urlscan.io logo urlscan.io
SecurityTrails logo

newpatientsflow.com Open in urlscan Pro
35.209.108.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.opportunitytrack.com/
Effective URL: https://newpatientsflow.com/
Submission: On April 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 30 HTTP transactions. The main IP is 35.209.108.95, located in Council Bluffs, United States and belongs to GOOGLE-2, US. The main domain is newpatientsflow.com.
TLS certificate: Issued by R3 on March 18th 2021. Valid for: 3 months.
This is the only time newpatientsflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    35.209.108.95 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 95.108.209.35.bc.googleusercontent.com
www.opportunitytrack.com
practicetreatmentplan.com
newpatientsflow.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    18.236.108.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-236-108-148.us-west-2.compute.amazonaws.com
platform.swellcx.com
4    2a02:26f0:7100::687e:24b0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.adroll.com
2    63.35.200.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-200-21.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
d.adroll.com
Domain Requested by
13 newpatientsflow.com newpatientsflow.com
4 s.adroll.com 1 redirects newpatientsflow.com
s.adroll.com
4 platform.swellcx.com newpatientsflow.com
platform.swellcx.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com newpatientsflow.com
1 d.adroll.com
1 d.adroll.mgr.consensu.org 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com newpatientsflow.com
1 practicetreatmentplan.com 1 redirects
1 www.opportunitytrack.com 1 redirects
30 12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
bit.ly
Subject Issuer Validity Valid
newpatientsflow.com
R3		 2021-03-18 -
2021-06-16		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
platform.swellcx.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
adroll.com
R3		 2021-03-30 -
2021-06-28		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://newpatientsflow.com/
Frame ID: 88599C1CFE5486098E6A13151AB3646E
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.opportunitytrack.com/ HTTP 301
    https://practicetreatmentplan.com/ HTTP 301
    https://newpatientsflow.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

30
Requests

100 %
HTTPS

70 %
IPv6

11
Domains

12
Subdomains

11
IPs

4
Countries

948 kB
Transfer

22365 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.opportunitytrack.com/ HTTP 301
    https://practicetreatmentplan.com/ HTTP 301
    https://newpatientsflow.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://s.adroll.com/j/exp/CPKHPQ47SJEOLCFHFQ7AZ6/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 27
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/CPKHPQ47SJEOLCFHFQ7AZ6?_s=1255c6df1016e2562d71487614a15f69&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/CPKHPQ47SJEOLCFHFQ7AZ6/?_s=1255c6df1016e2562d71487614a15f69&_b=2

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newpatientsflow.com/
Redirect Chain
  • https://www.opportunitytrack.com/
  • https://practicetreatmentplan.com/
  • https://newpatientsflow.com/
48 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
405977762746dab45e4c9c54cc68502ba5abe03ae8e6fb12c46059a8b8850ed8

Request headers

:method
GET
:authority
newpatientsflow.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Thu, 22 Apr 2021 06:47:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding,User-Agent
last-modified
Thu, 22 Apr 2021 00:21:04 GMT
cache-control
max-age=0
expires
Thu, 22 Apr 2021 06:47:58 GMT
x-httpd
1
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_MAX_AGE_ZERO
content-encoding
br

Redirect headers

server
nginx
date
Thu, 22 Apr 2021 06:47:58 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://newpatientsflow.com/
x-redirect-by
WordPress
cache-control
max-age=0
expires
Thu, 22 Apr 2021 06:47:57 GMT
x-httpd
1
vary
User-Agent,Accept-Encoding
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_ALREADY_EXPIRED
98cdcd9ebfbc288bc217bc08ce3561b3.css
newpatientsflow.com/wp-content/cache/min/1/ 		460 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ff07958363c46bd09080d1f5052bfb6acefe45645958532f902417e9d19cb033

