Submitted URL: http://a589-jf.eu/66/?c=AXL4VO
Effective URL: https://jeu-concours-eni-2020.fr/?source=AZU
Submission: On June 05 via manual from FR

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 22 HTTP transactions. The main IP is 79.137.123.127, located in France and belongs to OVH, FR. The main domain is jeu-concours-eni-2020.fr.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 17th 2020. Valid for: 3 months.
This is the only time jeu-concours-eni-2020.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
7 jeu-concours-eni-2020.fr clk.tradedoubler.com
jeu-concours-eni-2020.fr
4 d1h8fl8on3a554.cloudfront.net jeu-concours-eni-2020.fr
3 sk.ht 1 redirects events.sk.ht
jeu-concours-eni-2020.fr
2 www.google-analytics.com www.googletagmanager.com
jeu-concours-eni-2020.fr
2 clk.tradedoubler.com 1 redirects
1 tag.avent-media.fr jeu-concours-eni-2020.fr
1 events.sk.ht jeu-concours-eni-2020.fr
1 avent-media.fr jeu-concours-eni-2020.fr
1 www.googletagmanager.com jeu-concours-eni-2020.fr
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 slink.fr 1 redirects
1 1-sms.eu 1 redirects
1 a589-jf.eu 1 redirects
22 14

This site contains links to these domains. Also see Links.

Domain
fr.eni.com
www.avent-media.fr
Subject Issuer Validity Valid
*.tradedoubler.com
GlobalSign Domain Validation CA - SHA256 - G2
2018-12-10 -
2021-01-27
2 years crt.sh
jeu-concours-eni-2020.fr
Let's Encrypt Authority X3
2020-04-17 -
2020-07-16
3 months crt.sh
analytics.tradedoubler.com
COMODO RSA Domain Validation Secure Server CA
2018-02-02 -
2021-02-01
3 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
*.avent-media.fr
Let's Encrypt Authority X3
2020-06-01 -
2020-08-30
3 months crt.sh
events.sk.ht
Let's Encrypt Authority X3
2020-05-10 -
2020-08-08
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
sk.ht
Let's Encrypt Authority X3
2020-03-25 -
2020-06-23
3 months crt.sh
tag.avent-media.fr
Let's Encrypt Authority X3
2020-03-25 -
2020-06-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://jeu-concours-eni-2020.fr/?source=AZU
Frame ID: B824486227B91E26D5248813140DA868
Requests: 22 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://a589-jf.eu/66/?c=AXL4VO HTTP 302
    http://1-sms.eu/80/ HTTP 302
    https://slink.fr/5ecfd28d81a2e?s=AZU HTTP 302
    https://sk.ht/aventmedia/click/?creativeIdentifier=727_RECRUTEMENT&redirect=https://clk.tr... HTTP 302
    https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU Page URL
  2. https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU HTTP 302
    https://jeu-concours-eni-2020.fr/?source=AZU Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

22
Requests

100 %
HTTPS

17 %
IPv6

10
Domains

14
Subdomains

10
IPs

3
Countries

5675 kB
Transfer

5750 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://a589-jf.eu/66/?c=AXL4VO HTTP 302
    http://1-sms.eu/80/ HTTP 302
    https://slink.fr/5ecfd28d81a2e?s=AZU HTTP 302
    https://sk.ht/aventmedia/click/?creativeIdentifier=727_RECRUTEMENT&redirect=https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU HTTP 302
    https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU Page URL
  2. https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU HTTP 302
    https://jeu-concours-eni-2020.fr/?source=AZU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://a589-jf.eu/66/?c=AXL4VO HTTP 302
  • http://1-sms.eu/80/ HTTP 302
  • https://slink.fr/5ecfd28d81a2e?s=AZU HTTP 302
  • https://sk.ht/aventmedia/click/?creativeIdentifier=727_RECRUTEMENT&redirect=https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU HTTP 302
  • https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
click
clk.tradedoubler.com/
Redirect Chain
  • http://a589-jf.eu/66/?c=AXL4VO
  • http://1-sms.eu/80/
  • https://slink.fr/5ecfd28d81a2e?s=AZU
  • https://sk.ht/aventmedia/click/?creativeIdentifier=727_RECRUTEMENT&redirect=https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU
  • https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU
840 B
1 KB
Document
General
Full URL
https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
120.109.95.34.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
52d356522c5f3a2d1a3f9b36767b293791c6c08c5e2f78dd50053d08f6e5e084

