URL: https://palmspringsdisability.com/monthly-headache-diary/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On August 20 via api from IT — Scanned from IT

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 23.251.148.30, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is palmspringsdisability.com.
TLS certificate: Issued by R11 on August 9th 2024. Valid for: 3 months.
This is the only time palmspringsdisability.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 23.251.148.30 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
27 4
Apex Domain
Subdomains
Transfer
20 palmspringsdisability.com
palmspringsdisability.com
542 KB
4 gstatic.com
fonts.gstatic.com
158 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 951
17 KB
27 3
Domain Requested by
20 palmspringsdisability.com palmspringsdisability.com
4 fonts.gstatic.com palmspringsdisability.com
2 ssl.google-analytics.com palmspringsdisability.com
27 3

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.gilbertbourke.com
www.optimizedco.com
Subject Issuer Validity Valid
palmspringsdisability.com
R11
2024-08-09 -
2024-11-07
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://palmspringsdisability.com/monthly-headache-diary/
Frame ID: 28F3D6E076211863843E25F0852E5E6C
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Social Security Disability Monthly Headache Diary - Gilbert & Bourke, Palm Springs Disability Lawyers

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

27
Requests

96 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

718 kB
Transfer

3241 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
palmspringsdisability.com/monthly-headache-diary/
113 KB
24 KB
Document
General
Full URL
https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
b173dfe9aae1d77c4dd882743c01ae07218bfab3ec209ffc2eb1d805ddd34f20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 20 Aug 2024 00:46:48 GMT
link
<https://palmspringsdisability.com/wp-json/>; rel="https://api.w.org/" <https://palmspringsdisability.com/wp-json/wp/v2/pages/348>; rel="alternate"; type="application/json" <https://palmspringsdisability.com/?p=348>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 4
x-cache-group
normal
x-cacheable
SHORT
x-pingback
https://palmspringsdisability.com/xmlrpc.php
x-powered-by
WP Engine
755cd9a14bbc957370b9cd09d7a81fd0.css
palmspringsdisability.com/wp-content/cache/w3-cache/all-css/
1 MB
144 KB
Stylesheet
General
Full URL
https://palmspringsdisability.com/wp-content/cache/w3-cache/all-css/755cd9a14bbc957370b9cd09d7a81fd0.css
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
b6ec6a9936e202162aea97c73e568fd903a56bcf3d575d3c815bf62ae19f7d41

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:48 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 11:50:22 GMT
server
nginx
etag
W/"6323117e-12876d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
baccbb9bae64b730c4456f8bd947dbea.css
palmspringsdisability.com/wp-content/cache/w3-cache/all-css/
166 KB
24 KB
Stylesheet
General
Full URL
https://palmspringsdisability.com/wp-content/cache/w3-cache/all-css/baccbb9bae64b730c4456f8bd947dbea.css
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
882be24e1af53e40957ef5e7a85cac39d503df9ad761b64ab13ce842d326dc4c

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:48 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 11:50:22 GMT
server
nginx
etag
W/"6323117e-29965"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
722910f407c653cff10607bb73fe3d05.min.css
palmspringsdisability.com/wp-content/uploads/fusion-styles/
1 MB
144 KB
Stylesheet
General
Full URL
https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
30a0fc88a81cf1d23cc4ea5f876eab374660e93bb3aea061f1958145ca0ddd6b

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:48 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 16:27:01 GMT
server
nginx
etag
W/"632dde55-129106"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
palmspringsdisability.com/wp-content/themes/Avada-Child-Theme/
186 B
343 B
Stylesheet
General
Full URL
https://palmspringsdisability.com/wp-content/themes/Avada-Child-Theme/style.css
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
2dc50d424a96415697f26f2c39b67c70b10e8a95fd108b4d981aafe222392cf2

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:48 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 06:50:59 GMT
server
nginx
etag
W/"6322cb53-ba"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
logo.png
palmspringsdisability.com/wp-content/uploads/2022/09/
7 KB
7 KB
Image
General
Full URL
https://palmspringsdisability.com/wp-content/uploads/2022/09/logo.png
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e4b667b54151f58e7b6e3563252ee8399e97ee5525a50c411141e2444c77a56

