urlscan.io logo urlscan.io
SecurityTrails logo

bodymindassu4837.clinicsites.co Open in urlscan Pro
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bodymindassurance.com/
Effective URL: https://bodymindassu4837.clinicsites.co/
Submission: On April 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 25 HTTP transactions. The main IP is 2600:1f13:c97:ee02:20fd:c0e9:33c3:d128, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is bodymindassu4837.clinicsites.co.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 22nd 2023. Valid for: a year.
This is the only time bodymindassu4837.clinicsites.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.89.243.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-243-208.us-west-2.compute.amazonaws.com
bodymindassurance.com
12    2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 (Boardman, United States)

ASN16509 (AMAZON-02, US)
bodymindassu4837.clinicsites.co
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:9000:275d:b800:16:7f66:7c00:21 (United States)

ASN16509 (AMAZON-02, US)
d2t6o06vr3cm40.cloudfront.net
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
Apex Domain
Subdomains		 Transfer
12 clinicsites.co
bodymindassu4837.clinicsites.co
537 KB
3 gstatic.com
fonts.gstatic.com
305 KB
3 cloudfront.net
d2t6o06vr3cm40.cloudfront.net
156 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7278
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
256 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941
265 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
98 KB
1 bodymindassurance.com
bodymindassurance.com
828 B
25 9
Domain Requested by
12 bodymindassu4837.clinicsites.co bodymindassu4837.clinicsites.co
3 fonts.gstatic.com fonts.googleapis.com
3 d2t6o06vr3cm40.cloudfront.net bodymindassu4837.clinicsites.co
3 fonts.googleapis.com bodymindassu4837.clinicsites.co
1 www.google.de bodymindassu4837.clinicsites.co
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com bodymindassu4837.clinicsites.co
1 bodymindassurance.com 1 redirects
25 9

This site contains links to these domains. Also see Links.

Domain
bodymindassurance.janeapp.com
www.google.com
clinicsites.co
Subject Issuer Validity Valid
clinicsites.co
Amazon RSA 2048 M02		 2023-12-22 -
2025-01-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bodymindassu4837.clinicsites.co/
Frame ID: E958DDB331BD7C78C61F4F12D14C046C
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Neuro Emotional Technique (NET), Orthotics - Custom or Prefab Fitting and more | Body Mind Assurance

Page URL History Show full URLs

  1. https://bodymindassurance.com/ HTTP 301
    https://bodymindassu4837.clinicsites.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

25
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

1100 kB
Transfer

1874 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bodymindassurance.com/ HTTP 301
    https://bodymindassu4837.clinicsites.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bodymindassu4837.clinicsites.co/
Redirect Chain
  • https://bodymindassurance.com/
  • https://bodymindassu4837.clinicsites.co/
33 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14
Resource Hash
031d8411bc59b85b5ed297e44e8710e6e0b5c0f24e2d510191de9b98ed00bf6e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.lvh.me:3000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' http://*.lvh.me:3000
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 20:18:40 GMT
etag
W/"5101256903e1c22a3b77b7345c74b097"
server
nginx/1.14.0 + Phusion Passenger(R) 6.0.14
status
200 OK
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Phusion Passenger(R) 6.0.14
x-rack-cache
miss
x-request-id
99d452a8-f186-4ced-bdeb-cab72c12a6e2
x-runtime
0.255726
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 20:18:39 GMT
location
https://bodymindassu4837.clinicsites.co:443/
server
Caddy nginx/1.14.0 + Phusion Passenger(R) 6.0.14
status
301 Moved Permanently
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Phusion Passenger(R) 6.0.14
x-rack-cache
miss
x-request-id
6c8bfc71-48f7-4346-af87-9a7a63f2a63b
x-runtime
0.008952
x-xss-protection
1; mode=block
application-b2dfc1aad05e45e6756e097b15c026c250a3e30a8cab4651d613dd0a09ef5569.css
bodymindassu4837.clinicsites.co/assets/ 		149 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bodymindassu4837.clinicsites.co/assets/application-b2dfc1aad05e45e6756e097b15c026c250a3e30a8cab4651d613dd0a09ef5569.css
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2dfc1aad05e45e6756e097b15c026c250a3e30a8cab4651d613dd0a09ef5569

