URL: https://nedisability.com/ssd-law-providence.html
Submission Tags: @ecarlesi possiblethreat #phishing Search All
Submission: On September 24 via api from US — Scanned from FR

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 66.147.241.137, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is nedisability.com.
TLS certificate: Issued by R3 on September 22nd 2023. Valid for: 3 months.
This is the only time nedisability.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
17 nedisability.com
nedisability.com
99 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
region1.google-analytics.com — Cisco Umbrella Rank: 1878
21 KB
2 liveleads.us
liveleads.us — Cisco Umbrella Rank: 435691
5 KB
1 cloudfront.net
d10w4s0jex8wby.cloudfront.net
63 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
82 KB
1 googleapis.com
fonts.googleapis.com Failed
ajax.googleapis.com — Cisco Umbrella Rank: 720
33 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 5136
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
78 KB
29 8
Domain Requested by
17 nedisability.com nedisability.com
2 www.google-analytics.com nedisability.com
www.google-analytics.com
2 liveleads.us nedisability.com
1 d10w4s0jex8wby.cloudfront.net
1 ajax.googleapis.com nedisability.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 ajax.aspnetcdn.com nedisability.com
1 code.jquery.com nedisability.com
0 fonts.googleapis.com Failed nedisability.com
29 10

This site contains no links.

Subject Issuer Validity Valid
cpcontacts.woonsocketplumber.com
R3
2023-09-22 -
2023-12-21
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2023-05-05 -
2024-04-28
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-16 -
2024-04-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh

This page contains 2 frames:

Primary Page: https://nedisability.com/ssd-law-providence.html
Frame ID: 95867617F498A4FD4F872C92146359B8
Requests: 28 HTTP requests in this frame

Frame: https://d10w4s0jex8wby.cloudfront.net/mg__7978.png
Frame ID: 6A5281BEC6F7E5D26DD2A9E72C3BD39E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Social Security Disability Benefits | Providence, RI Lawyers |SSDI

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

93 %
HTTPS

78 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

388 kB
Transfer

861 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ssd-law-providence.html
nedisability.com/
19 KB
7 KB
Document
General
Full URL
https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
c809d0efe0d84b2285ac6ea7e589751121ad456f9472c3d62df0ea677c76bfb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
7477
content-type
text/html
date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 14:13:24 GMT
server
Apache
vary
Accept-Encoding
style.css
nedisability.com/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://nedisability.com/css/style.css
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
0bafc1298b7f620faad468a7bd02cf10be604d2c97cebb4a7cb134a599bfd719

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
content-encoding
gzip
last-modified
Sun, 13 Dec 2020 04:56:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3266
menu.css
nedisability.com/css/
2 KB
951 B
Stylesheet
General
Full URL
https://nedisability.com/css/menu.css
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
61a5127b03c7f483255148e9b8a17b24d1eddc450a060575dca8e5d17892ce5e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
content-encoding
gzip
last-modified
Sun, 13 Dec 2020 04:56:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
919
icapthca.js
nedisability.com/
0
0
Script
General
Full URL
https://nedisability.com/icapthca.js
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
jquery.js
nedisability.com/js/
30 KB
16 KB
Script
General
Full URL
https://nedisability.com/js/jquery.js
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
4b4e5615009a01b9dc1c7372569c28b8ba705e2d1544692821fbe32d66a3f9e6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
content-encoding
gzip
last-modified
Sun, 13 Dec 2020 04:55:43 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
16812
slider.js
nedisability.com/js/
128 B
193 B
Script
General
Full URL
https://nedisability.com/js/slider.js
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
3252ca5429db72a96ae943f069d2bd142e98a7322c493786b2937b57e3c64c7b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
content-encoding
gzip
last-modified
Sun, 13 Dec 2020 04:55:43 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
122
jquery-1.9.1.js
code.jquery.com/
262 KB
78 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.9.1.js
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
715562
x-cache
HIT, HIT
content-length
79506
x-served-by
cache-lga21952-LGA, cache-lcy-eglc8600067-LCY
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1695516184.321005,VS0,VE0
etag
W/"28feccc0-4185d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
73, 8290
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.9/
21 KB
7 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F07) /
Resource Hash
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4574046
x-cache
HIT
content-length
6501
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:34 GMT
server
ECAcc (paa/6F07)
etag
"011774d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
logo.png
nedisability.com/images/
7 KB
7 KB
Image
General
Full URL
https://nedisability.com/images/logo.png
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
1d5c1030ce8fc7b1a35d8e30c344f42904abf5e6024f31847ab4be9e76468dae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:40 GMT
server
Apache
accept-ranges
bytes
content-length
6772
content-type
image/png
tap-to-call.png
nedisability.com/images/
2 KB
2 KB
Image
General
Full URL
https://nedisability.com/images/tap-to-call.png
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
321d5a404003c9d31d8e6371bb9e15f2b34173ca9bd22bd0fa9745aa52e1bdaa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:37 GMT
server
Apache
accept-ranges
bytes
content-length
1898
content-type
image/png
Nosscr-logo.jpg
nedisability.com/images/
11 KB
11 KB
Image
General
Full URL
https://nedisability.com/images/Nosscr-logo.jpg
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
f7df52f2ea6071a5bcc9e6635eb11b979900cbc66356da2ca3f3f2347b7f26f5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:40 GMT
server
Apache
accept-ranges
bytes
content-length
11164
content-type
image/jpeg
MA-Bar-Logo.jpg
nedisability.com/images/
11 KB
11 KB
Image
General
Full URL
https://nedisability.com/images/MA-Bar-Logo.jpg
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
b0c46c9a278aef17290dbef18eaa1922c1cca93910b396ed784005662ad52cea

