urlscan.io logo urlscan.io
SecurityTrails logo

www.rubin-machado.com Open in urlscan Pro
69.43.202.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://covid19legallawyer.com/
Effective URL: https://www.rubin-machado.com/
Submission Tags: falconsandbox
Submission: On June 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 28 HTTP transactions. The main IP is 69.43.202.154, located in San Diego, United States and belongs to DATABANK-CASTLEACCESS, US. The main domain is www.rubin-machado.com.
TLS certificate: Issued by R3 on May 30th 2022. Valid for: 3 months.
This is the only time www.rubin-machado.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 69.43.202.154 22489 (DATABANK-...)
6 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
11 11 18.66.121.124 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 108.138.24.216 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 8
14    69.43.202.154 (San Diego, United States)

ASN22489 (DATABANK-CASTLEACCESS, US)
PTR: sni-copley.einsteinindustries.com
covid19legallawyer.com
www.rubin-machado.com
www.eiiwebservices.com
6    2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
11    18.66.121.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-124.fra60.r.cloudfront.net
d21xh06p65pae.cloudfront.net
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
4    108.138.24.216 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-216.fra56.r.cloudfront.net
d1l9wtg77iuzz5.cloudfront.net
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
15 cloudfront.net
d21xh06p65pae.cloudfront.net
d1l9wtg77iuzz5.cloudfront.net
566 KB
12 rubin-machado.com
www.rubin-machado.com
122 KB
7 typekit.net
use.typekit.net — Cisco Umbrella Rank: 595
p.typekit.net — Cisco Umbrella Rank: 706
99 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5448
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 8
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
446 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
412 B
1 eiiwebservices.com
www.eiiwebservices.com — Cisco Umbrella Rank: 551999
20 KB
1 covid19legallawyer.com
covid19legallawyer.com
251 B
28 9
Domain Requested by
12 www.rubin-machado.com www.rubin-machado.com
11 d21xh06p65pae.cloudfront.net 11 redirects
6 use.typekit.net www.rubin-machado.com
use.typekit.net
4 d1l9wtg77iuzz5.cloudfront.net www.rubin-machado.com
d21xh06p65pae.cloudfront.net
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.eiiwebservices.com
1 www.google-analytics.com www.eiiwebservices.com
1 www.eiiwebservices.com d21xh06p65pae.cloudfront.net
1 p.typekit.net use.typekit.net
1 covid19legallawyer.com 1 redirects
28 11

This site contains links to these domains. Also see Links.

Domain
www.cpsc.gov
man
www.google.com
maps.google.com
www.einsteinlaw.com
www.einsteinextranet.com
Subject Issuer Validity Valid
rubin-machado.com
R3		 2022-05-30 -
2022-08-28		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
eiiwebservices.com
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.rubin-machado.com/
Frame ID: 2EDEC9F4412C6B1072552E565912996E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Personal Injury Attorney Chicago, IL - Attorney - Law Firm - Rubin & Machado, Ltd.4Social Accounts Sprite

Page URL History Show full URLs

  1. http://covid19legallawyer.com/ HTTP 301
    https://www.rubin-machado.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

28
Requests

61 %
HTTPS

67 %
IPv6

9
Domains

11
Subdomains

8
IPs

3
Countries

802 kB
Transfer

1418 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covid19legallawyer.com/ HTTP 301
    https://www.rubin-machado.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/index-v1655912221.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/index-v1655912221.js
Request Chain 8
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/overlay-manager.2f465609.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/overlay-manager.2f465609.js
Request Chain 9
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/nav-on-scroll.e6208ddb.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/nav-on-scroll.e6208ddb.js
Request Chain 10
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/menu-list.d7caf5d4.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/menu-list.d7caf5d4.js
Request Chain 14
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/all-forms.3fd88593.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/all-forms.3fd88593.js
Request Chain 15
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/google-analytics.9f82d54a.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/google-analytics.9f82d54a.js
Request Chain 16
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/referrer.570fd731.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/referrer.570fd731.js
Request Chain 17
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/landing-page-cookie.29e221ac.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/landing-page-cookie.29e221ac.js
Request Chain 18
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/iframe-wrapper.007701f1.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/iframe-wrapper.007701f1.js
Request Chain 19
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/animate-item.c80203e3.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/animate-item.c80203e3.js
Request Chain 20
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/gutters-row-column.49d67055.js HTTP 301
  • https://www.rubin-machado.com/assets/javascripts/p/gutters-row-column.49d67055.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rubin-machado.com/
Redirect Chain
  • http://covid19legallawyer.com/
  • https://www.rubin-machado.com/
608 KB
100 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
45a1deee780a555e86ab8353a61d09452924dfb19f1b37d014c571a98e34019b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10
content-encoding
gzip
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 03:15:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-lucid-render-cache
DISABLED
x-lucid-theme-name
flux
x-lucid-theme-version
2
x-mod-pagespeed
1.13.35.2-0

