urlscan.io logo urlscan.io
SecurityTrails logo

medspira.com Open in urlscan Pro
35.232.42.184  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.medspira.com/
Effective URL: https://medspira.com/
Submission: On December 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 36 HTTP transactions. The main IP is 35.232.42.184, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is medspira.com.
TLS certificate: Issued by R3 on November 26th 2022. Valid for: 3 months.
This is the only time medspira.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 14 35.232.42.184 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2600:9000:20e... 16509 (AMAZON-02)
3 3 2620:1ec:22::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
36 9
14    35.232.42.184 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 184.42.232.35.bc.googleusercontent.com
www.medspira.com
medspira.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
4    2600:9000:20eb:fa00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
14 medspira.com
www.medspira.com
medspira.com
3 MB
10 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1564
ka-p.fontawesome.com — Cisco Umbrella Rank: 3719
26 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
www.linkedin.com — Cisco Umbrella Rank: 633
px4.ads.linkedin.com — Cisco Umbrella Rank: 6429
3 KB
4 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 868
749 B
4 gstatic.com
fonts.gstatic.com
95 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 731
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
43 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
36 9
Domain Requested by
12 medspira.com medspira.com
9 ka-p.fontawesome.com kit.fontawesome.com
medspira.com
4 cdn.linkedin.oribi.io snap.licdn.com
4 fonts.gstatic.com fonts.googleapis.com
2 px.ads.linkedin.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
medspira.com
2 www.medspira.com 2 redirects
1 px4.ads.linkedin.com medspira.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com medspira.com
1 www.googletagmanager.com medspira.com
1 kit.fontawesome.com medspira.com
1 fonts.googleapis.com medspira.com
36 13

This site contains links to these domains. Also see Links.

Domain
securepayment.link
shop.medspira.com
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
www.medspira.com
R3		 2022-11-26 -
2023-02-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://medspira.com/
Frame ID: 4C05C67080ACE97047EA719399E84692
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Medspira | Home

Page URL History Show full URLs

  1. http://www.medspira.com/ HTTP 301
    https://www.medspira.com/ HTTP 301
    https://medspira.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

36
Requests

97 %
HTTPS

80 %
IPv6

9
Domains

13
Subdomains

9
IPs

2
Countries

3724 kB
Transfer

3989 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.medspira.com/ HTTP 301
    https://www.medspira.com/ HTTP 301
    https://medspira.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4254748&time=1669901190960&url=https%3A%2F%2Fmedspira.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4254748%26time%3D1669901190960%26url%3Dhttps%253A%252F%252Fmedspira.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4254748&time=1669901190960&url=https%3A%2F%2Fmedspira.com%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4254748&time=1669901190960&url=https%3A%2F%2Fmedspira.com%2F&liSync=true&e_ipv6=AQIwLGmFTOha4gAAAYTN3gjp5OQnxH-8nnwSWMvrbeGssNBAH6UD_Wo0eWjvlOt6uM3QbkjguTC8

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
medspira.com/
Redirect Chain
  • http://www.medspira.com/
  • https://www.medspira.com/
  • https://medspira.com/
21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx / Craft CMS, SEOmatic
Resource Hash
cf089af1697f00ccc07408366906d606ae1150d7ef9df3b216b64947141f29f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 01 Dec 2022 13:26:30 GMT
link
<https://medspira.com>; rel='canonical'
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
x-powered-by
Craft CMS, SEOmatic
x-robots-tag
all