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=305203&a=2778165&g=24755202&epi=AZU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Fri, 05 Jun 2020 14:18:07 GMT
content-length
840
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx/1.14.2
Date
Fri, 05 Jun 2020 14:18:08 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers
Content-Length,Content-Range
prefs.js
vht.tradedoubler.com/fp/
9 KB
4 KB
Script
General
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-27.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 May 2020 14:53:24 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Age
516284
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
aCgH6j5wqs6pQmabMepKlj-sEbRSUek2IyHa8LAU3Pj22POID0zZoQ==
Expires
Sat, 06 Jun 2020 14:53:23 GMT
Primary Request /
jeu-concours-eni-2020.fr/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU
  • https://jeu-concours-eni-2020.fr/?source=AZU
7 KB
3 KB
Document
General
Full URL
https://jeu-concours-eni-2020.fr/?source=AZU
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=305203&a=2778165&g=24755202&epi=AZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
28699d090ffb27657e3ff98dd28799d734b6bba9eab0f2b24ce7dc38c8da8618
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
jeu-concours-eni-2020.fr
:scheme
https
:path
/?source=AZU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://clk.tradedoubler.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://clk.tradedoubler.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://clk.tradedoubler.com/

Response headers

status
200
server
nginx
date
Fri, 05 Jun 2020 14:18:09 GMT
content-type
text/html; charset=UTF-8
content-length
2823
set-cookie
ci_session=ddb0f1b6e0131b071d99a0c736a095087e698672; expires=Fri, 05-Jun-2020 16:18:08 GMT; Max-Age=7200; path=/; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-content-type-options
nosniff
strict-transport-security
max-age=63072000