Redirect headers

Connection
Keep-Alive
Content-Length
238
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 24 Jun 2022 03:15:27 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.rubin-machado.com/
Server
Apache
ori0zkq.css
use.typekit.net/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ori0zkq.css
Requested by
Host: www.rubin-machado.com
URL: https://www.rubin-machado.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cbe1238eea0d90b5309f23d0fb40478b9ff8d71ce9c97e29ca03ef633790dc66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 24 Jun 2022 03:15:30 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1092
index-v1655912221.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/index-v1655912221.js
  • https://www.rubin-machado.com/assets/javascripts/p/index-v1655912221.js
19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/index-v1655912221.js
Requested by
Host: www.rubin-machado.com
URL: https://www.rubin-machado.com/
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
a41c65ead68af90e2b65caf12d7abd3851c12311ef9782bedc347497200c40a1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:30 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
6941
expires
Mon, 21 Jun 2032 03:15:30 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
232
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/index-v1655912221.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
77sEpcXRke13MVkl1dLbkqJTAW0cW-w56x0OVcmHRO4sKgt1nb-_hw==
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ori0zkq&ht=tk&f=25629.25632.25633.25634.25637.25638.31291.31292.31293.31294.31295.31296&a=40315815&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ori0zkq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:30 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/625a3c/000000000000000000017724/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/625a3c/000000000000000000017724/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ori0zkq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
13c44475bf87e1755055d3f37f6ef9b1f5a98749e49f320c252378717ea1fa15

Request headers

Referer
https://use.typekit.net/ori0zkq.css
Origin
https://www.rubin-machado.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:30 GMT
server
nginx
etag
"40556fb1958dc5bbf5fc46d87fc78153dbfd8a08"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16240
l
use.typekit.net/af/4e8f1c/00000000000000000001771b/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4e8f1c/00000000000000000001771b/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ori0zkq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ae448bd72cfe571233f89b66e553326924d38874e2cca9c5efeca28816f27275

Request headers

Referer
https://use.typekit.net/ori0zkq.css
Origin
https://www.rubin-machado.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:30 GMT
server
nginx
etag
"3f102d305e99f4280564dae0ef105fd02e57606b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15912
l
use.typekit.net/af/d3b682/00000000000000003b9ae88b/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d3b682/00000000000000003b9ae88b/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ori0zkq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
692d16fbe68510c68396d561156474c544e9f66520dea9f633c86ac0abebbb8f

Request headers

Referer
https://use.typekit.net/ori0zkq.css
Origin
https://www.rubin-machado.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:30 GMT
server
nginx
etag
"226053ee9e92bb8b084a6d77a2a228ec831c367e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24304
l
use.typekit.net/af/d539ac/00000000000000003b9ae88f/27/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d539ac/00000000000000003b9ae88f/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ori0zkq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
22748afe5598e217e396a163cf23f80a6599a134767eee0a43ad85d4f40f6dfb

Request headers

Referer
https://use.typekit.net/ori0zkq.css
Origin
https://www.rubin-machado.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:30 GMT
server
nginx
etag
"2539398742b745e45483aef8a90626760ef5461b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25456
l
use.typekit.net/af/a20d40/000000000000000000017720/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a20d40/000000000000000000017720/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ori0zkq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2781b54ef5e6cb9d8c1b1c6c2fdb988567213cb7d54e735322d6c19d5be5c855

