www.multi-prets.com
Open in
urlscan Pro
2620:1ec:bdf::67
Public Scan
Submitted URL: http://www.planihypotheque.com/
Effective URL: https://www.multi-prets.com/fr/courtier-hypothecaire/pascal-cusson/?utm_source=old_broker_url&utm_medium=redirect&utm_campai...
Submission: On October 25 via api from GB — Scanned from GB
Effective URL: https://www.multi-prets.com/fr/courtier-hypothecaire/pascal-cusson/?utm_source=old_broker_url&utm_medium=redirect&utm_campai...
Submission: On October 25 via api from GB — Scanned from GB
Summary
This website contacted 22 IPs
in 5 countries
across 19 domains to perform 74 HTTP transactions.
The main IP is 2620:1ec:bdf::67, located in
United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is www.multi-prets.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 26th 2023. Valid for: a year.
This is the only time www.multi-prets.com was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 26th 2023. Valid for: a year.
This is the only time www.multi-prets.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
65.175.74.173
(United States)
ASN7393 (CYBERCON, US)
PTR: 173.74.175.65.rdns.ezhostingserver.com
ASN7393 (CYBERCON, US)
PTR: 173.74.175.65.rdns.ezhostingserver.com
| www.planihypotheque.com |
24
2620:1ec:bdf::67
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| www.multi-prets.com | |
| brokerwebsitesapi.azurefd.net |
9
2620:1ec:46::67
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| brokerwebsitesimage.azureedge.net |
2
2600:9000:2251:a400:5:b7cc:d3c0:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| sdk.privacy-center.org |
3
2a00:1450:4001:82b::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2a00:1450:4001:80b::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
2
2a00:1450:4001:813::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
18.66.97.53
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
| static.hotjar.com |
3
2a03:2880:f083:9:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
108.138.1.25
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
| c.amazon-adsystem.com |
2
142.250.186.34
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
| ade.googlesyndication.com |
1
13.32.27.19
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
| script.hotjar.com |
3
2a03:2880:f177:83:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
2
212.82.100.181
(Dublin, Ireland)
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
| sp.analytics.yahoo.com |
| Domain | Requested by | |
|---|---|---|
| 19 | www.multi-prets.com |
2 redirects
www.multi-prets.com
|
| 9 | brokerwebsitesimage.azureedge.net |
www.multi-prets.com
|
| 5 | brokerwebsitesapi.azurefd.net |
www.multi-prets.com
|
| 4 | region1.google-analytics.com |
www.googletagmanager.com
|
| 4 | www.gstatic.com |
www.google.com
www.gstatic.com |
| 3 | www.facebook.com | |
| 3 | bat.bing.com |
www.multi-prets.com
bat.bing.com |
| 3 | connect.facebook.net |
www.multi-prets.com
connect.facebook.net |
| 3 | www.googletagmanager.com |
www.multi-prets.com
www.googletagmanager.com |
| 3 | www.google.com |
www.multi-prets.com
www.gstatic.com www.google.com |
| 2 | sp.analytics.yahoo.com | |
| 2 | s.amazon-adsystem.com |
1 redirects
c.amazon-adsystem.com
|
| 2 | www.youtube.com |
www.multi-prets.com
www.youtube.com |
| 2 | ade.googlesyndication.com | |
| 2 | s.yimg.com |
www.multi-prets.com
s.yimg.com |
| 2 | mp5.multi-prets.com |
www.googletagmanager.com
mp5.multi-prets.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
|
| 2 | sdk.privacy-center.org |
www.multi-prets.com
sdk.privacy-center.org |
| 1 | script.hotjar.com |
static.hotjar.com
|
| 1 | c.amazon-adsystem.com |
www.multi-prets.com
|
| 1 | static.hotjar.com |
www.googletagmanager.com
|
| 1 | pagead2.googlesyndication.com |
www.googletagmanager.com
|
| 1 | www.mortgageboss.ca |
www.multi-prets.com
|
| 1 | www.planihypotheque.com | 1 redirects |
| 74 | 24 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| maps.google.com |
| ymm.multi-prets.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.multi-prets.com Go Daddy Secure Certificate Authority - G2 |
2023-09-26 - 2024-10-27 |
a year | crt.sh |
| *.azureedge.net Microsoft Azure RSA TLS Issuing CA 03 |
2023-10-08 - 2024-10-02 |
a year | crt.sh |
| *.mortgageboss.ca Go Daddy Secure Certificate Authority - G2 |
2022-11-07 - 2023-12-08 |
a year | crt.sh |
| *.azurefd.net Microsoft Azure TLS Issuing CA 05 |
2023-09-28 - 2024-06-27 |
9 months | crt.sh |
| *.privacy-center.org Amazon RSA 2048 M02 |