Redirect headers

content-length
404
content-type
text/html; charset=iso-8859-1
date
Thu, 01 Dec 2022 13:26:30 GMT
location
https://medspira.com/
server
nginx
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Red+Hat+Display:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a938233986b101e059299cbe4e69e3b4fe045060ffd8d0a0b507fc7c18804f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:26:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Dec 2022 13:26:30 GMT
main.css
medspira.com/assets/css/ 		44 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medspira.com/assets/css/main.css
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
154c8147b7e1b141bfa27c06ab230b46933b237a3bf9b1a374db7c5f2f79c8fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
br
last-modified
Mon, 07 Nov 2022 15:06:36 GMT
server
nginx
etag
W/"b1c0-5ece2c50de6f8"
vary
Accept-Encoding
content-type
text/css
fea09ff7d6.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/fea09ff7d6.js
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4011106c595038958a86e6f290fce825bbf88b6629d2ce52397565a0f22dfdae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://medspira.com/
Origin
https://medspira.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
772c27a8bc949188-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
Fyxg3AL4kyitupeXh3eh
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-121458056-1
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e4e8434ed85caedd9aaab6e0053bdc7457eae8360a71b9d4c9532d57e9365d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43594
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Dec 2022 13:26:30 GMT
medspira-logo.png
medspira.com/uploads/general/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medspira.com/uploads/general/medspira-logo.png
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b3d79db1e0aac520e1a9822eec4a0acd802ac0259cda799b1dd1427e0eef7c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
last-modified
Mon, 23 Aug 2021 16:40:39 GMT
server
nginx
accept-ranges
bytes
etag
"1941-5ca3cad65974f"
content-length
6465
content-type
image/png
main.js
medspira.com/assets/js/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medspira.com/assets/js/main.js
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8d754f690741e01c71c02313f4a3f664c7a633078a7633e88ae185b7be093afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
br
last-modified
Mon, 23 Aug 2021 18:36:56 GMT
server
nginx
etag
W/"18770-5ca3e4d3fa9eb"
vary
Accept-Encoding
content-type
application/javascript
pro-v4-shims.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ 		14 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/js/pro-v4-shims.min.js?token=fea09ff7d6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fea09ff7d6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
85130
etag
"610ae215-1003"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
772c27a94db89188-FRA
content-length
4099
pro.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ 		40 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=fea09ff7d6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fea09ff7d6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
85130
etag
"610ae215-37b8"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
772c27a94dbb9188-FRA
content-length
14264
8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v14/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v14/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Red+Hat+Display:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1dbe80d2c777c173f7f7b2fe368fbdd6b3de977c9e02548b03d15cc441a80a69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medspira.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 19:52:40 GMT
x-content-type-options
nosniff
age
236030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28964
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 17:54:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:52:40 GMT
8vIS7wUr0m80wwYf0QCXZzYzUoTg-A6jTY8.woff2
fonts.gstatic.com/s/redhatdisplay/v14/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v14/8vIS7wUr0m80wwYf0QCXZzYzUoTg-A6jTY8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Red+Hat+Display:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f3d5bc14f55d2ae9f0af6998f56c57505c63f595653ffaf7d8dfe613f06aa49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medspira.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 01:34:23 GMT
x-content-type-options
nosniff
age
215527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30616
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 17:55:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 01:34:23 GMT
Hero-image_2021-08-24-171927_ppym.png
medspira.com/uploads/general/ 		634 KB
635 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medspira.com/uploads/general/Hero-image_2021-08-24-171927_ppym.png
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1f2295094af04811a5ac2f3f6890019cd8fa1a1e713978904531311f4109f3b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
last-modified
Tue, 24 Aug 2021 17:19:27 GMT
server
nginx
accept-ranges
bytes
etag
"9e836-5ca515604b944"
content-length
649270
content-type
image/png
Support-callout.png
medspira.com/uploads/general/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medspira.com/uploads/general/Support-callout.png
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0084429501653f1e02ecd101ef284250c3a4834d3027c1889a1c3681736784a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
last-modified
Tue, 24 Aug 2021 17:34:56 GMT
server
nginx
accept-ranges
bytes
etag
"d666-5ca518d5af70f"
content-length
54886
content-type
image/png
anorectal-callout.png
medspira.com/uploads/general/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medspira.com/uploads/general/anorectal-callout.png
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1f7cd8344b784d673db8ddf41e7fc5155144817798ea50a16c5a326b6b07c792

