Submitted URL: https://beckershealthcare-news.com/portal/wts/ugmcnkm%7C6DaqBt-fEfyLzOBA8ha
Effective URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Submission: On June 11 via api from US

Summary

This website contacted 11 IPs in 2 countries across 12 domains to perform 35 HTTP transactions. The main IP is 35.174.150.168, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www2.soundphysicians.com.
TLS certificate: Issued by R3 on April 20th 2021. Valid for: 3 months.
This is the only time www2.soundphysicians.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
11 storage.pardot.com www2.soundphysicians.com
7 www2.soundphysicians.com 5 redirects www2.soundphysicians.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www2.soundphysicians.com
www.gstatic.com
3 dl.dropboxusercontent.com www2.soundphysicians.com
3 dl.dropbox.com 3 redirects
2 pi.pardot.com www2.soundphysicians.com
pi.pardot.com
2 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 bit.ly 2 redirects
1 cdnjs.cloudflare.com www2.soundphysicians.com
1 fonts.googleapis.com www2.soundphysicians.com
1 www.googletagmanager.com www2.soundphysicians.com
1 beckershealthcare-news.com 1 redirects
35 14

This site contains links to these domains. Also see Links.

Domain
soundphysicians.com
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
www2.soundphysicians.com
R3
2021-04-20 -
2021-07-19
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-10 -
2021-08-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
storage.pardot.com
DigiCert SHA2 Secure Server CA
2020-12-09 -
2021-12-08
a year crt.sh
*.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
*.dl.dropboxusercontent.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-19 -
2022-02-14
a year crt.sh
pi.pardot.com
DigiCert SHA2 Secure Server CA
2020-12-05 -
2021-12-04
a year crt.sh

This page contains 3 frames:

Primary Page: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Frame ID: FFD8320976085B909045C9DD237E1EAF
Requests: 26 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly93d3cyLnNvdW5kcGh5c2ljaWFucy5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=y689i58q29gw
Frame ID: 79D7AEC28B6C9C51F4F85F6A0DCC08A8
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=pd9cv5hhaj1v
Frame ID: 141524AD80E656F974ADF84BC16A59C3
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://beckershealthcare-news.com/portal/wts/ugmcnkm%7C6DaqBt-fEfyLzOBA8ha HTTP 302
    https://bit.ly/3gmzdv5 HTTP 301
    https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

35
Requests

100 %
HTTPS

75 %
IPv6

12
Domains

14
Subdomains

11
IPs

2
Countries

2694 kB
Transfer

3773 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://beckershealthcare-news.com/portal/wts/ugmcnkm%7C6DaqBt-fEfyLzOBA8ha HTTP 302
    https://bit.ly/3gmzdv5 HTTP 301
    https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www2.soundphysicians.com/l/403342/2021-03-25/yp84n4/403342/1616715111COObNZds/SP_Logo_Color_landing_page_logo.png HTTP 302
  • https://storage.pardot.com/403342/1616715661Gv1VzJ81/SP_Logo_Color_landing_page_logo_01.png
Request Chain 5
  • https://bit.ly/2T5GCqz HTTP 301
  • https://www2.soundphysicians.com/l/403342/2021-06-07/22syvkj/403342/1623109626SIEl0ODo/2021_HM_Webinar___Performance_Management___Hero_Image.png HTTP 302
  • https://storage.pardot.com/403342/1623168727BH3yDdOA/2021_HM_Webinar___Performance_Management___Hero_Image__1_.png
Request Chain 6
  • https://www2.soundphysicians.com/l/403342/2021-04-09/yzk1g4/403342/1621979314zzv6S839/Calendar_Icon_White.svg HTTP 302
  • https://storage.pardot.com/403342/1621979314zzv6S839/Calendar_Icon_White.svg
Request Chain 7
  • https://www2.soundphysicians.com/l/403342/2021-04-09/yzl98q/403342/1621979151htNTjElO/Clock_Icon_White.svg HTTP 302
  • https://storage.pardot.com/403342/1621979151htNTjElO/Clock_Icon_White.svg
Request Chain 9
  • https://www2.soundphysicians.com/l/403342/2021-06-07/22syrvd/403342/1623109431g3C1zMzG/headshot_greg_johnson.png HTTP 302
  • https://storage.pardot.com/403342/1623109431g3C1zMzG/headshot_greg_johnson.png
Request Chain 17
  • https://dl.dropbox.com/s/z64ugj7ek1g78pr/CenturyGothic.woff2?dl=0 HTTP 302
  • https://dl.dropboxusercontent.com/s/z64ugj7ek1g78pr/CenturyGothic.woff2?dl=0
Request Chain 18
  • https://dl.dropbox.com/s/4yul7xf7hsetddr/CenturyGothic-Bold.woff2?dl=0 HTTP 302
  • https://dl.dropboxusercontent.com/s/4yul7xf7hsetddr/CenturyGothic-Bold.woff2?dl=0
Request Chain 19
  • https://dl.dropbox.com/s/njn7ytsdovluzs4/CenturyGothic-Italic.woff2?dl=0 HTTP 302
  • https://dl.dropboxusercontent.com/s/njn7ytsdovluzs4/CenturyGothic-Italic.woff2?dl=0

