urlscan.io logo urlscan.io
SecurityTrails logo

espace-client.nonprod.ovoenergy.fr Open in urlscan Pro
143.204.2.59  Public Scan

Go To Rescan Add Verdict Report
URL: https://espace-client.nonprod.ovoenergy.fr/
Submission: On March 07 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 143.204.2.59, located in United States and belongs to AMAZON-02, US. The main domain is espace-client.nonprod.ovoenergy.fr.
TLS certificate: Issued by Amazon on April 6th 2021. Valid for: a year.
This is the only time espace-client.nonprod.ovoenergy.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 143.204.2.59 16509 (AMAZON-02)
9 104.20.185.68 13335 (CLOUDFLAR...)
1 142.250.184.202 15169 (GOOGLE)
1 143.204.98.93 16509 (AMAZON-02)
1 52.48.18.21 16509 (AMAZON-02)
1 143.204.98.45 16509 (AMAZON-02)
1 143.204.98.69 16509 (AMAZON-02)
1 34.255.23.179 16509 (AMAZON-02)
19 8
4    143.204.2.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-2-59.mxp64.r.cloudfront.net
espace-client.nonprod.ovoenergy.fr
9    104.20.185.68 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
1    143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net
static.hotjar.com
1    52.48.18.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-18-21.eu-west-1.compute.amazonaws.com
w.usabilla.com
1    143.204.98.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net
script.hotjar.com
1    143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net
vars.hotjar.com
1    34.255.23.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-23-179.eu-west-1.compute.amazonaws.com
in.hotjar.com
Apex Domain
Subdomains		 Transfer
9 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 6361
geolocation.onetrust.com — Cisco Umbrella Rank: 727
128 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 573
script.hotjar.com — Cisco Umbrella Rank: 719
vars.hotjar.com — Cisco Umbrella Rank: 874
in.hotjar.com — Cisco Umbrella Rank: 1636
66 KB
4 ovoenergy.fr
espace-client.nonprod.ovoenergy.fr
11 KB
1 usabilla.com
w.usabilla.com — Cisco Umbrella Rank: 2579
11 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
19 5
Domain Requested by
8 cdn-ukwest.onetrust.com espace-client.nonprod.ovoenergy.fr
cdn-ukwest.onetrust.com
4 espace-client.nonprod.ovoenergy.fr espace-client.nonprod.ovoenergy.fr
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 geolocation.onetrust.com cdn-ukwest.onetrust.com
1 w.usabilla.com espace-client.nonprod.ovoenergy.fr
1 static.hotjar.com espace-client.nonprod.ovoenergy.fr
1 fonts.googleapis.com espace-client.nonprod.ovoenergy.fr
19 9

This site contains links to these domains. Also see Links.

Domain
ovoenergy.fr
www.onetrust.com
www.ovoenergy.fr
Subject Issuer Validity Valid
espace-client.nonprod.ovoenergy.fr
Amazon		 2021-04-06 -
2022-05-05		 a year crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2020-05-21 -
2022-07-27		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
w.usabilla.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh

This page contains 3 frames:

Primary Page: https://espace-client.nonprod.ovoenergy.fr/
Frame ID: DDB0EBEBBD76292BC6D02F3B0DC06471
Requests: 17 HTTP requests in this frame

Frame: https://w.usabilla.com/c88eeec4877b.js?lv=1
Frame ID: A4C3FA8161BEFB3E3786FA6072D1D49F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 9AF0E8FCD854506762DA08075446AA57
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Espace Client - OVO EnergyBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

