user.clicrdv.com Open in urlscan Pro
52.30.117.90  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request mutuelle-familiale-conferences Show response user.clicrdv.com/	1 KB 1 KB	183ms 66ms	Document text/html	52.30.117.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://user.clicrdv.com/mutuelle-familiale-conferences Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.117.90 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-117-90.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 1141e3bbeab265111912ea2772b774ad331dc5a75a7eaec430ab3c10a91ffbed Request headers Host user.clicrdv.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Cache-Control max-age=0 no-cache Content-Encoding gzip Content-Type text/html Date Tue, 06 Jul 2021 12:59:27 GMT ETag W/"6053e3f93b4c56dded78d0ff2f04ac6e" Expires Tue, 06 Jul 2021 12:59:27 GMT Last-Modified Thu, 27 May 2021 14:45:25 GMT Server nginx Vary Accept-Encoding x-amz-version-id GtGK6DfXmhUagU97_IRSxIcQQN.Yxs.k Content-Length 752 Connection keep-alive
GET H2	200	css fonts.googleapis.com/	7 KB 671 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 06 Jul 2021 12:20:24 GMT server ESF date Tue, 06 Jul 2021 12:59:28 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Jul 2021 12:59:28 GMT
GET H2	200	polyfill.min.js Show response polyfill.io/v3/	72 B 531 B	49ms 16ms	Script text/javascript	151.101.193.26 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?features=es6%2Ces7&flags=gated Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.26 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Origin https://user.clicrdv.com Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding br x-content-type-options nosniff content-type text/javascript; charset=utf-8 age 2364709 detected-user-agent Chrome/89.0.4389 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1 content-length 74 referrer-policy origin-when-cross-origin last-modified Tue, 08 Jun 2021 19:43:00 GMT date Tue, 06 Jul 2021 12:59:28 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS normalized-user-agent chrome/89.0.0 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	raven.min.js Show response cdn.ravenjs.com/3.18.1/	25 KB 10 KB	41ms 12ms	Script application/javascript	2a04:4e42:400::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.ravenjs.com/3.18.1/raven.min.js Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 96124de6adf694d17156bc387b0a30f8763a28b4703d88f8f980bb50806573b6 Request headers Origin https://user.clicrdv.com Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Jul 2021 12:59:28 GMT content-encoding gzip last-modified Mon, 02 Oct 2017 12:04:59 GMT server Fastly age 33280 etag "2a1cd0a87e36e655db06d9a6b8e886d0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * content-length 9731
GET H2	200	js Show response maps.googleapis.com/maps/api/	132 KB 43 KB	89ms 69ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?key=AIzaSyCAJlz2gf4jnYJ9NoQwe-oLRDpyIn0_vmU Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash 1ada33ac5f1807566074117b97121cd96511217fe5811db0c0a9bab7f9b2b12c Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Jul 2021 12:59:28 GMT content-encoding gzip vary Accept-Language server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control public, max-age=1800 server-timing gfet4t7; dur=54 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44052 x-xss-protection 0 expires Tue, 06 Jul 2021 13:29:28 GMT
GET H2	200	slick.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/	1 KB 813 B	24ms 23ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Jul 2021 12:59:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 9129550 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 382 cf-request-id 08fd561edc00004ac2de038000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-50a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TC4pLuIo5yVZqfVdUOUwBMTfJUvniFBvv0HHh8ioz2RhxtWTQI0Qym7hUaVBNvQ5Ic4VGZmi1H1ODF7SYRv%2BqNQ0%2BWTKk8dZZBKIBsMX3B%2FDYgD9lFX3m3HJPQ7yyhSla8gxfrwWZ5DWdCA8QQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 66a902abfc5c4e4a-FRA expires Sun, 26 Jun 2022 12:59:28 GMT