Request headers

:path
/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
content-encoding
br
last-modified
Wed, 24 Mar 2021 14:35:08 GMT
server
nginx
etag
W/"605b4e1c-72e00"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 22 Apr 2022 06:47:59 GMT
css
fonts.googleapis.com/ 		3 KB
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C700%7CBree+Serif%3A400&ver=5.7.1&display=swap
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6d052eb66fb774787716454fa9ac455c314e86155cca6514968203683586c30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Apr 2021 06:48:05 GMT
server
ESF
date
Thu, 22 Apr 2021 06:48:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Apr 2021 06:48:05 GMT
jquery.min.js
newpatientsflow.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
content-encoding
br
last-modified
Sun, 13 Dec 2020 19:33:01 GMT
server
nginx
etag
W/"5fd66c6d-15d98"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 22 Apr 2022 06:47:59 GMT
js
www.googletagmanager.com/gtag/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92515803-1
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe64a924ec237ed2d13368c8b5a4a8684d40ae178500fb204867bde12515fdb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:48:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37487
x-xss-protection
0
last-modified
Thu, 22 Apr 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Apr 2021 06:48:05 GMT
Flow-White-2-1.png
newpatientsflow.com/wp-content/uploads/2020/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newpatientsflow.com/wp-content/uploads/2020/01/Flow-White-2-1.png
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5e95b52f9b7d39ded09fe718cb77c3b6b1a68a2eb2ec109bcd9c13a06b7182e

Request headers

:path
/wp-content/uploads/2020/01/Flow-White-2-1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
last-modified
Thu, 23 Jan 2020 19:03:35 GMT
server
nginx
etag
"5e29ee07-101c"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
4124
expires
Fri, 22 Apr 2022 06:47:59 GMT
lazyload.min.js
newpatientsflow.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

:path
/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 09:46:03 GMT
server
nginx
etag
W/"60780b5b-1ed2"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 22 Apr 2022 06:47:59 GMT
ba2fa1359c35cfd25dd4828c53672e00.js
newpatientsflow.com/wp-content/cache/min/1/ 		127 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/wp-content/cache/min/1/ba2fa1359c35cfd25dd4828c53672e00.js
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ffa2027e43a01bb576c018fba47a9d06bdf4ff6f74860b18ed5f5b4b56fd641f

Request headers

:path
/wp-content/cache/min/1/ba2fa1359c35cfd25dd4828c53672e00.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
content-encoding
br
last-modified
Wed, 24 Mar 2021 14:35:08 GMT
server
nginx
etag
W/"605b4e1c-1fda9"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Fri, 22 Apr 2022 06:47:59 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86b3002b7c6b7142f73abcefdad865d2203a93a88c7c8631c81ad9026c2df194

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a17fafc92a94b1b23539db5cac58e62eae97890e95ae1e2fc5fb5203a8843484

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ptp-hero.jpg
newpatientsflow.com/wp-content/uploads/2019/10/ 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newpatientsflow.com/wp-content/uploads/2019/10/ptp-hero.jpg
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
152d9063242426d0f6e71d2aa5a0abeb7313b1d7d1b14c4d76504bd63ba2b3bb

Request headers

:path
/wp-content/uploads/2019/10/ptp-hero.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
last-modified
Thu, 17 Oct 2019 17:04:37 GMT
server
nginx
etag
"5da89f25-33af6"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
211702
expires
Fri, 22 Apr 2022 06:47:59 GMT
female-dentist-1.jpg
newpatientsflow.com/wp-content/uploads/2019/08/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newpatientsflow.com/wp-content/uploads/2019/08/female-dentist-1.jpg
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c55f78263b344ad5a22ff3ac43cdcea0b561295909c5dd8b01793ec25af4761d

Request headers

:path
/wp-content/uploads/2019/08/female-dentist-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
last-modified
Thu, 17 Oct 2019 17:10:28 GMT
server
nginx
etag
"5da8a084-1c5fd"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
116221
expires
Fri, 22 Apr 2022 06:47:59 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C700%7CBree+Serif%3A400&ver=5.7.1&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newpatientsflow.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 02:14:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
age
189223
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
expires
Wed, 20 Apr 2022 02:14:22 GMT
fa-brands-400.woff2
newpatientsflow.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

:path
/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/fa-brands-400.woff2
pragma
no-cache
origin
https://newpatientsflow.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://newpatientsflow.com
Referer
https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
last-modified
Thu, 11 Mar 2021 00:48:32 GMT
server
nginx
etag
"604968e0-1327c"
x-proxy-cache-info
DT:1
content-type
font/woff2
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
78460
expires
Fri, 22 Apr 2022 06:47:59 GMT
4UaHrEJCrhhnVA3DgluA96rp5w.woff2
fonts.gstatic.com/s/breeserif/v10/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/breeserif/v10/4UaHrEJCrhhnVA3DgluA96rp5w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C700%7CBree+Serif%3A400&ver=5.7.1&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58531195a13c2e27f80585ff21be799eba0ded3b5d93a777f143ac9a214d43f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newpatientsflow.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 06:10:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:30:48 GMT
server
sffe
age
347847
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10368
x-xss-protection
0
expires
Mon, 18 Apr 2022 06:10:38 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C700%7CBree+Serif%3A400&ver=5.7.1&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newpatientsflow.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:03:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
age
17102
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:03:03 GMT
fa-solid-900.woff2
newpatientsflow.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

