urlscan.io logo urlscan.io
SecurityTrails logo

www.donadiftler.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://donadiftler.com/
Effective URL: https://www.donadiftler.com/
Submission: On March 18 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 26 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.donadiftler.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time www.donadiftler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
donadiftler.com
www.donadiftler.com
www.griefrecoverymethod.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    54.88.225.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: gw.us.platform.sh
www.grief.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2606:4700::6812:cd5f (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.yolacdn.net
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
1    2606:4700::6812:7f59 (United States)

ASN13335 (CLOUDFLARENET, US)
pixel.yola.com
2    2600:1f18:243f:2d01:4c50:7dbf:ba70:1bb2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
analytics.sitewit.com
1    2600:9000:2127:b200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    18.214.54.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-54-73.compute-1.amazonaws.com
connect.sitewit.com
Apex Domain
Subdomains		 Transfer
8 donadiftler.com
donadiftler.com
www.donadiftler.com
82 KB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 378
www.google-analytics.com — Cisco Umbrella Rank: 25
37 KB
3 sitewit.com
analytics.sitewit.com — Cisco Umbrella Rank: 49300
connect.sitewit.com — Cisco Umbrella Rank: 90439
22 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 778
136 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 980
pixel.quantserve.com — Cisco Umbrella Rank: 786
10 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 305
40 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
644 B
1 yola.com
pixel.yola.com — Cisco Umbrella Rank: 231967
404 B
1 yolacdn.net
analytics.yolacdn.net — Cisco Umbrella Rank: 234090
6 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
16 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
3 KB
1 griefrecoverymethod.com
www.griefrecoverymethod.com
1 grief.net
www.grief.net
257 B
26 13
Domain Requested by
7 www.donadiftler.com www.donadiftler.com
2 analytics.sitewit.com analytics.yolacdn.net
www.donadiftler.com
2 static.xx.fbcdn.net www.facebook.com
2 www.google-analytics.com www.donadiftler.com
www.google-analytics.com
2 ssl.google-analytics.com www.donadiftler.com
2 ajax.googleapis.com www.donadiftler.com
1 connect.sitewit.com analytics.sitewit.com
1 pixel.quantserve.com www.donadiftler.com
1 rules.quantcount.com secure.quantserve.com
1 pixel.yola.com analytics.yolacdn.net
1 secure.quantserve.com www.donadiftler.com
1 analytics.yolacdn.net www.donadiftler.com
1 www.facebook.com www.donadiftler.com
1 cdnjs.cloudflare.com www.donadiftler.com
1 www.griefrecoverymethod.com www.donadiftler.com
1 www.grief.net 1 redirects
1 donadiftler.com 1 redirects
26 17

This site contains links to these domains. Also see Links.

Domain
www.yola.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-25		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.sitewit.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-22 -
2023-08-22		 a year crt.sh
quantserve.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.donadiftler.com/
Frame ID: D516A9EF87CEF0445E87EBBF994FD1A7
Requests: 23 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.donadiftler.com%2F&send=false&layout=button_count&width=90&show_faces=true&action=like&colorscheme=light&font=arial&height=30&locale=en_US
Frame ID: F17196D34DD5A12C9CF38CF76EC4AE7A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dona E. Diftler, LCSW - Knoxville Therapist, Social Worker, Marriage Counselor

Page URL History Show full URLs

  1. https://donadiftler.com/ HTTP 301
    https://www.donadiftler.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

86 %
IPv6

13
Domains

17
Subdomains

13
IPs

2
Countries

352 kB
Transfer

936 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://donadiftler.com/ HTTP 301
    https://www.donadiftler.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.grief.net/images/OurHeart.gif HTTP 301
  • https://www.griefrecoverymethod.com/images/OurHeart.gif

