urlscan.io logo urlscan.io
SecurityTrails logo

domains.salenture.com Open in urlscan Pro
212.51.156.223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://puff-puff.ch/
Effective URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Submission: On July 19 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 43 HTTP transactions. The main IP is 212.51.156.223, located in Zurich, Switzerland and belongs to INIT7, CH. The main domain is domains.salenture.com.
TLS certificate: Issued by GoGetSSL RSA DV CA on May 3rd 2024. Valid for: a year.
This is the only time domains.salenture.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 212.51.156.223 13030 (INIT7)
3 172.67.197.82 13335 (CLOUDFLAR...)
1 151.101.128.176 54113 (FASTLY)
1 151.101.192.176 54113 (FASTLY)
43 4
39    212.51.156.223 (Zurich, Switzerland)

ASN13030 (INIT7, CH)
PTR: mx.mailr.ch
puff-puff.ch
domains.salenture.com
app.clientlink.ch
fonts.salenture.com
app.web-forms.ch
proofr.co
trk.cloud
www.clientlink.ch
3    172.67.197.82 (United States)

ASN13335 (CLOUDFLARENET, US)
s3.clientlink.ch
1    151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
Domain Requested by
14 app.web-forms.ch domains.salenture.com
app.clientlink.ch
13 app.clientlink.ch domains.salenture.com
4 proofr.co domains.salenture.com
proofr.co
3 s3.clientlink.ch domains.salenture.com
3 trk.cloud domains.salenture.com
trk.cloud
2 js.stripe.com app.clientlink.ch
js.stripe.com
2 fonts.salenture.com domains.salenture.com
1 www.clientlink.ch domains.salenture.com
1 domains.salenture.com
1 puff-puff.ch 1 redirects
43 10
Subject Issuer Validity Valid
*.salenture.com
GoGetSSL RSA DV CA		 2024-05-03 -
2025-06-01		 a year crt.sh
clientlink.ch
E5		 2024-06-29 -
2024-09-27		 3 months crt.sh
web-forms.ch
E5		 2024-06-16 -
2024-09-14		 3 months crt.sh
proofr.co
E5		 2024-06-29 -
2024-09-27		 3 months crt.sh
trk.cloud
E5		 2024-06-29 -
2024-09-27		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2024-09-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://domains.salenture.com/parked/?domain=puff-puff.ch
Frame ID: 3F93DDA773A96BC034E85641825858FD
Requests: 42 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 9D7BB594C01E76F7C74DD92D3F4D6D7D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Domain parked by Salenture LLC

Page URL History Show full URLs

  1. https://puff-puff.ch/ HTTP 302
    https://domains.salenture.com/parked/?domain=puff-puff.ch Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

4
IPs

2
Countries

1701 kB
Transfer

3662 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://puff-puff.ch/ HTTP 302
    https://domains.salenture.com/parked/?domain=puff-puff.ch Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
domains.salenture.com/parked/
Redirect Chain
  • https://puff-puff.ch/
  • https://domains.salenture.com/parked/?domain=puff-puff.ch
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
eb271878aaec967f5146c3760d0e1e380d67a6188466e4edbff87157c4cbd759

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
7200
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
5396
content-type
text/html; charset=UTF-8
date
Fri, 19 Jul 2024 09:22:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 19 Jul 2024 09:22:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://domains.salenture.com/parked/?domain=puff-puff.ch
pragma
no-cache
server
nginx
bootstrap.min.css
app.clientlink.ch/themes/altum/assets/css/ 		197 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/css/bootstrap.min.css?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
9e72314f22d13c2a829f7734e0d97a1f887689096d80dedd8463f1682f7c107f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sun, 14 Apr 2024 12:24:00 GMT
server
nginx
etag
"312ce-6160d94607800-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
36815
custom.css
app.clientlink.ch/themes/altum/assets/css/ 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/css/custom.css?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
058d80a20649f56acb8076f3681dea82babd206c7224f2205bbe1a64a9bc5d46
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Tue, 16 Apr 2024 01:17:55 GMT
server
nginx
etag
"63b6-6162c81f5b6c0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6942
link-custom.css
app.clientlink.ch/themes/altum/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/css/link-custom.css?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
047b3c5bbd4336b440e69e0054fc1074f7d8901ae41ddfe4cd5310463d75771f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sat, 13 Apr 2024 22:51:18 GMT
server
nginx
etag
"124a-6160239ef6580-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1454
animate.min.css
app.clientlink.ch/themes/altum/assets/css/ 		70 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/css/animate.min.css?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Wed, 02 Dec 2020 21:46:07 GMT
server
nginx
etag
"11847-5b5822bb1c5c0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6604
css
fonts.salenture.com/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.salenture.com/css?family=Cousine:400&display=swap
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
053e31569485f7a3f57f89e0f6d3fff4b15ef5d9035cab312affc354da0f1cae

