urlscan.io logo urlscan.io
SecurityTrails logo

jupiter.chaneyeyecare.com Open in urlscan Pro
2606:4700:3035::6815:59dc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://deliverytrack.dutchkrediet.com/ga/click/2-47233352-2678-36736-72548-57237-537d2bc99f-e5f69cb65b
Effective URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanad...
Submission: On June 01 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3035::6815:59dc, located in United States and belongs to CLOUDFLARENET, US. The main domain is jupiter.chaneyeyecare.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 19th 2021. Valid for: a year.
This is the only time jupiter.chaneyeyecare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3035::ac43:a59c (United States)

ASN13335 (CLOUDFLARENET, US)
deliverytrack.dutchkrediet.com
14    2606:4700:3035::6815:59dc (United States)

ASN13335 (CLOUDFLARENET, US)
jupiter.chaneyeyecare.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2606:4700::6812:13b7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.by.wonderpush.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:20::681a:164 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
1    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
measurements-api.wonderpush.com
Domain Requested by
14 jupiter.chaneyeyecare.com jupiter.chaneyeyecare.com
4 cdn.by.wonderpush.com jupiter.chaneyeyecare.com
cdn.by.wonderpush.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com jupiter.chaneyeyecare.com
2 connect.facebook.net jupiter.chaneyeyecare.com
connect.facebook.net
1 measurements-api.wonderpush.com cdn.by.wonderpush.com
1 get.geojs.io cdn.by.wonderpush.com
1 fonts.googleapis.com jupiter.chaneyeyecare.com
1 cdnjs.cloudflare.com jupiter.chaneyeyecare.com
1 deliverytrack.dutchkrediet.com 1 redirects
29 10

This site contains links to these domains. Also see Links.

Domain
mtp.capitalrtv.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-19 -
2022-03-18		 a year crt.sh
by.wonderpush.com
R3		 2021-05-17 -
2021-08-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
measurements-api.wonderpush.com
GTS CA 1D4		 2021-04-25 -
2021-07-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Frame ID: 4CA436258ACA9B6C3F843351C2A818C0
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://deliverytrack.dutchkrediet.com/ga/click/2-47233352-2678-36736-72548-57237-537d2bc99f-e5f69cb65b HTTP 302
    https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

29
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

580 kB
Transfer

1482 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://deliverytrack.dutchkrediet.com/ga/click/2-47233352-2678-36736-72548-57237-537d2bc99f-e5f69cb65b HTTP 302
    https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Viad_3Q
jupiter.chaneyeyecare.com/
Redirect Chain
  • https://deliverytrack.dutchkrediet.com/ga/click/2-47233352-2678-36736-72548-57237-537d2bc99f-e5f69cb65b
  • https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
0988f9616d0ca1cfca72b2318e916357f9c36b296fa1d6d1ce02f7de77ab4d04

Request headers

:method
GET
:authority
jupiter.chaneyeyecare.com
:scheme
https
:path
/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.14
cf-cache-status
DYNAMIC
cf-request-id
0a6a71aeda0000d6f1f51fb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=APFAGiEeQ94W3oauc442L0BrblGG70jT04E3ROIUFjfYAvm1HGLj4YGApOdK1XwAoA6gLrBHcFqO%2BIich5EuQ0XD7HUS%2FMk1oeskyMZL9HLljeMkjkEnSxPwi84iPNuVQl7onkuVdCisPXofwD9IhN6WmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658a855e2b61d6f1-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 01 Jun 2021 18:31:48 GMT
content-type
text/html; charset=utf-8
status
302 Found
x-rack-cache
miss
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
x-request-id
7fa11723cbb80b09172f37a10681ca07
location
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.050508
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-powered-by
Phusion Passenger 6.0.4
cf-cache-status
DYNAMIC
cf-request-id
0a6a71acfe0000c3033d0e3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K2TM0ijdVdbx8SUM7WJVoqar%2B1qy%2FH26wjZnh77GuKDjmXKUMc87Fcqzq%2FznhNCbv0dsYcCLYxXeaJjZ8141GG%2FbUQa3o%2FfN1JX3k1GhpWtX4cwhQpoP%2BmCMhUESEmAbi80TLPlJsedUDiLhHftwXFXH30Z0pWOq"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658a855b2ccfc303-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
514377
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4972
cf-request-id
0a6a71b13600004ecd3bbbe000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-6b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oXndwTwab3Ze1EkBS%2FjbIPDM7GUviOBHBaZmyYRU0otNOnZCAF%2BicNwSfyZ7MDxZF5%2BW8hSvNLc31X%2Fg6JZQvJwM0oaIVOMkntxIy6X%2FY14S5c04lFa6xdw3%2B2VUpTHtgXaZkljhHJ1DxmBkyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
658a8561efde4ecd-FRA
expires
Sun, 22 May 2022 18:31:48 GMT
bootstrap.min.css
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/bootstrap.min.css
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
W/"1d970-5c315e7ec764a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MXS%2Bhu13h7w3oBfoKF81RZH%2Bbj0HA50vxvOH6cAA78Of6JBAiUUFyl1RVYMmRxB7vnpwIUHXBehLkrsjSwnlwpDoMws1SSc7Azr0SMzFRsRaeMKQgKQrXoUAnz%2FkpkB3b1rficFW%2BBlCKF33R13pVxotgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
658a85620f70d6f5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6a71b14d0000d6f5db096000000001
animate.css
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		56 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/animate.css
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/animate.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
W/"df07-5c315e7ec6a92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=97NgkbXsScEJ5hc9xKuAZFU4QqF08ymLWi2Gv4LqIhrdafwcHKY9mdDVoF0VJGO8lWXgNSkHKxq4ZCBedDJjdxNiKmfm5YMdC8ZyENd7ftKceSR%2FBc6e%2BWRuWKxN0feEfExSJm30imCFkm%2FJnfC3XDh4fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
658a85620f74d6f5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6a71b14e0000d6f599a5f000000001
customes.css
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/customes.css
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a386216b090cb677c68edf5545044841dc370549d734c9ce6cdc00416a7dfb1c