:path
/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/fa-solid-900.woff2
pragma
no-cache
origin
https://newpatientsflow.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://newpatientsflow.com
Referer
https://newpatientsflow.com/wp-content/cache/min/1/98cdcd9ebfbc288bc217bc08ce3561b3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
last-modified
Thu, 11 Mar 2021 00:48:32 GMT
server
nginx
etag
"604968e0-139ac"
x-proxy-cache-info
DT:1
content-type
font/woff2
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
80300
expires
Fri, 22 Apr 2022 06:47:59 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Origin
https://newpatientsflow.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92515803-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4467
date
Thu, 22 Apr 2021 05:33:38 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 22 Apr 2021 07:33:38 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=57231206&t=pageview&_s=1&dl=https%3A%2F%2Fnewpatientsflow.com%2F&ul=en-us&de=UTF-8&dt=Best%20Dental%20Marketing%20%E2%80%A2%20Dental%20SEO%20%E2%80%A2%20Dental%20Websites%20%E2%80%A2%20No%20Contracts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1461517881&gjid=737482495&cid=1966594358.1619074086&tid=UA-92515803-1&_gid=1162048388.1619074086&_r=1&gtm=2ou472&z=395916876
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 06:48:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newpatientsflow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-92515803-1&cid=1966594358.1619074086&jid=1461517881&gjid=737482495&_gid=1162048388.1619074086&_u=IEBAAUAAAAAAAC~&z=1459891287
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 22 Apr 2021 06:48:05 GMT
content-type
text/plain
access-control-allow-origin
https://newpatientsflow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
media.io_fireworks.mp4
newpatientsflow.com/wp-content/uploads/2019/09/ 		160 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/wp-content/uploads/2019/09/media.io_fireworks.mp4
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

sec-fetch-mode
no-cors
accept-encoding
identity;q=1, *;q=0
accept-language
en-US
sec-fetch-dest
video
cookie
_ga=GA1.2.1966594358.1619074086; _gid=GA1.2.1162048388.1619074086; _gat_gtag_UA_92515803_1=1
:path
/wp-content/uploads/2019/09/media.io_fireworks.mp4
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/
:scheme
https
sec-fetch-site
same-origin
range
bytes=0-
:method
GET
Referer
https://newpatientsflow.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
last-modified
Mon, 16 Sep 2019 18:23:16 GMT
server
nginx
etag
"5d7fd314-177155e"
x-proxy-cache-info
DT:1
content-type
video/mp4
Content-Range
bytes 0-24581469/24581470
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
Content-Length
24581470
expires
Fri, 22 Apr 2022 06:47:59 GMT
media.io_fireworks.mp4
newpatientsflow.com/wp-content/uploads/2019/09/ 		5 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/wp-content/uploads/2019/09/media.io_fireworks.mp4
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
eff9f1c3498bfe46b7ae708a6cf8826fe1cf931f66ba7de88c6fe585e0018001

Request headers

:path
/wp-content/uploads/2019/09/media.io_fireworks.mp4
pragma
no-cache
accept-encoding
identity;q=1, *;q=0
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
video
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/
:scheme
https
sec-fetch-site
same-origin
range
bytes=24576000-
:method
GET
Referer
https://newpatientsflow.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=24576000-

Response headers

date
Thu, 22 Apr 2021 06:47:59 GMT
last-modified
Mon, 16 Sep 2019 18:23:16 GMT
server
nginx
etag
"5d7fd314-177155e"
x-proxy-cache-info
DT:1
content-type
video/mp4
Content-Range
bytes 24576000-24581469/24581470
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
Content-Length
5470
expires
Fri, 22 Apr 2022 06:47:59 GMT
chat.js
platform.swellcx.com/widget/js/ 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.swellcx.com/widget/js/chat.js
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/wp-content/cache/min/1/ba2fa1359c35cfd25dd4828c53672e00.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
18.236.108.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-236-108-148.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6f838115ff4ae13232d80fce1ea4a0834c7756a085157b1e380bd0e9ebf68ff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 06:48:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Apr 2021 22:47:38 GMT
Server
nginx
ETag
W/"6080ab8a-36e16"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
media.io_fireworks.mp4
newpatientsflow.com/wp-content/uploads/2019/09/ 		20 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://newpatientsflow.com/wp-content/uploads/2019/09/media.io_fireworks.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.108.95 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
95.108.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

