urlscan.io logo urlscan.io
SecurityTrails logo

secure3.pennmedicine.org Open in urlscan Pro
170.212.0.87  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Submission: On July 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 13 domains to perform 31 HTTP transactions. The main IP is 170.212.0.87, located in Lansdowne, United States and belongs to UPHS - Penn Medicine, US. The main domain is secure3.pennmedicine.org.
TLS certificate: Issued by InCommon RSA Server CA on March 7th 2018. Valid for: 2 years.
This is the only time secure3.pennmedicine.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 170.212.0.87 46274 (UPHS)
5 45.60.75.182 19551 (INCAPSULA)
1 52.222.150.181 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 2a04:4e42:3::84 54113 (FASTLY)
2 104.111.250.158 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.21.194 15169 (GOOGLE)
2 151.101.112.84 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 80.252.91.52 15830 (TELECITY-LON)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
31 17
1    170.212.0.87 (Lansdowne, United States)

ASN46274 (UPHS - Penn Medicine, US)
PTR: epic-secure3.pennmedicine.org
secure3.pennmedicine.org
5    45.60.75.182 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
www.pennmedicine.org
1    52.222.150.181 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-181.fra53.r.cloudfront.net
hello.myfonts.net
2    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2a04:4e42:3::84 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
s.pinimg.com
2    104.111.250.158 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-250-158.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    172.217.21.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net
www.googleadservices.com
2    151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
ct.pinterest.com
1    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    80.252.91.52 (Haarlem, Netherlands)

ASN15830 (TELECITY-LON, GB)
bs.serving-sys.com
1    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
5 www.pennmedicine.org secure3.pennmedicine.org
3 connect.facebook.net secure3.pennmedicine.org
connect.facebook.net
2 www.facebook.com secure3.pennmedicine.org
2 ct.pinterest.com s.pinimg.com
secure3.pennmedicine.org
2 secure-ds.serving-sys.com secure3.pennmedicine.org
secure-ds.serving-sys.com
2 s.pinimg.com secure3.pennmedicine.org
s.pinimg.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.googletagmanager.com secure3.pennmedicine.org
www.googletagmanager.com
1 www.google.de secure3.pennmedicine.org
1 www.google.com secure3.pennmedicine.org
1 bs.serving-sys.com secure-ds.serving-sys.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net secure3.pennmedicine.org
1 hello.myfonts.net secure3.pennmedicine.org
1 secure3.pennmedicine.org
31 16
Subject Issuer Validity Valid
secure3.pennmedicine.org
InCommon RSA Server CA		 2018-03-07 -
2020-03-06		 2 years crt.sh
www.pennmedicine.org
InCommon RSA Server CA		 2019-02-02 -
2021-02-01		 2 years crt.sh
*.myfonts.net
DigiCert SHA2 Secure Server CA		 2018-08-14 -
2020-08-18		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-06-06 -
2019-09-04		 3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2019-06-05 -
2020-07-22		 a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA		 2018-12-03 -
2020-03-03		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
bs.serving-sys.com
Go Daddy Secure Certificate Authority - G2		 2018-03-08 -
2020-03-08		 2 years crt.sh
www.google.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Frame ID: C895D5B9A7ABBD0929B5EA35788B818B
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /serving-sys\.com\//i

Page Statistics

31
Requests

87 %
HTTPS

56 %
IPv6

13
Domains

16
Subdomains

17
IPs

6
Countries

435 kB
Transfer

1228 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=141176087&t=pageview&_s=1&dl=https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp&ul=en-us&de=UTF-8&dt=Penn%20PhysicianLink%20website%20login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=716798578&gjid=2064740787&cid=382662937.1562084959&tid=UA-73542555-1&_gid=366427485.1562084959&_r=1&gtm=2wg6k2PF9RK9&z=352332773 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73542555-1&cid=382662937.1562084959&jid=716798578&_gid=366427485.1562084959&gjid=2064740787&_v=j77&z=352332773