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
last-modified
Wed, 17 Jul 2024 13:12:25 GMT
server
nginx
content-type
text/css; charset=utf-8
access-control-allow-origin
*
status
200
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
</font/cousine/v27/d6lIkaiiRdih4SpP_SQvzBTu39g.woff2>; as=font; rel=preload; crossorigin=anonymous
content-length
2968
expires
Sat, 19 Jul 2025 09:22:03 GMT
jquery.min.js
app.clientlink.ch/themes/altum/assets/js/libraries/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Tue, 12 Sep 2023 19:54:10 GMT
server
nginx
etag
"155ed-6052ece6abc80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
34204
popper.min.js
app.clientlink.ch/themes/altum/assets/js/libraries/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/js/libraries/popper.min.js?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
b4ef79d3c83a6b1166c2b95c6aee7c66d5aae727d1d70ba7a52478ea13f81baf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Fri, 15 Dec 2023 19:04:39 GMT
server
nginx
etag
"52c9-60c91126a1fc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
8117
bootstrap.min.js
app.clientlink.ch/themes/altum/assets/js/libraries/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/js/libraries/bootstrap.min.js?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
8c1dea3ffbb8a0974366fc2c7748d4db4f7ff15e0d6d1dc9f18e7d52a366414b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 30 Nov 2023 00:33:26 GMT
server
nginx
etag
"f43a-60b53ccc64180-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
18305
custom.js
app.clientlink.ch/themes/altum/assets/js/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/js/custom.js?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
4da49b6240750a0172d532fb1ca2a359ef9653a9b962a5ef0c1e1d979f2ead1e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sun, 31 Mar 2024 00:10:14 GMT
server
nginx
etag
"977d-614e9b271c580-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
10597
fontawesome.min.js
app.clientlink.ch/themes/altum/assets/js/libraries/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/js/libraries/fontawesome.min.js?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
9d86a276aee130232fa0ef2134c750628acac1072a31e35eb7d65624652f549d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Tue, 01 Aug 2023 14:27:00 GMT
server
nginx
etag
"de1f-601dd570af500-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
17972
fontawesome-solid.min.js
app.clientlink.ch/themes/altum/assets/js/libraries/ 		807 KB
317 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/js/libraries/fontawesome-solid.min.js?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
f9442a526f76a4fad3bc9c7b8e7e7a9041f507649c9c8ca653f8ab4ce0d3dc02
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Tue, 01 Aug 2023 14:27:00 GMT
server
nginx
etag
"c9b9e-601dd570af500-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
fontawesome-brands.min.js
app.clientlink.ch/themes/altum/assets/js/libraries/ 		465 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/js/libraries/fontawesome-brands.min.js?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
a53e31edb30f99af3ca1057b04b78ffd82306614059042531adea8ee830a25e3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Wed, 16 Aug 2023 12:02:59 GMT
server
nginx
etag
"7448c-60309139e62c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
/
app.web-forms.ch/js/forms/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/js/forms/
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
5dd7e962f2a62600f7abe07e2f0ef54194a6082d853b63e6d088ef4b851a2f72
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Fri, 22 Sep 2023 20:43:30 GMT
server
nginx
etag
"f1e6-605f8a9428080;586f13f223500
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
16105
kpvesn7h9mzko0z4zj65ptx3z6xjrpg6
proofr.co/pixel/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proofr.co/pixel/kpvesn7h9mzko0z4zj65ptx3z6xjrpg6
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
f7edd882e6793c094d23fc3bb878aecea45a8989c8a6e34dc38b1a447645795c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
application/javascript
pragma
cache
date
Fri, 19 Jul 2024 09:22:03 GMT
cache-control
max-age=0
strict-transport-security
max-age=15768000
server
nginx
expires
Fri, 19 Jul 2024 09:22:03 GMT
dahuNbIBz0QyizKW
trk.cloud/pixel/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.cloud/pixel/dahuNbIBz0QyizKW
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
444aa61af8114bf6ea5a53452db4474e3c1b5c0b41ea9a995d0d8bfe58de6004

