urlscan.io logo urlscan.io
SecurityTrails logo

www.connexionpmf.fr Open in urlscan Pro
185.48.45.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.connexionpmf.fr/
Effective URL: https://www.connexionpmf.fr/login
Submission: On September 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 26 HTTP transactions. The main IP is 185.48.45.12, located in France and belongs to LINKBYNET-AS, FR. The main domain is www.connexionpmf.fr.
TLS certificate: Issued by R3 on September 15th 2021. Valid for: 3 months.
This is the only time www.connexionpmf.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 185.48.45.12 25593 (LINKBYNET-AS)
1 69.16.175.10 20446 (HIGHWINDS3)
1 142.250.200.36 15169 (GOOGLE)
1 172.217.169.74 15169 (GOOGLE)
1 142.250.187.195 15169 (GOOGLE)
1 216.58.213.3 15169 (GOOGLE)
26 6
22    185.48.45.12 (France)

ASN25593 (LINKBYNET-AS, FR)
www.connexionpmf.fr
static.ecp-mediacadeaux.com
1    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net
code.jquery.com
1    142.250.200.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f4.1e100.net
www.google.com
1    172.217.169.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f10.1e100.net
fonts.googleapis.com
1    142.250.187.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f3.1e100.net
www.gstatic.com
1    216.58.213.3 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s25-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
11 static.ecp-mediacadeaux.com www.connexionpmf.fr
static.ecp-mediacadeaux.com
11 www.connexionpmf.fr 1 redirects www.connexionpmf.fr
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com www.connexionpmf.fr
1 www.google.com www.connexionpmf.fr
1 code.jquery.com www.connexionpmf.fr
26 7

This site contains no links.

Subject Issuer Validity Valid
www.connexionpmf.fr
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
static.ecp-mediacadeaux.com
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.connexionpmf.fr/login
Frame ID: 12DCC1617311C87CD651ACF419682CE1
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

connexion pmf Login

Page URL History Show full URLs

  1. https://www.connexionpmf.fr/ HTTP 302
    https://www.connexionpmf.fr/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

479 kB
Transfer

1217 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.connexionpmf.fr/ HTTP 302
    https://www.connexionpmf.fr/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
www.connexionpmf.fr/
Redirect Chain
  • https://www.connexionpmf.fr/
  • https://www.connexionpmf.fr/login
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
f582e726ed9c5244b9e59dc7c47d6092041f432f498b9555982913bc758c69fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://qa-mypmi.cs80.force.com/dtefr/s/mediacadeaux
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Host
www.connexionpmf.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab20007f4037030e51535dd5b1ead85041e83cf61744585cb0fc8c92b3b9b975d8f98b080b912ce11130003746fe0b4f06e84a04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 15 Sep 2021 06:02:30 GMT
x-frame-options
sameorigin
content-security-policy
frame-ancestors 'self' https://qa-mypmi.cs80.force.com/dtefr/s/mediacadeaux
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=16070400; includeSubDomains
content-length
2556
content-type
text/html; charset=UTF-8
Set-Cookie
TSb0669108027=084a360408ab20003cdc3a1faac3e73dc9db0210a9fe78abe4916281422adcf49b9b5636d7fd928708d4e4de77113000090e2bc31000a31d04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820; Path=/