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:18:40 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 07:02:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"660e5093-25273"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Fri, 18 Apr 2025 20:18:40 GMT
css2
fonts.googleapis.com/ 		696 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,200,0,0
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53e8f3583568bb3e27dfcfcf7de1d3d2871affbd2aa0a50aefb909bcdd370d73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 20:18:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 20:18:40 GMT
stylesheet.css
bodymindassu4837.clinicsites.co/themes/ 		295 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bodymindassu4837.clinicsites.co/themes/stylesheet.css?timestamp=2024-04-18+14%3A17%3A06+-0600
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14
Resource Hash
a3b98c211717fc40f6401a85af13f5454a317ca6a4175002718ab68d5ee3bf14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-powered-by
Phusion Passenger(R) 6.0.14
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0785749b-409d-4aa4-a7e4-14a7f3d1e3e9
x-runtime
0.013678
x-content-digest
4f0eca288475f8617bfb4beb5f29950e0bfb104e
last-modified
Thu, 18 Apr 2024 20:18:40 GMT
server
nginx/1.14.0 + Phusion Passenger(R) 6.0.14
etag
W/"78b30c3e1fb845875e49f0021c9255d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public
x-rack-cache
stale, invalid, ignore, store
overrides-72a980cf14267657c863ba73d3033814e028dae4381ca0e291db6ee642342be2.css
bodymindassu4837.clinicsites.co/assets/ 		283 B
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bodymindassu4837.clinicsites.co/assets/overrides-72a980cf14267657c863ba73d3033814e028dae4381ca0e291db6ee642342be2.css
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
72a980cf14267657c863ba73d3033814e028dae4381ca0e291db6ee642342be2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:18:40 GMT
last-modified
Fri, 22 Mar 2024 17:39:46 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"65fdc262-11b"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
283
expires
Fri, 18 Apr 2025 20:18:40 GMT
css
fonts.googleapis.com/ 		1 KB
490 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300i
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1549d2556403269ec9c84af4704027f82bd692df2215dede4a3847a1ba65bc79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 20:18:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 20:18:40 GMT
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d7e738c0b4de24f64e9c15225c4190b6c25c810f3b376f98417a0c5b88bbb81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 20:18:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 20:18:40 GMT
application-cf050c3f3fec2b7b4a4266e0404ed7101881fbf7a2d99ca74fd053393b155bc2.js
bodymindassu4837.clinicsites.co/assets/ 		305 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bodymindassu4837.clinicsites.co/assets/application-cf050c3f3fec2b7b4a4266e0404ed7101881fbf7a2d99ca74fd053393b155bc2.js
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf050c3f3fec2b7b4a4266e0404ed7101881fbf7a2d99ca74fd053393b155bc2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:18:40 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 06:07:18 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"660e4396-4c39a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 18 Apr 2025 20:18:40 GMT
js
www.googletagmanager.com/gtag/ 		292 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7KWN4PCCYC
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
236efa8b102b742fd2d6b77c78c6998b89320ef97299c2fc97f770495d8c96f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:18:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99988
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 20:18:41 GMT
W1siZiIsIjIwMjQvMDQvMTgvMTAvMzEvMzgvZTMwN2Y1NDEtYzJiOS00ODJkLWE4MDgtMzNjYTY3MjE0OTEyL2ZpbGUiXSxbInAiLCJ0aHVtYiIsIjYwMHg2MDBcdTAwM2UiXSxbInAiLCJ0cmltIl1d
bodymindassu4837.clinicsites.co/df_media/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bodymindassu4837.clinicsites.co/df_media/W1siZiIsIjIwMjQvMDQvMTgvMTAvMzEvMzgvZTMwN2Y1NDEtYzJiOS00ODJkLWE4MDgtMzNjYTY3MjE0OTEyL2ZpbGUiXSxbInAiLCJ0aHVtYiIsIjYwMHg2MDBcdTAwM2UiXSxbInAiLCJ0cmltIl1d?sha=3a8b55e1428d2e2f
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14