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:40 GMT
server
Apache
accept-ranges
bytes
content-length
11611
content-type
image/jpeg
NOVA-Logo.jpg
nedisability.com/images/
9 KB
9 KB
Image
General
Full URL
https://nedisability.com/images/NOVA-Logo.jpg
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
b98932a1976e1157e1c1ad00a57d41166fd00a1fa94a2c32ff81398d4922e616

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:38 GMT
server
Apache
accept-ranges
bytes
content-length
9115
content-type
image/jpeg
USCA.jpg
nedisability.com/images/
9 KB
9 KB
Image
General
Full URL
https://nedisability.com/images/USCA.jpg
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
20ca6a120c4c42721fe37030da11c593b2c151f57cf9c46e2d7b896b3990e05f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:38 GMT
server
Apache
accept-ranges
bytes
content-length
9312
content-type
image/jpeg
dd-btn.jpg
nedisability.com/images/
9 KB
9 KB
Image
General
Full URL
https://nedisability.com/images/dd-btn.jpg
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
1853c2f6099d8b2c16cd3427c6873c256e29d9a2af27a28a17513260ecd0e979

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:41 GMT
server
Apache
accept-ranges
bytes
content-length
9281
content-type
image/jpeg
logo-old.png
nedisability.com/images/
9 KB
9 KB
Image
General
Full URL
https://nedisability.com/images/logo-old.png
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
66efc565db5cba097dcae890bb63c7cce55961c5842a8ce787c5f716dffcee84

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/ssd-law-providence.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:39 GMT
server
Apache
accept-ranges
bytes
content-length
9062
content-type
image/png
invitation.ashx
liveleads.us/scripts/
10 KB
4 KB
Script
General
Full URL
https://liveleads.us/scripts/invitation.ashx?company=nedisability
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c3c53e72a954d45ba740bb56a38252a947a375c05a259fd20d5b91f12942c8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t22bsIcArsEXNU4HW0qhzPTuwS3mL9asi9wVoPVmxvLmCkX40eCVC%2BUarvAGfvOWeRv8R0TS2OQLZHU8rRqCBEuCZBZn4dRqsCnWqtny%2BOys3oJMQ9j2Mj9YKM%2BK6nSBVnGkwa5yKDmLpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
80b6fdb98bf401f1-CDG
css
fonts.googleapis.com/
0
0

analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 23:37:03 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3961
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Sep 2023 01:37:03 GMT
body-bg.png
nedisability.com/images/
973 B
1003 B
Image
General
Full URL
https://nedisability.com/images/body-bg.png
Requested by
Host: nedisability.com
URL: https://nedisability.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
5642cce3bf44bae643d74d69088b38c9072fb111c6c44390638e10de7468bed0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:39 GMT
server
Apache
accept-ranges
bytes
content-length
973
content-type
image/png
li-bg.png
nedisability.com/images/
2 KB
2 KB
Image
General
Full URL
https://nedisability.com/images/li-bg.png
Requested by
Host: nedisability.com
URL: https://nedisability.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
5ee5b0627ff793f2df6cb6b439b44ddc69dd4827ec0ffd41e49c09d8f301f261

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:38 GMT
server
Apache
accept-ranges
bytes
content-length
1809
content-type
image/png
footer-bg.png
nedisability.com/images/
939 B
969 B
Image
General
Full URL
https://nedisability.com/images/footer-bg.png
Requested by
Host: nedisability.com
URL: https://nedisability.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.147.241.137 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
66-147-241-137.unifiedlayer.com
Software
Apache /
Resource Hash
36bc63af74ae724278069354fa310618a5646f0f8e7d1832334229190cae7c03