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.donadiftler.com/
Redirect Chain
  • https://donadiftler.com/
  • https://www.donadiftler.com/
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ecdeeeebf7b81a716782ebea0d505958b7485516be35b296abdab382c475e46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=60
cf-cache-status
MISS
cf-ray
7a997cda6b839b51-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 18 Mar 2023 00:51:31 GMT
last-modified
Tue, 09 Aug 2016 22:52:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H49p%2FKCSfPLBwyfC0xzuZrSpBhPVzCyQHaQCIZJBgc0UHtnh3gLpMPnDlx0ahhmb2ACT85a5Kuacm%2FJSOFHni9HUqV6jgk%2FnNucRhfoaKJU8vRHhf5gnrwhlPEt9QlNIYBWMyv94bkvXPmht%2FXc8%2FMlV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-hrouter
hrouter4
x-hstore
hstore1

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
7a997cd7a9c29b51-FRA
content-type
text/html
date
Sat, 18 Mar 2023 00:51:31 GMT
location
https://www.donadiftler.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CVYhh0TKyQeNbwfKdaBgxDMRjs%2FWSCF0JFrokIi4GmTXLkTwniCNnaTwU7AhIYRZo0guEBRwjDF3CjsKSjjrgUec9wrh7XPNNMEOHg%2Fb7LZxBMjWAQsrcE8nMETDkWoRhI2uMw7Ku9VnhpLcRY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-hrouter
hrouter3
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.4.2/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.4.2/webfont.js
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 01:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6918
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 01:32:15 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 06:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Mar 2024 06:15:18 GMT
flyoutmenu.css
www.donadiftler.com/classes/commons/resources/flyoutmenu/ 		2 KB
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.donadiftler.com/classes/commons/resources/flyoutmenu/flyoutmenu.css?1000848
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fab8908c0e00afdbda7b7650a1691bbf3a58e2537bc2c12eb77ae1405a4cbf8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hstore
hstore1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Jun 2016 22:37:29 GMT
server
cloudflare
etag
W/"5771aaa9-8d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUbVK9cvFarN2cQjy7DXBbHgbAPbtb5h90OCnnOho3CQPMm%2BwbHXpfUqlnl7bntS7YgGH5aKFJ1hIU8Bhq8g5eF1Dem9QfwbY7ABWz0fj6%2Fx1%2FBe41dBgkZ1NRWsnSsHiPer5WREmi%2B4N3TLi8LZYio3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
lookup-cache-hit
1
x-hrouter
hrouter4
cf-ray
7a997cdcfd809b51-FRA
flyoutmenu.js
www.donadiftler.com/classes/commons/resources/flyoutmenu/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.donadiftler.com/classes/commons/resources/flyoutmenu/flyoutmenu.js?1000848
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97912bc4fdc1530a1b23246106b706e1ca91d322b84d793b5c126df341e31f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hstore
hstore6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Jun 2016 22:36:58 GMT
server
cloudflare
etag
W/"5771aa8a-e11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLY63%2B%2Bl3E93uEPTydfp%2Bsym9yacESzHxA60Sm9F8jEVEXY7OimhKKU4Mh%2F%2FeWgYKxoQyaSP%2FINJgwbxdAo2COMjOs6HodwEbAVwbeXbNHIUcLoh6Lz3BvoepS01mrEritycZWYqROLVtZiRdGVKpJrv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
lookup-cache-hit
1
x-hrouter
hrouter3
cf-ray
7a997cdcfd829b51-FRA
global.css
www.donadiftler.com/classes/commons/resources/global/ 		969 B
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.donadiftler.com/classes/commons/resources/global/global.css?1000848
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23750febfc516242a42c64e41801ad5692a672bbdcd3fd1ccbf3a5c027b60bf9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hstore
hstore1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Jun 2016 22:37:29 GMT
server
cloudflare
etag
W/"5771aaa9-3c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHSCSNDykyo1LCyu2B4jPZaaRyOqvgJIz7OH7nnp3r%2BZ6G%2F92Kq20bsAaktS9sQTHnsjJuP%2FJie%2FcwScgukGsJfKIiIGhvIyk%2BL2rq7yolzmj6%2BGZpgjYCjDQTGLsk9XEstzebhSPBLYpN5dTiiYzeHG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
lookup-cache-hit
1
x-hrouter
hrouter4
cf-ray
7a997cdcfd819b51-FRA
OurHeart.gif
www.griefrecoverymethod.com/images/
Redirect Chain
  • https://www.grief.net/images/OurHeart.gif
  • https://www.griefrecoverymethod.com/images/OurHeart.gif
