urlscan.io logo urlscan.io
SecurityTrails logo

jeuconcours-netatmo.fr Open in urlscan Pro
79.137.123.127  Public Scan

Go To Rescan Add Verdict Report
URL: https://jeuconcours-netatmo.fr/
Submission: On June 09 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 79.137.123.127, located in France and belongs to OVH, FR. The main domain is jeuconcours-netatmo.fr.
TLS certificate: Issued by R3 on June 6th 2024. Valid for: 3 months.
This is the only time jeuconcours-netatmo.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 79.137.123.127 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 51.159.113.7 12876 (Online SAS)
1 13.224.194.81 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 51.158.59.67 12876 (Online SAS)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
20 8
6    79.137.123.127 (France)

ASN16276 (OVH, FR)
PTR: ip127.ip-79-137-123.eu
jeuconcours-netatmo.fr
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    51.159.113.7 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-159-113-7.lb.fr-par.scw.cloud
events.sk.ht
1    13.224.194.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-81.fra2.r.cloudfront.net
d1h8fl8on3a554.cloudfront.net
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    51.158.59.67 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: sk.ht
sk.ht
tag.avent-media.fr
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.netatmo.com
Apex Domain
Subdomains		 Transfer
6 jeuconcours-netatmo.fr
jeuconcours-netatmo.fr
3 MB
5 gstatic.com
fonts.gstatic.com
126 KB
3 sk.ht
events.sk.ht — Cisco Umbrella Rank: 748959
sk.ht — Cisco Umbrella Rank: 452666
22 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
5 KB
1 netatmo.com
www.netatmo.com
3 KB
1 avent-media.fr
tag.avent-media.fr
611 B
1 cloudfront.net
d1h8fl8on3a554.cloudfront.net
9 MB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 824
30 KB
20 8
Domain Requested by
6 jeuconcours-netatmo.fr jeuconcours-netatmo.fr
5 fonts.gstatic.com fonts.googleapis.com
2 sk.ht events.sk.ht
jeuconcours-netatmo.fr
2 fonts.googleapis.com jeuconcours-netatmo.fr
1 www.netatmo.com
1 tag.avent-media.fr jeuconcours-netatmo.fr
1 d1h8fl8on3a554.cloudfront.net jeuconcours-netatmo.fr
1 events.sk.ht jeuconcours-netatmo.fr
1 code.jquery.com jeuconcours-netatmo.fr
20 9

This site contains links to these domains. Also see Links.

Domain
legals.netatmo.com
avtm-l.fr
www.avent-media.fr
Subject Issuer Validity Valid
jeuconcours-netatmo.fr
R3		 2024-06-06 -
2024-09-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
events.sk.ht
R3		 2024-04-14 -
2024-07-13		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
sk.ht
R3		 2024-04-12 -
2024-07-11		 3 months crt.sh
tag.avent-media.fr
R3		 2024-05-02 -
2024-07-31		 3 months crt.sh
www.netatmo.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-03-22 -
2024-09-22		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://jeuconcours-netatmo.fr/
Frame ID: 213E1B62399F5571A8A5AB45371FEDE9
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Netatmo

