urlscan.io logo urlscan.io
SecurityTrails logo

sodexosante-evenements.fr Open in urlscan Pro
31.15.26.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sodexosante-evenements.fr/
Effective URL: https://sodexosante-evenements.fr/
Submission: On November 14 via api from NL — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 31.15.26.19, located in Igny-Comblizy, France and belongs to ALTERWAYHOSTING-NETWORK www.alterway.fr, FR. The main domain is sodexosante-evenements.fr.
TLS certificate: Issued by R3 on November 14th 2023. Valid for: 3 months.
This is the only time sodexosante-evenements.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 31.15.26.19 41628 (ALTERWAYH...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 52.92.3.249 16509 (AMAZON-02)
1 2a04:4e42::649 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 2600:9000:211... 16509 (AMAZON-02)
1 104.244.42.72 13414 (TWITTER)
2 2600:9000:211... 16509 (AMAZON-02)
1 2a04:4e42:8d:... ()
19 10
2    31.15.26.19 (Igny-Comblizy, France)

ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR)
PTR: sobuzz2.awh.nexen.net
sodexosante-evenements.fr
3    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    52.92.3.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com
sb-filer.s3.amazonaws.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2600:9000:211e:6000:1c:f638:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.axept.io
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2600:9000:211e:ac00:19:61a3:b200:93a1 (United States)

ASN16509 (AMAZON-02, US)
client.axept.io
1    2a04:4e42:8d::720 (None, )

ASN- ()
axeptio.imgix.net
Apex Domain
Subdomains		 Transfer
6 amazonaws.com
sb-filer.s3.amazonaws.com
996 KB
3 axept.io
static.axept.io — Cisco Umbrella Rank: 58253
client.axept.io — Cisco Umbrella Rank: 63841
217 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1186
syndication.twitter.com — Cisco Umbrella Rank: 1447
132 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
48 KB
2 sodexosante-evenements.fr
sodexosante-evenements.fr
13 KB
1 imgix.net
axeptio.imgix.net
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
61 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
30 KB
19 8
Domain Requested by
6 sb-filer.s3.amazonaws.com sodexosante-evenements.fr
3 cdn.jsdelivr.net sodexosante-evenements.fr
2 client.axept.io static.axept.io
2 platform.twitter.com sodexosante-evenements.fr
platform.twitter.com
2 sodexosante-evenements.fr 1 redirects
1 axeptio.imgix.net
1 syndication.twitter.com platform.twitter.com
1 static.axept.io sodexosante-evenements.fr
1 www.googletagmanager.com sodexosante-evenements.fr
1 code.jquery.com sodexosante-evenements.fr
19 10

This site contains no links.

Subject Issuer Validity Valid
sodexosante-evenements.fr
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
static.axeptio.eu
Amazon RSA 2048 M02		 2023-06-19 -
2024-07-17		 a year crt.sh
syndication.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-19 -
2024-09-17		 a year crt.sh
client.axept.io
Amazon RSA 2048 M01		 2023-08-03 -
2024-08-31		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-05 -
2024-04-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sodexosante-evenements.fr/
Frame ID: F6523BB6C22D57987140B3A1B85082D7
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fsodexosante-evenements.fr
Frame ID: C1A5C75BBEA5DBD82CEA0E07A6437981
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sodexo Santé - SantExpo

Page URL History Show full URLs

  1. http://sodexosante-evenements.fr/ HTTP 301
    https://sodexosante-evenements.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

1503 kB
Transfer

2714 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sodexosante-evenements.fr/ HTTP 301
    https://sodexosante-evenements.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sodexosante-evenements.fr/
Redirect Chain
  • http://sodexosante-evenements.fr/
  • https://sodexosante-evenements.fr/
47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sodexosante-evenements.fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.15.26.19 Igny-Comblizy, France, ASN41628 (ALTERWAYHOSTING-NETWORK www.alterway.fr, FR),
Reverse DNS
sobuzz2.awh.nexen.net
Software
/
Resource Hash
6d495434af0e063283afd115e63f337a7cff14b2585146b740fddce24e60203b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15768000 max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-length
12019
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 06:58:21 GMT
referrer-policy
strict-origin no-referrer-when-downgrade no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains max-age=15768000 max-age=15768000
vary
Accept-Encoding
via
1.1 sodexosante-evenements.fr
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-server-id
sobprdweb1
x-xss-protection
1; mode=block

