paralegal-activity.ch Open in urlscan Pro
2606:4700:3037::ac43:c976  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response paralegal-activity.ch/	2 KB 1 KB	179ms 139ms	Document text/html	2606:4700:3037::ac43:c976 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paralegal-activity.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:c976 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9554a309ef706f964bbc4c678b2459541510b74197950f1c15c6baeeb0e5ff38 Request headers :method GET :authority paralegal-activity.ch :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d6597793a4a785798a51da0de1a9e77a21619457352; expires=Wed, 26-May-21 17:15:52 GMT; path=/; domain=.paralegal-activity.ch; HttpOnly; SameSite=Lax; Secure PHPSESSID=00bd130aa7f399bbecdd576838b66c99; path=/; SameSite=Lax expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 09b0c73b480000dfd38a155000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mby6S2wQObel6hNwFyzDmYjkiOahkubypyXphfG0SRWSfz2uGkGWoLv3087UH7xpQPzeUVhAvc8LxCyKKw3ByiCer4bGYGm70SBDJzpw3Kq5gvyEBj%2BeuhXDWTHgAeOorZo%3D"}],"max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 646174a53b5bdfd3-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	366 B 389 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Aldrich Requested by Host: paralegal-activity.ch URL: https://paralegal-activity.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3d7021567fad8c40c04c3cbedccb644a8e4f70481bf55ef2462c2f49d82700bb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 26 Apr 2021 15:23:47 GMT server ESF date Mon, 26 Apr 2021 17:15:52 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 26 Apr 2021 17:15:52 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 33 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: paralegal-activity.ch URL: https://paralegal-activity.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 25 Apr 2021 18:44:10 GMT content-encoding gzip x-content-type-options nosniff age 81102 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 25 Apr 2022 18:44:10 GMT
GET H2	200	leform.min.js Show response forms.salenture.com/content/plugins/halfdata-green-forms/js/	59 KB 16 KB	75ms 18ms	Script application/javascript	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/js/leform.min.js?ver=1.18 Requested by Host: paralegal-activity.ch URL: https://paralegal-activity.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash b04150bf85e45d18694108e784bc5102edf95c7302a85d638bb9890aed57e174 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Mon, 23 Mar 2020 05:47:24 GMT server nginx etag "ec02-5a17f2b5d3300-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 15658
GET H3-29	200	bg.jpg paralegal-activity.ch/	82 KB 83 KB	201ms 184ms	Image image/jpeg	2606:4700:3037::ac43:c976 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://paralegal-activity.ch/bg.jpg Requested by Host: paralegal-activity.ch URL: https://paralegal-activity.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:c976 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0657967c9b295c114db5d5179e311dc12f68648d391cf376062cd14d02a26619 Request headers :path /bg.jpg pragma no-cache cookie __cfduid=d6597793a4a785798a51da0de1a9e77a21619457352; PHPSESSID=00bd130aa7f399bbecdd576838b66c99 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority paralegal-activity.ch referer https://paralegal-activity.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 84050 cf-request-id 09b0c73c1b000063c5f10a5000000001 last-modified Tue, 13 Jun 2017 09:22:55 GMT server cloudflare etag "14852-551d3fb0659c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M9USnpi7dDmhLlIwaRyfQY1ZhwTp5TZGq8KqXh5pck9qb%2Fb3iWW6tDjcd0djjACAHzLi3ty%2BwCQ6C6BJuRHlpUoBNOaoH047zLX7n0g9D6zKEsWZsvWw2VxjFxsoljBQbOc%3D"}]} content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes cf-ray 646174a69c9663c5-FRA
GET H2	200	MCoTzAn-1s3IGyJMVacY3w.woff2 fonts.gstatic.com/s/aldrich/v11/	16 KB 16 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/aldrich/v11/MCoTzAn-1s3IGyJMVacY3w.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Aldrich Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fce4f3089c3087e61363fcb9134061acf5a26817bb8153ab2e0e5acebe58b45d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://paralegal-activity.ch Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 00:56:55 GMT x-content-type-options nosniff last-modified Tue, 01 Sep 2020 05:24:45 GMT server sffe age 577137 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16144 x-xss-protection 0 expires Wed, 20 Apr 2022 00:56:55 GMT