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
application/javascript
pragma
cache
date
Fri, 19 Jul 2024 09:22:03 GMT
cache-control
max-age=300
server
nginx
expires
Fri, 19 Jul 2024 09:27:03 GMT
cookieconsent.js
app.clientlink.ch/themes/altum/assets/js/libraries/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/js/libraries/cookieconsent.js?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
a2ebe94c6a241ea1f9fe16c39c0b25784a704e16eb438fa4d1553b3d6b5f9bd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sat, 15 Jan 2022 18:48:43 GMT
server
nginx
etag
"4c2d-5d5a35e5b98c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7614
cookieconsent.css
app.clientlink.ch/themes/altum/assets/css/libraries/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.clientlink.ch/themes/altum/assets/css/libraries/cookieconsent.css?v=4700
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
713c305fa514ddda2c9ffcd85be5eb9dfb53b94d95b53665f1dfd21e9782096d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Wed, 27 Sep 2023 19:21:29 GMT
server
nginx
etag
"5b32-6065c1926e040-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5760
d6lIkaiiRdih4SpP_SQvzBTu39g.woff2
fonts.salenture.com/font/cousine/v27/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.salenture.com/font/cousine/v27/d6lIkaiiRdih4SpP_SQvzBTu39g.woff2
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
b23e5292b9568e78f9a8d6658a4f739983a3b7f4ea9332fe4acaa6e6f010f85d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://domains.salenture.com/
Origin
https://domains.salenture.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Aug 2023 17:53:13 GMT
server
nginx
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
9348
expires
Sat, 19 Jul 2025 09:22:03 GMT
cb4cf7173a9317c47e0eeeb2fd9ae58f.jpg
s3.clientlink.ch/uploads/backgrounds/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.clientlink.ch/uploads/backgrounds/cb4cf7173a9317c47e0eeeb2fd9ae58f.jpg
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b5e5565c7dfca0d536091f6fcf7421db9762d32cae75ef04a43cb57b548455

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CEFE887AAAA3C4FF:A
alt-svc
h3=":443"; ma=86400
content-length
82484
x-amz-id-2
o74PD65FebM490w88uKu4MTX3y3BC0mLv0m24vanulSjtacFseackYaQlwoFr1/TY36fGIXOkgqN
last-modified
Tue, 15 Feb 2022 13:28:57 GMT
server
cloudflare
etag
"6dc7a8707c34fc1bc9d9da9c62ead712"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zUVbQhgd38IC3e50JlWGIr1QYDaYpFJ%2FWmRRSWQMY6EkpyuixjLlQYimVMM%2BSKubwqFoUFZ4rzOAzALAdCjc4IvpzbtjaeIPDSe8TeI7B2t58M4X0QJ2cZ9EcdeHN0Im5TDy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a59a51359055249-MXP
95c72b3f109aaf2814eab3adf9a24202.svg
s3.clientlink.ch/uploads/avatars/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.clientlink.ch/uploads/avatars/95c72b3f109aaf2814eab3adf9a24202.svg
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89a87c8bb59b816c96fbde5febb1d472a1b7e6b3069faaf597d9b6c35b276cc