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/customes.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 16:38:17 GMT
server
cloudflare
etag
W/"d715-5c3160965d43f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0rBA1Tgeg9zA%2BkFLjZHrGvSV7YDT7ym3Y7BvDNQXXjtcd4Sg1vKCRCoqaGq16HxgyvxJaxtWo1iNE8tW6LSe8r9m4Yzg2PjZGWLfTL8WPthWS8fl7%2FkfPMKs5Iv3WEWJlzuMooCGwohgZQYZwk5VuhgYwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
658a85620f5ad6f5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6a71b1490000d6f5f7978000000001
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/ 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84db16143b24edb82e23e5a0273e7b7a56555803a81909396738cf990f4ca43

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10083
x-cache
Hit from cloudfront
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
494
cf-request-id
0a6a71b1520000bed3f69e5000000001
access-control-allow-origin
*
last-modified
Mon, 31 May 2021 15:43:32 GMT
server
cloudflare
etag
"bdaf1047b528eeae512e4a4df36700aded6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
cf-ray
658a856218c4bed3-FRA
x-amz-cf-id
7j_PVatXTiUzFTgImpqGBporJYuLyd2HR1LCDwNYheySVRnmzcyngA==
logo.png
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/logo.png
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f81270022ed41c071e78510a52e324e9ce2899942da71dc39bb1c5f5f5a40d0

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:51 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7511
cf-request-id
0a6a71b1490000d6f5d1bdc000000001
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
"1d57-5c315e7ec37ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BFVlV%2F0J5eEdTsdWJjmKj8KCEppYPtbR3KGL9AlyoXtT8nwRjWWP2%2B%2F0H2FdEm9zsEzOvBFbx9QCLmVyuSV3tEYtCcpo8b18UiA2%2FZRtUrPFE10NhLT8rTvxofqX82HAd0VKOHKiIY72TJynIztAzEANcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658a85620f55d6f5-FRA
crts.jpg
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/crts.jpg
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0109abde5a63dc45944e976c697cef36241df025a346c1e73ad2a0389b1048e7

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/crts.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4505
cf-request-id
0a6a71b14b0000d6f501b69000000001
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
"1199-5c315e7ec205a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AyOCaFJUqYr3%2FzUX6Rj1YtJtUeXAIK2cBfseYaqVuKdjavE4O%2FHbfQ6uDKNcUQR6%2BgkSI2RMrEKl3jQYkT7jyechTq7DwpaP41wrXURTTLtSchvDi9Olwti1ZU5Y9NYhCjBeqGYHdjFgC5cnjjxKAjeTjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658a85620f62d6f5-FRA
giftcrd.png
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/giftcrd.png
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16127e1b43f12687b4c99e93ac959c53d5b3ab50eae4920e271884ff1d75680b