GET H2	200	ajax.php Show response forms.salenture.com/	22 KB 23 KB	51ms 50ms	Script text/javascript	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/ajax.php?callback=jQuery11240832098402197416_1619457352705&action=leform-remote-init&form-ids=7&hostname=paralegal-activity.ch&_=1619457352706 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash e3637531a5ea80667c305375d1d7a84a5882370885ca3dd12fd8a0d717192777 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 26 Apr 2021 17:15:52 GMT server nginx strict-transport-security max-age=15768000 content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	css fonts.googleapis.com/	24 KB 1 KB	28ms 23ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=cyrillic,greek,cyrillic-ext,latin-ext,latin,vietnamese,greek-ext Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 26 Apr 2021 17:15:52 GMT server ESF date Mon, 26 Apr 2021 17:15:52 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 26 Apr 2021 17:15:52 GMT
GET H2	200	style.min.css forms.salenture.com/content/plugins/halfdata-green-forms/css/	44 KB 9 KB	23ms 16ms	Stylesheet text/css	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/css/style.min.css?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash 786eea198474e0cd53380ddc9fc270636fc207b2bcc005498343c627dccd0e80 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Mon, 04 May 2020 10:02:52 GMT server nginx etag "af33-5a4cfa251ab00-gzip" vary Accept-Encoding content-type text/css cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 8589
GET H2	200	fontawesome-all.min.css forms.salenture.com/content/plugins/halfdata-green-forms/css/	53 KB 13 KB	32ms 25ms	Stylesheet text/css	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/css/fontawesome-all.min.css?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash df9cd9ad71b6e1cafb9f05410ad16ecd39f952ebedd0a4d3067e7e46d49eb9f1 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Sat, 30 Mar 2019 06:46:24 GMT server nginx etag "d482-5854a2555b000-gzip" vary Accept-Encoding content-type text/css cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 13370
GET H2	200	leform-if.min.css forms.salenture.com/content/plugins/halfdata-green-forms/css/	1 KB 694 B	27ms 21ms	Stylesheet text/css	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/css/leform-if.min.css?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash 25be3572eb9864e1bd684a3240bb99b15b27039e1ef638ed47bef3100ef22a6a Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Tue, 20 Aug 2019 14:57:34 GMT server nginx etag "538-5908dad30d380-gzip" vary Accept-Encoding content-type text/css cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 453
GET H2	200	airdatepicker.min.css forms.salenture.com/content/plugins/halfdata-green-forms/css/	17 KB 3 KB	28ms 21ms	Stylesheet text/css	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/css/airdatepicker.min.css?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash 96445df43391ad6a6a2e38ee29c8224ef1dea874ebe3f866448b0e0a0cca8a07 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Sat, 30 Mar 2019 06:46:24 GMT server nginx etag "436a-5854a2555b000-gzip" vary Accept-Encoding content-type text/css cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 2878
GET H2	200	ion.rangeSlider.min.css forms.salenture.com/content/plugins/halfdata-green-forms/css/	11 KB 3 KB	27ms 21ms	Stylesheet text/css	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/css/ion.rangeSlider.min.css?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash dde40be619861c404cb805290f7ac7366d34c1378717f0dfbb049b669b11d26f Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Sun, 16 Dec 2018 13:16:52 GMT server nginx etag "2b4c-57d237a419900-gzip" vary Accept-Encoding content-type text/css cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 2565
GET H2	200	tooltipster.bundle.min.css forms.salenture.com/content/plugins/halfdata-green-forms/css/	10 KB 2 KB	30ms 25ms	Stylesheet text/css	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/css/tooltipster.bundle.min.css?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash 8ba82dce1d511af3606ab80965765d2ebcc17710da5c9fb6ad7a333b10ef375b Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Mon, 27 May 2019 07:07:14 GMT server nginx etag "27cf-589d932a2ec80-gzip" vary Accept-Encoding content-type text/css cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 1674
GET H2	200	signature_pad.min.js Show response forms.salenture.com/content/plugins/halfdata-green-forms/js/	7 KB 3 KB	38ms 32ms	Script application/javascript	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/js/signature_pad.min.js?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash e19c1c84afb0e835102a5f86d216d5dc6765c6184ef3a0645aea14f950776522 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Mon, 29 Apr 2019 14:49:00 GMT server nginx etag "1cd2-587ac627c6f00-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 2713
