urlscan.io logo urlscan.io
SecurityTrails logo

medicifinancialmodeling.com Open in urlscan Pro
172.105.19.218  Public Scan

Go To Rescan Add Verdict Report
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Submission: On August 14 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 27 HTTP transactions. The main IP is 172.105.19.218, located in Toronto, Canada and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is medicifinancialmodeling.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 13th 2023. Valid for: 3 months.
This is the only time medicifinancialmodeling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 172.105.19.218 63949 (AKAMAI-LI...)
1 172.217.13.104 15169 (GOOGLE)
1 142.250.81.238 15169 (GOOGLE)
4 172.217.13.132 15169 (GOOGLE)
4 172.217.13.131 15169 (GOOGLE)
2 142.251.40.99 15169 (GOOGLE)
1 1 162.159.138.60 13335 (CLOUDFLAR...)
1 184.29.143.161 20940 (AKAMAI-ASN1)
27 7
14    172.105.19.218 (Toronto, Canada)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: saturn.pxlcrv.co
medicifinancialmodeling.com
1    172.217.13.104 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net
www.googletagmanager.com
1    142.250.81.238 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f14.1e100.net
www.google-analytics.com
4    172.217.13.132 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f4.1e100.net
www.google.com
4    172.217.13.131 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f3.1e100.net
www.gstatic.com
2    142.251.40.99 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f3.1e100.net
fonts.gstatic.com
1    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
1    184.29.143.161 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-29-143-161.deploy.static.akamaitechnologies.com
download-video.akamaized.net
Apex Domain
Subdomains		 Transfer
14 medicifinancialmodeling.com
medicifinancialmodeling.com
399 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
410 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
50 KB
1 akamaized.net
download-video.akamaized.net — Cisco Umbrella Rank: 25812
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1888
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54
262 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
91 KB
27 7
Domain Requested by
14 medicifinancialmodeling.com medicifinancialmodeling.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com medicifinancialmodeling.com
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
1 download-video.akamaized.net
1 player.vimeo.com 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com medicifinancialmodeling.com
27 8

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.youtube.com
pixelcarve.com
Subject Issuer Validity Valid
medicifinancialmodeling.com
cPanel, Inc. Certification Authority		 2023-07-13 -
2023-10-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Frame ID: 3DF0559343336B2F74FE62603E27FCF3
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&co=aHR0cHM6Ly9tZWRpY2lmaW5hbmNpYWxtb2RlbGluZy5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=j6pnqefctfd8
Frame ID: E21AF1C5A1D59C22DD64BC1BC925966E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Medici Financial Modeling Inc.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

27
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

950 kB
Transfer

5601 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://player.vimeo.com/progressive_redirect/playback/791926052/rendition/1080p/file.mp4?loc=external&signature=b6d84a7b6f8fb57b61de2970043a2aa6e8562bab8e01cd299748d9f4c02ed3f6 HTTP 302
  • https://download-video.akamaized.net/v2-1/playback/ee2d8b27-d390-4d7b-bcb0-ac495df1ae1d/b8440569-019451e2?__token__=st=1692038313~exp=1692052713~acl=%2Fv2-1%2Fplayback%2Fee2d8b27-d390-4d7b-bcb0-ac495df1ae1d%2Fb8440569-019451e2%2A~hmac=25b5a46918f131304c56dfd7db3e54aaa03b76c064389c07b3506bef4b1f1dd7&r=dXMtd2VzdDE%3D

