_US/
187 KB
56 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=097f397f479ecc8bcdf8be4827162e09&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
017f1c7318f5ad5680fedc794d984587303dfa22635a8435c15505f931e1bfc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://uneselection.fr/
Origin
http://uneselection.fr

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
89DDGlsN/MzWuGSK2Fm15g==
status
200
date
Fri, 06 Dec 2019 20:31:23 GMT
expires
Sat, 05 Dec 2020 18:53:57 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
56817
x-fb-debug
kPDbTpUnbPnsUceHPOzLHWNBI5JxSpOIn+K67KFldk5C/Zavd8Nxe/VNl5vDVj/+kUvGb8HbAxlU2Taaow7T2Q==
x-fb-trip-id
1475214379
x-fb-content-md5
9fa0484439a2f8dbbb89d8e46859df2c
etag
"38a413126e1224ae9b83273120f46693"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
capture
api.leadpages.io/analytics/v1/events/
35 B
641 B
XHR
General
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=5715233054130176&v=&e=&st=&pid=AkXMLrK4nanpG4zU5CQ8mM&uid=5rnRkkh3vQ737dqk5K8waZ&sid=8CyBkyjc6FGMVk3rXpSsz4&cid=lp-5715233054130176&uri=http%3A%2F%2Funeselection.fr%2F&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://uneselection.fr/
Origin
http://uneselection.fr

Response headers

Date
Fri, 06 Dec 2019 20:31:24 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
144.76.109.30
Content-Type
image/gif
access-control-allow-origin
http://uneselection.fr
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
0353b2s1fn9qo1v6ksv0
css
fonts.googleapis.com/
Redirect Chain
  • http://fonts.googleapis.com/css?family=Lora%7CLora%7CRoboto
  • https://fonts.googleapis.com/css?family=Lora%7CLora%7CRoboto
4 KB
626 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lora%7CLora%7CRoboto
Requested by
Host: uneselection.fr
URL: http://uneselection.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c01148ae6b54cd1a9c5189bee779f7b9cb220a50cb7ea605816fa9892593d02d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Dec 2019 20:31:23 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 06 Dec 2019 20:31:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 06 Dec 2019 20:31:23 GMT

Redirect headers

Location
https://fonts.googleapis.com/css?family=Lora%7CLora%7CRoboto
Non-Authoritative-Reason
HSTS
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/
139 KB
49 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js?onload=onPlusOneLoadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7b5bbcbf15b2ae7c554c86986bd4412a26c9c11058c19142a8892614bd41ff7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://uneselection.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 Nov 2019 03:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Nov 2019 22:31:30 GMT
server
sffe
age
1269103
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
49979
x-xss-protection
0
expires
Sat, 21 Nov 2020 03:59:40 GMT
widget_iframe.6a44a9d26983bbb5b04ae399f9e496fe.html
platform.twitter.com/widgets/ Frame 1E7E
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.6a44a9d26983bbb5b04ae399f9e496fe.html?origin=http%3A%2F%2Funeselection.fr
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
platform.twitter.com
:scheme
https
:path
/widgets/widget_iframe.6a44a9d26983bbb5b04ae399f9e496fe.html?origin=http%3A%2F%2Funeselection.fr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://uneselection.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://uneselection.fr/

Response headers

status
200
last-modified
Tue, 26 Nov 2019 18:11:58 GMT
cache-control
public, max-age=315360000
content-type
text/html; charset=utf-8
etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
content-encoding
gzip
access-control-allow-methods
GET
access-control-allow-origin
*
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges
bytes
date
Fri, 06 Dec 2019 20:31:23 GMT
x-served-by
cache-iad2139-IAD, cache-hhn4077-HHN
x-cache
HIT, HIT
vary
Accept-Encoding
tw-cdn
FT
content-length
5816
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 3A96
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=097f397f479ecc8bcdf8be4827162e09&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://uneselection.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://uneselection.fr/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 04 Dec 2020 21:35:01 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
+AQyIV6r8E4cDZ9li1P0QP0bQdvlnXXtDZ4nmjcW96Lr9fcNibva4yf3b3c+hhBYb6VnP0GAE+OeCmXiJghzgw==
content-length
12381
x-fb-trip-id
1475214379
date
Fri, 06 Dec 2019 20:31:23 GMT
alt-svc
h3-23=":443"; ma=3600
0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v14/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v14/0QIvMX1D_JOuMwr7I_FMl_E.woff2
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js?_=1575664283824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2a80dc3e72230cd009ad952ebac959905d921e509aebe911704557d0311da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,500%7CLora
Origin
http://uneselection.fr