2023-03-25 - 2024-04-22 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
| *.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
| mp5.multi-prets.com R3 |
2023-10-13 - 2024-01-11 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-08-03 - 2023-11-01 |
3 months | crt.sh |
| *.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA |
2023-09-25 - 2023-11-15 |
2 months | crt.sh |
| www.bing.com Microsoft Azure TLS Issuing CA 05 |
2023-07-26 - 2024-01-22 |
6 months | crt.sh |
| c.amazon-adsystem.com Amazon RSA 2048 M01 |
2023-02-28 - 2024-02-17 |
a year | crt.sh |
| s.amazon-adsystem.com Amazon RSA 2048 M01 |
2023-03-03 - 2024-02-19 |
a year | crt.sh |
| real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2023-10-24 - 2024-04-17 |
6 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.multi-prets.com/fr/courtier-hypothecaire/pascal-cusson/?utm_source=old_broker_url&utm_medium=redirect&utm_campaign=brokers_url&utm_campaign=pascal-cusson
Frame ID: FBC1CDA3B23581805CD1A8B5E0BECCD0
Requests: 66 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfcp9IZAAAAAOwzreB9c0SZXVOP-w7Mm5cUDRjc&co=aHR0cHM6Ly93d3cubXVsdGktcHJldHMuY29tOjQ0Mw..&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=rpq0n1mrfd33
Frame ID: 1BD94352BE9CB84F69CE34303BAB1B38
Requests: 5 HTTP requests in this frame
Frame:
https://s.amazon-adsystem.com/iu3?pid=13347c78-52e6-4956-89aa-c008cde2371f&event=PageView&ts=1698207452670&dcc=t
Frame ID: 9835D8E25CE6DE972F8BD879D4930F14
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Pascal Cusson - Courtier hypothécaire chez Multi-Prêts Hypothèques à Boucherville, QCPage URL History Show full URLs
-
http://www.planihypotheque.com/
HTTP 301
https://www.multi-prets.com/fr/courtiers-hypothecaires/site-Cloutier-st-laurent/courtier-pascal-cusson HTTP 301
https://www.multi-prets.com/fr/courtier-hypothecaire-pascal-cusson/ HTTP 301
https://www.multi-prets.com/fr/courtier-hypothecaire/pascal-cusson/?utm_source=old_broker_url&utm_medium... Page URL
Detected technologies
Didomi
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- sdk\.privacy-center\.org/.*/loader\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.hotjar\.com/
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /recaptcha/api\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: http://maps.google.com/?q=802,%20rue%20de%20Montbrun,%20Boucherville,%20QC%20J4B%208A7
Title: 802, rue de Montbrun,Boucherville, QC J4B 8A7
Title: 802, rue de Montbrun,Boucherville, QC J4B 8A7
Search URL Search Domain Scan URL
URL: https://ymm.multi-prets.com/fr/Mortgage-Market/Landing-Page?leadDealId=MPH&brokerCode=548300
Title: Préqualifiez-vous maintenant
Title: Préqualifiez-vous maintenant
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.planihypotheque.com/
HTTP 301
https://www.multi-prets.com/fr/courtiers-hypothecaires/site-Cloutier-st-laurent/courtier-pascal-cusson HTTP 301
https://www.multi-prets.com/fr/courtier-hypothecaire-pascal-cusson/ HTTP 301
https://www.multi-prets.com/fr/courtier-hypothecaire/pascal-cusson/?utm_source=old_broker_url&utm_medium=redirect&utm_campaign=brokers_url&utm_campaign=pascal-cusson Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 57- https://s.amazon-adsystem.com/iu3?pid=13347c78-52e6-4956-89aa-c008cde2371f&event=PageView&ts=1698207452670 HTTP 302
- https://s.amazon-adsystem.com/iu3?pid=13347c78-52e6-4956-89aa-c008cde2371f&event=PageView&ts=1698207452670&dcc=t
74 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.multi-prets.com/fr/courtier-hypothecaire/pascal-cusson/ Redirect Chain
|
183 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5859f2a1804d4727.css
www.multi-prets.com/_next/static/css/ |
920 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webpack-b614b38db726c5b1.js
www.multi-prets.com/_next/static/chunks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
framework-da873f92495b87e0.js
www.multi-prets.com/_next/static/chunks/ |
137 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main-d98ae2215adee974.js
www.multi-prets.com/_next/static/chunks/ |
102 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_app-477df636243d98fe.js
www.multi-prets.com/_next/static/chunks/pages/ |
383 KB 210 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b98bc7c3-acc13d36bc197b66.js
www.multi-prets.com/_next/static/chunks/ |
1 KB 947 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
189-bab26ea0ce314d94.js
www.multi-prets.com/_next/static/chunks/ |
112 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
450-041506c18d4475b3.js