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.griefrecoverymethod.com/images/OurHeart.gif
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date
Sat, 18 Mar 2023 00:51:32 GMT
strict-transport-security
max-age=0
traceresponse
00-174d5d2f0a389ad5a3d03b6b6e6072f9-3c8a91a19f9412a8-00
x-platform-cluster
unu5kzvquxhay-master-7rqtwti
content-type
text/html
location
https://www.griefrecoverymethod.com/images/OurHeart.gif
x-debug-info
eyJyZXRyaWVzIjowfQ==
content-length
162
x-platform-router
fezvonys4avtbzj7sa6elo5xzm
fastclick.min.js
cdnjs.cloudflare.com/ajax/libs/fastclick/1.0.3/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fastclick/1.0.3/fastclick.min.js
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eea65f2779554b49d066e5c81d96481c1c42ae541074500d5a0e54c1e1f0f24
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3877774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2094
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-1f54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kxk%2BxYcQYBJ4s%2FRFmdeHjyUzYdnm1yG5jGjNW3eUQ6dWJzQo8OxIZfBhYhfLEQr7tZP6zpVFQXmy%2BwWEKc8nFN%2FURCb7iP4nCyq%2FzfYNb2h2h501pdndEAmwbBSyB0TooYV47KpJOCS77za9hsfki0%2BZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a997cdfde0e3a7c-FRA
expires
Thu, 07 Mar 2024 00:51:32 GMT
like.php
www.facebook.com/plugins/ Frame F171 		46 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.donadiftler.com%2F&send=false&layout=button_count&width=90&show_faces=true&action=like&colorscheme=light&font=arial&height=30&locale=en_US
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a282eaaa8bde1271be28776438074dd203e8f339e981fdbd0707744712d5d975
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.donadiftler.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sat, 18 Mar 2023 00:51:32 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
MFCZxkzXwfIsEGLjsj7Lkj0g7llFbQ+uw7O1jykq2ZpnlvAfy7tcCNS0bxE/S6JKp4vxVm3wFkM2Nnc3rYuK7Q==
x-fb-rlafr
0
x-xss-protection
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.donadiftler.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Mar 2023 23:21:57 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5375
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sat, 18 Mar 2023 01:21:57 GMT
paleTexture.jpg
www.donadiftler.com/templates/BareNecessities_PaleTexture/resources/palettes/paleTexture/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.donadiftler.com/templates/BareNecessities_PaleTexture/resources/palettes/paleTexture/paleTexture.jpg
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299de3d55701024640ea50411a6a4f080046cb6a5a26f3fa641bb131eaea807f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hstore
hstore6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4821
last-modified
Sat, 07 May 2016 07:43:26 GMT
server
cloudflare
etag
"572d9c9e-12d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKF6ozaT4taV7my0k%2B1%2F8lRFsJtAmr8xp7AGicl5BnHRha1h53cdrXo4plE%2BEutSmgbFB2Wva7m4ImyL5J%2BSoxOO%2FCCHo9ViQ75UP52eq5nW9bxdbonHVVhKlVrYbvpd6TyOUbtQg3K20biEq2Y3s2%2Fy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
lookup-cache-hit
1
accept-ranges
bytes
x-hrouter
hrouter3
cf-ray
7a997cdf98523635-FRA
IMG_2368.jpg
www.donadiftler.com/resources/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.donadiftler.com/resources/IMG_2368.jpg
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0689f284c0ca4ba599883312ab22c64a191970acc88ff0cda39d8441efad5695
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 25 Nov 2009 10:00:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"696581af69b1687bb4782138ff0fa817"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEMeBbZin1OesYqHL7aHtUg80Jmz0sESjQWmFzt%2B00ZRSe7XmkB%2FhllERCJ79glW%2Bal1Za2qKwxzshTGP3BQvyaD81UODLeDQ3rLzKvXog5n2lAJaQc0J35CvxJkv1BETomi32yM36PDxkL4sbEJ2BU7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
7a997cdf98533635-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68264
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=421312867&utmhn=www.donadiftler.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dona%20E.%20Diftler%2C%20LCSW%20-%20Knoxville%20Therapist%2C%20Social%20Worker%2C%20Marriage%20Counselor&utmhid=15425115&utmr=-&utmp=%2F&utmht=1679100692539&utmac=UA-11486956-1&utmcc=__utma%3D181088690.593587466.1679100693.1679100693.1679100693.1%3B%2B__utmz%3D181088690.1679100693.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=678513674&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Mar 2023 00:51:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking.js