GET H2	200	slick-theme.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/	2 KB 980 B	25ms 24ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Jul 2021 12:59:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4634585 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 637 cf-request-id 0a0941d85200004ddc0826b000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-92d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R81HauySxgb7slIYJOnDBjxsthdNTrNxugX%2BNwWjpM5A8GGmFkq0IUgDt%2FhUlqH1Tn2REYiJEgndifzNwq8vEwXiRfzv8foVb8YLViCO325hx1HF3skuUIsCfdlCMUQYP4XNQxvfIHpBQGQINQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 66a902abfc624e4a-FRA expires Sun, 26 Jun 2022 12:59:28 GMT
GET H/1.1	200 OK	main.1b409dcf.css user.clicrdv.com/static/css/	55 KB 8 KB	67ms 66ms	Stylesheet text/css	52.30.117.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://user.clicrdv.com/static/css/main.1b409dcf.css Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.117.90 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-117-90.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 562c6e44ec0a5134ed08e91c911fd888047b944ea547655453b0ee207d18423b Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.clicrdv.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://user.clicrdv.com/mutuelle-familiale-conferences Connection keep-alive Referer https://user.clicrdv.com/mutuelle-familiale-conferences User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma public Date Tue, 06 Jul 2021 12:59:28 GMT Content-Encoding gzip Last-Modified Thu, 27 May 2021 14:45:25 GMT Server nginx x-amz-version-id 8_IYdN0pa8ns_JJtMxdRJLXRoKLXZzAJ ETag W/"931a46447b843f9f5397541400dfd0e2" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 public Connection keep-alive Content-Length 7655 Expires Thu, 05 Aug 2021 12:59:28 GMT
GET H/1.1	200 OK	main.98b7a245.js Show response user.clicrdv.com/static/js/	6 MB 1020 KB	154ms 91ms	Script application/javascript	52.30.117.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://user.clicrdv.com/static/js/main.98b7a245.js Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.117.90 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-117-90.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1ce3150046b19057ed5b226d0f73a9a41993516cfa60694619376975945a572 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.clicrdv.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://user.clicrdv.com/mutuelle-familiale-conferences Connection keep-alive Referer https://user.clicrdv.com/mutuelle-familiale-conferences User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma public Date Tue, 06 Jul 2021 12:59:28 GMT Content-Encoding gzip Last-Modified Thu, 27 May 2021 14:45:25 GMT Server nginx ETag W/"e032ea9996497b21ea72200846049979" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 public transfer-encoding chunked Connection keep-alive x-amz-version-id Ca0lsterpKyctJwRst91OHoAHQTeNaTW Expires Thu, 05 Aug 2021 12:59:28 GMT
GET H2	200	hotjar-2281691.js Show response static.hotjar.com/c/	6 KB 2 KB	82ms 29ms	Script application/javascript	13.225.87.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2281691.js?sv=6 Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-62.fra2.r.cloudfront.net Software / Resource Hash 5470b8f755c724d5ce297fed4765c12fbe9801d8738bbfee2b424703d1f81c50 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Jul 2021 12:59:26 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 age 2 etag W/c1b2c7549548213c734cf2cf50f19dee vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 x-amz-cf-pop FRA2-C2 x-amz-cf-id BT0D9_cHEv08566ljrXCsZvWiyMhsEvb1ZRaNsGRzigDMmxoekxNxA== via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
GET H2	200	modules.6707e94afd136d068134.js Show response script.hotjar.com/	219 KB 58 KB	84ms 29ms	Script application/javascript	13.224.193.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.6707e94afd136d068134.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2281691.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.193.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-121.fra2.r.cloudfront.net Software / Resource Hash 147bbc69ada02cdca64ad72a0159564a5a2643efa09602f7f014459175d6823e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 05 Jul 2021 12:26:05 GMT content-encoding br x-content-type-options nosniff age 88403 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 59137 access-control-allow-origin * last-modified Mon, 05 Jul 2021 12:25:45 GMT etag "bbcd672a21d2eac288769d4e100c556a" vary Accept-Encoding content-type application/javascript via 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA2-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id i51UK4dP4eSqvDG_4Hu-dHXJS-9W7IhHRjkZzVvJSGcjgbkjm0SZgw==