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
last-modified
Tue, 24 Aug 2021 17:31:03 GMT
server
nginx
accept-ranges
bytes
etag
"1e272-5ca517f7d9f3d"
content-length
123506
content-type
image/png
manometric-callout.png
medspira.com/uploads/general/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medspira.com/uploads/general/manometric-callout.png
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fec84b8d5c91936125e115acf1ed8a82bbedb3f6a89038e8ce0a247ee9e83234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
last-modified
Tue, 24 Aug 2021 17:33:49 GMT
server
nginx
accept-ranges
bytes
etag
"1d7e4-5ca51895b300f"
content-length
120804
content-type
image/png
petite-catheter-product.png
medspira.com/uploads/general/ 		489 KB
490 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medspira.com/uploads/general/petite-catheter-product.png
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9b7783610faa548990b9b3eeb5328a1de42523f1c587e15492f2065c8ddd714f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
last-modified
Thu, 15 Sep 2022 15:23:18 GMT
server
nginx
accept-ranges
bytes
etag
"7a3d3-5e8b8d33a196d"
content-length
500691
content-type
image/png
8-reasons-focus-anorectal-manometry.jpg
medspira.com/uploads/general/ 		504 KB
505 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medspira.com/uploads/general/8-reasons-focus-anorectal-manometry.jpg
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
992c368fd8a33d6348c9277e8f6f8db7a3d21a4713c0b0bb8f2a3d76a9cfae09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
last-modified
Tue, 07 Jun 2022 14:28:15 GMT
server
nginx
accept-ranges
bytes
etag
"7e1e4-5e0dc662d0b71"
content-length
516580
content-type
image/jpeg
help-your-patients-understand-anorectal-manometry-one-minute-video.jpg
medspira.com/uploads/general/ 		197 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medspira.com/uploads/general/help-your-patients-understand-anorectal-manometry-one-minute-video.jpg
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5d66afd864d2900606e042aa483c197c6025e57b9633b4490ce2ee7e3fd5b5f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:31 GMT
last-modified
Tue, 31 May 2022 17:01:06 GMT
server
nginx
accept-ranges
bytes
etag
"3135c-5e051b7f594b8"
content-length
201564
content-type
image/jpeg
bottom-cta-graphic-masked.png
medspira.com/uploads/general/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medspira.com/uploads/general/bottom-cta-graphic-masked.png
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.42.184 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.42.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ba0f40ab9ce602651f3d1370f37a5f53c2137b6b23260dbe6db5e8802ae75dd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:31 GMT
last-modified
Tue, 24 Aug 2021 21:22:43 GMT
server
nginx
accept-ranges
bytes
etag
"15376e-5ca54bbfee792"
content-length
1390446
content-type
image/png
rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Red+Hat+Display:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medspira.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 20:26:22 GMT
x-content-type-options
nosniff
age
579608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18212
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:26:22 GMT
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Red+Hat+Display:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medspira.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 20:26:25 GMT
x-content-type-options
nosniff
age
579605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18096
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:26:25 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-121458056-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Dec 2022 13:15:51 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
639
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 01 Dec 2022 15:15:51 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1582987013&t=pageview&_s=1&dl=https%3A%2F%2Fmedspira.com%2F&ul=en-us&de=UTF-8&dt=Medspira%20%7C%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAAAAIg~&cid=617809038.1669901191&tid=UA-121458056-1&_gid=2039576889.1669901191&gtm=2oubs0&z=935689724
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 22:43:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52995
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 18:52:45 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=11616
accept-ranges
bytes
content-length
4581
search.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 		554 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/search.svg?token=fea09ff7d6
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6267ba33e95f6defb5f1bf4d67470cb65f88127054df43a498c5426c437252a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:56:10 GMT
server
cloudflare
age
85130
etag
W/"610ae2ca-22a"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
772c27ab19ab9188-FRA
shopping-cart.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 		950 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/shopping-cart.svg?token=fea09ff7d6
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4e27cabdf9326e2f53cce909ce10ee40cf81b383b8880afe654c2b8c14a88f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:56:11 GMT
server
cloudflare
age
85130
etag
W/"610ae2cb-3b6"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
772c27ab19ad9188-FRA
photo-video.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 		640 B
462 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/photo-video.svg?token=fea09ff7d6
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61289fb3424a3b001c68cb15c4b881f7f07d6fa33a954eeacab9f571418f848f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:56:07 GMT
server
cloudflare
age
21607
etag
W/"610ae2c7-280"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
772c27ab19b09188-FRA
question.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 		1 KB
726 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/question.svg?token=fea09ff7d6
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba80a424fc142a1d4858a15079133030e41ffd8974a44aaf54e721c5d29af951

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:56:09 GMT
server
cloudflare
age
21607
etag
W/"610ae2c9-464"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
772c27ab19b49188-FRA
facebook-f.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 		389 B
385 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/facebook-f.svg?token=fea09ff7d6
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db6fa13cbab91516913fbcc921f76bd67b4792d6cf4ffd846ba8aa18ad572059