Resource Hash
a6db464d840f2430bdb77e33f725f24ff878d1f40d3425d607e1fd850636971e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
0.506181
date
Thu, 18 Apr 2024 20:18:40 GMT
x-content-digest
68d770a6f78c713b0f63aa9cad8c45dc6965a5b2
x-content-type-options
nosniff
server
nginx/1.14.0 + Phusion Passenger(R) 6.0.14
age
94
etag
"328619dd6ef0b55dc5fdf917887bfba70de39363"
x-powered-by
Phusion Passenger(R) 6.0.14
content-type
application/octet-stream
status
200 OK
cache-control
public, max-age=31536000
content-disposition
filename="file"
content-length
79433
x-request-id
98b28951-a640-4469-8e9c-dd7ac6375981
x-rack-cache
fresh
2.png
bodymindassu4837.clinicsites.co/df_media/W1siZiIsIjIwMjQvMDQvMDkvMTQvMTIvMjUvYTJjZWUyY2EtYWI2NC00OGEzLWI5NDctMTMzZmNiYWE0OTY3LzIucG5nIl0sWyJwIiwidGh1bWIiLCI0MDB4XHUwMDNlIl1d/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bodymindassu4837.clinicsites.co/df_media/W1siZiIsIjIwMjQvMDQvMDkvMTQvMTIvMjUvYTJjZWUyY2EtYWI2NC00OGEzLWI5NDctMTMzZmNiYWE0OTY3LzIucG5nIl0sWyJwIiwidGh1bWIiLCI0MDB4XHUwMDNlIl1d/2.png?sha=771a83bc3fd2484e
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14
Resource Hash
f5310fd18db13584adbe19f8e9ae73ef0e8c21a972001d4d74d1050c9554531f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
0.608296
date
Thu, 18 Apr 2024 20:18:40 GMT
x-content-digest
0bcce6dea93258a63316bd2317233091f99d01b7
x-content-type-options
nosniff
server
nginx/1.14.0 + Phusion Passenger(R) 6.0.14
age
799480
etag
"c6168f7522057469e35ae31f7fbc65bcfd6dfba8"
x-powered-by
Phusion Passenger(R) 6.0.14
content-type
image/png
status
200 OK
cache-control
public, max-age=31536000
content-disposition
filename="2.png"
content-length
101791
x-request-id
00173a63-f806-41d5-bcdf-27a985cdb7ed
x-rack-cache
fresh
4.png
bodymindassu4837.clinicsites.co/df_media/W1siZiIsIjIwMjQvMDQvMDkvMTQvMTIvMjYvNDU3MmQwYTEtNDBkMy00YzkzLWEwNDEtZDFmNjA4MTc2YWRhLzQucG5nIl0sWyJwIiwidGh1bWIiLCI0MDB4XHUwMDNlIl1d/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bodymindassu4837.clinicsites.co/df_media/W1siZiIsIjIwMjQvMDQvMDkvMTQvMTIvMjYvNDU3MmQwYTEtNDBkMy00YzkzLWEwNDEtZDFmNjA4MTc2YWRhLzQucG5nIl0sWyJwIiwidGh1bWIiLCI0MDB4XHUwMDNlIl1d/4.png?sha=f337988765c2cad6
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14
Resource Hash
098876bb21fe09da675e2aa67fc54a9f28c1463c52f8386ef88384b1d7ee3e82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
0.530793
date
Thu, 18 Apr 2024 20:18:41 GMT
x-content-digest
49464e38908aaef11021d0a767df700a742b588d
x-content-type-options
nosniff
server
nginx/1.14.0 + Phusion Passenger(R) 6.0.14
age
799480
etag
"1b85727dbfdac64ff398ab7f5c90e009caae7f5f"
x-powered-by
Phusion Passenger(R) 6.0.14
content-type
image/png
status
200 OK
cache-control
public, max-age=31536000
content-disposition
filename="4.png"
content-length
93912
x-request-id
a015bffc-57ee-46f4-8433-a0a3768ab40f
x-rack-cache
fresh
6.png
d2t6o06vr3cm40.cloudfront.net/2024/04/09/14/14/00/33842515-53b1-4c14-bd5c-e37d4d44c689/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2t6o06vr3cm40.cloudfront.net/2024/04/09/14/14/00/33842515-53b1-4c14-bd5c-e37d4d44c689/6.png
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b800:16:7f66:7c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
499b85b3af149ccf594ccaaf991d310a07263f45f8ae8277f4293c3a1fec4fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:17:31 GMT
x-amz-version-id
NP1NztaqBewT2k_vuQZtBwTAoXGWomI.
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P11
age
71
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P11",cdn-rid;desc="OcqGJRReHf-ONiwgn9yruFpTMx07hcPnHfr7NKMDcQ0sv1uT0-MKeQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=4
content-length
90152
last-modified
Tue, 09 Apr 2024 14:14:02 GMT
server
AmazonS3
etag
"905d2d9661814b92c04989db7900ec7d"
content-type
image/png
cache-control
max-age=3153600
x-amz-meta-json
{"name":"6.png"}
accept-ranges
bytes
x-amz-cf-id
OcqGJRReHf-ONiwgn9yruFpTMx07hcPnHfr7NKMDcQ0sv1uT0-MKeQ==
W1siZiIsIjIwMjQvMDQvMDkvMTQvMTIvMjcvOGY5YWJlMjMtMGMyNC00NDM0LWI4YjgtNTE3ZGE4ZmZiZWY0L2NsaW5pYy1zaXRlcy1sb2dvLnBuZyJdLFsicCIsInRodW1iIiwiMzAweDIwMFx1MDAzZSJdXQ
bodymindassu4837.clinicsites.co/df_media/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bodymindassu4837.clinicsites.co/df_media/W1siZiIsIjIwMjQvMDQvMDkvMTQvMTIvMjcvOGY5YWJlMjMtMGMyNC00NDM0LWI4YjgtNTE3ZGE4ZmZiZWY0L2NsaW5pYy1zaXRlcy1sb2dvLnBuZyJdLFsicCIsInRodW1iIiwiMzAweDIwMFx1MDAzZSJdXQ?sha=a8fdd9ef07e103e0