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set epic_login.asp
secure3.pennmedicine.org/EpicLink/common/ 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
170.212.0.87 Lansdowne, United States, ASN46274 (UPHS - Penn Medicine, US),
Reverse DNS
epic-secure3.pennmedicine.org
Software
/
Resource Hash
f7ccebb9c8bc49128cf3dbf6064dedd50068306b12b447cd9628b8a05276cf01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Host
secure3.pennmedicine.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html
Expires
Wed, 01 Jan 1997 05:00:00 GMT
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block;
X-Content-Type-Options
nosniff
Set-Cookie
CookiesEnabled=Yes; path=/ ASPSESSIONIDQUSSASSR=LLHDICDDBECCGELBMBLOOEHM; secure; path=/ TS018b52a0=01e0666b7b0afeb8c053ab18c786026dda2e3bbf285e0cd446b6bd24a09a39627ec62bdf79287b8ee369e26ec708b004f1cd725f288318e8ab31e4740d79c80c899f665dd261d4ca270d04046348631a89c37f89de; Path=/; Domain=.secure3.pennmedicine.org
Date
Tue, 02 Jul 2019 16:29:16 GMT
Content-Length
16138
main.css
www.pennmedicine.org/Assets/PennMedicine/built/css/ 		386 KB
135 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pennmedicine.org/Assets/PennMedicine/built/css/main.css
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.75.182 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
d313b75bc6b2953446c0c2c6b6e00ffcaea314d977ae08616a3ffdc7b29d6f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:17 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2019 16:23:56 GMT
x-cdn
Incapsula
etag
"d62cb6b742dd51:0"
strict-transport-security
max-age=31536000
content-type
text/css
status
200
x-iinfo
10-42124302-0 0CNN RT(1562084957796 0) q(0 -1 -1 2) r(1 -1)
cache-control
max-age=509395, public
content-length
137612
expires
Mon, 08 Jul 2019 13:59:12 GMT
modernizr.js
www.pennmedicine.org/Assets/PennMedicine/built/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pennmedicine.org/Assets/PennMedicine/built/js/modernizr.js
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.75.182 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
773efeeb008b1b03056f56d39cd7512d1b60cfa27b378df7276ceb908ea6b303
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:17 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 15:21:03 GMT
x-cdn
Incapsula
etag
"244d2d747b1cd51:0"
strict-transport-security
max-age=31536000
content-type
application/javascript
status
200
x-iinfo
10-42124303-0 0CNN RT(1562084957801 0) q(0 -1 -1 1) r(0 -1)
cache-control
max-age=509395, public
content-length
4123
expires
Mon, 08 Jul 2019 13:59:12 GMT
main.js
www.pennmedicine.org/Assets/PennMedicine/built/js/ 		149 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pennmedicine.org/Assets/PennMedicine/built/js/main.js
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.75.182 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
93cfc79b115b37a947d696cbd098fb7b158f1aeba5c77f9b85967f7649e84636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:17 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 15:21:03 GMT
x-cdn
Incapsula
etag
"244d2d747b1cd51:0"
strict-transport-security
max-age=31536000
content-type
application/javascript
status
200
x-iinfo
10-42124304-0 0CNN RT(1562084957804 0) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=5012, public
content-length
42779
expires
Tue, 02 Jul 2019 17:52:49 GMT
2bc1f2
hello.myfonts.net/count/ 		2 B
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/2bc1f2
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.150.181 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-150-181.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 02 Jul 2019 12:50:45 GMT
Via
1.1 c40ee2288a7db28fefd61c3f2ec7ccd7.cloudfront.net (CloudFront)
Last-Modified
Mon, 31 Mar 2014 08:42:41 GMT
Server
AmazonS3
Age
13114
ETag
"81051bcc2cf1bedf378224b0a93e2877"
X-Cache
Error from cloudfront
Content-Type
text/css
Cache-Control
max-age=0,s-maxage=21600
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2
X-Amz-Cf-Id
50VRJxPeT-8f7daSPiY8l8dXsz7tDvMxbcNObgSKzq8uzL4W0BErlg==
gtm.js
www.googletagmanager.com/ 		131 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PF9RK9
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f6e12d9507012dc9af7d856c6682cf08a7297d8ef93d4347d960279a512a1a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:18 GMT
content-encoding
br
last-modified
Tue, 02 Jul 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
33771
x-xss-protection
0
expires
Tue, 02 Jul 2019 16:29:18 GMT
logo-lg.svg
www.pennmedicine.org/Assets/PennMedicine/built/images/assets/ 		17 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pennmedicine.org/Assets/PennMedicine/built/images/assets/logo-lg.svg
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.75.182 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
9735dfe842956d94536e97a77fbb928b71cf88b49fdb816ae43cdfa1424364b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pennmedicine.org/Assets/PennMedicine/built/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:18 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 15:21:03 GMT
x-cdn
Incapsula
etag
"5a7f15747b1cd51:0"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
status
200
x-iinfo
10-42124486-0 0CNN RT(1562084958307 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=546532, public
content-length
6394
expires
Tue, 09 Jul 2019 00:18:10 GMT
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a5ddcca99a39080c2e1a839736d584e3e4d4a39d89074ec95bf17c9f05ae2f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		910 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605f36ee05abb20cb21cb2797519b46e9c4cd52cd9b49668684411dba415f192