Redirect headers

status
302
location
https://jeu-concours-eni-2020.fr/?source=AZU
set-cookie
EH_0=1z11z1ziSz23WM3Dz1OkhyYGUcMOtyCZed2Zp_lpOqb1i%79Xw%79Z%7aJPf3A_dN%7aTgl6iEhS1bAhpW4jclwLZoR3sFQZsUs%79qG7X;expires=Sat, 05-Jun-2021 14:18:08 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure GUID=1z11zziSz1hWrGqz9352e433288a9f5dea45c617d8ffdfe8;expires=Sat, 05-Jun-2021 14:18:08 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure TradeDoublerGUID=9352e433288a9f5dea45c617d8ffdfe8;expires=Sat, 05-Jun-2021 14:18:08 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Fri, 05 Jun 2020 14:18:08 GMT
content-length
249
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
/
analytics.tradedoubler.com/
0
241 B
Other
General
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 05 Jun 2020 14:18:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
app.css
jeu-concours-eni-2020.fr/stylesheets/
17 KB
17 KB
Stylesheet
General
Full URL
https://jeu-concours-eni-2020.fr/stylesheets/app.css?v=1.6
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
e9298db7beebc1af223e1583ed2f5e0135ddf0f698bf7808cf6b76367108cbf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeu-concours-eni-2020.fr/?source=AZU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 14:18:09 GMT
referrer-policy
same-origin
last-modified
Fri, 05 Jun 2020 10:20:13 GMT
server
nginx
etag
"5eda1c5d-42a3"
strict-transport-security
max-age=63072000
content-type
text/css
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
17059
x-content-type-options
nosniff
js
www.googletagmanager.com/gtag/
83 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-155607502-13
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d23d7e1f8749715c79c6b70dc3f77dae26cb46aa66f327bd7cd74dbf73982c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 14:18:09 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33182
x-xss-protection
0
last-modified
Fri, 05 Jun 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jun 2020 14:18:09 GMT
eni-logo2.png
jeu-concours-eni-2020.fr/images/
40 KB
41 KB
Image
General
Full URL
https://jeu-concours-eni-2020.fr/images/eni-logo2.png
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
7af387d58dd946d0765fdfbf88c8971d58dd52cb8385eebcd9fc28006233883f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeu-concours-eni-2020.fr/?source=AZU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 14:18:09 GMT
referrer-policy
same-origin
last-modified
Fri, 05 Jun 2020 10:20:13 GMT
server
nginx
etag
"5eda1c5d-a136"
strict-transport-security
max-age=63072000
content-type
image/png
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
41270
x-content-type-options
nosniff
screen.png
jeu-concours-eni-2020.fr/images/
14 KB
14 KB
Image
General
Full URL
https://jeu-concours-eni-2020.fr/images/screen.png
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
9d198dfe84b1869f988781fc6d3ecf8baefa0f94d952404862e0000439a0e171
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeu-concours-eni-2020.fr/?source=AZU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 14:18:09 GMT
referrer-policy
same-origin
last-modified
Fri, 05 Jun 2020 10:20:13 GMT
server
nginx
etag
"5eda1c5d-365a"
strict-transport-security
max-age=63072000
content-type
image/png
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
13914
x-content-type-options
nosniff
screen-gif.gif
jeu-concours-eni-2020.fr/images/
5 MB
5 MB
Image
General
Full URL
https://jeu-concours-eni-2020.fr/images/screen-gif.gif
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
33907be295fc4aca8d566f77798182468b807d8773b0028b1dd676057355ba8f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeu-concours-eni-2020.fr/?source=AZU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 14:18:09 GMT
referrer-policy
same-origin
last-modified
Fri, 05 Jun 2020 10:20:13 GMT
server
nginx
etag
"5eda1c5d-48f890"
strict-transport-security
max-age=63072000
content-type
image/gif
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
4782224
x-content-type-options
nosniff
logo-menu.svg
avent-media.fr/wp-content/themes/aventmedia/images/logos/
5 KB
5 KB
Image
General
Full URL
https://avent-media.fr/wp-content/themes/aventmedia/images/logos/logo-menu.svg
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.32.59.103 , France, ASN16276 (OVH, FR),
Reverse DNS
ip103.ip-213-32-59.eu
Software
nginx /
Resource Hash
462dc40671473d2a23a67670fc18156fc1cd842140bb10c89142a5cae2171ea5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 14:18:09 GMT
last-modified
Thu, 14 Nov 2019 18:06:17 GMT
server
nginx
etag
"5dcd9799-1439"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
status
200
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
5177
app.js
jeu-concours-eni-2020.fr/javascripts/
182 KB
183 KB
Script
General
Full URL
https://jeu-concours-eni-2020.fr/javascripts/app.js?v=1.5
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
a3f8d81276629c361bb966ba8a0096ced2250d00e97ea46b75f23a1394b451bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeu-concours-eni-2020.fr/?source=AZU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 14:18:09 GMT
referrer-policy
same-origin
last-modified
Fri, 05 Jun 2020 10:20:13 GMT
server
nginx
etag
"5eda1c5d-2d872"
strict-transport-security
max-age=63072000
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
186482
x-content-type-options
nosniff
lib.js
events.sk.ht/avent/
21 KB
21 KB
Script
General
Full URL
https://events.sk.ht/avent/lib.js
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.158.22.151 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
cdn.sk.ht
Software
nginx/1.14.2 /
Resource Hash
66b91349f8cbad640e32aa8c1ab3660f80b069d0c3232fb4715a72a6e434d965

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 14:18:09 GMT
Last-Modified
Wed, 26 Feb 2020 10:18:19 GMT
Server
nginx/1.14.2
ETag
"5e5645eb-533f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21311
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155607502-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
4910
date
Fri, 05 Jun 2020 12:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 05 Jun 2020 14:56:19 GMT
eni-bg.jpg
jeu-concours-eni-2020.fr/images/
468 KB
468 KB
Image
General
Full URL
https://jeu-concours-eni-2020.fr/images/eni-bg.jpg
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
28a71fa512ccaaa5d2d4272fc9fc442f8a92c8ad5ff74a414690c9807a7fd029
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jeu-concours-eni-2020.fr/stylesheets/app.css?v=1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 14:18:09 GMT
referrer-policy
same-origin
last-modified
Fri, 05 Jun 2020 10:20:13 GMT
server
nginx
etag
"5eda1c5d-74ecd"
strict-transport-security
max-age=63072000
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
478925
x-content-type-options
nosniff
Sarabun-Regular-dyn.2.woff
d1h8fl8on3a554.cloudfront.net/fonts/Sarabun/
47 KB
48 KB
Font
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Sarabun/Sarabun-Regular-dyn.2.woff
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.186.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-214.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
2d26bbaadb184ecc519244a5190c2db0ac59a824fc0181f81b31dc4b4cfec654