GET H2	200	airdatepicker.min.js Show response forms.salenture.com/content/plugins/halfdata-green-forms/js/	42 KB 14 KB	39ms 32ms	Script application/javascript	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/js/airdatepicker.min.js?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash 28cf24818c1cb648f3cb3585e5f0f55186afaac38658212ec69dfc2de12d4794 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Tue, 10 Mar 2020 12:37:24 GMT server nginx etag "a85c-5a07f61b38900-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 13753
GET H2	200	ion.rangeSlider.min.js Show response forms.salenture.com/content/plugins/halfdata-green-forms/js/	40 KB 10 KB	38ms 32ms	Script application/javascript	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/js/ion.rangeSlider.min.js?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash abe76f762e324ff4d719bc15a4ebfdc9dbd90d14fe67a34ef265eecf7dc5a4c7 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Sun, 16 Dec 2018 13:16:52 GMT server nginx etag "a0a7-57d237a419900-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 10258
GET H2	200	tooltipster.bundle.min.js Show response forms.salenture.com/content/plugins/halfdata-green-forms/js/	39 KB 12 KB	37ms 32ms	Script application/javascript	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/js/tooltipster.bundle.min.js?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash 8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Mon, 29 Jan 2018 12:02:22 GMT server nginx etag "9bdc-563e904c36f80-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 11727
GET H2	200	jsep.min.js Show response forms.salenture.com/content/plugins/halfdata-green-forms/js/	5 KB 2 KB	37ms 32ms	Script application/javascript	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/js/jsep.min.js?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash 574e851430fbce7717dc14907cc58638989855ebdd3fe81b8394ec905d066b4d Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Sat, 30 Mar 2019 06:46:26 GMT server nginx etag "1330-5854a25743480-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 2153
GET H2	200	jquery.mask.min.js Show response forms.salenture.com/content/plugins/halfdata-green-forms/js/	8 KB 4 KB	37ms 33ms	Script application/javascript	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/js/jquery.mask.min.js?ver=1.28 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:52 GMT content-encoding gzip last-modified Sat, 30 Mar 2019 06:46:26 GMT server nginx etag "1ff9-5854a25743480-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, public strict-transport-security max-age=15768000 accept-ranges bytes content-length 3580
GET H2	200	ajax.php Show response forms.salenture.com/	90 B 307 B	51ms 51ms	Script text/javascript	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/ajax.php?callback=jQuery11240832098402197416_1619457352705&action=leform-front-add-impression&form-ids=7&hostname=paralegal-activity.ch&_=1619457352707 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash 9d7c957ae38fc5a2b31d44d6d1d54ea3185df9ac695dd7cc1b8b6196b3bee8db Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://paralegal-activity.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 26 Apr 2021 17:15:53 GMT server nginx strict-transport-security max-age=15768000 content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	9ms 7ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=cyrillic,greek,cyrillic-ext,latin-ext,latin,vietnamese,greek-ext Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://paralegal-activity.ch Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 01:43:32 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe age 401541 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 expires Fri, 22 Apr 2022 01:43:32 GMT
GET H3-29	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=cyrillic,greek,cyrillic-ext,latin-ext,latin,vietnamese,greek-ext Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://paralegal-activity.ch Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 15:35:29 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:46 GMT server sffe age 351624 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 expires Fri, 22 Apr 2022 15:35:29 GMT
GET H2	200	fa-solid-900.woff2 forms.salenture.com/content/plugins/halfdata-green-forms/fonts/	73 KB 73 KB	49ms 15ms	Font font/woff2	212.51.156.223 INIT7
General Check archive.org Show headers Download Go to Full URL https://forms.salenture.com/content/plugins/halfdata-green-forms/fonts/fa-solid-900.woff2 Requested by Host: forms.salenture.com URL: https://forms.salenture.com/content/plugins/halfdata-green-forms/css/fontawesome-all.min.css?ver=1.28 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS mx.mailr.ch Software nginx / Resource Hash 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Origin https://paralegal-activity.ch Referer https://forms.salenture.com/content/plugins/halfdata-green-forms/css/fontawesome-all.min.css?ver=1.28 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Apr 2021 17:15:53 GMT last-modified Sat, 30 Mar 2019 06:46:24 GMT server nginx etag "1226c-5854a2555b000" strict-transport-security max-age=15768000 content-type font/woff2 access-control-allow-origin * cache-control max-age=604800, public accept-ranges bytes content-length 74348