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 22syzcv
www2.soundphysicians.com/l/403342/2021-06-07/
Redirect Chain
  • https://beckershealthcare-news.com/portal/wts/ugmcnkm%7C6DaqBt-fEfyLzOBA8ha
  • https://bit.ly/3gmzdv5
  • https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
32 KB
9 KB
Document
General
Full URL
https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
9b66603de26fa8f569f460ec92ba695ccb43589a64d9cb7b26af154da8c63b0a

Request headers

Host
www2.soundphysicians.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 18:09:06 GMT
Set-Cookie
pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Pardot-Rsp
16/3/23
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
8519
Content-Type
text/html; charset=utf-8
X-Pardot-Route
cb482e8713caadba289bc279c1db8a1d
Server
PardotServer
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Connection
keep-alive

Redirect headers

server
nginx
date
Fri, 11 Jun 2021 18:09:06 GMT
content-type
text/html; charset=utf-8
content-length
147
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
referrer-policy
unsafe-url
set-cookie
_bit=l5bi96-1bd8a7bf7c3decbd48-004; Domain=bit.ly; Expires=Wed, 08 Dec 2021 18:09:06 GMT
via
1.1 google
alt-svc
clear
js
www.googletagmanager.com/gtag/
89 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-97044679-3
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83b477f4b233c5c2b5db4757e939ab7e518a7f1310d300ad9e5179b3ba11ea36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36078
x-xss-protection
0
expires
Fri, 11 Jun 2021 18:09:07 GMT
css2
fonts.googleapis.com/
5 KB
648 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63335463672d8be67b46c8c88a3558edc2cb401fda7077f972e563e39914795d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 17:41:41 GMT
server
ESF
date
Fri, 11 Jun 2021 18:09:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Jun 2021 18:09:07 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/
90 KB
29 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3189454
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29363
cf-request-id
0a9ddc826d00004e6e1789d000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-169d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lg15NzbqKL9JhjOxuMPajmzh3a6t9ciZsab3uFJqraKVUTIIIp7oAJ3gkgHLZP31gUufr%2BrV%2BByoVC8e%2B6csUolyg8q97upTqIBj66zMsnBYlIGJosQCHf1AYVWN1wSdKvccIOckFnDE6ovreQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65dcc9e3e8374e6e-FRA
expires
Wed, 01 Jun 2022 18:09:07 GMT
piUtils.js
www2.soundphysicians.com/js/
341 KB
99 KB
Script
General
Full URL
https://www2.soundphysicians.com/js/piUtils.js?ver=2020-10-19
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
744d368a676dabf6be331840fdf74176a9ad7a784bf3920e3f640c9ed89fc43c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www2.soundphysicians.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Connection
keep-alive
Referer
https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 18:09:07 GMT
Content-Encoding
gzip
X-Pardot-Route
cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Last-Modified
Fri, 11 Jun 2021 05:17:44 GMT
Server
PardotServer
ETag
"55586-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Sun, 11 Jun 2023 18:09:07 GMT
SP_Logo_Color_landing_page_logo_01.png
storage.pardot.com/403342/1616715661Gv1VzJ81/
Redirect Chain
  • https://www2.soundphysicians.com/l/403342/2021-03-25/yp84n4/403342/1616715111COObNZds/SP_Logo_Color_landing_page_logo.png
  • https://storage.pardot.com/403342/1616715661Gv1VzJ81/SP_Logo_Color_landing_page_logo_01.png
17 KB
17 KB
Image
General
Full URL
https://storage.pardot.com/403342/1616715661Gv1VzJ81/SP_Logo_Color_landing_page_logo_01.png
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66aa1dce098681910fa44dc7514f5e36100748e27a78d9804046fb5f8e20894f