Redirect headers

content-length
0
location
https://sodexosante-evenements.fr/
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/bootstrap.min.css
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sodexosante-evenements.fr/
Origin
https://sodexosante-evenements.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:58:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
275016
x-jsd-version
5.0.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230072-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"25fef-PDndyutgvrSms9Gt5O+JOaWK1Zo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr1CCgLMvyGHfEODyEctsIGcIXWPOJMA4YAdfBAOzwhV1GFVsfGD%2Fx6l7K%2BgnqHOP3oGxqDO3KTIruM0iG3d%2FskfiX3d7n9ZZeRtrN6juqwRuecYEx3lQJnJpJWhKbCEu2Ch9L2jlbZdjvhLw5o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
825d5d94ec70d574-CDG
rotate-phone.gif
sb-filer.s3.amazonaws.com/custom_lesdissident_vinci_minisite/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb-filer.s3.amazonaws.com/custom_lesdissident_vinci_minisite/rotate-phone.gif
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.3.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
79b0b3dd24293a86bdcd72a26cb344f868b4e2eefab3a84eacf0271ca22197ea

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 06:58:22 GMT
Last-Modified
Sat, 26 Jun 2021 15:06:06 GMT
Server
AmazonS3
x-amz-request-id
XZG14PX5PQWJP53H
ETag
"8ac292db2bfe599a886557a3e7a4d8ec"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
32708
x-amz-id-2
TK1cXg1ztxVQKqFcBGn27zrmXo9pa8NmV/oilS7TcHy8TxkMYSKsmOia/GLgbRcuqkbeSa05i0s=
picto_info.png
sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/picto_info.png
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.3.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f0e9881e872394f7efa74f8673a1d5710cf7f7cd8d496cceaf3f81c69be44291

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 06:58:22 GMT
Last-Modified
Tue, 02 May 2023 08:22:45 GMT
Server
AmazonS3
x-amz-request-id
XZG8MFYD7C96AQ6Y
ETag
"81087336bf29024a3f9145d8219ab24d"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1932
x-amz-id-2
mBTCtOeMzVSY4/MbShlEGGOk9UwNy/NP9db3eJJl9Se1+Khtv/rW/jlpr7nQ3Lpg1Pl/nyIlOlA=
picto_quiz_big.png
sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/picto_quiz_big.png
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.3.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88d7d754d20571b094988d1930c302e7f00e9d640f832d91943936a842e0b359

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 06:58:22 GMT
Last-Modified
Tue, 02 May 2023 08:22:46 GMT
Server
AmazonS3
x-amz-request-id
XZGASFT4FNFYWRM8
ETag
"94823b06d9eced5e004e01979837034c"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5037
x-amz-id-2
KTkFe/ZqNZcSmA+jWJG+uGNA0r0+gqwzw7xwl/fNG63DLTnXQXdhldgKZhUq/bgllx9LNq+XAmk=
picto_contact.png
sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/picto_contact.png
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.3.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c9b4213858ed7ca621ddecc959c038aa24e54a2a786f01039f57fb57578111b7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 06:58:22 GMT
Last-Modified
Tue, 02 May 2023 08:22:45 GMT
Server
AmazonS3
x-amz-request-id
XZGEQWXJFAKYXM9R
ETag
"6e1c45c23cc66a41b781d7b2e362ba92"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2880
x-amz-id-2
q/Drb7BRnGUW9lOSLWuc8wBh+Ywn5Is3/keN8d+B5zjC+8/RtLMxn9H1OyMYYE/8I6Rboy2jiyY=
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://sodexosante-evenements.fr/
Origin
https://sodexosante-evenements.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:58:21 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5144498
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-lcy-eglc8600049-LCY
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1699945102.583431,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
19, 225194
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/popper.min.js
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sodexosante-evenements.fr/
Origin
https://sodexosante-evenements.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:58:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22890275
x-jsd-version
2.9.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230074-FRA, cache-yyz4557-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"48a2-jut79x6Kl4uCoaGYAV8U1z0upZI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fqk%2B1eL3qFdXWzTFfdg6Z1K%2BKnuZU8vQM%2Bo5Fqk14R5hZd3obgGvYEmmUW%2BqKsmORLoxhNiMsN8fdPnFEKBfRSdlDAEXQqv6tLABUHcleBtKSuBdCYDG29snqyOut%2B9gSJxRwOvFMUshnIst6cI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
825d5d94ec74d574-CDG
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/bootstrap.min.js
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77e1728245a0c2de7d0859163ee081e1113aa75fd6894602cb5eb0d7e739bca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sodexosante-evenements.fr/
Origin
https://sodexosante-evenements.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:58:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1041557
x-jsd-version
5.0.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230058-FRA, cache-ams21045-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"eabb-KCIJ72Bl6EUaViPBsgjSVtexTCc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrfJO1ZdqdkBhhNEzJMDlo5s2R%2BIYXuq714q0toIo1xbJEDDCoIKeIJfl%2FwmbXpez2wegXf2%2BJXBM7w3kE7CAA0oFj0GiLUoBaVv3uDcNyt7CSxGW8FnPFRwy76TJTKr%2FksHDRp%2BNuvyJMszSEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
825d5d94ec73d574-CDG
gtm.js
www.googletagmanager.com/ 		169 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F4JJNT
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db3505fd7327a3beb470b66734a9062960c043239a6f345b00f5460932c6134c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:58:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62310
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 06:58:21 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F9A) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 06:58:21 GMT
Content-Encoding
gzip
Age
871
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (pab/6F9A)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
img_background.png
sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/ 		935 KB
935 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/img_background.png
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.3.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
966bf15127362228cd82d9a5b78bcaf9d9f4088abd273302e1c3d5a7b357795b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 06:58:22 GMT
Last-Modified
Tue, 02 May 2023 08:22:43 GMT
Server
AmazonS3
x-amz-request-id
XZGAMZF7RRW40CNM
ETag
"efee85a348b86605d9f6b206a9595326"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
957186
x-amz-id-2
DxVFqkNA9JgKXEfqSlFt2qk7s/nypVGFCwhaUdezmwLHTCxY6vIfJLmIve+c4xLukOYzGGw1SfY=
SansaPro-Bold.woff2
sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sb-filer.s3.amazonaws.com/custom_sodexosante_apptablette/fonts/SansaPro-Bold.woff2
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.3.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7517a867923653347cbc8a6b6f185cb05f105c6ff28967c8d83135aca8cbfb9a