www.multi-prets.com/_next/static/chunks/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
878-56915ac623013229.js
www.multi-prets.com/_next/static/chunks/ |
140 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
526-711dcc6e22e50664.js
www.multi-prets.com/_next/static/chunks/ |
93 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
%5BsiteName%5D-3f8e113eda113b05.js
www.multi-prets.com/_next/static/chunks/pages/%5BsubPath%5D/ |
61 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_buildManifest.js
www.multi-prets.com/_next/static/TiB3bkWUMyRtF4O95U21X/ |
2 KB 950 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_ssgManifest.js
www.multi-prets.com/_next/static/TiB3bkWUMyRtF4O95U21X/ |
103 B 393 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_middlewareManifest.js
www.multi-prets.com/_next/static/TiB3bkWUMyRtF4O95U21X/ |
92 B 380 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-mp-fr-v2.png
brokerwebsitesimage.azureedge.net/m3brokerimages1/next/website/images/logos/ |
44 KB 45 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slide-mp-1.jpg
brokerwebsitesimage.azureedge.net/m3brokerimages1/next/website/images/carousel/ |
135 KB 135 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pascal_Cusson.jpg
www.mortgageboss.ca/FileLibrary/Client_2/_Agent_Photo_Fr/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
broker-about.jpeg
brokerwebsitesimage.azureedge.net/m3brokerimages1/next/website/images/ |
482 KB 482 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Calculator-01.png
brokerwebsitesimage.azureedge.net/m3brokerimages1/next/website/images/calculator/ |
3 KB 3 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
applyicon.png
brokerwebsitesimage.azureedge.net/m3brokerimages1/next/website/images/calculator/ |
3 KB 3 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Rate-01.png
brokerwebsitesimage.azureedge.net/m3brokerimages1/next/website/images/calculator/ |
3 KB 3 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
agent-signup.jpeg
brokerwebsitesimage.azureedge.net/m3brokerimages1/next/website/images/ |
178 KB 178 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GilmerRegular.c21d96ad.ttf
www.multi-prets.com/_next/static/media/ |
98 KB 46 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GilmerLight.641ab102.ttf
www.multi-prets.com/_next/static/media/ |
94 KB 44 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
fetchBlogWorkshop
brokerwebsitesapi.azurefd.net/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
fetchBlogWorkshop
brokerwebsitesapi.azurefd.net/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.js
sdk.privacy-center.org/e874aa71-5754-45b6-a3e4-b63a7e0ad1cf/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
fetchBlogWorkshop
brokerwebsitesapi.azurefd.net/ |
24 B 204 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
fetchBlogWorkshop
brokerwebsitesapi.azurefd.net/ |
44 B 253 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ |
462 KB 185 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sdk.0f5449d9f9fec4b95e91bc836f41b050d1e2a319.js
sdk.privacy-center.org/sdk/0f5449d9f9fec4b95e91bc836f41b050d1e2a319/modern/ |
339 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 1BD9 |
59 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 1BD9 |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 1BD9 |
462 KB 184 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1BD9 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
webworker.js
www.google.com/recaptcha/api2/ Frame 1BD9 |
102 B 135 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
361 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
20093
brokerwebsitesapi.azurefd.net/fetchBlog/author/ |
44 B 222 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
landing
pagead2.googlesyndication.com/pagead/ |
42 B 455 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
253 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
267 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-2337935.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ea.js
mp5.multi-prets.com/ |
39 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
199 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ytc.js
s.yimg.com/wi/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
44 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amzn.js
c.amazon-adsystem.com/aat/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
src=11156705;type=mutlt0;cat=multi0;ord=5408987134591;gtm=45He3an0v6965904;gcs=G100;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2Ffr%2Fcourtier-hyp...