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:08 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 23:41:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"ef07202de18ea059aa4674f84fc51e42"
x-cache
Miss from cloudfront
content-type
image/png; charset=binary
x-amz-replication-status
COMPLETED
content-length
17398
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
NhxbLH00Lhjlel5UP9nkvxgORBntLq8l
x-amz-cf-id
vcYbHXxj6d0U_kasi9ExHSjEt3M3uqbgk9p-MJw8EC1brd04R853LQ==

Redirect headers

Date
Fri, 11 Jun 2021 18:09:07 GMT
Content-Encoding
gzip
X-Pardot-Route
fb09abcaff05ac363535c455b453208a
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Server
PardotServer
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Location
https://storage.pardot.com/403342/1616715661Gv1VzJ81/SP_Logo_Color_landing_page_logo_01.png
Set-Cookie
pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
none
Content-Length
161
Expires
Fri, 11 Jun 2021 18:19:07 GMT
2021_HM_Webinar___Performance_Management___Hero_Image__1_.png
storage.pardot.com/403342/1623168727BH3yDdOA/
Redirect Chain
  • https://bit.ly/2T5GCqz
  • https://www2.soundphysicians.com/l/403342/2021-06-07/22syvkj/403342/1623109626SIEl0ODo/2021_HM_Webinar___Performance_Management___Hero_Image.png
  • https://storage.pardot.com/403342/1623168727BH3yDdOA/2021_HM_Webinar___Performance_Management___Hero_Image__1_.png
2 MB
2 MB
Image
General
Full URL
https://storage.pardot.com/403342/1623168727BH3yDdOA/2021_HM_Webinar___Performance_Management___Hero_Image__1_.png
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66fc4e47fa0227ff342785f2c8b20cd2fd4650ecaf253af70122fdd4783a791e

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:09 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Tue, 08 Jun 2021 16:12:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"f7825316e87bba031d314371b0c12307"
x-cache
Miss from cloudfront
content-type
image/png; charset=binary
x-amz-replication-status
COMPLETED
content-length
1681305
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
vNlWy4n3NfP1NNG8pOxCaYdGEUCczqKJ
x-amz-cf-id
KYwtMBovHLdyMPDMji_6jTaMjNo7r7fFKS89zenQFy7QSPcBjXQcCg==

Redirect headers

Date
Fri, 11 Jun 2021 18:09:07 GMT
Content-Encoding
gzip
X-Pardot-Route
cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Server
PardotServer
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Location
https://storage.pardot.com/403342/1623168727BH3yDdOA/2021_HM_Webinar___Performance_Management___Hero_Image__1_.png
Set-Cookie
pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
none
Content-Length
177
Expires
Fri, 11 Jun 2021 18:19:07 GMT
Calendar_Icon_White.svg
storage.pardot.com/403342/1621979314zzv6S839/
Redirect Chain
  • https://www2.soundphysicians.com/l/403342/2021-04-09/yzk1g4/403342/1621979314zzv6S839/Calendar_Icon_White.svg
  • https://storage.pardot.com/403342/1621979314zzv6S839/Calendar_Icon_White.svg
732 B
1 KB
Image
General
Full URL
https://storage.pardot.com/403342/1621979314zzv6S839/Calendar_Icon_White.svg
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
905f1618403e2c90dd6cc223b28554b6dcb1f829a399ba82fb29ec16aab38713