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69102de279a30d3bec0ff6e81fedea758f0a2521bbffe423e2e2083f1292528c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		521 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4584ca928ac45f6df299601bfa59ba8b0a8fd121678a3ca04560faa4f3da2ad8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		452 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ffc614a38b0d00209552a1ed8f4f572f56e650cf3e2157538a5989b6f1a1f73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
2BC1F2_0_0.woff
www.pennmedicine.org/Assets/PennMedicine/built/fonts/ 		0
0
2BC1F2_2_0.woff
www.pennmedicine.org/Assets/PennMedicine/built/fonts/ 		0
0
truncated
/ 		717 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11151614c843ffdc192316de75e505db430e819b6fd2ca7dcb3ce375936cdd7b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
icon-youtube-lg.svg
www.pennmedicine.org/Assets/PennMedicine/built/images/assets/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pennmedicine.org/Assets/PennMedicine/built/images/assets/icon-youtube-lg.svg
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.75.182 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
a65924393dab5b499d23b3a5f7c723ba7656c569947c695ef5d3aefe5e6f1ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pennmedicine.org/Assets/PennMedicine/built/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:18 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 15:21:03 GMT
x-cdn
Incapsula
etag
"f91d13747b1cd51:0"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
status
200
x-iinfo
10-42124491-0 0CNN RT(1562084958327 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=545620, public
content-length
3247
expires
Tue, 09 Jul 2019 00:02:58 GMT
analytics.js
www.google-analytics.com/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF9RK9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
6130
date
Tue, 02 Jul 2019 14:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17707
expires
Tue, 02 Jul 2019 16:47:08 GMT
fbevents.js
connect.facebook.net/en_US/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16120
x-xss-protection
0
pragma
public
x-fb-debug
gssRIxsuaxC+IwJzZDOejY8g5AjRAo2rncXt8Et2wVOu28O4yXmcYQjzqqYpxOTrAEFU4Uj7DRCHnvRaqNTTPA==
x-fb-trip-id
997090344
date
Tue, 02 Jul 2019 16:29:18 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-962606211
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF9RK9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26c9ee06066fe3ca1bdbce84ce3f1257b2de807d86dfa46bf48bc9d6f4379f47
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:18 GMT
content-encoding
br
last-modified
Tue, 02 Jul 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25540
x-xss-protection
0
expires
Tue, 02 Jul 2019 16:29:18 GMT
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:18 GMT
x-cdn
fastly
access-control-allow-origin
*
etag
"1e214e15ac165378f0589400974edd54"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
86400
cache-control
max-age=7200
content-length
1097
fastly-restarts
1
access-control-expose-headers
X-CDN
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743039
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.250.158 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-250-158.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ARR/3.0, ASP.NET
Resource Hash
7df5f0ce9359ec29a56de1912e99f043f3885a2f055a0c3fda79ff8c738a82a8

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:18 GMT
content-encoding
gzip
etag
"0d3b7fc9e3d41:0"
last-modified
Tue, 26 Mar 2019 11:46:06 GMT
server
Microsoft-IIS/8.5
access-control-allow-origin
*
x-powered-by
ARR/3.0, ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=103
accept-ranges
bytes
content-length
13538
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=141176087&t=pageview&_s=1&dl=https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp&ul=en-us&de=UTF-8&dt=Penn%20Physicia...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73542555-1&cid=382662937.1562084959&jid=716798578&_gid=366427485.1562084959&gjid=2064740787&_v=j77&z=352332773
35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73542555-1&cid=382662937.1562084959&jid=716798578&_gid=366427485.1562084959&gjid=2064740787&_v=j77&z=352332773
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Tue, 02 Jul 2019 16:29:18 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jul 2019 16:29:18 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73542555-1&cid=382662937.1562084959&jid=716798578&_gid=366427485.1562084959&gjid=2064740787&_v=j77&z=352332773
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-962606211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8912
x-xss-protection
0
server
cafe
etag
11386026576561889187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Jul 2019 16:29:18 GMT
312131565642804
connect.facebook.net/signals/config/ 		228 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/312131565642804?v=2.8.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a3556bebe0a8e8cabc92a17eb0a678f99ddc0394ad6f242f175d8adcdde2f84f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
61414
x-xss-protection
0
pragma
public
x-fb-debug
CwGaJLrD1P6NKD/OiaAYdeBWZm83Qqh3NIIKfroj4q77ZMZTvYUMKzqDoA/s/F7Ap08EPrJdePnegaac/igHwQ==
x-fb-trip-id
997090344
date
Tue, 02 Jul 2019 16:29:18 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.532239b0.js
s.pinimg.com/ct/lib/ 		45 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.532239b0.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:18 GMT
x-cdn
fastly
access-control-allow-origin
*
etag
"42f2d9232667759ed210155c5be8d336"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
86400
cache-control
max-age=1209600
content-length
45836
fastly-restarts
1
access-control-expose-headers
X-CDN
1073743039
secure-ds.serving-sys.com/adServingData/PROD/TMClient/9/ 		310 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/9/1073743039
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743039
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.250.158 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-250-158.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
9dd4830a94a7a771e360f6e4419af2ea23a2d4455d9440da7ab3ccc100ca9b07