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 08 May 2024 11:16:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
1E525B75E82E72EB:A
etag
W/"b2e435a2caa2defc493ebf36168427a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ed9cIU0dLmq%2B5OnsXLcavJaJ6Ur0RtZFP5q%2FWT1l9jBZTaBAnOQqZ89JTB3IwXeQSJ6SLo3kwbgr22VOMdbqgJZW4Ve4OMuXNtPe0kJGxghbBs%2FymUexGVusX398cFXMekyV"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a59a51359075249-MXP
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2yIIK0+K6n7Xf3JJB4W8m6VRu15m1Q4aw66cCPQ2I5vBI46DP1fq/HG1ycO9WSpIhusiMtuyA26P
pixel.css
proofr.co/themes/altum/assets/css/ 		59 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://proofr.co/themes/altum/assets/css/pixel.css
Requested by
Host: proofr.co
URL: https://proofr.co/pixel/kpvesn7h9mzko0z4zj65ptx3z6xjrpg6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
ab4ab73345fe0458c7cede24bf4b0a4a405e9893f6d1bab52214838674086c57
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 09 May 2024 14:42:05 GMT
server
nginx
etag
"ebee-618066c3be940-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8822
kpvesn7h9mzko0z4zj65ptx3z6xjrpg6
proofr.co/pixel-track/ 		0
206 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://proofr.co/pixel-track/kpvesn7h9mzko0z4zj65ptx3z6xjrpg6
Requested by
Host: proofr.co
URL: https://proofr.co/pixel/kpvesn7h9mzko0z4zj65ptx3z6xjrpg6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
strict-transport-security
max-age=15768000
server
nginx
access-control-max-age
7200
access-control-allow-methods
POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type
content-length
0
dahuNbIBz0QyizKW
trk.cloud/pixel-track/ 		0
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trk.cloud/pixel-track/dahuNbIBz0QyizKW
Requested by
Host: trk.cloud
URL: https://trk.cloud/pixel/dahuNbIBz0QyizKW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarylgEvfiM5hYKnOQRD