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:48 GMT
last-modified
Thu, 15 Sep 2022 11:47:46 GMT
server
nginx
etag
"632310e2-1b2a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6954
headache-diary.gif
palmspringsdisability.com/wp-content/uploads/
45 KB
45 KB
Image
General
Full URL
https://palmspringsdisability.com/wp-content/uploads/headache-diary.gif
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
d79751931bc9195ae92b8c813280128290e187b39f535f1c343c823cc8732b38

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:48 GMT
last-modified
Thu, 15 Sep 2022 06:50:59 GMT
server
nginx
etag
"6322cb53-b2f9"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
45817
OptimizedAttorney-white.png
palmspringsdisability.com/wp-content/uploads/2021/10/
6 KB
6 KB
Image
General
Full URL
https://palmspringsdisability.com/wp-content/uploads/2021/10/OptimizedAttorney-white.png
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
00ffc4ae50e948e6d3faa7d6ea0d67e6a0b677d34e9daadba9de9ea3a3c2a238

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
last-modified
Thu, 15 Sep 2022 11:46:00 GMT
server
nginx
etag
"63231078-17ff"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6143
basic.min.css
palmspringsdisability.com/wp-content/plugins/gravityforms/assets/css/dist/
46 KB
8 KB
Stylesheet
General
Full URL
https://palmspringsdisability.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
b2dd8e167d565d69322fc50285fa49948cf69c1d898138f316394a3b7bf3b9de

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
content-encoding
br
last-modified
Thu, 12 Jan 2023 08:17:42 GMT
server
nginx
etag
W/"63bfc226-b83f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
theme-components.min.css
palmspringsdisability.com/wp-content/plugins/gravityforms/assets/css/dist/
0
188 B
Stylesheet
General
Full URL
https://palmspringsdisability.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
last-modified
Thu, 12 Jan 2023 08:17:42 GMT
server
nginx
etag
"63bfc226-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
theme-ie11.min.css
palmspringsdisability.com/wp-content/plugins/gravityforms/assets/css/dist/
2 KB
619 B
Stylesheet
General
Full URL
https://palmspringsdisability.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
032dc89de9e654706c6239447c5fe7e0346209c8319411521ac476b58c7f4f88

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
content-encoding
br
last-modified
Thu, 12 Jan 2023 08:17:42 GMT
server
nginx
etag
W/"63bfc226-6d9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
theme.min.css
palmspringsdisability.com/wp-content/plugins/gravityforms/assets/css/dist/
30 KB
6 KB
Stylesheet
General
Full URL
https://palmspringsdisability.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
721648446716f5efbe633d2e5088cb138256ed5261af3f6f984e1ff5818a7b54

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
content-encoding
br
last-modified
Thu, 12 Jan 2023 08:17:42 GMT
server
nginx
etag
W/"63bfc226-777e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
palmspringsdisability.com/wp-includes/css/dist/block-library/
111 KB
15 KB
Stylesheet
General
Full URL
https://palmspringsdisability.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
content-encoding
br
last-modified
Tue, 27 Feb 2024 14:48:23 GMT
server
nginx
etag
W/"65ddf637-1bae5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
79139fb8-ec4d-4407-a352-9744c0192041
https://palmspringsdisability.com/
1 KB
0
Other
General
Full URL
blob:https://palmspringsdisability.com/79139fb8-ec4d-4407-a352-9744c0192041
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://palmspringsdisability.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Aug 2024 22:51:36 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6913
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 20 Aug 2024 00:51:36 GMT
logo.png
palmspringsdisability.com/wp-content/uploads/2022/09/
7 KB
0
Image
General
Full URL
https://palmspringsdisability.com/wp-content/uploads/2022/09/logo.png
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e4b667b54151f58e7b6e3563252ee8399e97ee5525a50c411141e2444c77a56