Request headers

Referer
https://use.typekit.net/ori0zkq.css
Origin
https://www.rubin-machado.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:30 GMT
server
nginx
etag
"1b40c9e8c63e99a84ea27a30d904558f23fc7a79"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16236
overlay-manager.2f465609.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/overlay-manager.2f465609.js
  • https://www.rubin-machado.com/assets/javascripts/p/overlay-manager.2f465609.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/overlay-manager.2f465609.js
Requested by
Host: www.rubin-machado.com
URL: https://www.rubin-machado.com/
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
5cd30aae1e5f8818a41e9ffcc3b955465c547c2bf645a654616af474852a99a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:31 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
2052
expires
Mon, 21 Jun 2032 03:15:31 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
236
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/overlay-manager.2f465609.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
XYDr3ok_RzZXl9-bN-hKgpRZCPldiFaJWOvVCU7KcoS5hbKIKSC9hA==
nav-on-scroll.e6208ddb.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/nav-on-scroll.e6208ddb.js
  • https://www.rubin-machado.com/assets/javascripts/p/nav-on-scroll.e6208ddb.js
2 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/nav-on-scroll.e6208ddb.js
Requested by
Host: www.rubin-machado.com
URL: https://www.rubin-machado.com/
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
07b5b61bc0ae0d2d38ecbb3b35ef3340ef2eb251e1bf5dadc0c4ec83a76ababc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:31 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
903
expires
Mon, 21 Jun 2032 03:15:31 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
233
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/nav-on-scroll.e6208ddb.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
zy88fmRAnJ8jMlWDJSp9gR4J1f32jXUMxuGV-XD4Hr1YtV9QKiBtcA==
menu-list.d7caf5d4.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/menu-list.d7caf5d4.js
  • https://www.rubin-machado.com/assets/javascripts/p/menu-list.d7caf5d4.js
2 KB
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/menu-list.d7caf5d4.js
Requested by
Host: www.rubin-machado.com
URL: https://www.rubin-machado.com/
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
c6c91989837a59325d6975e6c8f67f603caf2ff7eee45f994b70b7436e231b16
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:31 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
852
expires
Mon, 21 Jun 2032 03:15:31 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
232
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/menu-list.d7caf5d4.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
G8uhLXjmyAR7DNBK4EjUBjVYUmn1pkN7ag2uvc7EwllYO0uPNeroow==
original_logo.svg
d1l9wtg77iuzz5.cloudfront.net/assets/3048/261507/ 		35 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1l9wtg77iuzz5.cloudfront.net/assets/3048/261507/original_logo.svg?1553534515
Requested by
Host: www.rubin-machado.com
URL: https://www.rubin-machado.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-216.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9965262cfa4b16ecb6adb0fcb3b2acb0c0877274364fea67683075caeae1ae20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 31 May 2022 22:37:16 GMT
Content-Encoding
gzip
Age
2003896
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 25 Mar 2019 17:22:04 GMT
Server
AmazonS3
ETag
W/"f3ae976fe44b4fe2e710c88d2d71aa44"
Vary
Accept-Encoding
x-amz-version-id
mTczy7KsMfAGikVPm8hw1rKvuZL_zYL2
Via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA56-P7
Content-Type
image/svg+xml
X-Amz-Cf-Id
qHtei2l0ZOyDIu5JOt2iELmCSEKObUwt-aerusOLcwhLq471hxrMqg==
original.jpg
d1l9wtg77iuzz5.cloudfront.net/assets/3048/250557/ 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1l9wtg77iuzz5.cloudfront.net/assets/3048/250557/original.jpg?1544123099
Requested by
Host: www.rubin-machado.com
URL: https://www.rubin-machado.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-216.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b201713bb8d100003aad6f9094a28659ed4afad464d70964df4a8d3aca85dd13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 15:05:35 GMT
Via
1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 06 Dec 2018 19:05:09 GMT
Server
AmazonS3
Age
1512597
ETag
"5656c995d36f90feb75d4b0834a33936"
X-Cache
Hit from cloudfront
x-amz-version-id
I_AJXtyUKiECTjdGzypF1uWVCXdrSjux
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA56-P7
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
314270
X-Amz-Cf-Id
H8PLduGix3hWToacFJejIKY7PSXgLafJnpLPMtlRD3H-4tv09jTH0g==
original_bg2.jpg
d1l9wtg77iuzz5.cloudfront.net/assets/3048/250611/ 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1l9wtg77iuzz5.cloudfront.net/assets/3048/250611/original_bg2.jpg?1544137506
Requested by
Host: www.rubin-machado.com
URL: https://www.rubin-machado.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-216.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b091bf75e9ce13ab24f75863b1ecdb3484d7740742e04a12102b5b730a2518f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 02:10:33 GMT
Via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 06 Dec 2018 23:05:14 GMT
Server
AmazonS3
Age
1645498
ETag
"e6a7fb5fc6ccfa7cdff02819a56b56c8"
X-Cache
Hit from cloudfront
x-amz-version-id
eGrVF0y.t00jJcwjdDHNuVb7CERO3q8E
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA56-P7
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
232290
X-Amz-Cf-Id