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
last-modified
Sun, 13 Dec 2020 05:03:38 GMT
server
Apache
accept-ranges
bytes
content-length
939
content-type
image/png
collect
www.google-analytics.com/j/
15 B
221 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1892997323&t=pageview&_s=1&dl=https%3A%2F%2Fnedisability.com%2Fssd-law-providence.html&ul=en-us&de=UTF-8&dt=Social%20Security%20Disability%20Benefits%20%7C%20Providence%2C%20RI%20Lawyers%20%7CSSDI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=85746732&gjid=758195378&cid=2145472674.1695516185&tid=UA-78713749-1&_gid=1787439251.1695516185&_r=1&_slc=1&z=139912230
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1c49c9b4e1e55e0798810e351728126eed19baf4e6b8476daa10500a76218aee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nedisability.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Sep 2023 00:43:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nedisability.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
229 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5K3V3XD7Z&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6227c703c2b8f5e4fc89a38f125201e4dcf917a7022865365fa6322b34d3fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83339
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Sep 2023 00:43:04 GMT
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R5K3V3XD7Z&gtm=45je39k2&_p=1892997323&ul=en-us&sr=1600x1200&cid=2145472674.1695516185&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fnedisability.com%2Fssd-law-providence.html&dt=Social%20Security%20Disability%20Benefits%20%7C%20Providence%2C%20RI%20Lawyers%20%7CSSDI&sid=1695516184&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K3V3XD7Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Sep 2023 00:43:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nedisability.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
122c4d80-cd09-4652-a6bb-f4aec1b16bb2
https://nedisability.com/
1 KB
0
Other
General
Full URL
blob:https://nedisability.com/122c4d80-cd09-4652-a6bb-f4aec1b16bb2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
faf0716b4e996883807b6986f21c499d0003c2753a6e28fc5a1e25f88350e402

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length
1324
Content-Type
text/javascript
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 10:16:51 GMT
pinghandler.ashx
liveleads.us/handlers/slim/
24 B
1 KB
XHR
General
Full URL
https://liveleads.us/handlers/slim/pinghandler.ashx?logType=shown&visitorId=1417592123&company=nedisability
Requested by
Host: nedisability.com
URL: https://nedisability.com/ssd-law-providence.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:67e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3f350cf5d0700159b35356a392b66810a0051503b8221a091b68bc50732f7232

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 00:43:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
140
x-ua-compatible
IE=edge
request-context
appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wv4s%2Fp23af2LhkpTjxGR5aKC3kRi91TtLDUnyaaXMTgCBSuNmz69G%2FC88oplCLbQyJ2RkUTffCBNqfRVVRzGly9XFYBYiPrw7gHwKOoRhiJ5lpT6Ic04uVEUQCRQwNtHJW8F0fiNtRCxA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Request-Context
cache-control
private,no-transform
cf-ray
80b6fdc1df22153f-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization
mg__7978.png
d10w4s0jex8wby.cloudfront.net/ Frame 6A52
63 KB
63 KB
Image
General
Full URL
https://d10w4s0jex8wby.cloudfront.net/mg__7978.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:1e00:1e:68cf:ab80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6eb51e2c7162d0f55d57eab51ebdb0b46ca243130376875a18cf152c1bdf1358

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nedisability.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 04:14:03 GMT
via
1.1 650363fa7465273dd14fde086a851a86.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 22:38:01 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
73746
etag
"2add112266c5bc6ecaa750e9e6d9b4fe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
64413
x-amz-cf-id
kwV0kpD9zY3j85Oy4JaMYd5DA64tO836sWIUYUs3cH5QRw-xll7hbA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery string| GoogleAnalyticsObject function| ga number| ww function| adjustMenu object| jQuery19106267571003751458 function| j object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| ApexChat object| google_tag_manager undefined| slimCDNFactory string| ApexChatBetaUrl string| ApexChatBaseUrl number| ApexChatDefaultLogLevel object| CompanyLevelBlockedPages object| CompanyLevelSettings object| CompanyContextRequest function| printStackTrace function| printStackTraceLimited number| _scriptId object| jQQ function| ApexLogger object| AnalyticsCategories object| AnalyticsEvents object| ApexChatTimeTracker object| NS function| ApexChatClass function| qs function| qsa function| $on function| $delegate function| $parent function| ApexChatJquery function| apexchat_prechat_invitation_client object| apexchat_event_cache function| apexchat_dompopup_chatwindow_client object| jQuery17104031495207637117 boolean| isDraggable string| ref_domain string| ref_path string| ref_search function| getCountryCode