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:48 GMT
last-modified
Thu, 15 Sep 2022 11:47:46 GMT
server
nginx
etag
"632310e2-1b2a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6954
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://palmspringsdisability.com/
Origin
https://palmspringsdisability.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:15:59 GMT
x-content-type-options
nosniff
age
527450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 22:15:59 GMT
icomoon.woff
palmspringsdisability.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/
20 KB
21 KB
Font
General
Full URL
https://palmspringsdisability.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4

Request headers

Referer
https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Origin
https://palmspringsdisability.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
last-modified
Thu, 15 Sep 2022 06:51:00 GMT
server
nginx
etag
"6322cb54-51ac"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20908
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://palmspringsdisability.com/
Origin
https://palmspringsdisability.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:21:13 GMT
x-content-type-options
nosniff
age
555936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21440
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:57:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:21:13 GMT
fa-solid-900.woff2
palmspringsdisability.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://palmspringsdisability.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

Referer
https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Origin
https://palmspringsdisability.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
last-modified
Thu, 15 Sep 2022 06:51:00 GMT
server
nginx
etag
"6322cb54-13184"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
78212
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://palmspringsdisability.com/
Origin
https://palmspringsdisability.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:33:26 GMT
x-content-type-options
nosniff
age
555203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:33:26 GMT
fa-regular-400.woff2
palmspringsdisability.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/
13 KB
13 KB
Font
General
Full URL
https://palmspringsdisability.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d

Request headers

Referer
https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Origin
https://palmspringsdisability.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
last-modified
Thu, 15 Sep 2022 06:51:00 GMT
server
nginx
etag
"6322cb54-33d0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13264
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/wp-content/uploads/fusion-styles/722910f407c653cff10607bb73fe3d05.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://palmspringsdisability.com/
Origin
https://palmspringsdisability.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:10:18 GMT
x-content-type-options
nosniff
age
556591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:10:18 GMT
__utm.gif
ssl.google-analytics.com/r/
35 B
197 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=569709251&utmhn=palmspringsdisability.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=it-it&utmje=0&utmfl=-&utmdt=Social%20Security%20Disability%20Monthly%20Headache%20Diary%20-%20Gilbert%20%26%20Bourke%2C%20Palm%20Springs%20Disability%20Lawyers&utmhid=713452364&utmr=-&utmp=%2Fmonthly-headache-diary%2F&utmht=1724114809336&utmac=UA-5298188-22&utmcc=__utma%3D150270007.851315074.1724114809.1724114809.1724114809.1%3B%2B__utmz%3D150270007.1724114809.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1779992801&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://palmspringsdisability.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 00:46:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
blank.pngw3.webp
palmspringsdisability.com/wp-content/uploads/
92 B
293 B
Image
General
Full URL
https://palmspringsdisability.com/wp-content/uploads/blank.pngw3.webp
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
53d07bb53f40c3d94a3a9ae3981e7679a11a3e834c9e40be768adec59087b41d

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
last-modified
Thu, 15 Sep 2022 11:44:19 GMT
server
nginx
etag
"63231013-5c"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
92
wp-emoji-release.min.js
palmspringsdisability.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://palmspringsdisability.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: palmspringsdisability.com
URL: https://palmspringsdisability.com/monthly-headache-diary/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
content-encoding
br
last-modified
Tue, 13 Feb 2024 14:36:07 GMT
server
nginx
etag
W/"65cb7e57-4926"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
favicon.png
palmspringsdisability.com/wp-content/uploads/2022/09/
3 KB
3 KB
Other
General
Full URL
https://palmspringsdisability.com/wp-content/uploads/2022/09/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.251.148.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.148.251.23.bc.googleusercontent.com
Software
nginx /
Resource Hash
521bbe5d1792db2aa6e1429df630519158ba17f72d82f0432237155dbc15dd65

Request headers

Referer
https://palmspringsdisability.com/monthly-headache-diary/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:46:49 GMT
last-modified
Thu, 15 Sep 2022 11:47:42 GMT
server
nginx
etag
"632310de-acf"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2767