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14
Resource Hash
8dcc1f83b0524f0e4063fa9bf5eb0fb065622f3dcf7204026ff7da33cafd85ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
0.307668
date
Thu, 18 Apr 2024 20:18:41 GMT
x-content-digest
cf36b174d99796b9718a7b06a3417d09ea41c61a
x-content-type-options
nosniff
server
nginx/1.14.0 + Phusion Passenger(R) 6.0.14
age
799480
etag
"7db7851a493311732b7ba07d1e4792b092a8a3ca"
x-powered-by
Phusion Passenger(R) 6.0.14
content-type
image/png
status
200 OK
cache-control
public, max-age=31536000
content-disposition
filename="clinic-sites-logo.png"
content-length
6940
x-request-id
760a61ae-08ab-499b-b899-c7692661a58d
x-rack-cache
fresh
print-bb89f3a9f649ea98721f77ef41f0a87b3ca29599150e7f4fdd2d56a8fc6ea7e0.css
bodymindassu4837.clinicsites.co/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bodymindassu4837.clinicsites.co/assets/print-bb89f3a9f649ea98721f77ef41f0a87b3ca29599150e7f4fdd2d56a8fc6ea7e0.css
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bb89f3a9f649ea98721f77ef41f0a87b3ca29599150e7f4fdd2d56a8fc6ea7e0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:18:41 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 19:37:32 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65284afc-c9a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Fri, 18 Apr 2025 20:18:41 GMT
file.webp
d2t6o06vr3cm40.cloudfront.net/2024/04/09/20/52/21/3c7c5195-afb7-45b8-8c4a-0d361858695f/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2t6o06vr3cm40.cloudfront.net/2024/04/09/20/52/21/3c7c5195-afb7-45b8-8c4a-0d361858695f/file.webp
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/assets/application-b2dfc1aad05e45e6756e097b15c026c250a3e30a8cab4651d613dd0a09ef5569.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b800:16:7f66:7c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a12c2cef5b45b160d0c6fa479f5e4eb8d0fb278608e719efbd85b9c6f2e5764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:18:42 GMT
x-amz-version-id
g7siloxNn0bti3Ps5w5I4.Z6rRadGysh
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
server-timing
cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=272,cdn-upstream-fbl;dur=417,cdn-cache-miss,cdn-pop;desc="FRA56-P11",cdn-rid;desc="K6--fZtgL7QraekZBWm8buDGPp32a0f5PXNJV5idi-7dpTuYC4W0-g==",cdn-downstream-fbl;dur=424
content-length
44916
last-modified
Tue, 09 Apr 2024 20:52:22 GMT
server
AmazonS3
etag
"4498afc1f7d47609969acb0947600659"
content-type
application/octet-stream
cache-control
max-age=3153600
x-amz-meta-json
{"format":"webp","name":"file.webp","mime_type":null}
accept-ranges
bytes
x-amz-cf-id
K6--fZtgL7QraekZBWm8buDGPp32a0f5PXNJV5idi-7dpTuYC4W0-g==
Chiro4-weight-n.webp
bodymindassu4837.clinicsites.co/df_media/W1siZiIsImN1c3RvbWVyX2ltYWdlcy8xNjk3Mi8yMDI0LzA0LzA5LzE0LzEyLzMzL2MyNDE2NGY0LTZmOGQtNDAxZC1hZmZjLTA3ZTUyZWFlZDExZi9DaGlybzQtd2VpZ2h0LW4uanBnIl0sWyJwIiwiZW5j... 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bodymindassu4837.clinicsites.co/df_media/W1siZiIsImN1c3RvbWVyX2ltYWdlcy8xNjk3Mi8yMDI0LzA0LzA5LzE0LzEyLzMzL2MyNDE2NGY0LTZmOGQtNDAxZC1hZmZjLTA3ZTUyZWFlZDExZi9DaGlybzQtd2VpZ2h0LW4uanBnIl0sWyJwIiwiZW5jb2RlIiwid2VicCIsIi1xdWFsaXR5IDg1Il0sWyJwIiwidGh1bWIiLCIxNTAweFx1MDAzZSJdXQ/Chiro4-weight-n.webp?sha=1a9b470f43e35d94
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/assets/application-b2dfc1aad05e45e6756e097b15c026c250a3e30a8cab4651d613dd0a09ef5569.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14
Resource Hash
aef92b7d552127bf11f0f1b487e4e579c4e5d3de08a033efe93d2931222252e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/assets/application-b2dfc1aad05e45e6756e097b15c026c250a3e30a8cab4651d613dd0a09ef5569.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
2.922614
date
Thu, 18 Apr 2024 20:18:41 GMT
x-content-digest
45568c74f2af1415d7c12272bb8a3cc597111ccb
x-content-type-options
nosniff
server
nginx/1.14.0 + Phusion Passenger(R) 6.0.14
age
703198
etag
"34251de0c16673905e095497dddd0afce7e91548"
x-powered-by
Phusion Passenger(R) 6.0.14
content-type
application/octet-stream
status
200 OK
cache-control
public, max-age=31536000
content-disposition
filename="Chiro4-weight-n.webp"
content-length
50636
x-request-id
72744ae4-c5ae-45fe-8475-288de72b28b9