Redirect headers

date
Wed, 15 Sep 2021 06:02:30 GMT
x-frame-options
sameorigin
content-security-policy
frame-ancestors 'self' https://qa-mypmi.cs80.force.com/dtefr/s/mediacadeaux
set-cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; path=/; secure; HttpOnly SERVERID=11; path=/
expires
Mon, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
last-modified
Wed, 15 Sep 2021 06:02:30 GMT
request-uri
https://www.connexionpmf.fr/login
content-location
https://www.connexionpmf.fr/login
location
https://www.connexionpmf.fr/login
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
content-type
text/html; charset=UTF-8
Set-Cookie
TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; Path=/ TSb0669108027=084a360408ab20007f4037030e51535dd5b1ead85041e83cf61744585cb0fc8c92b3b9b975d8f98b080b912ce11130003746fe0b4f06e84a04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820; Path=/
all.css
static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/@fortawesome/fontawesome-pro/css/ 		204 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/@fortawesome/fontawesome-pro/css/all.css
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
814b48d2c39a6d19a989059fcb1d0702fefa670b46488f89eeb5b0badfefb945
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:21:34 GMT
etag
"33169-5bd3038e27b80-gzip"
x-frame-options
sameorigin
content-type
text/css
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
34612
x-xss-protection
1; mode=block
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://www.connexionpmf.fr/
Origin
https://www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:30 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 17:27:20 GMT
server
nginx
etag
W/"603e7578-15d9d"
vary
Accept-Encoding
x-hw
1631685750.dop103.fr8.t,1631685750.cds209.fr8.hn,1631685750.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
popper.min.js
static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/popper.js/dist/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/popper.js/dist/popper.min.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
d577c543145f36f0c95b715d67ec65a3649ba1d1b6fab140af0e97b15ceeddb7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:22:03 GMT
etag
"4d70-5bd303a9cfcc0-gzip"
x-frame-options
sameorigin
content-type
application/javascript
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
7251
x-xss-protection
1; mode=block
bootstrap.min.css
static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/bootstrap/dist/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:22:00 GMT
etag
"1da71-5bd303a6f3600-gzip"
x-frame-options
sameorigin
content-type
text/css
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
19741
x-xss-protection
1; mode=block
bootstrap.min.js
static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/bootstrap/dist/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:22:00 GMT
etag
"9b00-5bd303a6f3600-gzip"
x-frame-options
sameorigin
content-type
application/javascript
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
10940
x-xss-protection
1; mode=block
bootstrap-select.min.js
static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/bootstrap-select/dist/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/bootstrap-select/dist/js/bootstrap-select.min.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:21:59 GMT
etag
"8263-5bd303a5ff3c0-gzip"
x-frame-options
sameorigin
content-type
application/javascript
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
9774
x-xss-protection
1; mode=block
bootstrap-select.min.css
static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/bootstrap-select/dist/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/bootstrap-select/dist/css/bootstrap-select.min.css
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:21:59 GMT
etag
"19ff-5bd303a5ff3c0-gzip"
x-frame-options
sameorigin
content-type
text/css
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
1586
x-xss-protection
1; mode=block
jquery.validate.min.js
static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/jquery-validation/dist/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/jquery-validation/dist/jquery.validate.min.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:21:55 GMT
etag
"5f38-5bd303a22eac0-gzip"
x-frame-options
sameorigin
content-type
application/javascript
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
7815
x-xss-protection
1; mode=block
messages_fr.js
static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/jquery-validation/dist/localization/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/jquery-validation/dist/localization/messages_fr.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