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:09 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Tue, 25 May 2021 21:48:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"aeebfd5a939dd53ecf2ae18d9b330e69"
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-replication-status
COMPLETED
content-length
732
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
ktQ9wzSxrlozPUmEgMZn9EHdz2J3GZbi
x-amz-cf-id
SsJx9FOrUYFlxqNKXqbAfFU0Ar0FVGU_rl1DdxVeFhSCU2YXivRG4g==

Redirect headers

Date
Fri, 11 Jun 2021 18:09:07 GMT
Content-Encoding
gzip
X-Pardot-Route
cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Server
PardotServer
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Location
https://storage.pardot.com/403342/1621979314zzv6S839/Calendar_Icon_White.svg
Set-Cookie
pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
none
Content-Length
148
Expires
Fri, 11 Jun 2021 18:19:07 GMT
Clock_Icon_White.svg
storage.pardot.com/403342/1621979151htNTjElO/
Redirect Chain
  • https://www2.soundphysicians.com/l/403342/2021-04-09/yzl98q/403342/1621979151htNTjElO/Clock_Icon_White.svg
  • https://storage.pardot.com/403342/1621979151htNTjElO/Clock_Icon_White.svg
630 B
1 KB
Image
General
Full URL
https://storage.pardot.com/403342/1621979151htNTjElO/Clock_Icon_White.svg
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2574416da944fef62d8d9431dde7578d455150bd5ee05f72cdb8e0a1572f134

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:09 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Tue, 25 May 2021 21:45:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"b7cff253cc4561817ff1bb99cf0b8784"
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-replication-status
COMPLETED
content-length
630
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
oN4yzcfeVhQxA4JnE_t5tM5ZSZTHH8Wc
x-amz-cf-id
x1tXw6svKVR93Ye4jICW9y7Wtrw9mR0UZXnmd_0DxG23dYKwETiglg==

Redirect headers

Date
Fri, 11 Jun 2021 18:09:07 GMT
Content-Encoding
gzip
X-Pardot-Route
cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Server
PardotServer
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Location
https://storage.pardot.com/403342/1621979151htNTjElO/Clock_Icon_White.svg
Set-Cookie
pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
none
Content-Length
148
Expires
Fri, 11 Jun 2021 18:19:07 GMT
api.js
www.google.com/recaptcha/
850 B
574 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9b7ea780f5ff5cd8a0ad4a2700143f3661284dc98d571cb38b188c2c060fe55a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Fri, 11 Jun 2021 18:09:07 GMT
headshot_greg_johnson.png
storage.pardot.com/403342/1623109431g3C1zMzG/
Redirect Chain
  • https://www2.soundphysicians.com/l/403342/2021-06-07/22syrvd/403342/1623109431g3C1zMzG/headshot_greg_johnson.png
  • https://storage.pardot.com/403342/1623109431g3C1zMzG/headshot_greg_johnson.png
107 KB
108 KB
Image
General
Full URL
https://storage.pardot.com/403342/1623109431g3C1zMzG/headshot_greg_johnson.png
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abeb67b124e405da5159bfa232434030b37c7a5499dd3b412e90d798dd25a3ef

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:09 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Mon, 07 Jun 2021 23:43:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"7686ebcac6aa419fd9fe5c6ec358d1c9"
x-cache
Miss from cloudfront
content-type
image/png; charset=binary
x-amz-replication-status
COMPLETED
content-length
110020
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
R7eBAKQSH74SllDQWYs18lgAiVbOEKbh
x-amz-cf-id
GbOa3RRfQaYvSHMQ82a4AjrwoRm1CvdXawC_yyo1GVdcvKJWAc45dA==