analytics.yolacdn.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.yolacdn.net/tracking.js
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cd5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f0654bb14da45d2f727dcd0112097ee7e31b1f2f4ea77184d86bf0d8e4dae4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2022 11:18:24 GMT
server
cloudflare
age
2355
etag
W/"62cc0700-342e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
cf-ray
7a997ce0d89d9b7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e8cd4bf2f547eb60b69a54a5340d5feed5905e1e5ea0ef3d3aefe6a6c1523fe7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
content-encoding
gzip
etag
"qnbLQo87mD/KmvsyZTIxlQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 25 Mar 2023 00:51:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 18 Mar 2023 00:23:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1679
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 18 Mar 2023 02:23:33 GMT
yolaTag.png
www.donadiftler.com/classes/commons/yola_footer/png/ 		755 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.donadiftler.com/classes/commons/yola_footer/png/yolaTag.png?1000848
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0544e488de992ad3ddec92778c9e3984734b5a47462aafb0afedb494d2c7b27b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hstore
hstore6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
755
last-modified
Wed, 03 Jun 2015 08:06:05 GMT
server
cloudflare
etag
"556eb56d-2f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Co%2BAzg3IfJcrVpAaqmpHPvt%2FC%2FF8aDmb6K%2FLBq5mQrsHZsEnbsdUp1T3qOPgYz8jFY6ue6v%2Ff4v1oTYkZ5TzVv5hd%2F5YR8fA94ItztTcYxJVesc67PKkRG88jAY5jyGs4hiz%2B261d190ad08Lf7jSvFS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
lookup-cache-hit
1
accept-ranges
bytes
x-hrouter
hrouter3
cf-ray
7a997ce078fc3635-FRA
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame F171 		299 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.donadiftler.com%2F&send=false&layout=button_count&width=90&show_faces=true&action=like&colorscheme=light&font=arial&height=30&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
WBwhR4zP2yncEsv/43m4MPSjK5XhciYXa9mkYfjurpGxJCOxQy67wtKwC7m9Sd6OsWeZKjVa0KKLg2LyYVdlEg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 14 Mar 2024 05:24:32 GMT
Z698wnSXsDa.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yH/l/en_US/ Frame F171 		522 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yH/l/en_US/Z698wnSXsDa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.donadiftler.com%2F&send=false&layout=button_count&width=90&show_faces=true&action=like&colorscheme=light&font=arial&height=30&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b64103fa36e86cd58eb20e64f975aca3ef3f91e92a0481320534c1f70b762c66
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
n3DsyCBZ6b7ywp7DUMSnaQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
137750
x-fb-rlafr
0
x-fb-debug
qT5t4MEgGcjVJgdNh77wQP0xMOz/4MnEoSMT6WNnqpn5pWKNLZPIiXQZw5em/nitWC5nUW9/su/O9EDWCQ9rBw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Mar 2024 21:01:59 GMT
LoggingAgent
pixel.yola.com/LoggingAgent/ 		12 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yola.com/LoggingAgent/LoggingAgent?url=//www.donadiftler.com/&pagename=index&siteid=8a49866a201949e201203b8ad83838f2&resolution=1600x1200&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=CA359297-8A60-0001-5B95-1A715BBA1B5A&visitId=CA359297-8A90-0001-8BDD-AC805F1616BD&user_id=8a4986c81fcd4e82011fd8f4b42d11a0&partner_id=YOLA&LoggingAgentReturnType=script
Requested by
Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Mar 2023 00:51:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cf-ray
7a997ce18f37914a-FRA
expires
-1
sw.js
analytics.sitewit.com/partner/yola/8a49866a201949e201203b8ad83838f2/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.sitewit.com/partner/yola/8a49866a201949e201203b8ad83838f2/sw.js
Requested by
Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:4c50:7dbf:ba70:1bb2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86b0c9b16292292572da4ada332ead11c73f26922821f5f3333711e0ec6b5a22