GET H/1.1	200 OK	mutuelle-familiale-conferences.json Show response www.clicrdv.com/services/groups/	12 KB 5 KB	2003ms 1860ms	Fetch application/json	54.247.160.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.clicrdv.com/services/groups/mutuelle-familiale-conferences.json?apikey=71a07e028193455a8b8fa1c7da526291&results=all Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/static/js/main.98b7a245.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.247.160.137 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-247-160-137.eu-west-1.compute.amazonaws.com Software nginx / Phusion Passenger Resource Hash 690367be120276875bb34afaeeef026df2604fb2e50af1229c4bcb0df28be0f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Jul 2021 12:59:30 GMT Content-Encoding gzip X-Content-Type-Options nosniff, nosniff X-Powered-By Phusion Passenger Status 200 OK Connection keep-alive Vary Accept-Encoding Content-Length 4429 X-XSS-Protection 1; mode=block, 1; mode=block X-Request-Id 305b5db7ceacc8c91e7b9582aea86ed2 X-UA-Compatible IE=Edge,chrome=1 X-Runtime 1.797847 Server nginx ETag W/"6c238372f865d3d8c97285c22dc19f4f" Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains Access-Control-Allow-Methods GET,POST,PUT,DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://user.clicrdv.com Cache-Control must-revalidate, private, max-age=0 Access-Control-Allow-Credentials true Access-Control-Allow-Headers Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token X-Rack-Cache miss
GET H/1.1	200 OK	spinner.8a919991.svg user.clicrdv.com/static/media/	4 KB 1 KB	50ms 49ms	Image image/svg+xml	52.30.117.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://user.clicrdv.com/static/media/spinner.8a919991.svg Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.117.90 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-117-90.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 56deda458dd7a9570e44f2f78f942d0b3ff8eec6ac9e085dd28d12c8cb786348 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.clicrdv.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://user.clicrdv.com/mutuelle-familiale-conferences Cookie _hjTLDTest=1; _hjid=3b26469b-15ba-4807-98e2-b19067f94294; _hjFirstSeen=1 Connection keep-alive Referer https://user.clicrdv.com/mutuelle-familiale-conferences User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma public Date Tue, 06 Jul 2021 12:59:28 GMT Content-Encoding gzip Last-Modified Thu, 27 May 2021 14:45:25 GMT Server nginx x-amz-version-id h.LN_LI.JOvG6dq42I4dcFeSG8goKeAA ETag W/"8a91999108f12b2c84a16b7f16b0a710" Vary Accept-Encoding Content-Type image/svg+xml Cache-Control max-age=2592000 public Connection keep-alive Content-Length 655 Expires Thu, 05 Aug 2021 12:59:28 GMT
GET H/1.1	200 OK	clicrdv.99782a44.svg user.clicrdv.com/static/media/	6 KB 3 KB	58ms 57ms	Image image/svg+xml	52.30.117.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://user.clicrdv.com/static/media/clicrdv.99782a44.svg Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/mutuelle-familiale-conferences Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.117.90 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-117-90.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash fbb7df7e4f541d073d71ef022373c66c24aac71ffdb90831b25cf7a1c4be3113 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.clicrdv.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://user.clicrdv.com/mutuelle-familiale-conferences Cookie _hjTLDTest=1; _hjid=3b26469b-15ba-4807-98e2-b19067f94294; _hjFirstSeen=1 Connection keep-alive Referer https://user.clicrdv.com/mutuelle-familiale-conferences User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma public Date Tue, 06 Jul 2021 12:59:28 GMT Content-Encoding gzip Last-Modified Thu, 27 May 2021 14:45:25 GMT Server nginx x-amz-version-id 4LGBOdckWN8lJnlBH3A6RAiw3VR7JdJ6 ETag W/"99782a4435cb9dd156a96a0408ef05ac" Vary Accept-Encoding Content-Type image/svg+xml Cache-Control max-age=2592000 public Connection keep-alive Content-Length 2134 Expires Thu, 05 Aug 2021 12:59:28 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v17/	23 KB 23 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://user.clicrdv.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Jul 2021 05:37:01 GMT x-content-type-options nosniff age 26547 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 06 Jul 2022 05:37:01 GMT