Redirect headers

Date
Fri, 11 Jun 2021 18:09:07 GMT
Content-Encoding
gzip
X-Pardot-Route
cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Server
PardotServer
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Location
https://storage.pardot.com/403342/1623109431g3C1zMzG/headshot_greg_johnson.png
Set-Cookie
pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
none
Content-Length
148
Expires
Fri, 11 Jun 2021 18:19:07 GMT
SP_facebook.svg
storage.pardot.com/403342/1615468318ugH30FjB/
519 B
923 B
Image
General
Full URL
https://storage.pardot.com/403342/1615468318ugH30FjB/SP_facebook.svg
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2598a6761722fd94514c50228cc70fcd83b56f4201a17d88eb995421b2a8b572

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:08 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 13:12:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"d8aeef7ec98357fabda7a25a7c44feaa"
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-replication-status
COMPLETED
content-length
519
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
unbM4QqxDvMCWaL4nIgrU9PRiWsviNER
x-amz-cf-id
e-48X5X1V0-gI0Yt6tW9lu3Jx8_Sd9M2JwlIRxRSASHDa36v3QEC6g==
SP_twitter.svg
storage.pardot.com/403342/1615468717mUl4ET9E/
727 B
1 KB
Image
General
Full URL
https://storage.pardot.com/403342/1615468717mUl4ET9E/SP_twitter.svg
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3278dfad0936f747f0d79b4f2b137491cbe160ea78726bac01a56367250c8891

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:08 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 13:18:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"5ff124ff649553f00620ee8d3f1b0048"
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-replication-status
COMPLETED
content-length
727
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
1pVP2C2dk1GmarrjF4vccG4C4PA3jFMn
x-amz-cf-id
f19A5ujMXWs1UY-3Jmk-LRpUQig8GzrY_HkWGnRX39aT_lTIyex1Qg==
SP_linkdin.svg
storage.pardot.com/403342/1615468444kFfTHU4w/
813 B
1 KB
Image
General
Full URL
https://storage.pardot.com/403342/1615468444kFfTHU4w/SP_linkdin.svg
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51b9184bb4fc496885851a15625e00c5aee6d66bcb5b5c715bdfe452f8491190

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:08 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 13:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"c63a6f0b0fc94cde8b6f5a6a9e5b04be"
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-replication-status
COMPLETED
content-length
813
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
TvwcUsELj1QQiWYbfG7PtYqDlqSgBi8_
x-amz-cf-id
vQCF0O1zDGsgIBI4dSz6LKP3NWPLb7ol3xng-iUMb0d--EUQ19hMIg==
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97044679-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
913
date
Fri, 11 Jun 2021 17:53:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 11 Jun 2021 19:53:54 GMT
SPE_form_bg_image.png
storage.pardot.com/403342/1615469029JAdFOQT4/
7 KB
7 KB
Image
General
Full URL
https://storage.pardot.com/403342/1615469029JAdFOQT4/SPE_form_bg_image.png
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e931a350caf404251e6d8f0b65c19b4b96951c16f72e6144e5346541ea05d87c

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:08 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 13:23:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"4ae85526271b5d1a45dbf0831a525489"
x-cache
Miss from cloudfront
content-type
image/png; charset=binary
x-amz-replication-status
COMPLETED
content-length
6699
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
MjiDDQUz6kMbx4.vQmDaY4DRD.y20EHz
x-amz-cf-id
dedvdzKTkFOIkEKZjGD97PmuK6QODTVX3uS-4UyISl8SsrKTdNpRng==
SP_select_arrow.png
storage.pardot.com/403342/161546866931vwiUZv/
238 B
647 B
Image
General
Full URL
https://storage.pardot.com/403342/161546866931vwiUZv/SP_select_arrow.png
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30860533af47279334f6902b35feaae1015d302c71e6d8da8e791bdba3eda61b