Response headers

date
Thu, 21 Nov 2019 17:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:22 GMT
server
sffe
age
1307902
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15608
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:13:01 GMT
capture
api.leadpages.io/analytics/v1/observations/
35 B
437 B
XHR
General
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.4&correlateBy=ub6azfRym4jT7mRrkNGy92&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=139.5499985665083,115.57499878108501,1,399.4100000709295
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://uneselection.fr/
Origin
http://uneselection.fr

Response headers

Date
Fri, 06 Dec 2019 20:31:28 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
144.76.109.30
Content-Type
image/gif
access-control-allow-origin
http://uneselection.fr
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
0353b3sjsut8acarevkg

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| LeadPagesCenterObject function| center string| AnalyticsPropertyID object| LeadPageData string| TEMPLATE_CONTEXT object| LeadPage function| $ function| jQuery boolean| popup object| leadpages_input_data object| html5 object| jQuery191032578445858020477 boolean| LP_TRACKING_LOADED string| servedBy string| trackingId string| key object| jQuery111002588969113806976 object| WebFont object| FB object| gapi object| ___jsl object| __twttrll object| twttr object| __twttr object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.leadpages.io
apis.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.center.io
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
mwilson.lpages.co
my.leadpages.net
platform.twitter.com
static.lpages.co
staticxx.facebook.com
uneselection.fr
130.211.9.117
151.101.112.157
188.165.53.185
2001:4de0:ac19::1:b:3a
2a00:1450:4001:818::2003
2a00:1450:4001:819::200a
2a00:1450:4001:819::2013
2a00:1450:4001:81d::2001
2a00:1450:4001:81f::2013
2a00:1450:4001:820::200e
2a00:1450:4001:824::200a
2a03:2880:f01c:8012:face:b00c:0:3
35.192.151.63
35.202.21.90
017f1c7318f5ad5680fedc794d984587303dfa22635a8435c15505f931e1bfc4
0c853c2cc205bafe5d893017b6a03a2acf0f04a11b85f80605514cf0ae540fe6
0c872ea692f3f55e30692cf76aab38b432c5f797977f0a0ebfab7e8bc3e0f4eb
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
13c88608140b103dd0eb9040e4466efcb7b0a1d7784bdd802c702e3a25fea222
17eeb5bd00db641f46e7fb79d68325cdb4695b2a5ec0121bbae4586f8c2c3116
188b35760813ab0b289105fd977d41ba04c36d7953ad221558cd6eda76a65a52
295634f4cede448758470e2f5a2766002e96cc3ee8df2786bf4026fadf1e5eef
3adb60545bd82c9e4963d5bb1a08138b66c931262fb4852ca38219c430762e0a
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e86e86f01bd319ca2394293208c90fcc22db6de8dcb25e31dd81705b616cdcd
7012f1541cb0ed45a482e67f39b098cf451bf25776fc67311ffbe1e56223d825
70dbd84c39d46a8c90b27d86f5e69fdd5322433cff81bbacade839c85c14c1ac
77d3809604e07430257f0e33061c601c35708c4de9d2527bf722f0f81bc84a05
7b5bbcbf15b2ae7c554c86986bd4412a26c9c11058c19142a8892614bd41ff7c
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9369f922128497b7d3b1c63920ea443dfa52ab87d010b682d4ead4837ca6f819
97d392634a33d7c0506c3484960e237fe6b946cb9371e9ccfb6a8ab6c82a3576
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
bb2a80dc3e72230cd009ad952ebac959905d921e509aebe911704557d0311da3
bb33c28c6f597edc73d5175644249475411fb114bdb864e9cab20694a2df83bf
c01148ae6b54cd1a9c5189bee779f7b9cb220a50cb7ea605816fa9892593d02d
d5a9454a1160658807fd1f36a37c07f4df35b122f8833e6ecb6f7e07328fb6db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78fa4f6b11f41b1731d7c515aef3b10dfe64e5ea4179fbedf25c74970aff644
e7e8ffb2a39448d06dc71bd3b7015019351fe9b3349fd8ffd483b6cab97928c7