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

12465 kB
Transfer

15907 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jeuconcours-netatmo.fr/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
bac4428f5871c5ab04e7ce19dbea26c6e17910b0321cc26e8770aae8fef6238d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
3599
content-type
text/html; charset=UTF-8
date
Sun, 09 Jun 2024 09:24:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
app.css
jeuconcours-netatmo.fr/assets/css/ 		48 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jeuconcours-netatmo.fr/assets/css/app.css
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
0ee0846377664c566552e2d303d3fa240fdc1ca25c851c5e20a8608223f04527
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
last-modified
Fri, 07 Jun 2024 08:14:37 GMT
server
nginx
etag
W/"6662c16d-bea7"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
631a2253c93d9db42e74c350607229a629b1878c702051b253e1174b889ee3c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Jun 2024 09:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 08:53:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jun 2024 09:24:20 GMT
css2
fonts.googleapis.com/ 		42 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2b8faad9282bf2eddc31b8760793f415f1ce9678cacafc2cf3f0e900409c9db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Jun 2024 09:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 09:24:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jun 2024 09:24:20 GMT
brand.png
jeuconcours-netatmo.fr/assets/static/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeuconcours-netatmo.fr/assets/static/brand.png
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
124064f358b25e46b2b4ca5361fc579d7e745a0ce88c15fce0e5185f263dcd99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:24:20 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
last-modified
Fri, 07 Jun 2024 08:14:37 GMT
server
nginx
etag
"6662c16d-1d76"
content-type
image/png
accept-ranges
bytes
content-length
7542
x-xss-protection
1; mode=block
logo-avent.png
jeuconcours-netatmo.fr/assets/static/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeuconcours-netatmo.fr/assets/static/logo-avent.png
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
6f5ef9857a74d5127fb777f0f68890c6af8eb05e7e3fa8f2cce25aaf8ef85671
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:24:20 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
last-modified
Fri, 07 Jun 2024 08:14:37 GMT
server
nginx
etag
"6662c16d-2103"
content-type
image/png
accept-ranges
bytes
content-length
8451
x-xss-protection
1; mode=block
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Origin
https://jeuconcours-netatmo.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:24:21 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
9843558
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-lcy-eglc8600080-LCY
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1717925061.031483,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
13, 109866
app.js
jeuconcours-netatmo.fr/assets/js/ 		4 MB
715 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeuconcours-netatmo.fr/assets/js/app.js
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
33c3272819f6a369e400da62b565367ba0e1a1420e8486d256f102b52efdb325
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
last-modified
Fri, 07 Jun 2024 08:14:37 GMT
server
nginx
etag
W/"6662c16d-3ed04f"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
lib.js
events.sk.ht/avent/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.sk.ht/avent/lib.js
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.159.113.7 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-159-113-7.lb.fr-par.scw.cloud
Software
nginx/1.18.0 /
Resource Hash
66b91349f8cbad640e32aa8c1ab3660f80b069d0c3232fb4715a72a6e434d965

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:24:21 GMT
last-modified
Wed, 26 Feb 2020 10:18:19 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"5e5645eb-533f"
content-length
21311
content-type
application/javascript
netatmo.mp4
d1h8fl8on3a554.cloudfront.net/netatmo/videos/ 		9 MB
9 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://d1h8fl8on3a554.cloudfront.net/netatmo/videos/netatmo.mp4
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-81.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
1035be78943a03c9541f7a168e04a2de3e434d89c13bbe63faf616835f23c561