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:08 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 13:17:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"e68a3397599e862ae26f4151d749582b"
x-cache
Miss from cloudfront
content-type
image/png; charset=binary
x-amz-replication-status
COMPLETED
content-length
238
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
398aDImEbNBGYqikBFtwP0m7tfI25rsN
x-amz-cf-id
x-5EW62Q1n0NrtID233-A997twk1ik1590km1FxdhVBrruBcW-Wd2A==
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www2.soundphysicians.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 22:36:38 GMT
x-content-type-options
nosniff
age
243149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7848
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:23 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 22:36:38 GMT
CenturyGothic.woff2
dl.dropboxusercontent.com/s/z64ugj7ek1g78pr/
Redirect Chain
  • https://dl.dropbox.com/s/z64ugj7ek1g78pr/CenturyGothic.woff2?dl=0
  • https://dl.dropboxusercontent.com/s/z64ugj7ek1g78pr/CenturyGothic.woff2?dl=0
55 KB
55 KB
Font
General
Full URL
https://dl.dropboxusercontent.com/s/z64ugj7ek1g78pr/CenturyGothic.woff2?dl=0
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
9acd79e474e938497f4b310e9265231f8c927c4565ae9b7884c491f566fe4e35
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:08 GMT
x-content-type-options
nosniff
x-dropbox-request-id
e8e8df9fa1904c33803d98b17a1f7f65
x-dropbox-response-origin
remote
content-disposition
inline; filename="CenturyGothic.woff2"; filename*=UTF-8''CenturyGothic.woff2
content-length
56276
pragma
public
server
envoy
etag
1615278339659194n
x-server-response-time
308
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
max-age=60
content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex, noindex, nofollow, noimageindex

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 18:09:07 GMT
content-encoding
gzip
server
envoy
location
https://dl.dropboxusercontent.com/s/z64ugj7ek1g78pr/CenturyGothic.woff2?dl=0
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
no-cache
x-dropbox-response-origin
remote
content-security-policy
sandbox
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow, noimageindex, noindex, nofollow, noimageindex
x-dropbox-request-id
aa1c516551a84990b42fb1e8e78d5e84
CenturyGothic-Bold.woff2
dl.dropboxusercontent.com/s/4yul7xf7hsetddr/
Redirect Chain
  • https://dl.dropbox.com/s/4yul7xf7hsetddr/CenturyGothic-Bold.woff2?dl=0
  • https://dl.dropboxusercontent.com/s/4yul7xf7hsetddr/CenturyGothic-Bold.woff2?dl=0
49 KB
50 KB
Font
General
Full URL
https://dl.dropboxusercontent.com/s/4yul7xf7hsetddr/CenturyGothic-Bold.woff2?dl=0
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
7399bb6365c1500b8561215a666254b632d28682e420d0cb42c2f367ad66e237
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:08 GMT
x-content-type-options
nosniff
x-dropbox-request-id
eb6b907ff570487fa46d3a18c3a9a6c0
x-dropbox-response-origin
remote
content-disposition
inline; filename="CenturyGothic-Bold.woff2"; filename*=UTF-8''CenturyGothic-Bold.woff2
content-length
50388
pragma
public
server
envoy
etag
1615278339659198n
x-server-response-time
297
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
max-age=60
content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex, noindex, nofollow, noimageindex

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 18:09:07 GMT
content-encoding
gzip
server
envoy
location
https://dl.dropboxusercontent.com/s/4yul7xf7hsetddr/CenturyGothic-Bold.woff2?dl=0
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
no-cache
x-dropbox-response-origin
remote
content-security-policy
sandbox
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow, noimageindex, noindex, nofollow, noimageindex
x-dropbox-request-id
ceb9cb248617494bba7229c58ac442bb
CenturyGothic-Italic.woff2
dl.dropboxusercontent.com/s/njn7ytsdovluzs4/
Redirect Chain
  • https://dl.dropbox.com/s/njn7ytsdovluzs4/CenturyGothic-Italic.woff2?dl=0
  • https://dl.dropboxusercontent.com/s/njn7ytsdovluzs4/CenturyGothic-Italic.woff2?dl=0
58 KB
59 KB
Font
General
Full URL
https://dl.dropboxusercontent.com/s/njn7ytsdovluzs4/CenturyGothic-Italic.woff2?dl=0
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
184c04a3b2be243a1a20115def7e2ce72d3a275b903068d00b2a15a363a61309
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:08 GMT
x-content-type-options
nosniff
x-dropbox-request-id
ce29e6465fae4dbcba7352ef83f9c758
x-dropbox-response-origin
remote
content-disposition
inline; filename="CenturyGothic-Italic.woff2"; filename*=UTF-8''CenturyGothic-Italic.woff2
content-length
59884
pragma
public
server
envoy
etag
1615278339659197n
x-server-response-time
397
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
max-age=60
content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex, noindex, nofollow, noimageindex