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Sat, 18 Mar 2023 00:51:32 GMT
cache-control
private,no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-length
20170
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
rules-p-b8x17GqsQ_656.js
rules.quantcount.com/ 		160 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-b8x17GqsQ_656.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47af3d8bf9a6829c236e1941372015d8134c2bf6d52c3438d2819e55a3203ef4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:46:55 GMT
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1344
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:23:33 GMT
server
AmazonS3
etag
"c1c31c78be743444fcdde67a047bd8d0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
F4khGhS2nDp8Cl3qDr6WGMEf5pB_0DgGj1TWYckIW-OFUwGrqkfYew==
collect
www.google-analytics.com/j/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=15425115&t=pageview&_s=1&dl=https%3A%2F%2Fwww.donadiftler.com%2F&ul=en-us&de=UTF-8&dt=Dona%20E.%20Diftler%2C%20LCSW%20-%20Knoxville%20Therapist%2C%20Social%20Worker%2C%20Marriage%20Counselor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=181088690.593587466.1679100693.1679100693.1679100693.1&_utmz=181088690.1679100693.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1679100692665&_u=IQBCAEABAAAAACAAI~&jid=2130162254&gjid=2003755740&cid=593587466.1679100693&tid=UA-11486956-1&_gid=1876853836.1679100693&_r=1&_slc=1&z=1097578649
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.donadiftler.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Mar 2023 00:51:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.donadiftler.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1966010022;rf=0;a=p-b8x17GqsQ_656;url=https%3A%2F%2Fwww.donadiftler.com%2F;uht=2;fpan=1;fpa=P0-1045574291-1679100692655;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=don...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1966010022;rf=0;a=p-b8x17GqsQ_656;url=https%3A%2F%2Fwww.donadiftler.com%2F;uht=2;fpan=1;fpa=P0-1045574291-1679100692655;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=donadiftler.com;dst=0;et=1679100692775;tzo=0;ogl=;ses=bff06aa9-eed5-4a93-bbed-947f10a7931f
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Mar 2023 00:51:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sw_connect.js
connect.sitewit.com/js/8A49866A201949E201203B8AD83838F2/ 		32 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.sitewit.com/js/8A49866A201949E201203B8AD83838F2/sw_connect.js?ispartner=yola&ns=sw
Requested by
Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/partner/yola/8a49866a201949e201203b8ad83838f2/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.54.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-73.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Sat, 18 Mar 2023 00:51:33 GMT
cache-control
private
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-length
32
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cq_blank.gif
analytics.sitewit.com/images/ 		35 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.sitewit.com/images/cq_blank.gif?_sw_yolaid=8A49866A201949E201203B8AD83838F2&_sw_uid=ddf342d8-5137-420e-8ab1-e3387ec848ff&_sw_fp=a45bd485aacf26146c9a9067683f819732212632&_sw_pl=306&_sw_pc=3&_sw_dat=MXx3d3cuZG9uYWRpZnRsZXIuY29tfGh0dHBzOi8vd3d3LmRvbmFkaWZ0bGVyLmNvbS98ZW4tVVN8MTYwMHwxMjAwfDI0fENocm9tZS8xMTEuMC41NTYzLjY0fHg2NHwxfDB8MXwwfC18fC18LXwtfDIwMDE6MWFmODo0NzAwOmEwNjk6MzU6Ojd8MA==&to=80
Requested by
Host: www.donadiftler.com
URL: https://www.donadiftler.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:4c50:7dbf:ba70:1bb2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.donadiftler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:51:33 GMT
last-modified
Thu, 24 Jun 2010 20:21:15 GMT
server
Microsoft-IIS/10.0
etag
"9f8deacbda13cb1:0"
content-type
image/gif
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cache-control
no-cache
accept-ranges
bytes
content-length
35