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
medicifinancialmodeling.com/ 		137 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
f4239a5fc446d8b17235134a0794855f778ff1805c45b223bc3883672cb862c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=604800
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 18:38:31 GMT
expires
Mon, 21 Aug 2023 18:38:31 GMT
link
<https://medicifinancialmodeling.com/>; rel=shortlink
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-ua-compatible
IE=Edge,chrome=1
header.min.css
medicifinancialmodeling.com/wp-content/themes/medici/css/ 		58 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicifinancialmodeling.com/wp-content/themes/medici/css/header.min.css?163&ver=1
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
d0dc3b6832d0233d876ed071e640714a9d1ffce4500738f26455006257b66933
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 26 Jun 2023 18:24:28 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6990
expires
Mon, 21 Aug 2023 18:38:31 GMT
main.min.css
medicifinancialmodeling.com/wp-content/themes/medici/css/ 		182 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicifinancialmodeling.com/wp-content/themes/medici/css/main.min.css?163&ver=1
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
a28060f6d39d85df6d039cac8230cba134b8b0f8eadff510a0139ed70608cced
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 26 Jun 2023 18:24:28 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20991
expires
Mon, 21 Aug 2023 18:38:31 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GZXFKVTKCT
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ef511478ba5922aa79fdd65a6de265023272eb38e1e43519b9b9ad6be8230e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92582
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 14 Aug 2023 18:38:31 GMT
lazy.svg
medicifinancialmodeling.com/wp-content/themes/medici/images/com/ 		167 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicifinancialmodeling.com/wp-content/themes/medici/images/com/lazy.svg
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
e356d24ca4e32c1d1fc9a36b0f00073f129ab6c2d3308424f3d3e08b60fd046c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 26 Jun 2023 18:24:27 GMT
server
LiteSpeed
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
167
expires
Wed, 13 Sep 2023 18:38:31 GMT
box_1.svg
medicifinancialmodeling.com/wp-content/uploads/2023/01/ 		460 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicifinancialmodeling.com/wp-content/uploads/2023/01/box_1.svg
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
cf2ba9ceb5827650c4a5d9b0f1dae95794f9640d9c5b047b4acc72084fd44a9b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 19 Jun 2023 15:42:12 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
254
expires
Wed, 13 Sep 2023 18:38:31 GMT
Sabon-Bold.woff2
medicifinancialmodeling.com/wp-content/themes/medici/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://medicifinancialmodeling.com/wp-content/themes/medici/fonts/Sabon-Bold.woff2
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/wp-content/themes/medici/css/main.min.css?163&ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
71e3b9ae3c21d1bb71031315f94ea9b0494cc0c2e8c93587d325934d6f917c1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://medicifinancialmodeling.com/wp-content/themes/medici/css/main.min.css?163&ver=1
Origin
https://medicifinancialmodeling.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 21 Aug 2023 18:38:31 GMT
date
Mon, 14 Aug 2023 18:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 26 Jun 2023 18:24:28 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16736
x-ua-compatible
IE=Edge,chrome=1
ProximaNova-Regular.woff2
medicifinancialmodeling.com/wp-content/themes/medici/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://medicifinancialmodeling.com/wp-content/themes/medici/fonts/ProximaNova-Regular.woff2
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/wp-content/themes/medici/css/main.min.css?163&ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
5aae71838ba4983ac1f65ebdfd7ce440a13ca6721863a3b72104b8e5377117ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://medicifinancialmodeling.com/wp-content/themes/medici/css/main.min.css?163&ver=1
Origin
https://medicifinancialmodeling.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 21 Aug 2023 18:38:31 GMT
date
Mon, 14 Aug 2023 18:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 26 Jun 2023 18:24:28 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
34280
x-ua-compatible
IE=Edge,chrome=1
ProximaNova-Semibold.woff2
medicifinancialmodeling.com/wp-content/themes/medici/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://medicifinancialmodeling.com/wp-content/themes/medici/fonts/ProximaNova-Semibold.woff2
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/wp-content/themes/medici/css/main.min.css?163&ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
db7b64fb80467ec20d65ed2d27bf2cd2fcdb72295cb7e03c4eb54a252daad5f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://medicifinancialmodeling.com/wp-content/themes/medici/css/main.min.css?163&ver=1
Origin
https://medicifinancialmodeling.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 21 Aug 2023 18:38:31 GMT
date
Mon, 14 Aug 2023 18:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 26 Jun 2023 18:24:28 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
33744
x-ua-compatible
IE=Edge,chrome=1
box_2.svg
medicifinancialmodeling.com/wp-content/uploads/2023/01/ 		410 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicifinancialmodeling.com/wp-content/uploads/2023/01/box_2.svg
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
53b853242c7782f54fa36d52f91c4bae6061434c34897b4064a99f4b3369287e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 19 Jun 2023 15:42:12 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
249
expires
Wed, 13 Sep 2023 18:38:31 GMT
bg-3.jpg
medicifinancialmodeling.com/wp-content/uploads/2023/01/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicifinancialmodeling.com/wp-content/uploads/2023/01/bg-3.jpg
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
7041a8f2debc575c85580a89eef908d5abc5897f31ac5d229ebfa5fa011117de
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 19 Jun 2023 16:46:15 GMT
server
LiteSpeed
vary
Accept
content-type
image/webp
cache-control
private
accept-ranges
bytes
content-length
20958
expires
Tue, 13 Aug 2024 18:38:31 GMT
collect
www.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GZXFKVTKCT&gtm=45je3890&_p=1997909270&cid=849336703.1692038312&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692038311&sct=1&seg=0&dl=https%3A%2F%2Fmedicifinancialmodeling.com%2F%3Fgclid%3DCj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB&dt=Home%20-%20Medici%20Financial%20Modeling%20Inc.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GZXFKVTKCT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 18:38:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medicifinancialmodeling.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.js
www.google.com/recaptcha/ 		884 B
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&ver=3.0
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f4.1e100.net
Software
GSE /
Resource Hash
55aef8886e29a7c45c7f907da3b3a0585038166fb10e975779d07614aa0689ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