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 18:09:07 GMT
content-encoding
gzip
server
envoy
location
https://dl.dropboxusercontent.com/s/njn7ytsdovluzs4/CenturyGothic-Italic.woff2?dl=0
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
no-cache
x-dropbox-response-origin
remote
content-security-policy
sandbox
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow, noimageindex, noindex, nofollow, noimageindex
x-dropbox-request-id
06d893bdfdb4493b8379d3267cc4283f
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/
343 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www2.soundphysicians.com
Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 09:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136998
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 09:14:28 GMT
SPE_round_after.svg
storage.pardot.com/403342/1615469355nSYwzPzd/
0
0
Image
General
Full URL
https://storage.pardot.com/403342/1615469355nSYwzPzd/SPE_round_after.svg
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c000:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=278007182&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.soundphysicians.com%2Fl%2F403342%2F2021-06-07%2F22syzcv&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1597091071&gjid=1425654326&cid=1808643863.1623434948&tid=UA-97044679-3&_gid=1011908165.1623434948&_r=1&gtm=2ou690&z=1602299052
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 18:09:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www2.soundphysicians.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 79D7
39 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly93d3cyLnNvdW5kcGh5c2ljaWFucy5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=y689i58q29gw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e9db2fd222dd78ee365f2ab291a0343f0240d3176a4be5168cd4a1993716d37
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2qFWTy5nn4WeFyx/ySTwAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly93d3cyLnNvdW5kcGh5c2ljaWFucy5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=y689i58q29gw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www2.soundphysicians.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www2.soundphysicians.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 11 Jun 2021 18:09:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-2qFWTy5nn4WeFyx/ySTwAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20390
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 79D7
52 KB
52 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly93d3cyLnNvdW5kcGh5c2ljaWFucy5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=y689i58q29gw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 15:07:26 GMT
vary
Accept-Encoding
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
x-content-type-options
nosniff
age
10901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52867
x-xss-protection
0
expires
Sat, 11 Jun 2022 15:07:26 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 79D7
343 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly93d3cyLnNvdW5kcGh5c2ljaWFucy5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=y689i58q29gw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 09:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136998
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 09:14:28 GMT
truncated
/ Frame 79D7
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 79D7
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 79D7
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 23:32:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
239768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Tue, 15 Jun 2021 23:32:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 79D7
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly93d3cyLnNvdW5kcGh5c2ljaWFucy5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=y689i58q29gw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:59:14 GMT
x-content-type-options
nosniff
age
14993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jun 2022 13:59:14 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 79D7
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e8f05752862160fa1888c91060a324c84870cd4bca2acee125713d11147fde5d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly93d3cyLnNvdW5kcGh5c2ljaWFucy5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=y689i58q29gw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 18:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 11 Jun 2021 18:09:07 GMT
bframe
www.google.com/recaptcha/api2/ Frame 1415
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=pd9cv5hhaj1v
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
442e725f5904db19e56e99169911fceb5e054fcc75a3e9c1078c1826c3668c4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MDGYxGF2oZXtt/Hd2CtD3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=pd9cv5hhaj1v
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www2.soundphysicians.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www2.soundphysicians.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 11 Jun 2021 18:09:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-MDGYxGF2oZXtt/Hd2CtD3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 1415
52 KB
52 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=pd9cv5hhaj1v
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 15:07:26 GMT
vary
Accept-Encoding
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
x-content-type-options
nosniff
age
10902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52867
x-xss-protection
0
expires
Sat, 11 Jun 2022 15:07:26 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 1415
343 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=pd9cv5hhaj1v
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 09:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136998
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 09:14:28 GMT
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www2.soundphysicians.com
URL: https://www2.soundphysicians.com/l/403342/2021-06-07/22syzcv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 18:09:09 GMT
Content-Encoding
gzip
X-Pardot-Route
4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Last-Modified
Fri, 11 Jun 2021 05:17:45 GMT
Server
PardotServer
ETag
"14be-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1923
Expires
Sun, 11 Jun 2023 18:09:09 GMT
analytics
pi.pardot.com/
1 KB
1 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=165841&account_id=404342&title=&url=https%3A%2F%2Fwww2.soundphysicians.com%2Fl%2F403342%2F2021-06-07%2F22syzcv&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
d1e519123b0f2750cc6985368c681c82fddf08fda332def8fd85ae42f629d16a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www2.soundphysicians.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 18:09:09 GMT
Content-Encoding
gzip
X-Pardot-Route
d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp
17/10/44
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
P3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
673
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| pardot object| piAjax object| piUtils string| piAId string| piCId string| piHostname object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| anchors object| anchor object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_389794 function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piEnableTracking function| piDisableTracking function| piResponse