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless boolean| Ha object| webfont object| WebFont function| $ function| jQuery object| flyoutMenu object| swRegisterManager function| swPostRegister string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal function| FastClick boolean| deviceIsAndroid boolean| deviceIsIOS boolean| deviceIsIOS4 boolean| deviceIsIOSWithBadTarget boolean| deviceIsBlackBerry10 object| _yts object| tracking_tag object| _qevents string| GoogleAnalyticsObject function| ga function| UUID function| createCookie function| readCookie function| getPageName function| pmv_getUrlStat function| _pmv_src function| _pmv_log_sync function| load_script function| _ysw object| swfobject string| visitorId object| uuid string| visitId string| pmv_jav string| pmv_cookie string| pmv_fla object| pmv_do string| pmv_rtu string| pmv_logging_location object| x function| quantserve function| __qc object| ezt object| _qoptions object| google_tag_data object| gaplugins object| gaData object| _sw_b6 function| _swInitPageRegister function| _sw_analytics function| _sw_cookie function| _sw_user_info function| _sw_hit_info function| _sw_item function| _sw_transaction function| _sw_crypto object| sw object| uapl string| enctype object| oa string| vers string| osv number| c2 number| c1

16 Cookies

Domain/Path Name / Value
.donadiftler.com/ Name: __utma
Value: 181088690.593587466.1679100693.1679100693.1679100693.1
.donadiftler.com/ Name: __utmc
Value: 181088690
.donadiftler.com/ Name: __utmz
Value: 181088690.1679100693.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.donadiftler.com/ Name: __utmt
Value: 1
.donadiftler.com/ Name: __utmb
Value: 181088690.1.10.1679100693
www.donadiftler.com/ Name: synthasiteVisitorId
Value: CA359297-8A60-0001-5B95-1A715BBA1B5A
www.donadiftler.com/ Name: synthasiteVisitId
Value: CA359297-8A90-0001-8BDD-AC805F1616BD
.donadiftler.com/ Name: _ga
Value: GA1.2.593587466.1679100693
.donadiftler.com/ Name: _gid
Value: GA1.2.1876853836.1679100693
.donadiftler.com/ Name: _gat
Value: 1
.quantserve.com/ Name: mc
Value: 64150b14-c24c0-ddfa4-ff2c5
.donadiftler.com/ Name: __qca
Value: P0-1045574291-1679100692655
.donadiftler.com/ Name: _swa_u
Value: ddf342d8-5137-420e-8ab1-e3387ec848ff
.yola.com/ Name: __cf_bm
Value: 5I6G5XoZ2xd.Axgur36vygNyUxatw01mlasDyQKH7cY-1679100693-0-Ad5SFy8kGJ/3yuLaCM1jfSVxw9ioa9QRM1Sh5Lbw2vHic6SzdM+jZ3lVsfJKe2qQmYTlaNposDpeQCwKRduiOa/CO0a/Asl5ZDgbXB4Vnd+z
analytics.sitewit.com/ Name: AWSALBCORS
Value: L7WU3XQqSHXw9NasAH87bWMzz9D9bi7x6d2CLqZhnwbO60Cu3k62PFVKnunhcu6pf6OPbK5cejNwcxqNDMQnOPPTuyjKPFPhWqsvuvvw0Llbd1VQ3PqPapvawWbe
connect.sitewit.com/ Name: AWSALBCORS
Value: vi12rxQwQHpwgrCdxlXwF7BmrL11GHAyyYYN5zRLmTK2pdbue32GhHREjU9Na/0J2fIHae2TveXgc+q2s5wR1Nv3iP7c38TCuXeMtB+ZyxTWvLUk0akyGLWj6kRL