JVriWvXul6_l3wO5E3rmaJDEjAepmIGbmBiYemXa2QGwnjCRSE4Hmg==
all-forms.3fd88593.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/all-forms.3fd88593.js
  • https://www.rubin-machado.com/assets/javascripts/p/all-forms.3fd88593.js
12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/all-forms.3fd88593.js
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
9b6308c3fa20a1c43f19b2f39a278bfee098623d37c212909bf0344ee972c70c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:31 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
4591
expires
Mon, 21 Jun 2032 03:15:31 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
232
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/all-forms.3fd88593.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
qbGhCB1aPWGJKFJ-72S_RxIlwyLWyhnL-_lfzAgXVB9Xow83haS9XQ==
google-analytics.9f82d54a.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/google-analytics.9f82d54a.js
  • https://www.rubin-machado.com/assets/javascripts/p/google-analytics.9f82d54a.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/google-analytics.9f82d54a.js
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
0bb4283995138e0ddac9c5df757a335eb4d718ca99a45d71f97f9c8687e6c6ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:32 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
1262
expires
Mon, 21 Jun 2032 03:15:32 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
237
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/google-analytics.9f82d54a.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
R7JVN-ZQRsss6Vb8JPVdH7WLg9Wzo4_2XtfoiCLPbb42J7iSEcZ0Pw==
referrer.570fd731.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/referrer.570fd731.js
  • https://www.rubin-machado.com/assets/javascripts/p/referrer.570fd731.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/referrer.570fd731.js
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
936e6ed2f9cd2436eccba9581d4325ad78ed1cc141c98f6544346a064277c0a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:32 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
1189
expires
Mon, 21 Jun 2032 03:15:32 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
230
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/referrer.570fd731.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
s_F7TtPd_wBXzFA2HjwWj07ODtjdYvXaXsPPbcfhCNFZr2yYgNgUAQ==
landing-page-cookie.29e221ac.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/landing-page-cookie.29e221ac.js
  • https://www.rubin-machado.com/assets/javascripts/p/landing-page-cookie.29e221ac.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/landing-page-cookie.29e221ac.js
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
88909eb768a0cca0432e304c4ec74e7ff2c2c26b2ade390cfe8f3b57825e4d7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:31 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
1496
expires
Mon, 21 Jun 2032 03:15:31 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
237
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/landing-page-cookie.29e221ac.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
AkQTEM0ofzj5s7yO1nj3yjl4k6kzSpryAitnISeXovXbSY938dTVkQ==
iframe-wrapper.007701f1.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/iframe-wrapper.007701f1.js
  • https://www.rubin-machado.com/assets/javascripts/p/iframe-wrapper.007701f1.js
2 KB
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/iframe-wrapper.007701f1.js
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
d5c17849ede9607f16075256452f1a81b087ddaa53b9696a3831c1890bcec329
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:32 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
915
expires
Mon, 21 Jun 2032 03:15:32 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
233
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/iframe-wrapper.007701f1.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
KEpjYIpkgv5onTNezmts4XRTA1rlwVZcL2n6kuwrXuLlDxGuxeGc_g==
animate-item.c80203e3.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/animate-item.c80203e3.js
  • https://www.rubin-machado.com/assets/javascripts/p/animate-item.c80203e3.js
2 KB
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/animate-item.c80203e3.js
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
e1306534883e00a4b68cc68ad705280db25a4a1c18a0a8226e3f62439b4fdc41
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:32 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
828
expires
Mon, 21 Jun 2032 03:15:32 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
232
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/animate-item.c80203e3.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
EkPVwpjmC8XcHc6LLrJPIQ1YRE8VMIlbnaIPi-mOf_AC_l5yhKFWoA==
gutters-row-column.49d67055.js
www.rubin-machado.com/assets/javascripts/p/
Redirect Chain
  • https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/gutters-row-column.49d67055.js
  • https://www.rubin-machado.com/assets/javascripts/p/gutters-row-column.49d67055.js
1 KB
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rubin-machado.com/assets/javascripts/p/gutters-row-column.49d67055.js
Protocol
H2
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
36853e4a1a8592a8fa8db11f4bffdb203a091ed47f9769a6b3de4d2a5cd5300d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:32 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 15:37:01 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=315360000, public, s-maxage=10
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
content-length
668
expires
Mon, 21 Jun 2032 03:15:32 GMT