9
Subdomains

8
IPs

3
Countries

218 kB
Transfer

828 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
espace-client.nonprod.ovoenergy.fr/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://espace-client.nonprod.ovoenergy.fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.2.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-2-59.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59585942dab5602534315f35c36f12ab8bbab63d83f15a6785b9e23a553a884f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Mon, 07 Mar 2022 05:23:32 GMT
Last-Modified
Thu, 03 Mar 2022 09:44:22 GMT
ETag
W/"2f800614529ed24fa751ae3bdf0b9b62"
Server
AmazonS3
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Via
1.1 c2015c52d38ccde0fdca03737208f710.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MXP64-C1
X-Amz-Cf-Id
mq8RLWKDZd9AzhGmTIbQKCBQMh635h7SkRyZELCqtzuw3E0TpLHPUA==
OtAutoBlock.js
cdn-ukwest.onetrust.com/consent/26ce3638-f011-4e9f-a083-05ea93ed0b4c-test/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/26ce3638-f011-4e9f-a083-05ea93ed0b4c-test/OtAutoBlock.js
Requested by
Host: espace-client.nonprod.ovoenergy.fr
URL: https://espace-client.nonprod.ovoenergy.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5deeeabc447baad7fbcb479b5ec6665495ac28196dba1e72381874ef99f20212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Mar 2022 05:23:31 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
content-md5
WDWk7S69sOAHyKSuQN+7RQ==
content-length
3111
x-ms-lease-status
unlocked
last-modified
Fri, 10 Dec 2021 13:00:52 GMT
server
cloudflare
etag
0x8D9BBDD18B157C4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2e2b5489-c01e-003b-77e3-3166c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e80e64c78213b5b-CDG
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: espace-client.nonprod.ovoenergy.fr
URL: https://espace-client.nonprod.ovoenergy.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Mar 2022 05:23:31 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
zadN1tnUFXNBOXe6vsJdDg==
age
11570
content-length
6456
x-ms-lease-status
unlocked
last-modified
Tue, 15 Feb 2022 21:00:48 GMT
server
cloudflare
etag
0x8D9F0C63E11C6E9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0977895a-801e-005a-0cb9-2d221a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e80e64c78223b5b-CDG
expires
Mon, 07 Mar 2022 09:23:31 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,600|Open+Sans:400,700&display=swap
Requested by
Host: espace-client.nonprod.ovoenergy.fr
URL: https://espace-client.nonprod.ovoenergy.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
cd6cc3a4a7ec2e60f583ef64e3dcbdf9e63f7ff2a8d1da0965769425fb1b700f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:23:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 05:23:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Mar 2022 05:23:31 GMT
main.be50a118.chunk.css
espace-client.nonprod.ovoenergy.fr/static/css/ 		5 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://espace-client.nonprod.ovoenergy.fr/static/css/main.be50a118.chunk.css
Requested by
Host: espace-client.nonprod.ovoenergy.fr
URL: https://espace-client.nonprod.ovoenergy.fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.2.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-2-59.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59585942dab5602534315f35c36f12ab8bbab63d83f15a6785b9e23a553a884f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 05:23:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Mar 2022 09:44:22 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MXP64-C1
ETag
W/"2f800614529ed24fa751ae3bdf0b9b62"
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Content-Type
text/html
Via
1.1 c2015c52d38ccde0fdca03737208f710.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
pNQtZ4tYXk2hTA49cuy3W1413p4f9ghVJqVhScO7Mow0qcclxTdvTA==
2.f4e86ccd.chunk.js
espace-client.nonprod.ovoenergy.fr/static/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://espace-client.nonprod.ovoenergy.fr/static/js/2.f4e86ccd.chunk.js
Requested by
Host: espace-client.nonprod.ovoenergy.fr
URL: https://espace-client.nonprod.ovoenergy.fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.2.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-2-59.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59585942dab5602534315f35c36f12ab8bbab63d83f15a6785b9e23a553a884f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 05:23:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Mar 2022 09:44:22 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MXP64-C1
ETag
W/"2f800614529ed24fa751ae3bdf0b9b62"
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Content-Type
text/html
Via
1.1 c2015c52d38ccde0fdca03737208f710.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
7ZqdMJ5C743bitpWlbY84dPJ2zAhXD4lfjy2Pd6tyy7x7pxUhqnGUg==
main.5357d8b3.chunk.js
espace-client.nonprod.ovoenergy.fr/static/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://espace-client.nonprod.ovoenergy.fr/static/js/main.5357d8b3.chunk.js
Requested by
Host: espace-client.nonprod.ovoenergy.fr
URL: https://espace-client.nonprod.ovoenergy.fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.2.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-2-59.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59585942dab5602534315f35c36f12ab8bbab63d83f15a6785b9e23a553a884f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 05:23:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Mar 2022 09:44:22 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MXP64-C1
ETag
W/"2f800614529ed24fa751ae3bdf0b9b62"
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Content-Type
text/html
Via
1.1 0f6f1904b6904f4881311d3f5570a9aa.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
Hg-30DygbO-wpDogbiapVpXaMeaowOrUAnsv9TQ_UmY8END4xlFj1w==
26ce3638-f011-4e9f-a083-05ea93ed0b4c-test.json
cdn-ukwest.onetrust.com/consent/26ce3638-f011-4e9f-a083-05ea93ed0b4c-test/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/26ce3638-f011-4e9f-a083-05ea93ed0b4c-test/26ce3638-f011-4e9f-a083-05ea93ed0b4c-test.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e800b8cc1874b53e00b69455063c3b573e881ab53a32eae140987d189d1a66b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
REVALIDATED
content-md5
iEiDG8+4EmgLawHT9iLICg==
content-length
1260
x-ms-lease-status
unlocked
last-modified
Fri, 10 Dec 2021 13:00:52 GMT
server
cloudflare
etag
0x8D9BBDD18B01F60
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e1c9e075-701e-0066-640b-2e96c1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e80e64d1929edfb-CDG