Request headers

Referer
https://sodexosante-evenements.fr/
Origin
https://sodexosante-evenements.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 06:58:22 GMT
Last-Modified
Tue, 02 May 2023 08:26:34 GMT
Server
AmazonS3
x-amz-request-id
XZGB6YWXDD86M11G
ETag
"ef14431877e24d8ebc8efe6255a5b906"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
font/woff2
Accept-Ranges
bytes
Content-Length
17980
x-amz-id-2
NVXaQxt6J7QHeAD+g+NGyNChT/5ClQXgmRPJu5zT2ZQFjtrmFVhE+j9VcGx7bCl3sIF4QDCs4e0=
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame C1A5 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fsodexosante-evenements.fr
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA3) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://sodexosante-evenements.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3061527
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Nov 2023 06:58:21 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6FA3)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
sdk.js
static.axept.io/ 		754 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.axept.io/sdk.js
Requested by
Host: sodexosante-evenements.fr
URL: https://sodexosante-evenements.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6000:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af99575baf19e2efde121b5a672c09092099a09c0797014bf7ca2dc456cf45d6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 06:58:50 GMT
content-encoding
gzip
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
last-modified
Tue, 07 Nov 2023 10:00:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
86372
x-amz-server-side-encryption
AES256
etag
W/"a1fb2680c4ee67f0b95d59fc9e1534fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cross-origin-resource-policy
cross-origin
x-amz-cf-id
vhZvBjyxEoDHD4EbTsyqYX358Xojpn7C6Az9BucCszq-38Bh1SB5vQ==
settings
syndication.twitter.com/ Frame C1A5 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=033d2c61fefeaf687a37b4581355b20ad06fdba3
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fsodexosante-evenements.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time
104
date
Tue, 14 Nov 2023 06:58:21 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 14 Nov 2023 06:58:21 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
8b69dbe891305ced
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
901e86b1149b6ecd46c2881111f8f4a8470e05372fbe4ad7ecfdebb117e2e9cc
content-length
337
6464c65884be8b82098454ca.json
client.axept.io/ 		11 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.axept.io/6464c65884be8b82098454ca.json?r=0
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ac00:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33c42f7c1b1940b789cc7ef032cf845b45c2dc83afd7ed096f976d2bb4bdf197