3 Cookies

Domain/Path Name / Value
.soundphysicians.com/ Name: _gat_gtag_UA_97044679_3
Value: 1
.soundphysicians.com/ Name: _gid
Value: GA1.2.1011908165.1623434948
.soundphysicians.com/ Name: _ga
Value: GA1.2.1808643863.1623434948

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beckershealthcare-news.com
bit.ly
cdnjs.cloudflare.com
dl.dropbox.com
dl.dropboxusercontent.com
fonts.googleapis.com
fonts.gstatic.com
pi.pardot.com
storage.pardot.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www2.soundphysicians.com
205.162.40.203
2600:9000:21f3:c000:d:7e9b:1200:93a1
2606:4700::6810:125e
2620:100:6022:15::a27d:420f
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
35.174.150.168
67.199.248.11
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
184c04a3b2be243a1a20115def7e2ce72d3a275b903068d00b2a15a363a61309
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e9db2fd222dd78ee365f2ab291a0343f0240d3176a4be5168cd4a1993716d37
2598a6761722fd94514c50228cc70fcd83b56f4201a17d88eb995421b2a8b572
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
30860533af47279334f6902b35feaae1015d302c71e6d8da8e791bdba3eda61b
3278dfad0936f747f0d79b4f2b137491cbe160ea78726bac01a56367250c8891
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
442e725f5904db19e56e99169911fceb5e054fcc75a3e9c1078c1826c3668c4d
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
51b9184bb4fc496885851a15625e00c5aee6d66bcb5b5c715bdfe452f8491190
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
63335463672d8be67b46c8c88a3558edc2cb401fda7077f972e563e39914795d
66aa1dce098681910fa44dc7514f5e36100748e27a78d9804046fb5f8e20894f
66fc4e47fa0227ff342785f2c8b20cd2fd4650ecaf253af70122fdd4783a791e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7399bb6365c1500b8561215a666254b632d28682e420d0cb42c2f367ad66e237
744d368a676dabf6be331840fdf74176a9ad7a784bf3920e3f640c9ed89fc43c
83b477f4b233c5c2b5db4757e939ab7e518a7f1310d300ad9e5179b3ba11ea36
905f1618403e2c90dd6cc223b28554b6dcb1f829a399ba82fb29ec16aab38713
9acd79e474e938497f4b310e9265231f8c927c4565ae9b7884c491f566fe4e35
9b66603de26fa8f569f460ec92ba695ccb43589a64d9cb7b26af154da8c63b0a
9b7ea780f5ff5cd8a0ad4a2700143f3661284dc98d571cb38b188c2c060fe55a
abeb67b124e405da5159bfa232434030b37c7a5499dd3b412e90d798dd25a3ef
b2574416da944fef62d8d9431dde7578d455150bd5ee05f72cdb8e0a1572f134
b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d1e519123b0f2750cc6985368c681c82fddf08fda332def8fd85ae42f629d16a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f05752862160fa1888c91060a324c84870cd4bca2acee125713d11147fde5d
e931a350caf404251e6d8f0b65c19b4b96951c16f72e6144e5346541ea05d87c