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/giftcrd.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
36464
cf-request-id
0a6a71b14a0000d6f5dc35b000000001
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
"8e70-5c315e7ec2c12"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=68OYdyegdRlojV%2BVO4bucQYJwejmhsOKDlMOPGCiZU5K11BcTY85RXB%2BBXVfKhKjWgIQA6EgYNF8JmMZcDAiifIDo6ZxO4M2Dju4ZDkyS56qqrsphWwu1cnVFmp9ilmYPDRFHk45QWH3NQTySUsDfq%2BEeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658a85620f5bd6f5-FRA
mini.png
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/mini.png
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
681d7c9c85d4c4bae745eb48dda1743c0325356a65bacf785061025bff3aa27d

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/mini.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
58903
cf-request-id
0a6a71b14d0000d6f5c5131000000001
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
"e617-5c315e7ec3f9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=b8XkXxvM%2B5SxnhhzhXH9zaV5D76%2B2xoHg2ykTTo8SOPBYIoYWR0QPX6%2FiAGpq3RE0ySEgrriAHAmQkSjD0O%2Bh73hYQnK7sPOtuOB%2BGkOXoKxbkisNKNOHkdaQsL472kFyILzz7A8aZ8CpPryNrq9e33VYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658a85620f6cd6f5-FRA
s21.png
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/s21.png
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be118bc8706bf8488706d3b4400c7aa8b890dd22b2193f94d68ab13b2f2f2283

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/s21.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:49 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70493
cf-request-id
0a6a71b14c0000d6f58ab8f000000001
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
"1135d-5c315e7ec4b52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=29RaWfoeX%2FEDegBBbJ5xARCuMKvhn%2BaMmzsWMnT1bp4A7oDFxJuC7eSxeAfO9%2B1ZELIi9Fa9QQMWqQ1nrNZLry5vUarZCONXiQfriqIDxYxzQpA%2Bevbw5SHZxD%2BdLHNpkNHC%2FRSDFblApI%2B%2BBgoqbv%2BKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658a85620f66d6f5-FRA
tea.png
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/tea.png
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d41508966c75fb5d0fd5979206ecc6b15a16eed71f412d7488c41cdaba862d0

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/tea.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
63285
cf-request-id
0a6a71b1470000d6f5c0afb000000001
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
"f735-5c315e7ec5eda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xWyvbmm6PmwitnGRBwWQAEl3VIsDslTIFl0aM6g7G3I%2BTrXQ%2BhdVXM%2FQXBhKiALcd%2F1RM0Jz0VEdVYfI6fyqdkRRzDZTeyMmYBYIA97lhwdjR9SR3v0zaBxTlnFzKZN%2FzVr%2BRbNAeIrwscHQz8DikySQ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658a85620f4bd6f5-FRA
lander_lp
jupiter.chaneyeyecare.com/ 		0
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jupiter.chaneyeyecare.com/lander_lp?lp=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt@cpacanada.ca
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/lander_lp?lp=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt@cpacanada.ca
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=J8VlB52EfL0Ti%2BglyJbfq0Tf5dtEiX1t%2BavCT7bJRy6dJHMfM6rxGPq9J5QYdZij6N0di%2FzzEhsabkqPJwuAoam9ailMsDmsXbEec2vCmEnkQNVItl49cSgZtCwKbFkGdSSPgiv6OlXQmfvZi%2FfwlUhfSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
658a85620f52d6f5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6a71b1480000d6f5bc002000000001
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
wwd3hzfASUSPCO7Jlic8Znask6r80YjNkBEo2BnGhm5yruV0/gl5apByvtRrffCowZojK+oN2MVxLRS3cGhWPQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Tue, 01 Jun 2021 18:31:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
socila-icon.jpg
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/socila-icon.jpg
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd932caf17654372eced42cb8c249db0b05b64cf1fc120adc3474fe36d802cd7

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/socila-icon.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2147
cf-request-id
0a6a71b1510000d6f5bc003000000001
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
"863-5c315e7ec5322"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BvVbV%2FUoNFXyQAim1imrJjCOuihQFOotjmwoNd8Ay71xuXJoZCHjujKc%2BmaKMk%2FADWHxf%2Bi0PvL6bpPwwVt047jbkSRlyj1%2FdsMGO%2Fl0M7Du05t5jEe%2F3qYP5dYJeTK%2FM7xs0cKWQaGkFG1LTQG%2B3kw%2FFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
658a85620f7bd6f5-FRA
jquery.min.js
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/jquery.min.js
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
W/"1538e-5c315e7ec9972"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rEpq9G6DKxqnwJdieqT%2Feb2VA63T5PMGheWBvOHjrv0eqFonTnsaa5OAvt3c9%2B9wUtDS2ORKeNkON8636D8zFSdW0ai0bIw2Fy%2Fl3BsCUnVX27S0QvjP6tPVw9sJnfk7rJLQ7HB8xrPEMqFmYW5IWUwRFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
658a85620f77d6f5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6a71b14f0000d6f5cd953000000001
bootstrap.min.js
jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/bootstrap.min.js
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