22515ce5e8d25ee7f29fe6018cb2a6727c99b31921db92b699af10a18b062476
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:21:55 GMT
etag
"db2-5bd303a22eac0-gzip"
x-frame-options
sameorigin
content-type
application/javascript
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
1084
x-xss-protection
1; mode=block
jquery.maskedinput.min.js
static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/jquery.maskedinput/dist/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:21:58 GMT
etag
"10e4-5bd303a50b180-gzip"
x-frame-options
sameorigin
content-type
application/javascript
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
1960
x-xss-protection
1; mode=block
clipboard.min.js
static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/clipboard/dist/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/bower_components/clipboard/dist/clipboard.min.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:21:59 GMT
etag
"2aa5-5bd303a5ff3c0-gzip"
x-frame-options
sameorigin
content-type
application/javascript
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
3397
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		850 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicite
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f4.1e100.net
Software
GSE /
Resource Hash
f6851d9ce8f7d3b11d1784de142969571cc8a1de4bb59e0f1259fab7d5f40dc4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Wed, 15 Sep 2021 06:02:31 GMT
Cookie set head.js
www.connexionpmf.fr/inc_js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.connexionpmf.fr/inc_js/head.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
15187aac0ede0b39898e1150be1b2a4853ac0525eaa54694a5479920d283394e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.connexionpmf.fr/login
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab20003cdc3a1faac3e73dc9db0210a9fe78abe4916281422adcf49b9b5636d7fd928708d4e4de77113000090e2bc31000a31d04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 08:28:31 GMT
etag
"1dac-5cbdc400709c0-gzip"
x-frame-options
sameorigin
strict-transport-security
max-age=16070400; includeSubDomains
content-type
application/javascript
Set-Cookie
TSb0669108027=084a360408ab20005de0aa3b5c3b6dce0a0b049e04701171954967bfc89f35da73c342ea8e29b29508ae6b26e711300083292fc2749339da04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820; Path=/
accept-ranges
bytes
vary
Accept-Encoding
content-length
2435
x-xss-protection
1; mode=block
Cookie set ecp.js
www.connexionpmf.fr/inc_js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.connexionpmf.fr/inc_js/ecp.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
827e95e81993d12daf77b0b5775fbdcf6a9ee9da222a5d5a321d8c6b15860965
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.connexionpmf.fr/login
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab20003cdc3a1faac3e73dc9db0210a9fe78abe4916281422adcf49b9b5636d7fd928708d4e4de77113000090e2bc31000a31d04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 08:28:31 GMT
etag
"6ef6-5cbdc400709c0-gzip"
x-frame-options
sameorigin
strict-transport-security
max-age=16070400; includeSubDomains
content-type
application/javascript
Set-Cookie
TSb0669108027=084a360408ab20004415319de2eea6d24e8813a40b680696f574cb8da68b4475d3a5e277439ff096080a5d166e11300039206a767581c19104a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820; Path=/
accept-ranges
bytes
vary
Accept-Encoding
content-length
6569
x-xss-protection
1; mode=block
Cookie set fp2.js
www.connexionpmf.fr/inc_js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.connexionpmf.fr/inc_js/fp2.js
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
64ebb6abe041ad42e9a095cd8321653fc4438b356b23e264d03708d9058578dd
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.connexionpmf.fr/login
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab20003cdc3a1faac3e73dc9db0210a9fe78abe4916281422adcf49b9b5636d7fd928708d4e4de77113000090e2bc31000a31d04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 08:28:31 GMT
etag
"ecc9-5cbdc400709c0-gzip"
x-frame-options
sameorigin
strict-transport-security
max-age=16070400; includeSubDomains
content-type
application/javascript
Set-Cookie
TSb0669108027=084a360408ab2000b71becb8caeb1549d2045b942f2360e25fbbcf4c476ee84ba8bca91fc724e66308ab7c1bc6113000d9f9ecc8be6690cd04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820; Path=/
accept-ranges
bytes
vary
Accept-Encoding
content-length
17190
x-xss-protection
1; mode=block
Cookie set style.css
www.connexionpmf.fr/perso/www.connexionpmf.fr/css/ 		102 B
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
c241815121857684fef731150b510f94cc0fa3b4d63b13144317fd6a218a7d66