GET H3-29	200	KFOkCnqEu92Fr1Mu51xIIzI.woff2 fonts.gstatic.com/s/roboto/v27/	17 KB 17 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=cyrillic,greek,cyrillic-ext,latin-ext,latin,vietnamese,greek-ext Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://paralegal-activity.ch Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 15:35:31 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe age 351622 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17304 x-xss-protection 0 expires Fri, 22 Apr 2022 15:35:31 GMT

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| leform_vars object| leform_consts boolean| leform_sending boolean| leform_popup_loading object| leform_popup_active_id object| leform_seq_pages object| leform_signatures boolean| leform_mobile object| leform_uploads object| leform_sessions object| leform_customjs_handlers object| now function| leform_ready function| leform_resize function| leform_datepicker_init function| leform_rangeslider_init function| leform_tooltips_init function| leform_signature_init boolean| leform_in_onselect function| leform_timepicker_init function| leform_popup_open function| _leform_popup_open function| leform_popup_active_close function| _leform_close function| leform_multiselect_changed function| leform_input_changed function| _leform_number_changed function| leform_number_unfocused function| leform_numspinner_inc function| leform_numspinner_dec function| leform_is_visible function| leform_handle_visibility function| leform_mask_init function| leform_submit function| leform_popup_message_open function| leform_popup_message_close function| leform_handle_math function| leform_jsep_calc function| leform_consts_update function| leform_reset_form function| leform_track function| leform_uploader_files_selected function| leform_uploader_file_delete function| leform_uploader_start function| leform_uploader_finish function| leform_uploader_progress function| leform_stripe_checkout function| leform_payumoney_checkout function| leform_date function| leform_date_str function| leform_time24_str function| leftorm_query_parameter function| leform_escape_html function| leform_is_numeric function| leform_read_cookie function| leform_write_cookie function| leform_utf8encode function| leform_encode64 function| leform_utf8decode function| leform_decode64 object| jQuery11240832098402197416 function| SignaturePad function| jsep object| $jscomp

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			paralegal-activity.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: 00bd130aa7f399bbecdd576838b66c99
			.paralegal-activity.ch/	1970-01-19 18:34:09	Name: __cfduid Value: d6597793a4a785798a51da0de1a9e77a21619457352

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://forms.salenture.com/content/plugins/halfdata-green-forms/js/leform.min.js?ver=1.18(Line 1) Message: Green Forms is ready to go!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
forms.salenture.com
paralegal-activity.ch
212.51.156.223
2606:4700:3037::ac43:c976
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
0657967c9b295c114db5d5179e311dc12f68648d391cf376062cd14d02a26619
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
25be3572eb9864e1bd684a3240bb99b15b27039e1ef638ed47bef3100ef22a6a
28cf24818c1cb648f3cb3585e5f0f55186afaac38658212ec69dfc2de12d4794
3d7021567fad8c40c04c3cbedccb644a8e4f70481bf55ef2462c2f49d82700bb
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
574e851430fbce7717dc14907cc58638989855ebdd3fe81b8394ec905d066b4d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce
786eea198474e0cd53380ddc9fc270636fc207b2bcc005498343c627dccd0e80
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
8ba82dce1d511af3606ab80965765d2ebcc17710da5c9fb6ad7a333b10ef375b
9554a309ef706f964bbc4c678b2459541510b74197950f1c15c6baeeb0e5ff38
96445df43391ad6a6a2e38ee29c8224ef1dea874ebe3f866448b0e0a0cca8a07
9d7c957ae38fc5a2b31d44d6d1d54ea3185df9ac695dd7cc1b8b6196b3bee8db
abe76f762e324ff4d719bc15a4ebfdc9dbd90d14fe67a34ef265eecf7dc5a4c7
b04150bf85e45d18694108e784bc5102edf95c7302a85d638bb9890aed57e174
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
dde40be619861c404cb805290f7ac7366d34c1378717f0dfbb049b669b11d26f
df9cd9ad71b6e1cafb9f05410ad16ecd39f952ebedd0a4d3067e7e46d49eb9f1
e19c1c84afb0e835102a5f86d216d5dc6765c6184ef3a0645aea14f950776522
e3637531a5ea80667c305375d1d7a84a5882370885ca3dd12fd8a0d717192777
fce4f3089c3087e61363fcb9134061acf5a26817bb8153ab2e0e5acebe58b45d