:path
/allcustomfiles/CA-Castco-Multi-may21/bootstrap.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
jupiter.chaneyeyecare.com
referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:49 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 24 May 2021 16:28:56 GMT
server
cloudflare
etag
W/"90b5-5c315e7ec89d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EuM30Elw%2FKQxTerIllriBjv5nZUyP1pCyMaH6hxWYym4AW%2Bz2z3ubtlhnn%2Fhjk3DrjfmN2WykMj%2BoDmb4ZudWFUc%2BPlWhM61WJKUA77%2FUpPkQI9gp6r4wsmXQIbNEvuhnITliNoRCUxgQ3A0jaUQdRx9SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
658a85620f78d6f5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6a71b1500000d6f5c0afc000000001
108116128049603
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/108116128049603?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e74aabd938f43af9febfd1f4ceb8d78bd52b105b418b86c0efbf2af9f7db0f21
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
wyNB15obzNvQX0GHHkJzD5Tj4g7Uid6bY5EcsUdQ3IAQkvAm2m6Cdk952DO9VTahbZ7cJxmU+/ij8ww/2Nn+0A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 01 Jun 2021 18:31:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=108116128049603&ev=PageView&dl=https%3A%2F%2Fjupiter.chaneyeyecare.com%2FViad_3Q%3FH7k_Zt%3DZ31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD%2Fsrancourt%2540cpacanada.ca&rl=&if=false&ts=1622572308920&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622572308918.1549174413&it=1622572308827&coo=false&exp=l0&rqm=GET
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 01 Jun 2021 18:31:48 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=108116128049603&ev=Microdata&dl=https%3A%2F%2Fjupiter.chaneyeyecare.com%2FViad_3Q%3FH7k_Zt%3DZ31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD%2Fsrancourt%2540cpacanada.ca&rl=&if=false&ts=1622572310423&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Welcome%20to%20Costco%20Wholesale%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1622572308918.1549174413&it=1622572308827&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/Viad_3Q?H7k_Zt=Z31wlnBka2KclYN6xW1oaHZxYKCDomaYrGBhaZeizWtia2Rfpn1xkGhraIGD/srancourt%40cpacanada.ca
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 01 Jun 2021 18:31:50 GMT
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Requested by
Host: jupiter.chaneyeyecare.com
URL: https://jupiter.chaneyeyecare.com/allcustomfiles/CA-Castco-Multi-may21/customes.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 17:33:24 GMT
server
ESF
date
Tue, 01 Jun 2021 18:31:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 18:31:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jupiter.chaneyeyecare.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
35896
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jupiter.chaneyeyecare.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:15:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
602185
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 25 May 2022 19:15:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jupiter.chaneyeyecare.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
375502
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:28 GMT
wonderpush.min.js
cdn.by.wonderpush.com/sdk/1.1.29.3/ 		430 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1.29.3/wonderpush.min.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f32ab246f82e7d659782679cd607b25cb93980591d54c1a4d8366def165b916a

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
96486
x-cache
Hit from cloudfront
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
104435
cf-request-id
0a6a71b9ab00004a7aff275000000001
access-control-allow-origin
*
last-modified
Mon, 31 May 2021 15:43:25 GMT
server
cloudflare
etag
"c30ffbceec9f05f3b8747ac065d44525ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,stale-while-revalidate=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cf-ray
658a856f7af24a7a-FRA
x-amz-cf-id
3o8of9_0Xn81Vv2JTxPBnl8Foz_V9eXHn_r2eYhd6109ftplKMx1iw==
41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0
cdn.by.wonderpush.com/config/webkeys/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/config/webkeys/41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0?_=1622572311030
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.29.3/wonderpush.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be3a07b23b7832d5ca5a595b8a98352c69014c48ce653041ab17d04d491e2266