x-rack-cache
fresh
Chiro12.webp
d2t6o06vr3cm40.cloudfront.net/2024/04/12/14/59/50/b6f417f6-bf0c-4828-bea0-075522994d6d/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2t6o06vr3cm40.cloudfront.net/2024/04/12/14/59/50/b6f417f6-bf0c-4828-bea0-075522994d6d/Chiro12.webp
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/assets/application-b2dfc1aad05e45e6756e097b15c026c250a3e30a8cab4651d613dd0a09ef5569.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b800:16:7f66:7c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d464ea2186be5f886f68bb6a41707d728fe8c7a3619843fe29ea5228b5cd8311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:18:42 GMT
x-amz-version-id
CUqhQtdI2Tkh9a7v2LJWGjvDd6ly0BEV
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
22308
last-modified
Fri, 12 Apr 2024 14:59:52 GMT
server
AmazonS3
etag
"a05827be2de475bd70c11c7ed40a275f"
content-type
application/octet-stream
cache-control
max-age=3153600
x-amz-meta-json
{"name":"Chiro12.webp","format":"webp","mime_type":null}
accept-ranges
bytes
x-amz-cf-id
oTvK45-jbjN1hf95mYZUYGzK7k6kSH5_-Pq-dtr2d8vMCzZ8BgQSIQ==
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://bodymindassu4837.clinicsites.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 09:52:30 GMT
x-content-type-options
nosniff
age
469571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 09:52:30 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://bodymindassu4837.clinicsites.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 01:28:14 GMT
x-content-type-options
nosniff
age
240627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18704
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 01:28:14 GMT
kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDAvHOej.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v175/ 		263 KB
264 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialsymbolsoutlined/v175/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDAvHOej.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,200,0,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d84335239f55d6eb30d6564e972ad3ade44d9c7376bea186fd64b879e281df9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://bodymindassu4837.clinicsites.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 15:20:07 GMT
x-content-type-options
nosniff
age
190714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269780
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:06:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 15:20:07 GMT
collect
region1.analytics.google.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7KWN4PCCYC&gtm=45je44f0v9100741783za200&_p=1713471521194&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=608475053.1713471521&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713471521&sct=1&seg=0&dl=https%3A%2F%2Fbodymindassu4837.clinicsites.co%2F&dt=Neuro%20Emotional%20Technique%20(NET)%2C%20Orthotics%20-%20Custom%20or%20Prefab%20Fitting%20and%20more%20%7C%20Body%20Mind%20Assurance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2264
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7KWN4PCCYC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 20:18:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bodymindassu4837.clinicsites.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7KWN4PCCYC&cid=608475053.1713471521&gtm=45je44f0v9100741783za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7KWN4PCCYC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 20:18:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bodymindassu4837.clinicsites.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7KWN4PCCYC&cid=608475053.1713471521&gtm=45je44f0v9100741783za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=52986815
Requested by
Host: bodymindassu4837.clinicsites.co
URL: https://bodymindassu4837.clinicsites.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
bodymindassu4837.clinicsites.co/ 		0
139 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bodymindassu4837.clinicsites.co/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bodymindassu4837.clinicsites.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:18:41 GMT
last-modified
Thu, 18 Apr 2024 20:01:03 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"66217bff-0"
content-length
0
content-type
image/x-icon