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:58:23 GMT
x-amz-version-id
612CWJKD7LqBn6.RHmToXaqFDSZ6ACFI
content-encoding
gzip
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 17 May 2023 12:24:22 GMT
server
AmazonS3
etag
W/"addc28aa47aee33e6897118e6ba8f498"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
qThRzr92_zqBjqmZ7yF6WqOBLPEb7AeavTW4nqTA0f_NErCuNpKBow==
fr
client.axept.io/pack/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.axept.io/pack/fr
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ac00:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ campsi
Resource Hash
fd0668b6daa4081266857e5614efdfbda05e8f9155d012dde4f40db976419c2c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 04:12:22 GMT
content-encoding
gzip
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
9970
x-powered-by
campsi
etag
W/"204d-b51REVHy7yvPPyUjmgPp3b2Po9o"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
O0Iu8xg2PLMZ_4ZBfG-z4nIeHelyaK9GLfuDTXvVuYOIXYjIB_JbOg==
persos_site_suite_05.png
axeptio.imgix.net/2020/09/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axeptio.imgix.net/2020/09/persos_site_suite_05.png?auto=format&fit=crop&w=64&h=64&dpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 -, , ASN (),
Reverse DNS
Software
imgix /
Resource Hash
ddb7a5ea98e19a61ce5ce7e934963b4325a6da5e6b530f6433beade948539a4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sodexosante-evenements.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:58:26 GMT
x-content-type-options
nosniff
age
2666982
x-cache
HIT, HIT
x-imgix-id
5b71a22f21cf3ff3808b8494e0e76ca5629d363f
cross-origin-resource-policy
cross-origin
content-length
5604
x-served-by
cache-sjc1000090-SJC, cache-fra-eddf8230103-FRA
x-imgix-render-farm
01.140328
last-modified
Sat, 14 Oct 2023 10:08:42 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| cookieFix object| dataLayer function| $ function| jQuery object| Popper number| uidEvent object| bootstrap function| get_browser object| browser undefined| dateClass function| updateFBCanvasSize undefined| showErrorModal undefined| loadPreview object| twttr function| detectMobile function| iOS number| interval undefined| secondInterval function| autoTimerAction function| autoTimerReset undefined| ontouchstart string| tvc_ua boolean| isFacebook boolean| isInstagram boolean| isIOs boolean| isMessenger function| sendInsight object| __twttrll object| __twttr object| google_tag_manager object| google_tag_data object| axeptioSettings object| webpackChunkcaas_styleguide function| setImmediate function| clearImmediate object| regeneratorRuntime object| __axeptioSDK object| _axcb object| axeptioSDK string| axeptioBuildTimestamp function| axeptioHandleVendors function| openAxeptioCookies function| showAxeptioButton function| hideAxeptioButton

5 Cookies

Domain/Path Name / Value
sodexosante-evenements.fr/ Name: PHPSESSID
Value: b10ffdfee447b3354da3306a4f60748d
sodexosante-evenements.fr/ Name: cross-site-cookie
Value: sobuzz
sodexosante-evenements.fr/ Name: axeptio_cookies
Value: {%22$$token%22:%22o03qo8lmelo2wlthoqnpb%22%2C%22$$date%22:%222023-11-14T06:58:22.049Z%22%2C%22$$cookiesVersion%22:{}%2C%22$$completed%22:false}
sodexosante-evenements.fr/ Name: axeptio_authorized_vendors
Value: %2C%2C
sodexosante-evenements.fr/ Name: axeptio_all_vendors
Value: %2C%2C

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15768000 max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

axeptio.imgix.net
cdn.jsdelivr.net
client.axept.io
code.jquery.com
platform.twitter.com
sb-filer.s3.amazonaws.com
sodexosante-evenements.fr
static.axept.io
syndication.twitter.com
www.googletagmanager.com
104.244.42.72
2600:9000:211e:6000:1c:f638:2940:93a1
2600:9000:211e:ac00:19:61a3:b200:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:5814
2a00:1450:4001:82b::2008
2a04:4e42:8d::720
2a04:4e42::649
31.15.26.19
52.92.3.249
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
33c42f7c1b1940b789cc7ef032cf845b45c2dc83afd7ed096f976d2bb4bdf197
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
6d495434af0e063283afd115e63f337a7cff14b2585146b740fddce24e60203b
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7517a867923653347cbc8a6b6f185cb05f105c6ff28967c8d83135aca8cbfb9a
77e1728245a0c2de7d0859163ee081e1113aa75fd6894602cb5eb0d7e739bca9
79b0b3dd24293a86bdcd72a26cb344f868b4e2eefab3a84eacf0271ca22197ea
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
88d7d754d20571b094988d1930c302e7f00e9d640f832d91943936a842e0b359
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
966bf15127362228cd82d9a5b78bcaf9d9f4088abd273302e1c3d5a7b357795b
af99575baf19e2efde121b5a672c09092099a09c0797014bf7ca2dc456cf45d6
c9b4213858ed7ca621ddecc959c038aa24e54a2a786f01039f57fb57578111b7
db3505fd7327a3beb470b66734a9062960c043239a6f345b00f5460932c6134c
ddb7a5ea98e19a61ce5ce7e934963b4325a6da5e6b530f6433beade948539a4d
f0e9881e872394f7efa74f8673a1d5710cf7f7cd8d496cceaf3f81c69be44291
fd0668b6daa4081266857e5614efdfbda05e8f9155d012dde4f40db976419c2c