themooseandbannock.ca Open in urlscan Pro
50.63.8.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://site1623341372.mywhc.ca/
Effective URL:
https://themooseandbannock.ca/
Submission: On November 21 via api (November 21st 2024, 9:45:12 am UTC) from US — Scanned from CA

Summary HTTP 26 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 50.63.8.91, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is themooseandbannock.ca.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 20th 2024. Valid for: a year.

This is the only time themooseandbannock.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	167.114.6.96 167.114.6.96		16276 (OVH OVH SAS) (OVH OVH SAS)
23	50.63.8.91 50.63.8.91		398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200a		15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003		15169 (GOOGLE) (GOOGLE)
26	3

1 167.114.6.96 (Montreal, Canada) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: bishop.whc.ca

site1623341372.mywhc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 50.63.8.91 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 91.8.63.50.host.secureserver.net

themooseandbannock.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	themooseandbannock.ca themooseandbannock.ca	813 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	mywhc.ca 1 redirects site1623341372.mywhc.ca	300 B
26	4

	Domain	Requested by
23	themooseandbannock.ca	themooseandbannock.ca
2	fonts.googleapis.com	themooseandbannock.ca
1	fonts.gstatic.com	fonts.googleapis.com
1	site1623341372.mywhc.ca	1 redirects
26	4

This site contains no links.

Subject Issuer	Validity	Valid
themooseandbannock.ca Sectigo RSA Domain Validation Secure Server CA	`2024-04-20` - `2025-05-19`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://themooseandbannock.ca/
Frame ID: B928772826D3E5F6907D7CA7379D0151
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Moose and Bannock - Bannock Burgers and Quality Indigenous Cuisines

Page URL History Show full URLs

https://site1623341372.mywhc.ca/ HTTP 301
https://themooseandbannock.ca/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

830 kB
Transfer

1290 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://site1623341372.mywhc.ca/ HTTP 301
https://themooseandbannock.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
themooseandbannock.ca/
Redirect Chain

https://site1623341372.mywhc.ca/
https://themooseandbannock.ca/

3 KB
1 KB

663ms
359ms

Document
text/html

50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 579c8a4aa89c8ac7e032a56a84a4d442551221a7ccbcc4c832cf522b64f8f027

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 1081
content-type: text/html
date: Thu, 21 Nov 2024 09:45:05 GMT
etag: "e33bfac033a3d91:0"
last-modified: Tue, 20 Jun 2023 04:57:46 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Nov 2024 09:45:05 GMT
location: https://themooseandbannock.ca/
server: LiteSpeed
x-litespeed-cache: miss
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 bootstrap.min.css
themooseandbannock.ca/assets/css/ 160 KB
44 KB 281ms
281ms Stylesheet
text/css 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/css/bootstrap.min.css
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c9d55b8e169e72ebc5b84dd83b94199f42b72d4546ddecf84844913d0cb5e8e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "14dfacec65a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 44713
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: text/css
last-modified: Mon, 19 Jun 2023 04:24:23 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 owl.carousel.min.css
themooseandbannock.ca/assets/css/ 3 KB
1 KB 281ms
281ms Stylesheet
text/css 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/css/owl.carousel.min.css
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aa7e59e6ec8871088cfeb47bac59a6475c815357deef042c61a5c3c965390546

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "f84a10f065a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 1271
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: text/css
last-modified: Mon, 19 Jun 2023 04:24:28 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 owl.theme.default.min.css
themooseandbannock.ca/assets/css/ 1013 B
653 B 206ms
206ms Stylesheet
text/css 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/css/owl.theme.default.min.css
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "6d533bf065a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 564
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: text/css
last-modified: Mon, 19 Jun 2023 04:24:28 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery.fancybox.min.css
themooseandbannock.ca/assets/css/ 12 KB
5 KB 213ms
212ms Stylesheet
text/css 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/css/jquery.fancybox.min.css
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "2732feee65a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 4753
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: text/css
last-modified: Mon, 19 Jun 2023 04:24:26 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 fontawesome.min.css
themooseandbannock.ca/assets/css/ 122 KB
35 KB 461ms
461ms Stylesheet
text/css 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/css/fontawesome.min.css
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e5ace00a6386b3935dd4615c0c5245000abd15e269e1b8e7e0270ccc625e607d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "5f3357ee65a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 35827
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: text/css
last-modified: Mon, 19 Jun 2023 04:24:25 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 style.css
themooseandbannock.ca/assets/css/ 84 KB
28 KB 400ms
399ms Stylesheet
text/css 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/css/style.css
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ba60c44e208fe3ac7f0a3a1a314f11962e96aff01be504dcf3afa1d1a617bc8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "c6dd4af265a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 28595
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: text/css
last-modified: Mon, 19 Jun 2023 04:24:32 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 responsive.css
themooseandbannock.ca/assets/css/ 33 KB
11 KB 528ms
527ms Stylesheet
text/css 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/css/responsive.css
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 84f24ce7ff65c94d424d44741cc01ec32c168014aab12c253e5c6d0de09e1221