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3325
x-cache
Miss from cloudfront
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
685
cf-request-id
0a6a71ba0a0000dfe7e42a4000000001
access-control-allow-origin
*
last-modified
Fri, 30 Apr 2021 13:13:41 GMT
server
cloudflare
etag
"c5c4a84b1b3b7dd287c28e753c2671a0ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/json
via
1.1 9e9671d1669bd7a6c194fae423e5778d.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
cf-ray
658a85700b31dfe7-FRA
x-amz-cf-id
NZcrlPOYCNo0NlkAmMudb2JhMUSrI-uqbo3JXCmIPXIm3ePGwqs9xQ==
geojs.js
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.29.3/wonderpush.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3416320
x-cache
Hit from cloudfront
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1055
cf-request-id
0a6a71ba3300004a7a1d168000000001
access-control-allow-origin
*
last-modified
Mon, 22 Jun 2020 15:30:23 GMT
server
cloudflare
etag
"eade35070a4a96bcbeb77c55c1856e96ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,stale-while-revalidate=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cf-ray
658a85705cd84a7a-FRA
x-amz-cf-id
trassTY-BfLjjvufq5nfYFLbTwH6RDQgf_DpSP1gLBxgCnnMFZOgxA==
geo.json
get.geojs.io/v1/ip/ 		313 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8382f17fbfff4eff66194a12b81951bcbd2b723cb48d68a18802f6e209848e6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6a71ba6700004abc09a5d000000001
x-request-id
b6c5f1a28eabf9238c074ac552100769-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SGAF4451DVJm98LtZAwZo9RZgtCdUvgWL6s9purdGdcN7nNgXGbUjJZJyyK%2B3y%2B5jMjQeojH0QemKYjOfWw7cELEmLP09tIFErepxm6SzuWG%2FooTD%2BnFV6qBaNpoLCkrOD34ykg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
658a8570a8d74abc-FRA
events
measurements-api.wonderpush.com/v1/ 		94 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://measurements-api.wonderpush.com/v1/events
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.29.3/wonderpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
da51e8b15840e4b773c799c9d7df66f5194ef8249712dc7e5de549a0d76c2886

Request headers

Referer
https://jupiter.chaneyeyecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://jupiter.chaneyeyecare.com
x-cloud-trace-context
47366b166f47c04821a1b28f981326fd
access-control-allow-credentials
true
server
Google Frontend
date
Tue, 01 Jun 2021 18:31:51 GMT
content-length
94
content-type
application/json

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| fbq function| _fbq object| WonderPush function| partstep function| toSimpleJson function| $ function| jQuery function| startTimer object| d number| minutes number| hours string| ampm object| months object| days object| o object| two object| three object| four object| five number| srt

1 Cookies

Domain/Path Name / Value
.chaneyeyecare.com/ Name: _fbp
Value: fb.1.1622572308918.1549174413

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
connect.facebook.net
deliverytrack.dutchkrediet.com
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
jupiter.chaneyeyecare.com
measurements-api.wonderpush.com
www.facebook.com
2001:4860:4802:34::15
2606:4700:20::681a:164
2606:4700:3035::6815:59dc
2606:4700:3035::ac43:a59c
2606:4700::6810:135e
2606:4700::6812:13b7
2a00:1450:4001:809::2003
2a00:1450:4001:831::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0109abde5a63dc45944e976c697cef36241df025a346c1e73ad2a0389b1048e7
0988f9616d0ca1cfca72b2318e916357f9c36b296fa1d6d1ce02f7de77ab4d04
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16127e1b43f12687b4c99e93ac959c53d5b3ab50eae4920e271884ff1d75680b
2d41508966c75fb5d0fd5979206ecc6b15a16eed71f412d7488c41cdaba862d0
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
681d7c9c85d4c4bae745eb48dda1743c0325356a65bacf785061025bff3aa27d
8382f17fbfff4eff66194a12b81951bcbd2b723cb48d68a18802f6e209848e6a
871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1
8f81270022ed41c071e78510a52e324e9ce2899942da71dc39bb1c5f5f5a40d0
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a386216b090cb677c68edf5545044841dc370549d734c9ce6cdc00416a7dfb1c
a84db16143b24edb82e23e5a0273e7b7a56555803a81909396738cf990f4ca43
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
be118bc8706bf8488706d3b4400c7aa8b890dd22b2193f94d68ab13b2f2f2283
be3a07b23b7832d5ca5a595b8a98352c69014c48ce653041ab17d04d491e2266
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd932caf17654372eced42cb8c249db0b05b64cf1fc120adc3474fe36d802cd7
da51e8b15840e4b773c799c9d7df66f5194ef8249712dc7e5de549a0d76c2886
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74aabd938f43af9febfd1f4ceb8d78bd52b105b418b86c0efbf2af9f7db0f21
f32ab246f82e7d659782679cd607b25cb93980591d54c1a4d8366def165b916a
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c