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Origin
https://secure3.pennmedicine.org

Response headers

x-amz-version-id
dwOffRQKZg.wu8NRO8M0CHFchXCx3Qh3
content-encoding
gzip
etag
"3060d15421a412c0bbf62bf21500d315"
x-amz-request-id
1BCBBB3EF8118569
status
200
x-amz-replication-status
COMPLETED
content-length
230
x-amz-id-2
t/Iw8XfnXAlbOtRgiKS5+lGQ6RsoUgbfGceH4ZCgPlVHyelupsFa/rASWDKBpdzoZE0tcSpiJqg=
last-modified
Tue, 18 Jun 2019 18:48:09 GMT
server
ATS/7.1.0
date
Tue, 02 Jul 2019 16:29:18 GMT
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
YyaXyN668IeJlvdp9BONZKPRQxw0IiVhB3RmfbxVeTMOWQJAKUdHaYEJjQaNFQETBUxqymvMuHmSTN9NaLninQ==
x-fb-trip-id
997090344
date
Tue, 02 Jul 2019 16:29:18 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		35 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614054469477&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1562084958830
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.532239b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Origin
https://secure3.pennmedicine.org

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 16:29:18 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-cdn
fastly
status
200
content-type
image/gif
access-control-allow-origin
https://secure3.pennmedicine.org
pinterest-generated-by
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-pinterest-rid
4675083651647613
x-envoy-upstream-service-time
1
content-length
35
access-control-expose-headers
Epik
/
ct.pinterest.com/v3/ 		35 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614054469477&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1562084958830
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 16:29:18 GMT
x-cdn
fastly
access-control-allow-origin
*
content-type
image/gif
status
200
pinterest-generated-by
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
4133294509169811
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/962606211/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962606211/?random=1562084958834&cv=9&fst=1562084958834&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6k2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp&tiba=Penn%20PhysicianLink%20website%20login&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a2757bc9c88b29473a61905fa80b3b6367d6f38148fc2c6b5a79a9e2b60d3216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 16:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1002
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=312131565642804&ev=PageView&dl=https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp&rl=&if=false&ts=1562084958837&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1562084958837.1328800264&it=1562084958800&coo=false&rqm=GET
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 02 Jul 2019 16:29:18 GMT
Serving
bs.serving-sys.com/ 		326 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073743039&dispType=js&sync=0&sessionid=7561475269264729461&pageurl=$$https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp$$&activityValues=$$Session%3D3474331063322074111$$&ns=0&rnd=02777030321801388
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743039
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
80.252.91.52 Haarlem, Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
6fd958e4a13fd3820d7fd52d567e3f3431160106bb92850c0a5cefd4628707ce