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
server
nginx
access-control-max-age
7200
access-control-allow-methods
POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type
content-length
0
/
app.web-forms.ch/submit/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/submit/?callback=jQuery37106183125879742142_1721380923382&action=leform-remote-init&form-ids=&hostname=domains.salenture.com&_=1721380923383
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
dcc28a7473860bf3d1a9cbf2bd71ac1c2774246c2fb408543a15b022ecff2fca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 09:22:03 GMT
strict-transport-security
max-age=15768000
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
style.min.css
app.web-forms.ch/content/plugins/halfdata-green-forms/css/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/css/style.min.css?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
da11cc58f2d057063e21dbcefa3c5ef668ac61e8bbb003fa429e9746be6119e2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Mon, 17 May 2021 09:36:38 GMT
server
nginx
etag
"b390-5c28354841580-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
8855
fontawesome-all.min.css
app.web-forms.ch/content/plugins/halfdata-green-forms/css/ 		53 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/css/fontawesome-all.min.css?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
df9cd9ad71b6e1cafb9f05410ad16ecd39f952ebedd0a4d3067e7e46d49eb9f1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sat, 30 Mar 2019 03:46:24 GMT
server
nginx
etag
"d482-58547a19ac400-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
13370
leform-if.min.css
app.web-forms.ch/content/plugins/halfdata-green-forms/css/ 		1 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/css/leform-if.min.css?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
25be3572eb9864e1bd684a3240bb99b15b27039e1ef638ed47bef3100ef22a6a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Tue, 20 Aug 2019 11:57:34 GMT
server
nginx
etag
"538-5908b2975e780-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
453
airdatepicker.min.css
app.web-forms.ch/content/plugins/halfdata-green-forms/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/css/airdatepicker.min.css?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
96445df43391ad6a6a2e38ee29c8224ef1dea874ebe3f866448b0e0a0cca8a07
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sat, 30 Mar 2019 03:46:24 GMT
server
nginx
etag
"436a-58547a19ac400-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
2878
ion.rangeSlider.min.css
app.web-forms.ch/content/plugins/halfdata-green-forms/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/css/ion.rangeSlider.min.css?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
dde40be619861c404cb805290f7ac7366d34c1378717f0dfbb049b669b11d26f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sun, 16 Dec 2018 10:16:52 GMT
server
nginx
etag
"2b4c-57d20f686ad00-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
2565
tooltipster.bundle.min.css
app.web-forms.ch/content/plugins/halfdata-green-forms/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/css/tooltipster.bundle.min.css?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
8ba82dce1d511af3606ab80965765d2ebcc17710da5c9fb6ad7a333b10ef375b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Mon, 27 May 2019 04:07:14 GMT
server
nginx
etag
"27cf-589d6aee80080-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1674
signature_pad.min.js
app.web-forms.ch/content/plugins/halfdata-green-forms/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/js/signature_pad.min.js?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
e19c1c84afb0e835102a5f86d216d5dc6765c6184ef3a0645aea14f950776522
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Mon, 29 Apr 2019 11:49:00 GMT
server
nginx
etag
"1cd2-587a9dec18300-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
2713
airdatepicker.min.js
app.web-forms.ch/content/plugins/halfdata-green-forms/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/js/airdatepicker.min.js?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
be12ac049653515549aa5ab45f642586c9a423c94cd0ba52a201b7f3d8399043
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Tue, 15 Jun 2021 10:53:06 GMT
server
nginx
etag
"aa3e-5c4cbc7614880-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
13927
ion.rangeSlider.min.js
app.web-forms.ch/content/plugins/halfdata-green-forms/js/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/js/ion.rangeSlider.min.js?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
abe76f762e324ff4d719bc15a4ebfdc9dbd90d14fe67a34ef265eecf7dc5a4c7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sun, 16 Dec 2018 10:16:52 GMT
server
nginx
etag
"a0a7-57d20f686ad00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
10258
tooltipster.bundle.min.js
app.web-forms.ch/content/plugins/halfdata-green-forms/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/js/tooltipster.bundle.min.js?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Mon, 29 Jan 2018 09:02:22 GMT
server
nginx
etag
"9bdc-563e681088380-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
11727
jsep.min.js
app.web-forms.ch/content/plugins/halfdata-green-forms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/js/jsep.min.js?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
574e851430fbce7717dc14907cc58638989855ebdd3fe81b8394ec905d066b4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sat, 30 Mar 2019 03:46:26 GMT
server
nginx
etag
"1330-58547a1b94880-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
2153
jquery.mask.min.js
app.web-forms.ch/content/plugins/halfdata-green-forms/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.web-forms.ch/content/plugins/halfdata-green-forms/js/jquery.mask.min.js?ver=1.5
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Sat, 30 Mar 2019 03:46:26 GMT
server
nginx
etag
"1ff9-58547a1b94880-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
3580
/
js.stripe.com/v3/ 		624 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.clientlink.ch
URL: https://app.clientlink.ch/themes/altum/assets/js/libraries/jquery.min.js?v=4700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8c5cc1ae788933322036a4d95cc37d0187079eb65fb6d734fa05b1b55b9ddd4c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 19 Jul 2024 09:22:03 GMT
via
1.1 varnish
age
39
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
154829
x-request-id
d7770e4c-595c-4a7d-b0ed-47eca3f013c5
x-served-by
cache-mxp6961-MXP
last-modified
Fri, 19 Jul 2024 00:22:19 GMT
server
Fastly
etag
"b33a61474081891d9e749cac02061f47"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
19
clientlink-header.png
www.clientlink.ch/assets/img/web/ 		610 KB
612 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clientlink.ch/assets/img/web/clientlink-header.png
Requested by
Host: domains.salenture.com
URL: https://domains.salenture.com/parked/?domain=puff-puff.ch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
b1e5707c9d95fecd6e5ee5439db7328f11770b3ed43fb5b3c0fbd89643744924
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:03 GMT
strict-transport-security
max-age=15768000
last-modified
Mon, 28 Feb 2022 07:40:45 GMT
server
nginx
etag
"9882f-5d90f2a9939d8"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
624687
dahuNbIBz0QyizKW
trk.cloud/pixel-track/ 		0
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trk.cloud/pixel-track/dahuNbIBz0QyizKW
Requested by
Host: trk.cloud
URL: https://trk.cloud/pixel/dahuNbIBz0QyizKW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary3iZt8sQVbE8godXA

Response headers

date
Fri, 19 Jul 2024 09:22:04 GMT
server
nginx
access-control-max-age
7200
access-control-allow-methods
POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type
content-length
0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 9D7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://domains.salenture.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
18830960
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 19 Jul 2024 09:22:03 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
417431
x-content-type-options
nosniff
x-request-id
ab66b49a-9859-4a95-acec-f02fd1dc29bc
x-served-by
cache-mxp6924-MXP
9a666a7819400494b4ee0a571a27f40f.png
s3.clientlink.ch/uploads/favicons/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.clientlink.ch/uploads/favicons/9a666a7819400494b4ee0a571a27f40f.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b2f6c45e87d58f62b080886c90195fd07511df443a1bfc37c1f239db12891a9