Redirect headers

Date
Fri, 24 Jun 2022 03:15:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
239
Access-Control-Allow-Origin
*
Server
nginx
Location
https://www.rubin-machado.com/assets/javascripts/p/gutters-row-column.49d67055.js
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=iso-8859-1
Via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
Cache-Control
s-maxage=10
X-Amz-Cf-Id
KqkQFHEXIz5vdWNttfPml7ol9szVlXDbgGyo5uZnvtypiFl7qOHfKA==
analytics.js
www.eiiwebservices.com/google/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.eiiwebservices.com/google/analytics.js
Requested by
Host: d21xh06p65pae.cloudfront.net
URL: https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/google-analytics.9f82d54a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.43.202.154 San Diego, United States, ASN22489 (DATABANK-CASTLEACCESS, US),
Reverse DNS
sni-copley.einsteinindustries.com
Software
nginx /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 03:15:32 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2022 03:15:01 GMT
server
nginx
etag
"625f2-c41d-5e228f9da2b16"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
content-length
20042
expires
Sun, 24 Jul 2022 03:15:32 GMT
original_logo.svg
d1l9wtg77iuzz5.cloudfront.net/assets/3048/261507/ 		35 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1l9wtg77iuzz5.cloudfront.net/assets/3048/261507/original_logo.svg?1553534515
Requested by
Host: d21xh06p65pae.cloudfront.net
URL: https://d21xh06p65pae.cloudfront.net/www.rubin-machado.com/assets/javascripts/p/index-v1655912221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-216.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9965262cfa4b16ecb6adb0fcb3b2acb0c0877274364fea67683075caeae1ae20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 31 May 2022 22:37:16 GMT
Content-Encoding
gzip
Age
2003897
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 25 Mar 2019 17:22:04 GMT
Server
AmazonS3
ETag
W/"f3ae976fe44b4fe2e710c88d2d71aa44"
Vary
Accept-Encoding
x-amz-version-id
mTczy7KsMfAGikVPm8hw1rKvuZL_zYL2
Via
1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA56-P7
Content-Type
image/svg+xml
X-Amz-Cf-Id
54qBPYV0nMIaYhdR3o_Jl6jDg_QlPO8qOLKTvLvtOOkqK5zpL5BXRA==
collect
www.google-analytics.com/j/ 		4 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=501243131&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rubin-machado.com%2F&ul=en-us&de=UTF-8&dt=Personal%20Injury%20Attorney%20Chicago%2C%20IL%20-%20Attorney%20-%20Law%20Firm%20-%20Rubin%20%26%20Machado%2C%20Ltd.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=46616727&gjid=695804524&cid=979632740.1656040533&tid=UA-77563-16&_gid=1511357558.1656040533&_r=1&_slc=1&cd1=flux&cd2=2&cd3=default&cd4=www.rubin-machado.com&z=2142817564
Requested by
Host: www.eiiwebservices.com
URL: https://www.eiiwebservices.com/google/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rubin-machado.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 03:15:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rubin-machado.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-77563-16&cid=979632740.1656040533&jid=46616727&gjid=695804524&_gid=1511357558.1656040533&_u=YEDAAEAAAAAAAC~&z=1236414404
Requested by
Host: www.eiiwebservices.com