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "f9d2a3f165a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 11636
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: text/css
last-modified: Mon, 19 Jun 2023 04:24:31 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 color.css
themooseandbannock.ca/assets/css/ 3 KB
1 KB 529ms
528ms Stylesheet
text/css 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/css/color.css
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2f9c91f15fb59e759b3b76f02c2cf879a060b9b1a0c7cab9952ec2d92ee611f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "d82a72ed65a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 1265
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: text/css
last-modified: Mon, 19 Jun 2023 04:24:24 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery-3.6.0.min.js Show response
themooseandbannock.ca/assets/js/ 87 KB
43 KB 529ms
528ms Script
application/javascript 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/js/jquery-3.6.0.min.js
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "d399622466a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 44177
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Jun 2023 04:25:56 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 preloader.js Show response
themooseandbannock.ca/assets/js/ 125 B
226 B 216ms
215ms Script
application/javascript 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/js/preloader.js
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 51fe5a673e56ebad528ebf4adb04decd6c1eabc0571b050653951c68b91dc275

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "c59e22566a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 129
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Jun 2023 04:25:59 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 logo1.png
themooseandbannock.ca/assets/img/ 94 KB
95 KB 649ms
649ms Image
image/png 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themooseandbannock.ca/assets/img/logo1.png
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9b343ccad64cf0d988e5d65b789d10149be18daa9b74846e3decca6f4da0a29a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

etag: "c210d1a66a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 96744
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: image/png
last-modified: Mon, 19 Jun 2023 04:25:39 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 land-welcome.png
themooseandbannock.ca/assets/img/ 78 KB
78 KB 337ms
336ms Image
image/png 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themooseandbannock.ca/assets/img/land-welcome.png
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 72b639ce150b8f919efae1def0314cd4ea4f83ebaca4a42e47d7c14c9bea7c95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

etag: "8d8bc81366a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 80171
date: Thu, 21 Nov 2024 09:45:05 GMT
content-type: image/png
last-modified: Mon, 19 Jun 2023 04:25:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 land-regina.png
themooseandbannock.ca/assets/img/ 35 KB
35 KB 241ms
238ms Image
image/png 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themooseandbannock.ca/assets/img/land-regina.png
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e63775d4b517114bc72cb08c62a6112edfed09470e93fe192d043a673f25498b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

etag: "976bc1266a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 35914
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: image/png
last-modified: Mon, 19 Jun 2023 04:25:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 land-yorkton.png
themooseandbannock.ca/assets/img/ 47 KB
47 KB 118ms
115ms Image
image/png 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themooseandbannock.ca/assets/img/land-yorkton.png
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e5c453832a49d1d1bf2ce16a8f16fbe4db8806048250b74cfa9b1fdebc3a6aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

etag: "7d3a401566a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 47689
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: image/png
last-modified: Mon, 19 Jun 2023 04:25:31 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bootstrap.min.js Show response
themooseandbannock.ca/assets/js/ 58 KB
26 KB 365ms
362ms Script
application/javascript 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/js/bootstrap.min.js
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "f24ec22266a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 26803
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: application/javascript
last-modified: Mon, 19 Jun 2023 04:25:53 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 owl.carousel.min.js Show response
themooseandbannock.ca/assets/js/ 43 KB
18 KB 426ms
423ms Script
application/javascript 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/js/owl.carousel.min.js
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "5a5e2666a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 18177
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: application/javascript
last-modified: Mon, 19 Jun 2023 04:25:59 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery.fancybox.min.js Show response
themooseandbannock.ca/assets/js/ 67 KB
31 KB 301ms
299ms Script
application/javascript 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/js/jquery.fancybox.min.js
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "86c28e2466a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 32161
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: application/javascript
last-modified: Mon, 19 Jun 2023 04:25:56 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 custom.js Show response
themooseandbannock.ca/assets/js/ 9 KB
3 KB 105ms
103ms Script
application/javascript 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/js/custom.js
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f3f2a49ca877ce7b2b5f08190b3b8d1a47c9a0289037f1adcb9cc4ad5aeb11d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "a79ae2366a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 3391
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: application/javascript
last-modified: Mon, 19 Jun 2023 04:25:54 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 contact.js Show response
themooseandbannock.ca/assets/js/ 2 KB
672 B 179ms
177ms Script
application/javascript 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/js/contact.js
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3919a4b92e890c5f60fd487e4c4c06411f0208ea9dccaa617f4df77f3a093eb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "4ed4f52166a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 590
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: application/javascript
last-modified: Mon, 19 Jun 2023 04:25:52 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 sweetalert.min.js Show response
themooseandbannock.ca/assets/js/ 40 KB
17 KB 471ms
469ms Script
application/javascript 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/js/sweetalert.min.js
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: br
etag: "609d192766a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 16886
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: application/javascript
last-modified: Mon, 19 Jun 2023 04:26:01 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 css2
fonts.googleapis.com/ 394 B
754 B 208ms
75ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fredoka+One&display=swap