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://jeu-concours-eni-2020.fr

Response headers

Date
Tue, 12 May 2020 09:48:26 GMT
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Age
2089782
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
48148
With-Dyn
2
Last-Modified
Tue, 03 Mar 2020 16:09:21 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
tLaB0NKeLoL1OpJNVMINTg5M4sA6m3a3E8rzotoqTLy3EcwQzWbUWg==
Sarabun-Bold-dyn.2.woff
d1h8fl8on3a554.cloudfront.net/fonts/Sarabun/
47 KB
48 KB
Font
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Sarabun/Sarabun-Bold-dyn.2.woff
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.186.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-214.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
62847b037fbefc7b1ab3b94d3e521197112579343d439208b287acf72252fa84

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://jeu-concours-eni-2020.fr

Response headers

Date
Tue, 12 May 2020 09:48:26 GMT
Via
1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
Age
2089782
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
48160
With-Dyn
2
Last-Modified
Tue, 03 Mar 2020 16:09:21 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
9zsxOKjXkZ_EsWPAMgtq_QjnvhMnSfOB_6UTa4Dga8DLVdhtU03azw==
Sarabun-Medium-dyn.2.woff
d1h8fl8on3a554.cloudfront.net/fonts/Sarabun/
47 KB
48 KB
Font
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Sarabun/Sarabun-Medium-dyn.2.woff
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.186.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-214.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
d0cf7bbe2cbdf4ac12d74fee26e8ffbe7cb329d9e736b13fed4ba28c6bd17318

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://jeu-concours-eni-2020.fr

Response headers

Date
Tue, 12 May 2020 09:48:26 GMT
Via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
Age
2089782
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
48496
With-Dyn
2
Last-Modified
Tue, 03 Mar 2020 16:09:20 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
eCa1-zYFjuJrf6t1y5cOpfJVaU3hmieXdjnrLfs6fcTCLCJkqYjnjA==
Sarabun-Light-dyn.2.woff
d1h8fl8on3a554.cloudfront.net/fonts/Sarabun/
48 KB
48 KB
Font
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Sarabun/Sarabun-Light-dyn.2.woff
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.186.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-214.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
1606b9ee654c8d654f5e76852ac661580607211e2c5a109c10dcd8f5cfe89c2e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://jeu-concours-eni-2020.fr

Response headers

Date
Tue, 19 May 2020 08:40:34 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Age
1489054
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
48708
With-Dyn
2
Last-Modified
Tue, 03 Mar 2020 16:09:21 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
9s0BYOvJ8DVnN7Fwcxqn1k_Wnh9yETRqO1it4RH_tjBOkDzjGorBpw==
collect
www.google-analytics.com/r/
35 B
98 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1099681660&t=pageview&_s=1&dl=https%3A%2F%2Fjeu-concours-eni-2020.fr%2F%3Fsource%3DAZU&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&ul=en-us&de=UTF-8&dt=ENI%20-%20Jeu%20concours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=342412418&gjid=692415737&cid=1642860863.1591366689&tid=UA-155607502-13&_gid=503714023.1591366689&_r=1&gtm=2ou5r0&z=28464349
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jun 2020 14:18:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sk.ht/aventmedia/
37 B
689 B
XHR
General
Full URL
https://sk.ht/aventmedia/
Requested by
Host: events.sk.ht
URL: https://events.sk.ht/avent/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.94.172 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-94-172.rev.poneytelecom.eu
Software
nginx/1.14.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 05 Jun 2020 14:18:09 GMT
Last-Modified
Fri, 05 Jun 2020 14:18:09 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://jeu-concours-eni-2020.fr
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sk.ht/ck/
37 B
762 B
Image
General
Full URL
https://sk.ht/ck/?c=9CDABB40-4A97-2B01-FF81-D02791EB9914&r=1591366689454
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.94.172 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-94-172.rev.poneytelecom.eu
Software
nginx/1.14.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jun 2020 14:18:09 GMT
Last-Modified
Fri, 05 Jun 2020 14:18:09 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
tag.avent-media.fr/ck/
37 B
771 B
Image
General
Full URL
https://tag.avent-media.fr/ck/?c=9CDABB40-4A97-2B01-FF81-D02791EB9914&r=1591366689454
Requested by
Host: jeu-concours-eni-2020.fr
URL: https://jeu-concours-eni-2020.fr/?source=AZU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.94.172 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-94-172.rev.poneytelecom.eu
Software
nginx/1.14.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jun 2020 14:18:09 GMT
Last-Modified
Fri, 05 Jun 2020 14:18:09 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| gsapVersions function| $ object| avmd number| iterator string| url