18 Cookies

Domain/Path Name / Value
.nedisability.com/ Name: _ga
Value: GA1.2.2145472674.1695516185
.nedisability.com/ Name: _gid
Value: GA1.2.1787439251.1695516185
.nedisability.com/ Name: _gat
Value: 1
.nedisability.com/ Name: _ga_R5K3V3XD7Z
Value: GS1.2.1695516184.1.0.1695516184.0.0.0
nedisability.com/ Name: cdn_apex_profile_id
Value: 530042
nedisability.com/ Name: apexchat_dropdown_invitation
Value: _max
nedisability.com/ Name: livechat_v3_invitation_shown
Value: true
nedisability.com/ Name: livechat_is_page_refreshed
Value: false
nedisability.com/ Name: livechat_original_referrer
Value:
nedisability.com/ Name: livechat_agent_alias_id
Value: 7978
nedisability.com/ Name: livechat_operator_id
Value: undefined
nedisability.com/ Name: livechat_profile_id
Value: 530042
nedisability.com/ Name: apexchat_dompopup_chatwindow
Value: _rendered
nedisability.com/ Name: livechat_visitor_id
Value: 1417592123
nedisability.com/ Name: livechat_visitLogged
Value: true
nedisability.com/ Name: livechat_invitation_traffic_sources
Value: source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26campaignId%3D%26overwritetrafficsource%3Dtrue%26date%3D20230924
nedisability.com/ Name: livechat_prechat_lastmessage
Value: %7B%22index%22%3A0%2C%22duration%22%3A3000%7D
nedisability.com/ Name: apexchat_prechat_invitation
Value: _max

2 Console Messages

Source Level URL
Text
network error URL: https://nedisability.com/icapthca.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://nedisability.com/ssd-law-providence.html
Message:
Mixed Content: The page at 'https://nedisability.com/ssd-law-providence.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
code.jquery.com
d10w4s0jex8wby.cloudfront.net
fonts.googleapis.com
liveleads.us
nedisability.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
fonts.googleapis.com
152.199.19.160
2001:4860:4802:34::36
2001:4860:4802:36::178
2600:9000:2090:1e00:1e:68cf:ab80:21
2606:4700:20::681a:67e
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2008
2a04:4e42::649
66.147.241.137
0bafc1298b7f620faad468a7bd02cf10be604d2c97cebb4a7cb134a599bfd719
1853c2f6099d8b2c16cd3427c6873c256e29d9a2af27a28a17513260ecd0e979
1c49c9b4e1e55e0798810e351728126eed19baf4e6b8476daa10500a76218aee
1d5c1030ce8fc7b1a35d8e30c344f42904abf5e6024f31847ab4be9e76468dae
20ca6a120c4c42721fe37030da11c593b2c151f57cf9c46e2d7b896b3990e05f
321d5a404003c9d31d8e6371bb9e15f2b34173ca9bd22bd0fa9745aa52e1bdaa
3252ca5429db72a96ae943f069d2bd142e98a7322c493786b2937b57e3c64c7b
36bc63af74ae724278069354fa310618a5646f0f8e7d1832334229190cae7c03
3f350cf5d0700159b35356a392b66810a0051503b8221a091b68bc50732f7232
4b4e5615009a01b9dc1c7372569c28b8ba705e2d1544692821fbe32d66a3f9e6
5642cce3bf44bae643d74d69088b38c9072fb111c6c44390638e10de7468bed0
5ee5b0627ff793f2df6cb6b439b44ddc69dd4827ec0ffd41e49c09d8f301f261
61a5127b03c7f483255148e9b8a17b24d1eddc450a060575dca8e5d17892ce5e
66efc565db5cba097dcae890bb63c7cce55961c5842a8ce787c5f716dffcee84
6eb51e2c7162d0f55d57eab51ebdb0b46ca243130376875a18cf152c1bdf1358
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
b0c46c9a278aef17290dbef18eaa1922c1cca93910b396ed784005662ad52cea
b98932a1976e1157e1c1ad00a57d41166fd00a1fa94a2c32ff81398d4922e616
c809d0efe0d84b2285ac6ea7e589751121ad456f9472c3d62df0ea677c76bfb1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0c3c53e72a954d45ba740bb56a38252a947a375c05a259fd20d5b91f12942c8
f6227c703c2b8f5e4fc89a38f125201e4dcf917a7022865365fa6322b34d3fb0
f7df52f2ea6071a5bcc9e6635eb11b979900cbc66356da2ca3f3f2347b7f26f5
faf0716b4e996883807b6986f21c499d0003c2753a6e28fc5a1e25f88350e402