ade.googlesyndication.com/ddm/activity/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
src=12462948;type=mph-t0;cat=visit001;ord=6460177321140;gtm=45He3an0v6965904;gcs=G100;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.multi-prets.com%2Ffr%2Fcourtier-h...
ade.googlesyndication.com/ddm/activity/ |
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe_api
www.youtube.com/ |
993 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 248 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
56377355.js
bat.bing.com/p/action/ |
0 116 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 285 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iu3
s.amazon-adsystem.com/ Frame 9835 Redirect Chain
|
65 B 896 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.a154b6db0235839b3687.js
script.hotjar.com/ |
228 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
10097015.json
s.yimg.com/wi/config/ |
2 B 497 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
177620006795350
connect.facebook.net/signals/config/ |
124 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/96163992/www-widgetapi.vflset/ |
213 KB 66 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
198932828089390
connect.facebook.net/signals/config/ |
109 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
43 B 633 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
43 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
588471412
mp5.multi-prets.com/col674a/-/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slide-mp-2.jpg
brokerwebsitesimage.azureedge.net/m3brokerimages1/next/website/images/carousel/ |
184 KB 184 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slide-mp-1.jpg
brokerwebsitesimage.azureedge.net/m3brokerimages1/next/website/images/carousel/ |
135 KB 135 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
146 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| webpackChunk_N_E object| regeneratorRuntime object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| i18nConfig object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST object| didomiConfig boolean| gdprAppliesGlobally object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| webpackChunkDidomi object| Didomi object| didomiOnReady object| didomiEventListeners object| dataLayer function| __uspapi object| DidomiSanitizing object| didomiState object| recaptcha object| closure_lm_562437 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq object| dotq object| uetq function| amzn object| ytTracker function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_c48f0878c9 object| gaplugins object| gaData function| renewToken function| updateToken function| deleteToken object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| YAHOO object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| _oEa object| _oEaW object| _oEaXp function| EA_event function| EA_button function| EA_link function| EA_download function| EA_productevent function| EA_productbutton function| EA_productlink function| EA_productdownload function| EA_contextflag function| EA_tageventadd function| EA_tagisearchadd function| EA_taguparam function| EA_tagheatmap function| EA_heatmap function| EA_tagemail function| EA_tagproduct function| EA_tagerror function| EA_tagreferrer