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 09:22:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8461632AC993F247:B
alt-svc
h3=":443"; ma=86400
content-length
1252
x-amz-id-2
PItOmRMyE78+Y3/ws3Uu3/YzZoOelcUvIb0k/gRw9PNeoCITN94281tvbNUZ5Fy/D7ahn14fBiTl
last-modified
Tue, 15 Feb 2022 13:29:02 GMT
server
cloudflare
etag
"98876c73af4087196847a33e5334e4ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UsEs%2F0D5xaumkS5pI7QxEcnMDQdXFFYWmIOc0u2RY3IWatZVO2810OFdTXML%2BaM68ApxnM%2FAwYQ7ymd0P0T4wOPvtThK3pAT3qyEZMIBDVjF5XfeOToVQ1UqLCemcXd422%2Fo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a59a517c8d15249-MXP
kpvesn7h9mzko0z4zj65ptx3z6xjrpg6
proofr.co/pixel-track/ 		0
206 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://proofr.co/pixel-track/kpvesn7h9mzko0z4zj65ptx3z6xjrpg6
Requested by
Host: proofr.co
URL: https://proofr.co/pixel/kpvesn7h9mzko0z4zj65ptx3z6xjrpg6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.51.156.223 Zurich, Switzerland, ASN13030 (INIT7, CH),
Reverse DNS
mx.mailr.ch
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://domains.salenture.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 Jul 2024 09:22:05 GMT
strict-transport-security
max-age=15768000
server
nginx
access-control-max-age
7200
access-control-allow-methods
POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type
content-length
0

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| altum function| $ function| jQuery function| Popper object| bootstrap object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome object| leform_vars object| leform_consts object| leform_seq_pages object| leform_signatures object| leform_uploads object| leform_sessions object| leform_customjs_handlers object| e function| leform_ready function| leform_resize function| leform_datepicker_init function| leform_rangeslider_init function| leform_tooltips_init function| leform_signature_init function| leform_timepicker_init function| leform_popup_open function| _leform_popup_open function| leform_popup_active_close function| _leform_close function| leform_multiselect_changed function| leform_input_changed function| _leform_number_changed function| leform_number_unfocused function| leform_numspinner_inc function| leform_numspinner_dec function| leform_is_visible function| leform_handle_visibility function| leform_mask_init function| leform_submit function| leform_popup_message_open function| leform_popup_message_close function| leform_handle_math function| leform_jsep_calc function| leform_consts_update function| leform_reset_form function| leform_track function| leform_uploader_files_selected function| leform_uploader_file_delete function| leform_uploader_start function| leform_uploader_finish function| leform_uploader_progress function| leform_payumoney_checkout function| leform_get_field_value function| leform_set_field_value function| leform_global_message_show function| leform_date function| leform_date_str function| leform_time24_str function| leform_query_parameter function| leform_extract_number function| leform_escape_html function| leform_is_numeric function| leform_read_cookie function| leform_write_cookie function| leform_utf8encode function| leform_encode64 function| leform_utf8decode function| leform_decode64 function| initCookieConsent function| SignaturePad function| jsep object| $jscomp object| webpackChunkStripeJSouter function| noop function| Stripe object| trk_cloud