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fadeInVideoBackground function| onPlayerReady function| getBlockBtnColor function| getBlockBtnSize function| getBlockBtnClasses function| changeHeight function| getBlockColorArray function| setBlockImageSize function| setImageSizePortrait function| setBlockVerticalPadding function| setImageSizeLandscape function| getRandomBlockOverlayColor function| getBlockPhotoPreview function| checkBlockBackgroundContentOpacity function| setBlockOpacityNoBackground function| getBlockDomId function| changeBlockDomOpacity function| setBlockGravityStyle function| getBlockIconCircleClass function| getCenterIconMargin function| removeBlockIconClasses function| getIconColorClasses function| flipBooleanInput function| change_background_class function| change_background_tone_class function| change_gradient_background_class function| debounce function| setupTinyMCEHeaders function| log_warning function| loadAce function| getRandomInt function| notification_notice function| notification_success function| notification_alert function| notification function| off_on_button_group function| convert_opacity function| change_opacity function| hidePageToolbar function| toggleBlockPagePosition function| isInViewport function| shade_blend function| sortable_decrease_overlap_to_sort function| sticky_navbar function| listOverlayColors function| offSetToolbarTop function| isSelectorPresent function| isPageTypePresent object| jscolor object| Rails boolean| _rails_loaded function| $ function| jQuery object| Popper object| htmx object| Honeybadger function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
bodymindassurance.com/ Name: _engage_session
Value: TGUrOUpnZ3BidGQrR0hNR3pOSkZuM0pNL3FBSlBsTWkraFM3VzMrUTZkRFJxcnpsdUNGcGs5bnJmdm1rcmlFWldySWpXOVloV0RJcEl4VStyRHlQTEZFV1Q4RE43aFR4VHA5aDFFVUxuUVlVeW9XZFRPcWhYWXRpaDR5SUh6OENoa2txd3Z2VWllTGFUWC80MGc3aFpjUlo4TzlZSHJMa1hpME1VMHByOW5zU1NaWDZPbTZXUi8rOWdUbG1zWEs5NmwrajdXTmpjbkxtc1o3T3hOaldTOVc2THkvcnJCbDE4VEFNa29DUHBsK2k0RGZCOXpxUDBrS2JSbFNCd2ptMjJwQVpGZ2l5NHZXY3RXQ3JGVXJZNzFRWk1zM2JESmlzeENaTEh5dDlLMUdIbUlvd0F3RzBQdG9kbzA0QUp1TVpMK2tMU2N4SmNhS3Z6K2VPbStwajNBPT0tLU5LKzlBWGlmazE2YVZCTUh1VW82VUE9PQ%3D%3D--adf2f50cc50e9968380004cc679b9abe7b5552d9
bodymindassu4837.clinicsites.co/ Name: _engage_session
Value: eXVzVnkwbXdVYXFlYnNwd3hqQWFHRXM2VExHY1UweTZmMjEwZzBZTGQ2ek1ieHRxMFY2cEtQeVZDeTIxSEN0UEh1dDVUSWNxYTVrU0NKc3hVVnduWUYwa1NIYkVFVjVtcjZuZ0tOTW5yTkZsUTRyV3BXSWZtejM1RGUxR3JpWkNpYUNNaU9uTEhrYktEeTdzd2xNZGxqTkNnV0MwRlV6d3hFWVk4bjIvenRmUnhoVlFNQmlhR0ZlZTM1TkFsWGhDYzBrTGl5bEpwZ0p3Ym1ZMWliNVZtdVkzRG0yS1RBYnpYNzhYeU1pMFpqSTRlaVJVZGFvNlB6emtKWlgxZVEyVUNrWEN2MysxVEh6T1lzT1Blbzl4MUlLdkRjOXNyN0QvNVhqL3FQci9kRnN5UW9lQzJuaWUydW4wNWJPemxiZ3o4Tkdtc1dTcHdncFRDQ01ESHNTa1hyUHFkUHZXUzJkY0NXNGRpK1dRSnpTM1RNRnRadS9KMHlyRDNYWXQySjVqc21LTnM4TVhQUjZQTzE1Z0ZVdWUyNjk3WHlMQ2UxSk9HcDVxYitnczBFcTVZK2g5VzBnVlhuRGxpUjRiUVV4dS0tYkkxejVKU2ZQZmxCVEZqc0FUbHF0dz09--912298ffdb4b93ddc21062a106eb5b94b73d3294
.clinicsites.co/ Name: _ga_7KWN4PCCYC
Value: GS1.1.1713471521.1.0.1713471521.60.0.0
.clinicsites.co/ Name: _ga
Value: GA1.1.608475053.1713471521