hotjar-2653350.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2653350.js?sv=6
Requested by
Host: espace-client.nonprod.ovoenergy.fr
URL: https://espace-client.nonprod.ovoenergy.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-93.fra50.r.cloudfront.net
Software
/
Resource Hash
632174e3fad7089a2cefabcdd1d5dbafa10600b949b87600857433dea109187c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/5c55542612ae467c9646f75f4ca1acd8
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
content-length
1898
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-id
s_mHzhdhwBply6OjY4peDIhM9CL-0SbXIRUJmBCXIhHj9F0BX-__Sg==
c88eeec4877b.js
w.usabilla.com/ Frame A4C3 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.usabilla.com/c88eeec4877b.js?lv=1
Requested by
Host: espace-client.nonprod.ovoenergy.fr
URL: https://espace-client.nonprod.ovoenergy.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.18.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-18-21.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a594ad1f984adff09c51fd792059888fab39472360f456c7dc020b2fbc6161e5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"893eeb54154ae037007bdf53ed8cf4f5"
content-type
text/javascript
cache-control
public,max-age=0
content-length
10837
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		179 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2c27ffc081c165020e3c4f748b823a05b4caf8e9e3c8a8b552091ce3cad2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://espace-client.nonprod.ovoenergy.fr/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e80e64d6963edfb-CDG
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.27.0/ 		321 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.27.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a384d1fc7d84b2fe1b1cb470193838a86a5c72d39268aed7825e2235285b5ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
8eaHtBigP1U3b42ruIgxsQ==
age
11554
content-length
78056
x-ms-lease-status
unlocked
last-modified
Tue, 23 Nov 2021 21:06:54 GMT
server
cloudflare
etag
0x8D9AEC52D76C64A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c5a01be8-101e-0054-1fb9-2dce11000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e80e64da94d3b5b-CDG
expires
Mon, 07 Mar 2022 09:23:32 GMT
modules.f5f76c095cd0aa128146.js
script.hotjar.com/ 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.f5f76c095cd0aa128146.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2653350.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-45.fra50.r.cloudfront.net
Software
/
Resource Hash
56cc974cdbc181ec3815a38c5bcdee5ca84d5dd905f3a3f9c54a27eca6ef4b97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:06:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
335846
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62860
access-control-allow-origin
*
last-modified
Thu, 03 Mar 2022 08:05:45 GMT
etag
"91a379c029db7dab1ba03895733f21a2"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
dPj34CC56XQatfL4C0s8zZgjM8gidYhHqwdu_bwpDqfVpmGgg5_gpg==
fr.json
cdn-ukwest.onetrust.com/consent/26ce3638-f011-4e9f-a083-05ea93ed0b4c-test/2b344643-92df-464f-afe5-df7d75f8fc75/ 		89 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/26ce3638-f011-4e9f-a083-05ea93ed0b4c-test/2b344643-92df-464f-afe5-df7d75f8fc75/fr.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.27.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d52988209df40340e636e351b5a5d27b13fe8ccdc3875a66c1367fd7d33ffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
content-md5
+dqJkOvnfbNb62XPXwOyRg==
content-length
21185
x-ms-lease-status
unlocked
last-modified
Fri, 10 Dec 2021 13:01:02 GMT
server
cloudflare
etag
0x8D9BBDD1EA3D229
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c6ef4ee1-c01e-0030-58e3-317eb1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e80e64e09cfedfb-CDG
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 9AF0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2653350.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-69.fra50.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
CsU-ljm5paxgQHpLExh8TJRpebpNL5J55k9cxw7Bqkg7pmRAZvD6tA==
age
2665886
otFloatingRounded.json
cdn-ukwest.onetrust.com/scripttemplates/6.27.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.27.0/assets/otFloatingRounded.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.27.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
content-md5
dVqptBpFFKGgjvHXKbXY6A==
content-length
2586
x-ms-lease-status
unlocked
last-modified
Tue, 23 Nov 2021 21:06:41 GMT
server
cloudflare
etag
0x8D9AEC52592DF3B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
709dc198-b01e-0016-69e3-31e505000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e80e64e8a05edfb-CDG
expires
Mon, 07 Mar 2022 09:23:32 GMT
otPcCenter.json
cdn-ukwest.onetrust.com/scripttemplates/6.27.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.27.0/assets/v2/otPcCenter.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.27.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e365f91028edea76d06d71cbf54c82fd62dcb673357f1a282149bcefdd04e41d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
content-md5
ceOHHWNBgrF8GxXKPVj35A==
content-length
11602
x-ms-lease-status
unlocked
last-modified
Tue, 23 Nov 2021 21:06:43 GMT
server
cloudflare
etag
0x8D9AEC5272A4CC3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
57acb006-a01e-0009-5ce3-313e15000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e80e64e8a07edfb-CDG
expires
Mon, 07 Mar 2022 09:23:32 GMT
otCommonStyles.css
cdn-ukwest.onetrust.com/scripttemplates/6.27.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.27.0/assets/otCommonStyles.css
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.27.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://espace-client.nonprod.ovoenergy.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
content-md5
Ye6OeZcNyuFoWog7CYs00A==
x-ms-lease-status
unlocked
last-modified
Tue, 23 Nov 2021 21:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e7f2bc13-701e-0044-5fe3-31f8f7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6e80e64e8a08edfb-CDG
expires
Mon, 07 Mar 2022 09:23:32 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2653350/ 		146 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2653350/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f5f76c095cd0aa128146.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.23.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-23-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d