5 Console Messages

Source Level URL
Text
security warning URL: https://www.donadiftler.com/
Message:
Mixed Content: The page at 'https://www.donadiftler.com/' was loaded over HTTPS, but requested an insecure element 'http://www.grief.net/images/OurHeart.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.donadiftler.com/(Line 343)
Message:
Mixed Content: The page at 'https://www.donadiftler.com/' was loaded over HTTPS, but requested an insecure element 'http://www.grief.net/images/OurHeart.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://www.donadiftler.com/(Line 342)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.donadiftler.com/(Line 342)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.griefrecoverymethod.com/images/OurHeart.gif
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.sitewit.com
analytics.yolacdn.net
cdnjs.cloudflare.com
connect.sitewit.com
donadiftler.com
pixel.quantserve.com
pixel.yola.com
rules.quantcount.com
secure.quantserve.com
ssl.google-analytics.com
static.xx.fbcdn.net
www.donadiftler.com
www.facebook.com
www.google-analytics.com
www.grief.net
www.griefrecoverymethod.com
18.214.54.73
2600:1f18:243f:2d01:4c50:7dbf:ba70:1bb2
2600:9000:2127:b200:6:44e3:f8c0:93a1
2606:4700::6811:190e
2606:4700::6812:7f59
2606:4700::6812:cd5f
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:810::200e
2a00:1450:4001:827::200a
2a00:1450:4001:831::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
54.88.225.116
00f0654bb14da45d2f727dcd0112097ee7e31b1f2f4ea77184d86bf0d8e4dae4
0544e488de992ad3ddec92778c9e3984734b5a47462aafb0afedb494d2c7b27b
0689f284c0ca4ba599883312ab22c64a191970acc88ff0cda39d8441efad5695
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23750febfc516242a42c64e41801ad5692a672bbdcd3fd1ccbf3a5c027b60bf9
299de3d55701024640ea50411a6a4f080046cb6a5a26f3fa641bb131eaea807f
47af3d8bf9a6829c236e1941372015d8134c2bf6d52c3438d2819e55a3203ef4
52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6eea65f2779554b49d066e5c81d96481c1c42ae541074500d5a0e54c1e1f0f24
7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86b0c9b16292292572da4ada332ead11c73f26922821f5f3333711e0ec6b5a22
8fab8908c0e00afdbda7b7650a1691bbf3a58e2537bc2c12eb77ae1405a4cbf8
9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244
9ecdeeeebf7b81a716782ebea0d505958b7485516be35b296abdab382c475e46
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a282eaaa8bde1271be28776438074dd203e8f339e981fdbd0707744712d5d975
a97912bc4fdc1530a1b23246106b706e1ca91d322b84d793b5c126df341e31f5
b64103fa36e86cd58eb20e64f975aca3ef3f91e92a0481320534c1f70b762c66
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cd4bf2f547eb60b69a54a5340d5feed5905e1e5ea0ef3d3aefe6a6c1523fe7