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.connexionpmf.fr/login
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab20003cdc3a1faac3e73dc9db0210a9fe78abe4916281422adcf49b9b5636d7fd928708d4e4de77113000090e2bc31000a31d04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 13:35:42 GMT
etag
"66-5bd2ebe46a780-gzip"
x-frame-options
sameorigin
strict-transport-security
max-age=16070400; includeSubDomains
content-type
text/css
Set-Cookie
TSb0669108027=084a360408ab2000f973f4913fe0b344fa3879b8065a096006dcfc4ebb17e5e0e9721d12f2db487a08c645fee81130006b168169ae45685a04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820; Path=/
accept-ranges
bytes
vary
Accept-Encoding
content-length
77
x-xss-protection
1; mode=block
Cookie set fonts.css
www.connexionpmf.fr/inc_css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.connexionpmf.fr/inc_css/fonts.css
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
858cfcc2d71cdaa739f75bb9508aee28475a72f8cf3beb8027070e8f58016570
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.connexionpmf.fr/login
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab20003cdc3a1faac3e73dc9db0210a9fe78abe4916281422adcf49b9b5636d7fd928708d4e4de77113000090e2bc31000a31d04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 08:28:31 GMT
etag
"1f4b-5cbdc400709c0-gzip"
x-frame-options
sameorigin
strict-transport-security
max-age=16070400; includeSubDomains
content-type
text/css
Set-Cookie
TSb0669108027=084a360408ab2000f7bc647783bbe0c82ce7ac249f9eac0cbd59c986bc74e4e47855ab4398cb933a08ba1cc2db113000faec4fb11e15b7b604a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820; Path=/
accept-ranges
bytes
vary
Accept-Encoding
content-length
698
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:300&display=swap
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f10.1e100.net
Software
ESF /
Resource Hash
f0cfec413fe83866f84c622a9f4d60b1517600285da1f9207e6bfe1522cc63df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 04:49:26 GMT
server
ESF
date
Wed, 15 Sep 2021 06:02:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 06:02:30 GMT
Cookie set 22_309.png
www.connexionpmf.fr/perso/www.connexionpmf.fr/photos/elements/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/photos/elements/22_309.png
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
090714163b7fd4433cae9f2172a33711ac76906ddcb5e31a2a095d16542a2ed3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.connexionpmf.fr/login
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab2000b71becb8caeb1549d2045b942f2360e25fbbcf4c476ee84ba8bca91fc724e66308ab7c1bc6113000d9f9ecc8be6690cd04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 13:35:43 GMT
etag
"2f5e-5bd2ebe55e9c0"
x-frame-options
sameorigin
content-type
image/png
Set-Cookie
TSb0669108027=084a360408ab2000be35d0621311ac8722e26c54716fc390359db6652382177b7792b05eec141ae5086eb3310c1130008900e2d04fcb64dd36ed2c795f2ed12c210a52fa5d9ce2da6bfa9712587652facc6319ed09f8b55675acbb81c92ba7d9; Path=/
accept-ranges
bytes
content-length
12126
x-xss-protection
1; mode=block
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ 		343 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f3.1e100.net
Software
sffe /
Resource Hash
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.connexionpmf.fr/
Origin
https://www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 05:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137529
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 05:55:37 GMT
Cookie set general.css
www.connexionpmf.fr/inc_css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.connexionpmf.fr/inc_css/general.css
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
0670048b022922b55e7134e40f8d857679993e3c69b944b123b9d65a4fb8ea86
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab2000b71becb8caeb1549d2045b942f2360e25fbbcf4c476ee84ba8bca91fc724e66308ab7c1bc6113000d9f9ecc8be6690cd04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Sep 2021 08:28:31 GMT
etag
"f81-5cbdc400709c0-gzip"
x-frame-options
sameorigin
strict-transport-security
max-age=16070400; includeSubDomains
content-type
text/css
Set-Cookie
TSb0669108027=084a360408ab20001b69d526bd5ba3f1827ff84166b971396df6e5b6428ef22af747d83fd2dc30aa083b6e445011300072b700a39788a2dc36ed2c795f2ed12c210a52fa5d9ce2da6bfa9712587652facc6319ed09f8b55675acbb81c92ba7d9; Path=/
accept-ranges
bytes
vary
Accept-Encoding
content-length
1050
x-xss-protection
1; mode=block
Cookie set site.css
www.connexionpmf.fr/perso/www.connexionpmf.fr/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/site.css
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