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:11 GMT
server
cloudflare
age
85130
etag
W/"610ae217-185"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
772c27ab19b59188-FRA
twitter.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 		1008 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/twitter.svg?token=fea09ff7d6
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
301478844e69f723c541b2567d878823a025d1cc94f894e191cf5be20df03abc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:16 GMT
server
cloudflare
age
85130
etag
W/"610ae21c-3f0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
772c27ab19b79188-FRA
linkedin-in.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 		517 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/linkedin-in.svg?token=fea09ff7d6
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b589272e438a45c4a86c417bd29a7f79d81d43649df56cebcb356ec91e968c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:13 GMT
server
cloudflare
age
21607
etag
W/"610ae219-205"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
772c27ab19ba9188-FRA
token
cdn.linkedin.oribi.io/partner/4254748/domain/medspira.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4254748/domain/medspira.com/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:fa00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://medspira.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
5328
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 01 Dec 2022 11:57:43 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-id
hl56UPu9-27OJd3AOq2yLgdN8_YGIpgKbjQMMlbHD0HKUKiDE153Lw==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
token
cdn.linkedin.oribi.io/partner/4254748/domain/medspira.com/ 		36 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4254748/domain/medspira.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:fa00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://medspira.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Dec 2022 12:59:25 GMT
content-encoding
gzip
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1626
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
AWjz9tnxqt32uZJLMxUqDsrSgXjSIxlwxb2RiIzQjJltW4osmq492w==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4254748&time=1669901190960&url=https%3A%2F%2Fmedspira.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4254748%26time%3D1669901190960%26url%3Dhttps%253A%252F%252Fmedspira.com%252F%26li...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4254748&time=1669901190960&url=https%3A%2F%2Fmedspira.com%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4254748&time=1669901190960&url=https%3A%2F%2Fmedspira.com%2F&liSync=true&e_ipv6=AQIwLGmFTOha4gAAAYTN3gjp5OQnxH-8nnwSWMvrbeGssNBAH6UD_Wo0eWjvlOt6u...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4254748&time=1669901190960&url=https%3A%2F%2Fmedspira.com%2F&liSync=true&e_ipv6=AQIwLGmFTOha4gAAAYTN3gjp5OQnxH-8nnwSWMvrbeGssNBAH6UD_Wo0eWjvlOt6uM3QbkjguTC8
Requested by
Host: medspira.com
URL: https://medspira.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medspira.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:26:31 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 502AC702F46E4A7D869CE887443DC0B8 Ref B: FRAEDGE1707 Ref C: 2022-12-01T13:26:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXuxCtVl4GdzXCaGEbydg==

Redirect headers

date
Thu, 01 Dec 2022 13:26:30 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 311028C174944EE292D42452CD5373F1 Ref B: VIEEDGE1017 Ref C: 2022-12-01T13:26:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4254748&time=1669901190960&url=https%3A%2F%2Fmedspira.com%2F&liSync=true&e_ipv6=AQIwLGmFTOha4gAAAYTN3gjp5OQnxH-8nnwSWMvrbeGssNBAH6UD_Wo0eWjvlOt6uM3QbkjguTC8
x-li-proto
http/2
content-length
0
x-li-uuid
AAXuxCtSqi+EmBMc3mBoiA==
token
cdn.linkedin.oribi.io/partner/4254748/domain/medspira.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4254748/domain/medspira.com/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:fa00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://medspira.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
5328
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 01 Dec 2022 11:57:43 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-id
Qeqa-JcWd737RFilWYUyEEdXHt2npXfIfSQnuTVO60T82C4B_OaeeA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
token
cdn.linkedin.oribi.io/partner/4254748/domain/medspira.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4254748/domain/medspira.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:fa00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://medspira.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Dec 2022 12:59:25 GMT
content-encoding
gzip
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1626
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
GRESzP7w_lKy6JhSb-PeGBXG8SWlxdKtTTEzPvIyK1s9dy1A4nV-wg==

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| FontAwesomeKitConfig function| gtag object| dataLayer function| a object| ___FONT_AWESOME___ object| fontawesome-pro-shims object| FontAwesomeConfig object| FontAwesome object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk boolean| _already_called_lintrk