function| EA_referrer function| EA_tag function| EA_tagmulti function| EA_action_out_in function| EA_action_out function| EA_action_in function| EA_action_ref function| EA_shoppingcartestimate function| EA_shoppingcart function| EA_shoppingcartadd function| EA_shoppingcarthook function| EA_shoppingcartamount function| EA_estimate function| EA_newcustomer function| EA_blockpromo function| EA_view function| EA_tpclickposition function| EA_tpclickproduct function| EA_tpclick function| EA_dyntpclick function| EA_tpclickurl function| EA_dyntpclickurl function| EA_tpview function| EA_tpviewprd function| EA_dyntpview function| EA_tpviewurl function| EA_dyntpviewurl function| EA_click function| EA_clickoutposition function| EA_clickoutproduct function| EA_clickout function| EA_clickouturl function| EA_viewout function| EA_viewouturl function| EA_collectorurl function| EA_collector function| EA_merchandiser function| EA_jsversion number| eflash string| EA_param15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .multi-prets.com/ | Name: _uetsid Value: 6b47f21072ed11ee89cdd7a94287f6eb |
|
| .multi-prets.com/ | Name: _uetvid Value: 6b48089072ed11eea31395191866c5e4 |
|
| .bing.com/ | Name: MUID Value: 3B890A0E947D63570A8419BB951E6245 |
|
| .youtube.com/ | Name: YSC Value: HyJMFlRXQy0 |
|
| .youtube.com/ | Name: VISITOR_INFO1_LIVE Value: KwMCeT0bHm4 |
|
| .multi-prets.com/ | Name: _fbp Value: fb.1.1698207453015.484254367 |
|
| .multi-prets.com/ | Name: _hjSessionUser_2337935 Value: eyJpZCI6ImEwMGRiZWQ0LWM0MTAtNTRmZC04NzIyLTFkOGUxNTY0ZWEzNCIsImNyZWF0ZWQiOjE2OTgyMDc0NTMwNDcsImV4aXN0aW5nIjpmYWxzZX0= |
|
| .multi-prets.com/ | Name: _hjFirstSeen Value: 1 |
|
| .multi-prets.com/ | Name: _hjIncludedInSessionSample_2337935 Value: 0 |
|
| .multi-prets.com/ | Name: _hjSession_2337935 Value: eyJpZCI6ImI5YTJhODQ2LWM1ZmQtNDFiNS1iNGRmLTIzZGZkOTNmNTJiNCIsImNyZWF0ZWQiOjE2OTgyMDc0NTMwNDgsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9 |
|
| .multi-prets.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBN2WOGUCEO4WpmEJUtfXgArLkEGEmmwFEgEBAQHoOWVCZc50rXYB_eMAAA&S=AQAAApMIOhq_w6IXKNYmNUlSw9g |
|
| .amazon-adsystem.com/ | Name: ad-id Value: A_MvtoaFDUnZrK2wnlgK_qs |
|
| .amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
|
| .multi-prets.com/ | Name: etuix Value: _TV_ggcoQpjdolBXxJcotMe_EruyTGNCr7yZL_E0TiQJjumwtIOOCQ-- |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ade.googlesyndication.com
bat.bing.com
brokerwebsitesapi.azurefd.net
brokerwebsitesimage.azureedge.net
c.amazon-adsystem.com
connect.facebook.net
mp5.multi-prets.com
pagead2.googlesyndication.com
region1.google-analytics.com
s.amazon-adsystem.com
s.yimg.com
script.hotjar.com
sdk.privacy-center.org
sp.analytics.yahoo.com
static.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mortgageboss.ca
www.multi-prets.com
www.planihypotheque.com
www.youtube.com
108.138.1.25
13.32.27.19
142.250.186.34
18.66.97.53
2001:4860:4802:32::36
212.82.100.181
2600:9000:2251:a400:5:b7cc:d3c0:93a1
2620:1ec:46::67
2620:1ec:bdf::67
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
38.102.66.79
40.86.210.34
52.46.128.147
65.175.74.173
0905f8d2dbf6c1d887bef1a7ab12eb7a561773304079cd230ecb527bb2a74e73
09e185fdea813e4ebe822acee949d729891705820db58756e6a5c1b66025812b