589
x-xss-protection
1; mode=block
expires
Mon, 14 Aug 2023 18:38:32 GMT
scripts.min.js
medicifinancialmodeling.com/wp-content/themes/medici/js/ 		613 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medicifinancialmodeling.com/wp-content/themes/medici/js/scripts.min.js?151
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
5e71bc357c03a7aa4c54d5450fba38a7a2c2b2a5a42f08a6eb39504ed673fc9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 26 Jun 2023 18:24:27 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
189072
expires
Mon, 21 Aug 2023 18:38:31 GMT
common.min.js
medicifinancialmodeling.com/wp-content/themes/medici/js/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medicifinancialmodeling.com/wp-content/themes/medici/js/common.min.js?151
Requested by
Host: medicifinancialmodeling.com
URL: https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
93aefa4501536e0bb6738adbab3065c768b9ed52f5cd140dcefbd4ea92d6500a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 26 Jun 2023 18:24:27 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6581
expires
Mon, 21 Aug 2023 18:38:31 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 		438 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f3.1e100.net
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medicifinancialmodeling.com/
Origin
https://medicifinancialmodeling.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 16:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 16:07:06 GMT
anchor
www.google.com/recaptcha/api2/ Frame E21A 		54 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&co=aHR0cHM6Ly9tZWRpY2lmaW5hbmNpYWxtb2RlbGluZy5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=j6pnqefctfd8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f4.1e100.net
Software
GSE /
Resource Hash
3e9d8152e3a233013f416a3b01918cb82aea7aaba1636fd58dc4e28d0ba8ecce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4qxDOM1kGx3D2NoVdoNk2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medicifinancialmodeling.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
30344
content-security-policy
script-src 'report-sample' 'nonce-4qxDOM1kGx3D2NoVdoNk2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 18:38:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame E21A 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&co=aHR0cHM6Ly9tZWRpY2lmaW5hbmNpYWxtb2RlbGluZy5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=j6pnqefctfd8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f3.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 16:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 16:07:06 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame E21A 		438 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&co=aHR0cHM6Ly9tZWRpY2lmaW5hbmNpYWxtb2RlbGluZy5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=j6pnqefctfd8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f3.1e100.net
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 16:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 16:07:06 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E21A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 01:20:45 GMT
x-content-type-options
nosniff
age
494267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 01:20:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E21A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&co=aHR0cHM6Ly9tZWRpY2lmaW5hbmNpYWxtb2RlbGluZy5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=j6pnqefctfd8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.99 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:51:47 GMT
x-content-type-options
nosniff
age
236805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:51:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E21A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&co=aHR0cHM6Ly9tZWRpY2lmaW5hbmNpYWxtb2RlbGluZy5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=j6pnqefctfd8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.99 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 22:09:32 GMT
x-content-type-options
nosniff
age
246540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 22:09:32 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E21A 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3kTz7WGoZLQTivI-amNftGZO
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&co=aHR0cHM6Ly9tZWRpY2lmaW5hbmNpYWxtb2RlbGluZy5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=j6pnqefctfd8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f4.1e100.net
Software
GSE /
Resource Hash
0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&co=aHR0cHM6Ly9tZWRpY2lmaW5hbmNpYWxtb2RlbGluZy5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=j6pnqefctfd8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 14 Aug 2023 18:38:32 GMT
reload
www.google.com/recaptcha/api2/ Frame E21A 		33 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f4.1e100.net
Software
GSE /
Resource Hash
2e91ade3ec9c10528a3763413cb0c55e41ccd32529ff6c8b1618ecb0eecd17ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcG7B4kAAAAAB5CwmZO_SJK0VlR39i_-HMHexSU&co=aHR0cHM6Ly9tZWRpY2lmaW5hbmNpYWxtb2RlbGluZy5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=j6pnqefctfd8
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 14 Aug 2023 18:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19334
x-xss-protection
1; mode=block
expires
Mon, 14 Aug 2023 18:38:33 GMT
image.png
medicifinancialmodeling.com/wp-content/uploads/2023/06/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicifinancialmodeling.com/wp-content/uploads/2023/06/image.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
5eb8b42dee183ed0a82a3903085bf93a3aec185585d639a173b84486f35cda8b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 19 Jun 2023 16:45:09 GMT
server
LiteSpeed
vary
Accept
content-type
image/webp
cache-control
private
accept-ranges
bytes
content-length
51266
expires
Tue, 13 Aug 2024 18:38:33 GMT
b8440569-019451e2
download-video.akamaized.net/v2-1/playback/ee2d8b27-d390-4d7b-bcb0-ac495df1ae1d/
Redirect Chain
  • https://player.vimeo.com/progressive_redirect/playback/791926052/rendition/1080p/file.mp4?loc=external&signature=b6d84a7b6f8fb57b61de2970043a2aa6e8562bab8e01cd299748d9f4c02ed3f6
  • https://download-video.akamaized.net/v2-1/playback/ee2d8b27-d390-4d7b-bcb0-ac495df1ae1d/b8440569-019451e2?__token__=st=1692038313~exp=1692052713~acl=%2Fv2-1%2Fplayback%2Fee2d8b27-d390-4d7b-bcb0-ac4...
3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://download-video.akamaized.net/v2-1/playback/ee2d8b27-d390-4d7b-bcb0-ac495df1ae1d/b8440569-019451e2?__token__=st=1692038313~exp=1692052713~acl=%2Fv2-1%2Fplayback%2Fee2d8b27-d390-4d7b-bcb0-ac495df1ae1d%2Fb8440569-019451e2%2A~hmac=25b5a46918f131304c56dfd7db3e54aaa03b76c064389c07b3506bef4b1f1dd7&r=dXMtd2VzdDE%3D
Protocol
HTTP/1.1
Server
184.29.143.161 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-29-143-161.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 18:38:35 GMT
Content-Range
bytes 0-3397794/3397795
Connection
keep-alive
Akamai-Mon-Iucid-Del
1190815
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
3397795
X-Request-Id
xTPXSuHuwwg0e70Eo3VmJz62G3E1MJfd
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=29718495
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