GET H2	200	box-25a418976ea02a6f393fbbe77cec94bb.html Show response vars.hotjar.com/ Frame DE88	2 KB 1 KB	76ms 24ms	Document text/html	13.224.193.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2281691.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.193.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-73.fra2.r.cloudfront.net Software / Resource Hash 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9 Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-25a418976ea02a6f393fbbe77cec94bb.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://user.clicrdv.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://user.clicrdv.com/ Response headers content-type text/html content-length 1044 date Sun, 04 Jul 2021 20:03:42 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br etag "76922233be8bdb14c053af468d29404a" last-modified Mon, 28 Jun 2021 11:17:19 GMT x-amz-server-side-encryption AES256 x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 x-amz-cf-id 2TsKuxxhGRKg0jSL_BZXx8cvR-o2MIvCBi2e933-VoXK1xmFbY6Rbg== age 147345
GET H/1.1	200 OK	current.json Show response www.clicrdv.com/api/v1/sessions/	4 B 1 KB	60ms 60ms	Fetch application/json	54.247.160.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.clicrdv.com/api/v1/sessions/current.json?apikey=71a07e028193455a8b8fa1c7da526291&results=all Requested by Host: user.clicrdv.com URL: https://user.clicrdv.com/static/js/main.98b7a245.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.247.160.137 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-247-160-137.eu-west-1.compute.amazonaws.com Software nginx / Phusion Passenger Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Jul 2021 12:59:30 GMT X-Content-Type-Options nosniff, nosniff X-Powered-By Phusion Passenger Status 200 OK Connection keep-alive Content-Length 4 X-XSS-Protection 1; mode=block, 1; mode=block X-Request-Id c07e9480564baae6872395ef0d5c26dd X-UA-Compatible IE=Edge,chrome=1 X-Runtime 0.004490 Server nginx ETag "37a6259cc0c1dae299a7866489dff0bd" Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains Access-Control-Allow-Methods GET,POST,PUT,DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://user.clicrdv.com Cache-Control must-revalidate, private, max-age=0 Access-Control-Allow-Credentials true Access-Control-Allow-Headers Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token X-Rack-Cache miss
GET H/1.1	200 OK	1612279286.png clicrdv-production-groups.s3-eu-west-1.amazonaws.com/group-196811/logo/raw/	18 KB 19 KB	165ms 57ms	Image image/png	52.218.97.11 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://clicrdv-production-groups.s3-eu-west-1.amazonaws.com/group-196811/logo/raw/1612279286.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.97.11 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash ecd3c0a2139ff2fef90061c984125fdf30d459bec6ec27e81fecb27271edc37f Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Jul 2021 12:59:31 GMT Last-Modified Tue, 02 Feb 2021 15:21:27 GMT Server AmazonS3 x-amz-request-id NVJFRG1HPGSMNJ1R ETag "b7708e0369c9d0f44e337135bfe54692" Content-Type Accept-Ranges bytes Content-Length 18826 x-amz-id-2 JqTwfokPgnohIG6XGxuXcyopw0vCxYd4RBU3U+iEf5XZdfle/UHKccQp6TaNZEmNMVWtmPRhLx8=
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v17/	22 KB 23 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://user.clicrdv.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Jul 2021 05:38:05 GMT x-content-type-options nosniff age 26485 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22992 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:12:12 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 06 Jul 2022 05:38:05 GMT