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://jeuconcours-netatmo.fr/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 12:10:50 GMT
via
1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
162811
x-cache
Hit from cloudfront
Content-Range
bytes 0-9690773/9690774
Content-Length
9690774
with-dyn
(null)
last-modified
Wed, 29 May 2024 15:13:52 GMT
server
Apache
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
_H_PaZLqs12c5G7eDKId8PAvBYfy0NU0zECsoXiKBZYK8nRzpzSMTA==
background-screen2.jpg
jeuconcours-netatmo.fr/assets/static/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeuconcours-netatmo.fr/assets/static/background-screen2.jpg
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/assets/css/app.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
9d635ba794ff048673a1a21dcba500d14e7ba358d19a3549dffb5746fad46ce2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/assets/css/app.css
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:24:21 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
last-modified
Fri, 07 Jun 2024 08:14:37 GMT
server
nginx
etag
"6662c16d-202c1a"
content-type
image/jpeg
accept-ranges
bytes
content-length
2108442
x-xss-protection
1; mode=block
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://jeuconcours-netatmo.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 03:59:33 GMT
x-content-type-options
nosniff
age
192288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 03:59:33 GMT
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://jeuconcours-netatmo.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 12:53:21 GMT
x-content-type-options
nosniff
age
419460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19440
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:08:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 12:53:21 GMT
zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea7f53d0f3c0177b20a3604c7263e406013ea8def4fa82f7a09361a8ac6845c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://jeuconcours-netatmo.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 06:26:27 GMT
x-content-type-options
nosniff
age
183474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20716
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:58:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 06:26:27 GMT
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://jeuconcours-netatmo.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:20:27 GMT
x-content-type-options
nosniff
age
414234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20064
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:58:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:20:27 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://jeuconcours-netatmo.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 00:46:42 GMT
x-content-type-options
nosniff
age
203859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19156
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:04:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 00:46:42 GMT
/
sk.ht/aventmedia/ 		37 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sk.ht/aventmedia/
Requested by
Host: events.sk.ht
URL: https://events.sk.ht/avent/lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.158.59.67 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
sk.ht
Software
nginx/1.20.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 09:24:22 GMT
last-modified
Sun, 09 Jun 2024 09:24:22 GMT
server
nginx/1.20.2
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://jeuconcours-netatmo.fr
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,f-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sk.ht/ck/ 		37 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sk.ht/ck/?c=655C84DB-1F55-9212-B8A2-0307D12394D3&r=1717925062052
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.158.59.67 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
sk.ht
Software
nginx/1.24.0 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 09:24:22 GMT
last-modified
Sun, 09 Jun 2024 09:24:22 GMT
server
nginx/1.24.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
tag.avent-media.fr/ck/ 		37 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.avent-media.fr/ck/?c=655C84DB-1F55-9212-B8A2-0307D12394D3&r=1717925062053
Requested by
Host: jeuconcours-netatmo.fr
URL: https://jeuconcours-netatmo.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.158.59.67 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
sk.ht
Software
nginx/1.24.0 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 09:24:22 GMT
last-modified
Sun, 09 Jun 2024 09:24:22 GMT
server
nginx/1.24.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 01 Jan 1970 00:00:00 GMT
icon_64x64.a06a58.png
www.netatmo.com/_nuxt/icons/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.netatmo.com/_nuxt/icons/icon_64x64.a06a58.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
02ad7e58fb167172c4b9e502bd1e9756a17a1b93d227f167bf3ab688b8ca2cdd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jeuconcours-netatmo.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:24:23 GMT
last-modified
Tue, 04 Jun 2024 09:45:56 GMT
etag
"0x8DC847B21AC2CB1"
x-azure-ref
20240609T092423Z-158d857b956c47sv09huxqep8400000003z000000000b58y
x-cache
TCP_HIT
content-type
image/png
x-ms-request-id
88360389-401e-0050-6cab-b79073000000
cache-control
public, max-age=31536000
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
66416877
accept-ranges
bytes
content-length
3136

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| gsapVersions object| avmd number| iterator string| url

1 Cookies

Domain/Path Name / Value
jeuconcours-netatmo.fr/ Name: ci_session
Value: 7f89aac11af1cd18d81fc4ab2a58695f8fa5c96b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
d1h8fl8on3a554.cloudfront.net
events.sk.ht
fonts.googleapis.com
fonts.gstatic.com
jeuconcours-netatmo.fr
sk.ht
tag.avent-media.fr
www.netatmo.com
13.224.194.81
2620:1ec:bdf::45
2a00:1450:4001:803::200a
2a00:1450:4001:831::2003
2a04:4e42:400::649
51.158.59.67
51.159.113.7
79.137.123.127
02ad7e58fb167172c4b9e502bd1e9756a17a1b93d227f167bf3ab688b8ca2cdd
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ee0846377664c566552e2d303d3fa240fdc1ca25c851c5e20a8608223f04527
1035be78943a03c9541f7a168e04a2de3e434d89c13bbe63faf616835f23c561
124064f358b25e46b2b4ca5361fc579d7e745a0ce88c15fce0e5185f263dcd99
33c3272819f6a369e400da62b565367ba0e1a1420e8486d256f102b52efdb325
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
631a2253c93d9db42e74c350607229a629b1878c702051b253e1174b889ee3c2
66b91349f8cbad640e32aa8c1ab3660f80b069d0c3232fb4715a72a6e434d965
6f5ef9857a74d5127fb777f0f68890c6af8eb05e7e3fa8f2cce25aaf8ef85671
9d635ba794ff048673a1a21dcba500d14e7ba358d19a3549dffb5746fad46ce2
bac4428f5871c5ab04e7ce19dbea26c6e17910b0321cc26e8770aae8fef6238d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d2b8faad9282bf2eddc31b8760793f415f1ce9678cacafc2cf3f0e900409c9db
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
ea7f53d0f3c0177b20a3604c7263e406013ea8def4fa82f7a09361a8ac6845c2
fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678