:path
/wp-content/uploads/2019/09/media.io_fireworks.mp4
pragma
no-cache
accept-encoding
identity;q=1, *;q=0
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
video
:authority
newpatientsflow.com
referer
https://newpatientsflow.com/
:scheme
https
sec-fetch-site
same-origin
range
bytes=98304-
:method
GET
Referer
https://newpatientsflow.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=98304-

Response headers

date
Thu, 22 Apr 2021 06:48:00 GMT
last-modified
Mon, 16 Sep 2019 18:23:16 GMT
server
nginx
etag
"5d7fd314-177155e"
x-proxy-cache-info
DT:1
content-type
video/mp4
Content-Range
bytes 98304-24581469/24581470
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
Content-Length
24483166
expires
Fri, 22 Apr 2022 06:48:00 GMT
roundtrip.js
s.adroll.com/j/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/wp-content/cache/min/1/ba2fa1359c35cfd25dd4828c53672e00.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:24b0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RbvMQlISgmBBsnMKx1p.bqgidE6ZF3W8
Content-Encoding
gzip
ETag
"4748055dbdd5649bb8f3f2a9b89f85b1"
x-amz-request-id
0TYC7TY00BPM4X39
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
12978
x-amz-id-2
xC3iFrWUEgHG0SuvuCH6nQBOaU1a4splR14HQ6mRp3SvQuveQvqOiaFUYYgTfWzs3RoZtaGAtsk=
Last-Modified
Wed, 14 Apr 2021 13:35:10 GMT
Server
AmazonS3
Date
Thu, 22 Apr 2021 06:48:06 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/CPKHPQ47SJEOLCFHFQ7AZ6/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:24b0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
A6E4D842C4F3666B
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified
Tue, 19 Jan 2021 16:25:36 GMT
Server
AmazonS3
Date
Thu, 22 Apr 2021 06:48:06 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Thu, 22 Apr 2021 06:48:06 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/CPKHPQ47SJEOLCFHFQ7AZ6/NUALFPZ3DREOZHNBPX6BIB/ 		0
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/CPKHPQ47SJEOLCFHFQ7AZ6/NUALFPZ3DREOZHNBPX6BIB/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:24b0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nxT.OPQOVNmHGfZFMzSXZoBnFvxT2NL.
Content-Encoding
gzip
ETag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id
K6G2MFF0ZW4CXFC9
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
x-amz-id-2
kNEwDQ2xJFHp/FnA4Ri9n6M0ioN63V6JNaztIe66Mt6YRHo6vwCIabQEKd0oAaQAFA5S0PwEZQI=
Last-Modified
Wed, 21 Apr 2021 16:30:06 GMT
Server
AmazonS3
Date
Thu, 22 Apr 2021 06:48:06 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/CPKHPQ47SJEOLCFHFQ7AZ6/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/CPKHPQ47SJEOLCFHFQ7AZ6?_s=1255c6df1016e2562d71487614a15f69&_b=2
  • https://d.adroll.com/consent/check/CPKHPQ47SJEOLCFHFQ7AZ6/?_s=1255c6df1016e2562d71487614a15f69&_b=2
395 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/CPKHPQ47SJEOLCFHFQ7AZ6/?_s=1255c6df1016e2562d71487614a15f69&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.200.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-200-21.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
df5286854a54f04cea788439b1f8115cb0c324b6eb3a8ce153dde9c4dad37fd5

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 06:48:06 GMT
server
nginx/1.18.0
content-length
395
content-type
application/javascript