6 Cookies

Domain/Path Name / Value
puff-puff.ch/ Name: PHPSESSID
Value: a17d1c89e5b2ed4487f5672aef959814
domains.salenture.com/ Name: PHPSESSID
Value: 0ec3961f77f8cea1681db54a53a85aa3
app.web-forms.ch/ Name: PHPSESSID
Value: e99b46707ef992a523f2b692d37079b6
m.stripe.com/ Name: m
Value: 03f0a547-6a50-49e9-81a4-550f522b4a37750295
.domains.salenture.com/ Name: __stripe_mid
Value: 4a60d99d-fe6b-4992-90ba-3453d2b6114563bc20
.domains.salenture.com/ Name: __stripe_sid
Value: f552c20e-b32f-429d-b2c4-848333f9941208d42f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clientlink.ch
app.web-forms.ch
domains.salenture.com
fonts.salenture.com
js.stripe.com
proofr.co
puff-puff.ch
s3.clientlink.ch
trk.cloud
www.clientlink.ch
151.101.128.176
151.101.192.176
172.67.197.82
212.51.156.223
047b3c5bbd4336b440e69e0054fc1074f7d8901ae41ddfe4cd5310463d75771f
053e31569485f7a3f57f89e0f6d3fff4b15ef5d9035cab312affc354da0f1cae
058d80a20649f56acb8076f3681dea82babd206c7224f2205bbe1a64a9bc5d46
05b5e5565c7dfca0d536091f6fcf7421db9762d32cae75ef04a43cb57b548455
25be3572eb9864e1bd684a3240bb99b15b27039e1ef638ed47bef3100ef22a6a
2b2f6c45e87d58f62b080886c90195fd07511df443a1bfc37c1f239db12891a9
444aa61af8114bf6ea5a53452db4474e3c1b5c0b41ea9a995d0d8bfe58de6004
4da49b6240750a0172d532fb1ca2a359ef9653a9b962a5ef0c1e1d979f2ead1e
574e851430fbce7717dc14907cc58638989855ebdd3fe81b8394ec905d066b4d
5dd7e962f2a62600f7abe07e2f0ef54194a6082d853b63e6d088ef4b851a2f72
713c305fa514ddda2c9ffcd85be5eb9dfb53b94d95b53665f1dfd21e9782096d
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
8ba82dce1d511af3606ab80965765d2ebcc17710da5c9fb6ad7a333b10ef375b
8c1dea3ffbb8a0974366fc2c7748d4db4f7ff15e0d6d1dc9f18e7d52a366414b
8c5cc1ae788933322036a4d95cc37d0187079eb65fb6d734fa05b1b55b9ddd4c
96445df43391ad6a6a2e38ee29c8224ef1dea874ebe3f866448b0e0a0cca8a07
9d86a276aee130232fa0ef2134c750628acac1072a31e35eb7d65624652f549d
9e72314f22d13c2a829f7734e0d97a1f887689096d80dedd8463f1682f7c107f
a2ebe94c6a241ea1f9fe16c39c0b25784a704e16eb438fa4d1553b3d6b5f9bd3
a53e31edb30f99af3ca1057b04b78ffd82306614059042531adea8ee830a25e3
ab4ab73345fe0458c7cede24bf4b0a4a405e9893f6d1bab52214838674086c57
abe76f762e324ff4d719bc15a4ebfdc9dbd90d14fe67a34ef265eecf7dc5a4c7
b1e5707c9d95fecd6e5ee5439db7328f11770b3ed43fb5b3c0fbd89643744924
b23e5292b9568e78f9a8d6658a4f739983a3b7f4ea9332fe4acaa6e6f010f85d
b4ef79d3c83a6b1166c2b95c6aee7c66d5aae727d1d70ba7a52478ea13f81baf
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
be12ac049653515549aa5ab45f642586c9a423c94cd0ba52a201b7f3d8399043
da11cc58f2d057063e21dbcefa3c5ef668ac61e8bbb003fa429e9746be6119e2
dcc28a7473860bf3d1a9cbf2bd71ac1c2774246c2fb408543a15b022ecff2fca
dde40be619861c404cb805290f7ac7366d34c1378717f0dfbb049b669b11d26f
df9cd9ad71b6e1cafb9f05410ad16ecd39f952ebedd0a4d3067e7e46d49eb9f1
e19c1c84afb0e835102a5f86d216d5dc6765c6184ef3a0645aea14f950776522
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89a87c8bb59b816c96fbde5febb1d472a1b7e6b3069faaf597d9b6c35b276cc
eb271878aaec967f5146c3760d0e1e380d67a6188466e4edbff87157c4cbd759
f7edd882e6793c094d23fc3bb878aecea45a8989c8a6e34dc38b1a447645795c
f9442a526f76a4fad3bc9c7b8e7e7a9041f507649c9c8ca653f8ab4ce0d3dc02
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a