Redirect headers

expires
Fri, 15 Dec 1985 19:30:00 GMT
Date
Mon, 14 Aug 2023 18:38:34 GMT
content-security-policy
default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com; report-uri /_csp
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish
CF-Cache-Status
DYNAMIC
Age
0
X-Cache
MISS
x-host
player-backend-647fb5f69-pfxwh
Connection
keep-alive
x-backend-server
player-backend-edge-entry
Content-Length
0
x-xss-protection
1; mode=block
X-Served-By
cache-yyz4552-YYZ
x-player-backend
g
Server
cloudflare
X-Timer
S1692038314.945537,VS0,VE69
access-control-allow-origin
*
Location
https://download-video.akamaized.net/v2-1/playback/ee2d8b27-d390-4d7b-bcb0-ac495df1ae1d/b8440569-019451e2?__token__=st=1692038313~exp=1692052713~acl=%2Fv2-1%2Fplayback%2Fee2d8b27-d390-4d7b-bcb0-ac495df1ae1d%2Fb8440569-019451e2%2A~hmac=25b5a46918f131304c56dfd7db3e54aaa03b76c064389c07b3506bef4b1f1dd7&r=dXMtd2VzdDE%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
player-backend-647fb5f69-pfxwh
Accept-Ranges
bytes
CF-RAY
7f6b50c60df33702-YYZ
X-Cache-Hits
0
box.jpg
medicifinancialmodeling.com/wp-content/uploads/2023/01/ 		812 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicifinancialmodeling.com/wp-content/uploads/2023/01/box.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.105.19.218 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
saturn.pxlcrv.co
Software
LiteSpeed /
Resource Hash
191117ac89ddd74fd05c7b1b083a67504b042022c2c68bbc5ee4186b292e4a0f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://medicifinancialmodeling.com/?gclid=Cj0KCQjwoeemBhCfARIsADR2QCtQxVkNY7qaEJO4_zydO0pR75Io7qk1qAhQM2lcPpfpYK2zYvHHyM0aAgeeEALw_wcB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 19 Jun 2023 16:46:12 GMT
server
LiteSpeed
vary
Accept
content-type
image/webp
cache-control
private
accept-ranges
bytes
content-length
812
expires
Tue, 13 Aug 2024 18:38:33 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7 object| wpcf7_recaptcha object| gr function| yr object| vr boolean| br object| wr function| Dr function| _r object| xr object| Tr function| Cr function| kr function| Er function| Sr function| Or function| Pr function| Ar function| Fr function| Mr object| Lr function| MarkerClusterer object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin object| ScrollToPlugin function| DrawSVGPlugin function| ScrollTrigger function| CustomEase function| Swiper object| barba function| CssRulePlugin object| CSSRulePlugin function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| swv object| recaptcha object| closure_lm_883507 object| _gsap function| _scrollTop function| _scrollLeft