GET H2	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/45/5/	90 KB 33 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/45/5/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCAJlz2gf4jnYJ9NoQwe-oLRDpyIn0_vmU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 32296b8a57fab2794010293cdfdf70a06f604d659d0e623fa025e182c8e479bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Jul 2021 05:32:13 GMT content-encoding gzip x-content-type-options nosniff age 26840 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33321 x-xss-protection 0 last-modified Tue, 29 Jun 2021 01:13:07 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 06 Jul 2022 05:32:13 GMT
GET H2	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/45/5/	287 KB 88 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/45/5/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCAJlz2gf4jnYJ9NoQwe-oLRDpyIn0_vmU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7a3957b2d8edfd56c90e24b2b208a266f805ddd934ab4c4661e7438b1aab1fb1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Jul 2021 10:27:46 GMT content-encoding gzip x-content-type-options nosniff age 9107 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 89935 x-xss-protection 0 last-modified Tue, 29 Jun 2021 01:13:07 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 06 Jul 2022 10:27:46 GMT
GET H3-29	200	AuthenticationService.Authenticate Show response maps.googleapis.com/maps/api/js/	62 B 83 B	81ms 67ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fuser.clicrdv.com%2Fmutuelle-familiale-conferences&4sAIzaSyCAJlz2gf4jnYJ9NoQwe-oLRDpyIn0_vmU&callback=_xdc_._9he55i&key=AIzaSyCAJlz2gf4jnYJ9NoQwe-oLRDpyIn0_vmU&token=115606 Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps-api-v3/api/js/45/5/common.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash f4806c1287a11d772238360c67210adec97d3594099a2ef8cc31adc8d4744498 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://user.clicrdv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 06 Jul 2021 12:59:33 GMT content-encoding gzip server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control no-cache, must-revalidate content-disposition attachment server-timing gfet4t7; dur=52 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Raven object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| _ object| __core-js_shared__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| _xdc_

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.clicrdv.com/	1970-01-19 19:32:58	Name: _hjFirstSeen Value: 1
			.clicrdv.com/	1970-01-20 04:18:32	Name: _hjid Value: 3b26469b-15ba-4807-98e2-b19067f94294
			.clicrdv.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ravenjs.com
cdnjs.cloudflare.com
clicrdv-production-groups.s3-eu-west-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
polyfill.io
script.hotjar.com
static.hotjar.com
user.clicrdv.com
vars.hotjar.com
www.clicrdv.com
13.224.193.121
13.224.193.73
13.225.87.62
151.101.193.26
2606:4700::6810:125e
2a00:1450:4001:808::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a04:4e42:400::729
52.218.97.11
52.30.117.90
54.247.160.137
1141e3bbeab265111912ea2772b774ad331dc5a75a7eaec430ab3c10a91ffbed
147bbc69ada02cdca64ad72a0159564a5a2643efa09602f7f014459175d6823e
1ada33ac5f1807566074117b97121cd96511217fe5811db0c0a9bab7f9b2b12c
32296b8a57fab2794010293cdfdf70a06f604d659d0e623fa025e182c8e479bd
5470b8f755c724d5ce297fed4765c12fbe9801d8738bbfee2b424703d1f81c50
562c6e44ec0a5134ed08e91c911fd888047b944ea547655453b0ee207d18423b
56deda458dd7a9570e44f2f78f942d0b3ff8eec6ac9e085dd28d12c8cb786348
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
690367be120276875bb34afaeeef026df2604fb2e50af1229c4bcb0df28be0f6
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7a3957b2d8edfd56c90e24b2b208a266f805ddd934ab4c4661e7438b1aab1fb1
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
96124de6adf694d17156bc387b0a30f8763a28b4703d88f8f980bb50806573b6
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
b1ce3150046b19057ed5b226d0f73a9a41993516cfa60694619376975945a572
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4
ecd3c0a2139ff2fef90061c984125fdf30d459bec6ec27e81fecb27271edc37f
f4806c1287a11d772238360c67210adec97d3594099a2ef8cc31adc8d4744498
fbb7df7e4f541d073d71ef022373c66c24aac71ffdb90831b25cf7a1c4be3113