Request headers

Referer
https://espace-client.nonprod.ovoenergy.fr/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 07 Mar 2022 05:23:32 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper function| hj object| _hjSettings function| lightningjs function| usabilla_live object| webpackJsonpfrance-portal object| otStubData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| Optanon object| OneTrust

7 Cookies

Domain/Path Name / Value
.ovoenergy.fr/ Name: _hjSessionUser_2653350
Value: eyJpZCI6ImRlYWU5MzNjLWQzNmItNTU3OS04MDVjLWQ0ZWJhYTU5ZmIxOCIsImNyZWF0ZWQiOjE2NDY2MzA2MTIyNTIsImV4aXN0aW5nIjpmYWxzZX0=
.ovoenergy.fr/ Name: _hjFirstSeen
Value: 1
espace-client.nonprod.ovoenergy.fr/ Name: _hjIncludedInSessionSample
Value: 0
.ovoenergy.fr/ Name: _hjSession_2653350
Value: eyJpZCI6Ijg4ZGIxYmIwLWZmYTEtNDFiZC1iMTY3LTIyMjgzODBjZTdkOCIsImNyZWF0ZWQiOjE2NDY2MzA2MTIyODEsImluU2FtcGxlIjpmYWxzZX0=
espace-client.nonprod.ovoenergy.fr/ Name: _hjIncludedInPageviewSample
Value: 1
.ovoenergy.fr/ Name: _hjAbsoluteSessionInProgress
Value: 0
espace-client.nonprod.ovoenergy.fr/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Mar+07+2022+05%3A23%3A32+GMT%2B0000+(GMT)&version=6.27.0&isIABGlobal=false&hosts=&consentId=f052f366-45c6-49b0-8045-ee26c9daaa6f&interactionCount=0&landingPath=https%3A%2F%2Fespace-client.nonprod.ovoenergy.fr%2F&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ukwest.onetrust.com
espace-client.nonprod.ovoenergy.fr
fonts.googleapis.com
geolocation.onetrust.com
in.hotjar.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
w.usabilla.com
104.20.185.68
142.250.184.202
143.204.2.59
143.204.98.45
143.204.98.69
143.204.98.93
34.255.23.179
52.48.18.21
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
53d52988209df40340e636e351b5a5d27b13fe8ccdc3875a66c1367fd7d33ffa
56cc974cdbc181ec3815a38c5bcdee5ca84d5dd905f3a3f9c54a27eca6ef4b97
59585942dab5602534315f35c36f12ab8bbab63d83f15a6785b9e23a553a884f
5deeeabc447baad7fbcb479b5ec6665495ac28196dba1e72381874ef99f20212
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d
632174e3fad7089a2cefabcdd1d5dbafa10600b949b87600857433dea109187c
777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d
9a2c27ffc081c165020e3c4f748b823a05b4caf8e9e3c8a8b552091ce3cad2e3
a384d1fc7d84b2fe1b1cb470193838a86a5c72d39268aed7825e2235285b5ef7
a594ad1f984adff09c51fd792059888fab39472360f456c7dc020b2fbc6161e5
cd6cc3a4a7ec2e60f583ef64e3dcbdf9e63f7ff2a8d1da0965769425fb1b700f
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e365f91028edea76d06d71cbf54c82fd62dcb673357f1a282149bcefdd04e41d
e800b8cc1874b53e00b69455063c3b573e881ab53a32eae140987d189d1a66b5