Requested by

Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/assets/css/style.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05328312c0d4b97a14937348e23f6853bda2eddfaa57a94831a551e33908b0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 09:45:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 09:18:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
572 B 208ms
75ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Epilogue:wght@400;500&display=swap

Requested by

Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/assets/css/style.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be7eb961985d12793b6d65fb1d2cd8692708a1751449d6f585c94fd1c428caaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 09:45:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 09:45:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bg-landing.jpg
themooseandbannock.ca/assets/img/ 287 KB
288 KB 482ms
482ms Image
image/jpeg 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themooseandbannock.ca/assets/img/bg-landing.jpg
Requested by: Host: themooseandbannock.ca
URL: https://themooseandbannock.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4cbddba0d2b8f20fdf930e259056988803116d01f2ccc72a47d3b6445747a947

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

etag: "8e7fd0a66a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 294309
date: Thu, 21 Nov 2024 09:45:06 GMT
content-type: image/jpeg
last-modified: Mon, 19 Jun 2023 04:25:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
fonts.gstatic.com/s/fredokaone/v14/ 15 KB
15 KB 167ms
39ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fredoka+One&display=swap

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://themooseandbannock.ca
Referer: https://fonts.googleapis.com/

Response headers

age: 567637
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 20:04:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 20:04:29 GMT
last-modified: Mon, 20 Mar 2023 20:35:18 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15596
x-xss-protection: 0
server: sffe

GET
H2 200 logo-icon.png
themooseandbannock.ca/assets/img/ 3 KB
3 KB 95ms
94ms Other
image/png 50.63.8.91
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://themooseandbannock.ca/assets/img/logo-icon.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.8.91 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 91.8.63.50.host.secureserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 038ffb60e4b483135e0a975f87944e0b7974e5ee58d2d5e196aec1f226b17a30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://themooseandbannock.ca/

Response headers

etag: "daf28d1466a2d91:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
content-length: 2955
date: Thu, 21 Nov 2024 09:45:07 GMT
content-type: image/png
last-modified: Mon, 19 Jun 2023 04:25:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap function| setImmediate function| clearImmediate function| swal function| sweetAlert

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
site1623341372.mywhc.ca
themooseandbannock.ca
167.114.6.96
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::200a
50.63.8.91
038ffb60e4b483135e0a975f87944e0b7974e5ee58d2d5e196aec1f226b17a30
05328312c0d4b97a14937348e23f6853bda2eddfaa57a94831a551e33908b0a0
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
3919a4b92e890c5f60fd487e4c4c06411f0208ea9dccaa617f4df77f3a093eb8
4cbddba0d2b8f20fdf930e259056988803116d01f2ccc72a47d3b6445747a947
4e5c453832a49d1d1bf2ce16a8f16fbe4db8806048250b74cfa9b1fdebc3a6aa
51fe5a673e56ebad528ebf4adb04decd6c1eabc0571b050653951c68b91dc275
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
579c8a4aa89c8ac7e032a56a84a4d442551221a7ccbcc4c832cf522b64f8f027
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
72b639ce150b8f919efae1def0314cd4ea4f83ebaca4a42e47d7c14c9bea7c95
84f24ce7ff65c94d424d44741cc01ec32c168014aab12c253e5c6d0de09e1221
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9b343ccad64cf0d988e5d65b789d10149be18daa9b74846e3decca6f4da0a29a
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
aa7e59e6ec8871088cfeb47bac59a6475c815357deef042c61a5c3c965390546
b2f9c91f15fb59e759b3b76f02c2cf879a060b9b1a0c7cab9952ec2d92ee611f
ba60c44e208fe3ac7f0a3a1a314f11962e96aff01be504dcf3afa1d1a617bc8b
be7eb961985d12793b6d65fb1d2cd8692708a1751449d6f585c94fd1c428caaf
c9d55b8e169e72ebc5b84dd83b94199f42b72d4546ddecf84844913d0cb5e8e7
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
e5ace00a6386b3935dd4615c0c5245000abd15e269e1b8e7e0270ccc625e607d
e63775d4b517114bc72cb08c62a6112edfed09470e93fe192d043a673f25498b
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
f3f2a49ca877ce7b2b5f08190b3b8d1a47c9a0289037f1adcb9cc4ad5aeb11d1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e