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| w3_googlefont number| w3_lazy_load_by_px string| blank_image_webp_url number| google_fonts_delay_load string| w3_upload_path string| w3_webp_path number| w3_lazy_load_js object| gform object| _wpemojiSettings object| _gaq object| _gat object| gaGlobal object| gform_i18n object| gf_legacy_multi object| gform_gravityforms object| gf_global object| fusionBgImageVars object| fusionJSVars object| fusionLightboxVideoVars object| fusionEqualHeightVars object| fusionVideoGeneralVars object| fusionVideoBgVars object| fusionLightboxVars object| avadaLiveSearchVars object| avadaCommentVars object| fusionFlexSliderVars object| fusionAnimationsVars object| fusionContainerVars object| avadaSelectVars object| avadaToTopVars object| avadaHeaderVars object| avadaMenuVars object| avadaSidebarsVars object| fusionTypographyVars object| fusionScrollToAnchorVars object| fusionVideoVars function| w3_to_webp function| fixwebp function| w3_change_webp boolean| w3_hasWebP function| w3_events_on_end_js function| w3_start_img_load function| w3_events_on_start_js number| win_width object| bodyRectMain function| getDataUrl function| lazyload_img function| w3_load_dynamic_blank_img function| convert_to_video_tag function| lazyload_video function| lazyload_video_source function| lazyload_imgbgs function| lazyloadimages function| lazyloadiframes object| twemoji object| wp

5 Cookies

Domain/Path Name / Value
.palmspringsdisability.com/ Name: __utma
Value: 150270007.851315074.1724114809.1724114809.1724114809.1
.palmspringsdisability.com/ Name: __utmc
Value: 150270007
.palmspringsdisability.com/ Name: __utmz
Value: 150270007.1724114809.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.palmspringsdisability.com/ Name: __utmt
Value: 1
.palmspringsdisability.com/ Name: __utmb
Value: 150270007.1.10.1724114809

2 Console Messages

Source Level URL
Text
javascript warning URL: https://palmspringsdisability.com/monthly-headache-diary/
Message:
The resource https://palmspringsdisability.com/wp-content/cache/w3-cache/all-css/755cd9a14bbc957370b9cd09d7a81fd0.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://palmspringsdisability.com/monthly-headache-diary/
Message:
The resource https://palmspringsdisability.com/wp-content/cache/w3-cache/all-css/baccbb9bae64b730c4456f8bd947dbea.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
palmspringsdisability.com
ssl.google-analytics.com
23.251.148.30
2a00:1450:4001:80b::2008
2a00:1450:4001:828::2003
00ffc4ae50e948e6d3faa7d6ea0d67e6a0b677d34e9daadba9de9ea3a3c2a238
032dc89de9e654706c6239447c5fe7e0346209c8319411521ac476b58c7f4f88
0e4b667b54151f58e7b6e3563252ee8399e97ee5525a50c411141e2444c77a56
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4
2dc50d424a96415697f26f2c39b67c70b10e8a95fd108b4d981aafe222392cf2
30a0fc88a81cf1d23cc4ea5f876eab374660e93bb3aea061f1958145ca0ddd6b
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
521bbe5d1792db2aa6e1429df630519158ba17f72d82f0432237155dbc15dd65
53d07bb53f40c3d94a3a9ae3981e7679a11a3e834c9e40be768adec59087b41d
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
721648446716f5efbe633d2e5088cb138256ed5261af3f6f984e1ff5818a7b54
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
882be24e1af53e40957ef5e7a85cac39d503df9ad761b64ab13ce842d326dc4c
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
b173dfe9aae1d77c4dd882743c01ae07218bfab3ec209ffc2eb1d805ddd34f20
b2dd8e167d565d69322fc50285fa49948cf69c1d898138f316394a3b7bf3b9de
b6ec6a9936e202162aea97c73e568fd903a56bcf3d575d3c815bf62ae19f7d41
d79751931bc9195ae92b8c813280128290e187b39f535f1c343c823cc8732b38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441