0c1fff8732999b218a5881fadc13fc74bfbceb1fab3d500cd48a24e717195db7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
17032c2f503f26d378458a4fa446e5a713e99a8df2d45affc3d542b98d8d75c8
19d485453b460a2e7189059827dc4e357e05d65e4a0b3aefa3752d94fcc794d6
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dfa5a61229fb2a8ba91d1bca07f6a5f5c24a24feaa3a8c47aa2f8068492d028
243a244c4924835f4609c3a6a55da76f0ae147bd95eefb4ddc5a1e1397de4446
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a
2ea9243a5153985d90c3d66c32d72a07c58dc08a75c22607dc1c6181e5414f3e
32c57535733fd042fdd5aec6c9c485ce46c075f8386c6d90fecdab40fc3167e3
3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba
41c2eea3b417ca17adb29fd0c2c9ae5f33655c8d88d5490bfbf7f32c0626be66
41f96541162afaf12ccd4611ad5fd4605c28a46f12548598d8687c18855cbc8a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
538b05ce287e7647466de267567939fdaae5abcba14474f9c7706e70424f4e29
5c729d8de0d94697f5bf09c341916b5e0f222eae3aa107ef20ee88c164a55d0a
64fa72b95ae6ad2537f90ab24deab5e816a11e0439c6f40cc1a18983d46dace5
6bfc9d9a1fa25da10d7159a95eeee73469b5f3020683d6ac917948772cc66ee2
6dc114fbe8a95a9f59171eb4f913649a15a77b711a8cbde9adb8fb73f6be9eef
6df9fb02b462543b11a21d2939dd37222392831d7fd3cb398d8ac116f2df6843
71eda1dba82909d574153cd9f4e2759d44d342b983aa96295f9dff5cc1e64d42
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
792318d91d50f2a952e08ec9ad3a4c081d969d62730ef9d4a567da45c8ad635d
7aab8f0d63bf380b67d4fd972c0e3ea53ba02462056912f27388e082cb5f2bef
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
982f10cd6535f16deabef36a91cdce0dc1121a77c057a6d3e5cd9258522fab38
9baa1968257a1342d05f73d3e35fc21f2325e7db66836e51a651a235106d5a07
9bb80cc7bb0d15aec617460c7996cb49a3bc5f55f6d134b7ee7f9e98e610a222
9bf88a680b7a43d564cf555c835d6927d538b6ac6defa01f044998125efa0138
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
ac921a313a32402b78c1ae7220cec8056bd0acc57649e833a713c86a397b1dd6
addb69b64d9512e903c8179e827d6b23167b4509ce60a795f3b27de8880ac0b6
b92e4355451d716877b01297604c6919a6d9f10db65388bdcd2d38afe1f504fb
bd7e05751a03c3c81bf4f38808d12af294f672494f6b9d7641aaf0dfbb5fb012
cffbef030ed2201ad0146cbaf37eee2cf4f59116c719f65035e37a1180a8d8c3
d1848e3f96acb0e7ab9cafc467bf9bc1ba121a4e728d342342fd09ced1adee7e
d46c3b3741c473ea7d53aad05466c065b2dfc00e850033627c2469678d9ceee6
d507a34e6a2bb6eb6bbca970db8487cf37a316a60d220a1a0b3769fcb07d3b38
d5af1531a714cd2365232bbfecbc76404013a6f55467b91174767bf64eae7862
d971e32509a7272bbed1dd2633150eb2409fba943d49af924a6f2cd1593a1c02
ddedccab7a4db6b1d719438f78cde453217e79d2cda1422e975e06320f22fb3b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
df5af8172352905632679cb7a8fc014a5f786460dbefcf9fa92c15c8ddc5abed
df8b36073153eb9106270375221f669786bceb6337bb965fef27bb53e9f2e6f4
dfde9700fc213631abdbc40ab93a1c294c21dcc29ac2f58186f7642a87157c98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85dca701e336910d28be8bae34a818909059c78111127aa788669cc31cf0f3f
eb293906c4f56bd359b399f1e5e3747921109b8f03e230ceecc62bf4604bb5d3
eeb38d5c4aef7824e47b708b110917371ec9691945d727a2e5660be58cce5432
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9684910ff5754e97d0f019b1e31b35be464c5e4b7d6e5b4aedb02c7cf6554a0
fbc87b9aaf9a2614aa1812088b5c623d4e6ff79990cd88b02f51ed9e3fa16f92
fc277e588574746bc72fa64469b53745795e227d7cd0b3b74ff1493cf4696492