11 Cookies

Domain/Path Name / Value
.medspira.com/ Name: _ga
Value: GA1.2.617809038.1669901191
.medspira.com/ Name: _gid
Value: GA1.2.2039576889.1669901191
.medspira.com/ Name: ln_or
Value: d
.linkedin.com/ Name: UserMatchHistory
Value: AQJOWtHGOlWe4gAAAYTN3gfEPqGVaeCBPn7QN_aonEHIOE84TAGnb0j0WZeVB8HdCYFSDNSEHYXnRg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJF2zeCPdlKWgAAAYTN3gfE90GMBEFZgu94KCgaMr9eIDhXDBz8GXT4uJnkd43-qoCZJSUmooGH9eW0d28fGg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9dcabaec-6de3-4c5f-8128-4fb68ab04c4a"
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2860:u=1:x=1:i=1669901191:t=1669987591:v=2:sig=AQGa_W9M0AFUtEM6dulGyQLpJcOl6Npt"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202212011326313ffb0348-ab07-483d-81a3-457527c584c8AQExv7J4sEjGvNlOAraoJfWeGM73lMFn"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Njk5MDExOTE7MjswMjFJO2xOCgT3lt5663Llc2cXY1YeyK4R35auey6K6Jz9vQ==

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.linkedin.oribi.io
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
medspira.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.medspira.com
13.107.42.14
2600:9000:20eb:fa00:2:53b2:240:93a1
2606:4700::6812:1734
2620:1ec:22::14
2a00:1450:4001:803::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:82f::2003
2a02:26f0:3500:16::215:14a0
35.232.42.184
0084429501653f1e02ecd101ef284250c3a4834d3027c1889a1c3681736784a4
0b4e27cabdf9326e2f53cce909ce10ee40cf81b383b8880afe654c2b8c14a88f
154c8147b7e1b141bfa27c06ab230b46933b237a3bf9b1a374db7c5f2f79c8fb
1dbe80d2c777c173f7f7b2fe368fbdd6b3de977c9e02548b03d15cc441a80a69
1f2295094af04811a5ac2f3f6890019cd8fa1a1e713978904531311f4109f3b3
1f7cd8344b784d673db8ddf41e7fc5155144817798ea50a16c5a326b6b07c792
2f3d5bc14f55d2ae9f0af6998f56c57505c63f595653ffaf7d8dfe613f06aa49
301478844e69f723c541b2567d878823a025d1cc94f894e191cf5be20df03abc
4011106c595038958a86e6f290fce825bbf88b6629d2ce52397565a0f22dfdae
5b589272e438a45c4a86c417bd29a7f79d81d43649df56cebcb356ec91e968c2
5d66afd864d2900606e042aa483c197c6025e57b9633b4490ce2ee7e3fd5b5f4
61289fb3424a3b001c68cb15c4b881f7f07d6fa33a954eeacab9f571418f848f
6267ba33e95f6defb5f1bf4d67470cb65f88127054df43a498c5426c437252a0
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d754f690741e01c71c02313f4a3f664c7a633078a7633e88ae185b7be093afe
992c368fd8a33d6348c9277e8f6f8db7a3d21a4713c0b0bb8f2a3d76a9cfae09
9b7783610faa548990b9b3eeb5328a1de42523f1c587e15492f2065c8ddd714f
9e4e8434ed85caedd9aaab6e0053bdc7457eae8360a71b9d4c9532d57e9365d7
a938233986b101e059299cbe4e69e3b4fe045060ffd8d0a0b507fc7c18804f04
b3d79db1e0aac520e1a9822eec4a0acd802ac0259cda799b1dd1427e0eef7c62
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba0f40ab9ce602651f3d1370f37a5f53c2137b6b23260dbe6db5e8802ae75dd3
ba80a424fc142a1d4858a15079133030e41ffd8974a44aaf54e721c5d29af951
cf089af1697f00ccc07408366906d606ae1150d7ef9df3b216b64947141f29f5
db6fa13cbab91516913fbcc921f76bd67b4792d6cf4ffd846ba8aa18ad572059
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
fec84b8d5c91936125e115acf1ed8a82bbedb3f6a89038e8ce0a247ee9e83234