4 Cookies

Domain/Path Name / Value
.jeu-concours-eni-2020.fr/ Name: _ga
Value: GA1.2.1642860863.1591366689
.jeu-concours-eni-2020.fr/ Name: _gat_gtag_UA_155607502_13
Value: 1
.jeu-concours-eni-2020.fr/ Name: _gid
Value: GA1.2.503714023.1591366689
jeu-concours-eni-2020.fr/ Name: ci_session
Value: ddb0f1b6e0131b071d99a0c736a095087e698672

1 Console Messages

Source Level URL
Text
console-api log URL: https://jeu-concours-eni-2020.fr/javascripts/app.js?v=1.5(Line 33)
Message:
app.js has loaded!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1-sms.eu
a589-jf.eu
analytics.tradedoubler.com
avent-media.fr
clk.tradedoubler.com
d1h8fl8on3a554.cloudfront.net
events.sk.ht
jeu-concours-eni-2020.fr
sk.ht
slink.fr
tag.avent-media.fr
vht.tradedoubler.com
www.google-analytics.com
www.googletagmanager.com
109.234.164.111
13.224.186.214
13.224.196.27
188.165.150.178
195.154.94.172
213.186.33.40
213.32.59.103
2a00:1450:4001:81b::2008
2a00:1450:4001:81b::200e
34.95.109.120
51.158.22.151
79.137.123.127
1606b9ee654c8d654f5e76852ac661580607211e2c5a109c10dcd8f5cfe89c2e
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
28699d090ffb27657e3ff98dd28799d734b6bba9eab0f2b24ce7dc38c8da8618
28a71fa512ccaaa5d2d4272fc9fc442f8a92c8ad5ff74a414690c9807a7fd029
2d26bbaadb184ecc519244a5190c2db0ac59a824fc0181f81b31dc4b4cfec654
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
33907be295fc4aca8d566f77798182468b807d8773b0028b1dd676057355ba8f
462dc40671473d2a23a67670fc18156fc1cd842140bb10c89142a5cae2171ea5
52d356522c5f3a2d1a3f9b36767b293791c6c08c5e2f78dd50053d08f6e5e084
62847b037fbefc7b1ab3b94d3e521197112579343d439208b287acf72252fa84
66b91349f8cbad640e32aa8c1ab3660f80b069d0c3232fb4715a72a6e434d965
7af387d58dd946d0765fdfbf88c8971d58dd52cb8385eebcd9fc28006233883f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9d198dfe84b1869f988781fc6d3ecf8baefa0f94d952404862e0000439a0e171
a3f8d81276629c361bb966ba8a0096ced2250d00e97ea46b75f23a1394b451bf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d0cf7bbe2cbdf4ac12d74fee26e8ffbe7cb329d9e736b13fed4ba28c6bd17318
d23d7e1f8749715c79c6b70dc3f77dae26cb46aa66f327bd7cd74dbf73982c98
e9298db7beebc1af223e1583ed2f5e0135ddf0f698bf7808cf6b76367108cbf4