bc953869ff88d7c79268ce03239ef3f8986b87291547da067bb6892c545e6da1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab2000b71becb8caeb1549d2045b942f2360e25fbbcf4c476ee84ba8bca91fc724e66308ab7c1bc6113000d9f9ecc8be6690cd04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 09:28:17 GMT
etag
"957c-5c191d08eee40-gzip"
x-frame-options
sameorigin
strict-transport-security
max-age=16070400; includeSubDomains
content-type
text/css
Set-Cookie
TSb0669108027=084a360408ab2000f683cc030f7f84543fe7d2ffc0aaa0d874ba3dc1ec78c5ad4f4a9297f218121508c2f620bd113000af8e4d2490516d1536ed2c795f2ed12c210a52fa5d9ce2da6bfa9712587652facc6319ed09f8b55675acbb81c92ba7d9; Path=/
accept-ranges
bytes
vary
Accept-Encoding
content-length
7612
x-xss-protection
1; mode=block
Cookie set menu.css
www.connexionpmf.fr/perso/www.connexionpmf.fr/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/menu.css
Requested by
Host: www.connexionpmf.fr
URL: https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
7989725ead2b78609dfa6de108c7ee06c5a6dcf1def83247a7611ff5950cc818
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
Cookie
PHPSESSID=tbphn1geqctohhc0mlreubhdfd; SERVERID=11; TS01c3bdbd=0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547; TSb0669108027=084a360408ab2000b71becb8caeb1549d2045b942f2360e25fbbcf4c476ee84ba8bca91fc724e66308ab7c1bc6113000d9f9ecc8be6690cd04a463d29993eb583cb3984fd9f3cf0aab422d66f35ac981297f40111a1a8c87179a287197377820
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.connexionpmf.fr/perso/www.connexionpmf.fr/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 09:28:17 GMT
etag
"1aa2-5c191d08eee40-gzip"
x-frame-options
sameorigin
strict-transport-security
max-age=16070400; includeSubDomains
content-type
text/css
Set-Cookie
TSb0669108027=084a360408ab2000b2f06ece3e2e774bb3146fbe19f0fca64d8fa32bc16b1703cdec3e4d3489eb05087f5f850f1130009b1f6d11681ade5f36ed2c795f2ed12c210a52fa5d9ce2da6bfa9712587652facc6319ed09f8b55675acbb81c92ba7d9; Path=/
accept-ranges
bytes
vary
Accept-Encoding
content-length
1692
x-xss-protection
1; mode=block
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.213.3 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s25-in-f3.1e100.net
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 06:04:39 GMT
x-content-type-options
nosniff
age
172672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 06:04:39 GMT
fa-solid-900.woff2
static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/@fortawesome/fontawesome-pro/webfonts/ 		135 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/@fortawesome/fontawesome-pro/webfonts/fa-solid-900.woff2
Requested by
Host: static.ecp-mediacadeaux.com
URL: https://static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/@fortawesome/fontawesome-pro/css/all.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.48.45.12 , France, ASN25593 (LINKBYNET-AS, FR),
Reverse DNS
Software
/
Resource Hash
ea1f1cd8dd93d32f9b337df9b9faf9073015353f384895a59e743eb5ddce47d4
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.ecp-mediacadeaux.com/ecp-prod/scripts/node_modules/@fortawesome/fontawesome-pro/css/all.css
Origin
https://www.connexionpmf.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 06:02:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 15:21:33 GMT
etag
"21b08-5bd3038d33940"
x-frame-options
sameorigin
content-type
font/woff2
access-control-allow-origin
*
cache-control
private
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
content-length
137992
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| confirmation function| alerte function| stopgo function| tx_longueur function| col_redim function| scrollbas function| toggleactif function| js_redirect function| affiche_message function| check_quantite function| form_readonly function| FormonSubmitIdentificationPseudo function| FormonSubmitIdentificationCarte function| FormonSubmitIdentifiantsOublies function| FormonSubmitContact function| recaptchaCallback function| redirect function| ajaxdie function| mcfp function| check_extension function| Fingerprint2 string| notification_modal string| notification_dialog number| ecp_idsite number| ecp_idparent number| ecp_nature_1 number| ecp_nature_2 number| ecp_nature_3 number| ecp_nature_4 number| ecp_nature_5 string| mc_ecp_idsite string| mc_ecp_idparent string| mc_ecp_url string| mc_mb_id string| mc_mb_nom string| mc_mb_q1 string| mc_mb_q2 string| mc_mb_q3 string| mc_mb_q4 string| mc_mb_q5 string| mc_mb_q6 string| mc_mb_q7 string| mc_mb_q8 string| mc_mb_q9 string| mc_mb_q10 string| mc_mb_t1 string| mc_mb_t2 string| mc_mb_t3 string| mc_mb_t4 string| mc_mb_t5 string| mc_la_prixmin string| mc_la_prixmax function| check_email function| check_saphir object| recaptcha