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jul 2019 16:29:18 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=UTF-8
Content-Length
253
Expires
Sun, 05-Jun-2005 22:00:00 GMT
2BC1F2_0_0.ttf
www.pennmedicine.org/Assets/PennMedicine/built/fonts/ 		0
0
2BC1F2_2_0.ttf
www.pennmedicine.org/Assets/PennMedicine/built/fonts/ 		0
0
/
www.facebook.com/tr/ 		44 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=312131565642804&ev=Microdata&dl=https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp&rl=&if=false&ts=1562084959379&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Penn%20PhysicianLink%20website%20login%22%2C%22meta%3Adescription%22%3A%22A%20secure%20online%20portal%20offering%20access%20to%20your%20patient%27s%20electronic%20medical%20records%20at%20Penn%20Medicine%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Penn%20PhysicianLink%20website%20login%22%2C%22og%3Adescription%22%3A%22A%20secure%20online%20portal%20offering%20access%20to%20your%20patient%27s%20electronic%20medical%20records%20at%20Penn%20Medicine%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1562084958837.1328800264&it=1562084958800&coo=false&es=automatic&rqm=GET
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 16:29:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 02 Jul 2019 16:29:19 GMT
/
www.google.com/pagead/1p-user-list/962606211/ 		42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/962606211/?random=1562084958834&cv=9&fst=1562083200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6k2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp&tiba=Penn%20PhysicianLink%20website%20login&async=1&fmt=3&cdct=2&is_vtc=1&random=2316533084&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 16:29:28 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/962606211/ 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/962606211/?random=1562084958834&cv=9&fst=1562083200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6k2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure3.pennmedicine.org%2FEpicLink%2Fcommon%2Fepic_login.asp&tiba=Penn%20PhysicianLink%20website%20login&async=1&fmt=3&cdct=2&is_vtc=1&random=2316533084&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure3.pennmedicine.org
URL: https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure3.pennmedicine.org/EpicLink/common/epic_login.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 16:29:28 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.pennmedicine.org
URL
https://www.pennmedicine.org/Assets/PennMedicine/built/fonts/2BC1F2_0_0.woff
Domain
www.pennmedicine.org
URL
https://www.pennmedicine.org/Assets/PennMedicine/built/fonts/2BC1F2_2_0.woff
Domain
www.pennmedicine.org
URL
https://www.pennmedicine.org/Assets/PennMedicine/built/fonts/2BC1F2_0_0.ttf
Domain
www.pennmedicine.org
URL
https://www.pennmedicine.org/Assets/PennMedicine/built/fonts/2BC1F2_2_0.ttf

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| html5 object| Modernizr function| yepnope object| dataLayer object| form object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| hcmacid object| DemandConnectSettings object| DemandConnectFormSettings function| gasetup function| sendevent function| pintrk object| versaTagObj undefined| doctorPracticeName undefined| eventCategory undefined| pageType undefined| search object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| gtag object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData string| tagId number| index function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO undefined| oneTagObj object| bsResponseObj

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
gtm verification

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bs.serving-sys.com
connect.facebook.net
ct.pinterest.com
googleads.g.doubleclick.net
hello.myfonts.net
s.pinimg.com
secure-ds.serving-sys.com
secure3.pennmedicine.org
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.pennmedicine.org
www.pennmedicine.org
104.111.250.158
151.101.112.84
170.212.0.87
172.217.21.194
2a00:1450:4001:815::2008
2a00:1450:4001:818::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::2003
2a00:1450:400c:c06::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::84
45.60.75.182
52.222.150.181
80.252.91.52
10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11151614c843ffdc192316de75e505db430e819b6fd2ca7dcb3ce375936cdd7b
26c9ee06066fe3ca1bdbce84ce3f1257b2de807d86dfa46bf48bc9d6f4379f47
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
4584ca928ac45f6df299601bfa59ba8b0a8fd121678a3ca04560faa4f3da2ad8
4a5ddcca99a39080c2e1a839736d584e3e4d4a39d89074ec95bf17c9f05ae2f2
605f36ee05abb20cb21cb2797519b46e9c4cd52cd9b49668684411dba415f192
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
69102de279a30d3bec0ff6e81fedea758f0a2521bbffe423e2e2083f1292528c
6f6e12d9507012dc9af7d856c6682cf08a7297d8ef93d4347d960279a512a1a2
6fd958e4a13fd3820d7fd52d567e3f3431160106bb92850c0a5cefd4628707ce
6ffc614a38b0d00209552a1ed8f4f572f56e650cf3e2157538a5989b6f1a1f73
773efeeb008b1b03056f56d39cd7512d1b60cfa27b378df7276ceb908ea6b303
7df5f0ce9359ec29a56de1912e99f043f3885a2f055a0c3fda79ff8c738a82a8
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93cfc79b115b37a947d696cbd098fb7b158f1aeba5c77f9b85967f7649e84636
9735dfe842956d94536e97a77fbb928b71cf88b49fdb816ae43cdfa1424364b7
9dd4830a94a7a771e360f6e4419af2ea23a2d4455d9440da7ab3ccc100ca9b07
a2757bc9c88b29473a61905fa80b3b6367d6f38148fc2c6b5a79a9e2b60d3216
a3556bebe0a8e8cabc92a17eb0a678f99ddc0394ad6f242f175d8adcdde2f84f
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a65924393dab5b499d23b3a5f7c723ba7656c569947c695ef5d3aefe5e6f1ea4
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d313b75bc6b2953446c0c2c6b6e00ffcaea314d977ae08616a3ffdc7b29d6f4a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f7ccebb9c8bc49128cf3dbf6064dedd50068306b12b447cd9628b8a05276cf01