URL: https://www.eiiwebservices.com/google/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rubin-machado.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 24 Jun 2022 03:15:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.rubin-machado.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-77563-16&cid=979632740.1656040533&jid=46616727&_u=YEDAAEAAAAAAAC~&z=625247883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 03:15:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-77563-16&cid=979632740.1656040533&jid=46616727&_u=YEDAAEAAAAAAAC~&z=625247883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rubin-machado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 03:15:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| SlideMenu object| lazySizesConfig object| lazySizes function| parcelRequire function| inViewport string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
www.rubin-machado.com/ Name: PHPSESSID
Value: 29jvb4j18nbnhmtdmc8518n2bs
.rubin-machado.com/ Name: _ga
Value: GA1.2.979632740.1656040533
.rubin-machado.com/ Name: _gid
Value: GA1.2.1511357558.1656040533
.rubin-machado.com/ Name: _gat_lucid
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covid19legallawyer.com
d1l9wtg77iuzz5.cloudfront.net
d21xh06p65pae.cloudfront.net
p.typekit.net
stats.g.doubleclick.net
use.typekit.net
www.eiiwebservices.com
www.google-analytics.com
www.google.com
www.google.de
www.rubin-machado.com
108.138.24.216
18.66.121.124
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:400c:c08::9c
2a02:26f0:3500:16::215:148b
2a02:26f0:f7::5c7b:e024
69.43.202.154
07b5b61bc0ae0d2d38ecbb3b35ef3340ef2eb251e1bf5dadc0c4ec83a76ababc
0bb4283995138e0ddac9c5df757a335eb4d718ca99a45d71f97f9c8687e6c6ff
13c44475bf87e1755055d3f37f6ef9b1f5a98749e49f320c252378717ea1fa15
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
22748afe5598e217e396a163cf23f80a6599a134767eee0a43ad85d4f40f6dfb
2781b54ef5e6cb9d8c1b1c6c2fdb988567213cb7d54e735322d6c19d5be5c855
2b091bf75e9ce13ab24f75863b1ecdb3484d7740742e04a12102b5b730a2518f
36853e4a1a8592a8fa8db11f4bffdb203a091ed47f9769a6b3de4d2a5cd5300d
45a1deee780a555e86ab8353a61d09452924dfb19f1b37d014c571a98e34019b
5cd30aae1e5f8818a41e9ffcc3b955465c547c2bf645a654616af474852a99a0
692d16fbe68510c68396d561156474c544e9f66520dea9f633c86ac0abebbb8f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88909eb768a0cca0432e304c4ec74e7ff2c2c26b2ade390cfe8f3b57825e4d7c
936e6ed2f9cd2436eccba9581d4325ad78ed1cc141c98f6544346a064277c0a3
9965262cfa4b16ecb6adb0fcb3b2acb0c0877274364fea67683075caeae1ae20
9b6308c3fa20a1c43f19b2f39a278bfee098623d37c212909bf0344ee972c70c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a41c65ead68af90e2b65caf12d7abd3851c12311ef9782bedc347497200c40a1
ae448bd72cfe571233f89b66e553326924d38874e2cca9c5efeca28816f27275
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b201713bb8d100003aad6f9094a28659ed4afad464d70964df4a8d3aca85dd13
c6c91989837a59325d6975e6c8f67f603caf2ff7eee45f994b70b7436e231b16
cbe1238eea0d90b5309f23d0fb40478b9ff8d71ce9c97e29ca03ef633790dc66
d5c17849ede9607f16075256452f1a81b087ddaa53b9696a3831c1890bcec329
e1306534883e00a4b68cc68ad705280db25a4a1c18a0a8226e3f62439b4fdc41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629