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' http://*.lvh.me:3000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bodymindassu4837.clinicsites.co
bodymindassurance.com
d2t6o06vr3cm40.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
142.250.186.35
2001:4860:4802:34::36
2600:1f13:c97:ee02:20fd:c0e9:33c3:d128
2600:9000:275d:b800:16:7f66:7c00:21
2a00:1450:4001:81c::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9c
52.89.243.208
031d8411bc59b85b5ed297e44e8710e6e0b5c0f24e2d510191de9b98ed00bf6e
098876bb21fe09da675e2aa67fc54a9f28c1463c52f8386ef88384b1d7ee3e82
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1549d2556403269ec9c84af4704027f82bd692df2215dede4a3847a1ba65bc79
236efa8b102b742fd2d6b77c78c6998b89320ef97299c2fc97f770495d8c96f1
2d84335239f55d6eb30d6564e972ad3ade44d9c7376bea186fd64b879e281df9
499b85b3af149ccf594ccaaf991d310a07263f45f8ae8277f4293c3a1fec4fd8
4a12c2cef5b45b160d0c6fa479f5e4eb8d0fb278608e719efbd85b9c6f2e5764
53e8f3583568bb3e27dfcfcf7de1d3d2871affbd2aa0a50aefb909bcdd370d73
72a980cf14267657c863ba73d3033814e028dae4381ca0e291db6ee642342be2
758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81
8d7e738c0b4de24f64e9c15225c4190b6c25c810f3b376f98417a0c5b88bbb81
8dcc1f83b0524f0e4063fa9bf5eb0fb065622f3dcf7204026ff7da33cafd85ee
a3b98c211717fc40f6401a85af13f5454a317ca6a4175002718ab68d5ee3bf14
a6db464d840f2430bdb77e33f725f24ff878d1f40d3425d607e1fd850636971e
aef92b7d552127bf11f0f1b487e4e579c4e5d3de08a033efe93d2931222252e9
b2dfc1aad05e45e6756e097b15c026c250a3e30a8cab4651d613dd0a09ef5569
bb89f3a9f649ea98721f77ef41f0a87b3ca29599150e7f4fdd2d56a8fc6ea7e0
cf050c3f3fec2b7b4a4266e0404ed7101881fbf7a2d99ca74fd053393b155bc2
d464ea2186be5f886f68bb6a41707d728fe8c7a3619843fe29ea5228b5cd8311
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5310fd18db13584adbe19f8e9ae73ef0e8c21a972001d4d74d1050c9554531f