4 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABcCkGs3TwuSnLjPB05EhvtnOyPaX0sLSjpRVQuCLbFe2a949bL04oax5lmhvWQ9yQbSrIsRbKFjRxlZh6yMAaI
.medicifinancialmodeling.com/ Name: _ga_GZXFKVTKCT
Value: GS1.1.1692038311.1.0.1692038311.0.0.0
.medicifinancialmodeling.com/ Name: _ga
Value: GA1.1.849336703.1692038312
.vimeo.com/ Name: __cf_bm
Value: qFGnBeQlGg2g6HuL9tx9P149wTNmaJJf.4GDjHFMwDU-1692038314-0-AdEK3GDnOaZwBgPBRTqGTEkXQKTdAG+DCR6TfsCkFjd6YTLwwYM6RtQdV2HD0NY3Oc7D22JER1Q7Uyp17V8n+Yg=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

download-video.akamaized.net
fonts.gstatic.com
medicifinancialmodeling.com
player.vimeo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.81.238
142.251.40.99
162.159.138.60
172.105.19.218
172.217.13.104
172.217.13.131
172.217.13.132
184.29.143.161
0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9
191117ac89ddd74fd05c7b1b083a67504b042022c2c68bbc5ee4186b292e4a0f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2e91ade3ec9c10528a3763413cb0c55e41ccd32529ff6c8b1618ecb0eecd17ba
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e9d8152e3a233013f416a3b01918cb82aea7aaba1636fd58dc4e28d0ba8ecce
53b853242c7782f54fa36d52f91c4bae6061434c34897b4064a99f4b3369287e
55aef8886e29a7c45c7f907da3b3a0585038166fb10e975779d07614aa0689ce
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aae71838ba4983ac1f65ebdfd7ce440a13ca6721863a3b72104b8e5377117ee
5e71bc357c03a7aa4c54d5450fba38a7a2c2b2a5a42f08a6eb39504ed673fc9f
5eb8b42dee183ed0a82a3903085bf93a3aec185585d639a173b84486f35cda8b
7041a8f2debc575c85580a89eef908d5abc5897f31ac5d229ebfa5fa011117de
71e3b9ae3c21d1bb71031315f94ea9b0494cc0c2e8c93587d325934d6f917c1c
93aefa4501536e0bb6738adbab3065c768b9ed52f5cd140dcefbd4ea92d6500a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
a28060f6d39d85df6d039cac8230cba134b8b0f8eadff510a0139ed70608cced
cf2ba9ceb5827650c4a5d9b0f1dae95794f9640d9c5b047b4acc72084fd44a9b
d0dc3b6832d0233d876ed071e640714a9d1ffce4500738f26455006257b66933
db7b64fb80467ec20d65ed2d27bf2cd2fcdb72295cb7e03c4eb54a252daad5f7
e356d24ca4e32c1d1fc9a36b0f00073f129ab6c2d3308424f3d3e08b60fd046c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef511478ba5922aa79fdd65a6de265023272eb38e1e43519b9b9ad6be8230e88
f4239a5fc446d8b17235134a0794855f778ff1805c45b223bc3883672cb862c0