Redirect headers

location
https://d.adroll.com/consent/check/CPKHPQ47SJEOLCFHFQ7AZ6/?_s=1255c6df1016e2562d71487614a15f69&_b=2
date
Thu, 22 Apr 2021 06:48:06 GMT
server
nginx/1.18.0
content-length
105
css
fonts.googleapis.com/ 		6 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900
Requested by
Host: newpatientsflow.com
URL: https://newpatientsflow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
715152e4b0b2099a649fe64be672bdba1473fdcb736a70255fff1b14ce406497
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Apr 2021 06:48:07 GMT
server
ESF
date
Thu, 22 Apr 2021 06:48:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Apr 2021 06:48:07 GMT
settings
platform.swellcx.com/api/v1/webchat/ 		786 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://platform.swellcx.com/api/v1/webchat/settings?data_api=427a7880-cda4-4d47-871d-befd2bcf462d
Requested by
Host: platform.swellcx.com
URL: https://platform.swellcx.com/widget/js/chat.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
18.236.108.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-236-108-148.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
86a0f03820b063403ebbf08b985234425bf74a5dd8fdb204d4bdc391d26a452b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 06:48:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
X-RateLimit-Remaining
9860
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-RateLimit-Limit
10000
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization, X-Requested-With, Application
X-XSS-Protection
1; mode=block
available-country-codes
platform.swellcx.com/api/ 		407 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://platform.swellcx.com/api/available-country-codes
Requested by
Host: platform.swellcx.com
URL: https://platform.swellcx.com/widget/js/chat.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
18.236.108.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-236-108-148.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
71067730d675e29f480e13ffe49d6902cf332efa13dce864ac3d8a63649abb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 06:48:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
X-RateLimit-Remaining
9861
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-RateLimit-Limit
10000
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization, X-Requested-With, Application
X-XSS-Protection
1; mode=block
launcher-icon-default.png
platform.swellcx.com/widget/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.swellcx.com/widget/images/launcher-icon-default.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
18.236.108.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-236-108-148.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3979c0b016ac4051d1771bb1820f9e09524dc760cddd1d05209b5c033101124a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newpatientsflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 06:48:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Apr 2021 22:45:03 GMT
Server
nginx
ETag
"6080aaef-77f0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30704
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery function| gtag object| dataLayer object| lazyLoadOptions object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| LazyLoad object| bb_powerpack string| wpAjaxUrl string| flBuilderUrl object| FLBuilderLayoutConfig object| themeopts function| EvEmitter function| imagesLoaded function| Waypoint object| FLBuilderLayout object| FLTheme object| wp string| adroll_adv_id string| adroll_pix_id string| waypointContextKey object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy boolean| ipad boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country function| setImmediate function| clearImmediate object| regeneratorRuntime function| axios

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://newpatientsflow.com/wp-content/cache/min/1/ba2fa1359c35cfd25dd4828c53672e00.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
newpatientsflow.com
platform.swellcx.com
practicetreatmentplan.com
s.adroll.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.opportunitytrack.com
18.236.108.148
2a00:1450:4001:803::2003
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a00:1450:400c:c0d::9c
2a02:26f0:7100::687e:24b0
35.209.108.95
63.35.200.21
152d9063242426d0f6e71d2aa5a0abeb7313b1d7d1b14c4d76504bd63ba2b3bb
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3979c0b016ac4051d1771bb1820f9e09524dc760cddd1d05209b5c033101124a
405977762746dab45e4c9c54cc68502ba5abe03ae8e6fb12c46059a8b8850ed8
58531195a13c2e27f80585ff21be799eba0ded3b5d93a777f143ac9a214d43f2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f838115ff4ae13232d80fce1ea4a0834c7756a085157b1e380bd0e9ebf68ff1
71067730d675e29f480e13ffe49d6902cf332efa13dce864ac3d8a63649abb3a
715152e4b0b2099a649fe64be672bdba1473fdcb736a70255fff1b14ce406497
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
86a0f03820b063403ebbf08b985234425bf74a5dd8fdb204d4bdc391d26a452b
86b3002b7c6b7142f73abcefdad865d2203a93a88c7c8631c81ad9026c2df194
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
a17fafc92a94b1b23539db5cac58e62eae97890e95ae1e2fc5fb5203a8843484
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
c55f78263b344ad5a22ff3ac43cdcea0b561295909c5dd8b01793ec25af4761d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df5286854a54f04cea788439b1f8115cb0c324b6eb3a8ce153dde9c4dad37fd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e95b52f9b7d39ded09fe718cb77c3b6b1a68a2eb2ec109bcd9c13a06b7182e
eff9f1c3498bfe46b7ae708a6cf8826fe1cf931f66ba7de88c6fe585e0018001
f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6d052eb66fb774787716454fa9ac455c314e86155cca6514968203683586c30
fe64a924ec237ed2d13368c8b5a4a8684d40ae178500fb204867bde12515fdb4
ff07958363c46bd09080d1f5052bfb6acefe45645958532f902417e9d19cb033
ffa2027e43a01bb576c018fba47a9d06bdf4ff6f74860b18ed5f5b4b56fd641f