4 Cookies

Domain/Path Name / Value
www.connexionpmf.fr/ Name: PHPSESSID
Value: tbphn1geqctohhc0mlreubhdfd
www.connexionpmf.fr/ Name: SERVERID
Value: 11
www.connexionpmf.fr/ Name: TS01c3bdbd
Value: 0156a001cfbe2bc569cc6bd3b891a2968cd8478719d23983e4d47c49f4c8bd86715fd1fe172d01e45059d3b388c400600405797547
www.connexionpmf.fr/ Name: TSb0669108027
Value: 084a360408ab20001b69d526bd5ba3f1827ff84166b971396df6e5b6428ef22af747d83fd2dc30aa083b6e445011300072b700a39788a2dc36ed2c795f2ed12c210a52fa5d9ce2da6bfa9712587652facc6319ed09f8b55675acbb81c92ba7d9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://qa-mypmi.cs80.force.com/dtefr/s/mediacadeaux
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
static.ecp-mediacadeaux.com
www.connexionpmf.fr
www.google.com
www.gstatic.com
142.250.187.195
142.250.200.36
172.217.169.74
185.48.45.12
216.58.213.3
69.16.175.10
0670048b022922b55e7134e40f8d857679993e3c69b944b123b9d65a4fb8ea86
090714163b7fd4433cae9f2172a33711ac76906ddcb5e31a2a095d16542a2ed3
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
15187aac0ede0b39898e1150be1b2a4853ac0525eaa54694a5479920d283394e
22515ce5e8d25ee7f29fe6018cb2a6727c99b31921db92b699af10a18b062476
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
64ebb6abe041ad42e9a095cd8321653fc4438b356b23e264d03708d9058578dd
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7989725ead2b78609dfa6de108c7ee06c5a6dcf1def83247a7611ff5950cc818
814b48d2c39a6d19a989059fcb1d0702fefa670b46488f89eeb5b0badfefb945
827e95e81993d12daf77b0b5775fbdcf6a9ee9da222a5d5a321d8c6b15860965
858cfcc2d71cdaa739f75bb9508aee28475a72f8cf3beb8027070e8f58016570
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
bc953869ff88d7c79268ce03239ef3f8986b87291547da067bb6892c545e6da1
c241815121857684fef731150b510f94cc0fa3b4d63b13144317fd6a218a7d66
d577c543145f36f0c95b715d67ec65a3649ba1d1b6fab140af0e97b15ceeddb7
d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316
ea1f1cd8dd93d32f9b337df9b9faf9073015353f384895a59e743eb5ddce47d4
f0cfec413fe83866f84c622a9f4d60b1517600285da1f9207e6bfe1522cc63df
f582e726ed9c5244b9e59dc7c47d6092041f432f498b9555982913bc758c69fd
f6851d9ce8f7d3b11d1784de142969571cc8a1de4bb59e0f1259fab7d5f40dc4
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e