urlscan.io logo urlscan.io
SecurityTrails logo

encanpro.ca Open in urlscan Pro
51.222.248.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://connexionculture.encanpro.ca/
Effective URL: https://encanpro.ca/encans/connexionculture
Submission: On September 21 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 30 HTTP transactions. The main IP is 51.222.248.97, located in Canada and belongs to OVH, FR. The main domain is encanpro.ca.
TLS certificate: Issued by R10 on September 9th 2024. Valid for: 3 months.
This is the only time encanpro.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
14 51.222.248.97 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 157.240.241.1 32934 (FACEBOOK)
5 142.250.81.227 15169 (GOOGLE)
1 151.101.192.176 54113 (FASTLY)
2 20.150.16.132 8075 (MICROSOFT...)
1 3.212.38.164 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
30 10
1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
connexionculture.encanpro.ca
14    51.222.248.97 (Canada)

ASN16276 (OVH, FR)
PTR: ns5007728.ip-51-222-248.net
encanpro.ca
api.encanpro.ca
1    2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
5    142.250.81.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f3.1e100.net
fonts.gstatic.com
1    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    20.150.16.132 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
encanstorageproduction.blob.core.windows.net
1    3.212.38.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-38-164.compute-1.amazonaws.com
via.placeholder.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
15 encanpro.ca
connexionculture.encanpro.ca
encanpro.ca
api.encanpro.ca
948 KB
5 gstatic.com
fonts.gstatic.com
106 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
3 KB
2 windows.net
encanstorageproduction.blob.core.windows.net
34 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
72 KB
1 placeholder.com
via.placeholder.com — Cisco Umbrella Rank: 36501
6 KB
1 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1083
159 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1325
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
2 KB
0 polyfill.io Failed
cdn.polyfill.io Failed
30 10
Domain Requested by
7 api.encanpro.ca encanpro.ca
7 encanpro.ca encanpro.ca
5 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com encanpro.ca
2 encanstorageproduction.blob.core.windows.net encanpro.ca
2 connect.facebook.net encanpro.ca
connect.facebook.net
1 via.placeholder.com encanpro.ca
1 js.stripe.com encanpro.ca
1 use.fontawesome.com encanpro.ca
1 fonts.googleapis.com encanpro.ca
1 connexionculture.encanpro.ca 1 redirects
0 cdn.polyfill.io Failed encanpro.ca
30 12
Subject Issuer Validity Valid
encanpro.ca
R10		 2024-09-09 -
2024-12-08		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
use.fontawesome.com
WE1		 2024-09-09 -
2024-12-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-30 -
2024-09-28		 3 months crt.sh
api.encanpro.ca
R10		 2024-09-14 -
2024-12-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-17 -
2025-06-12		 a year crt.sh
placeholder.com
Amazon RSA 2048 M02		 2023-12-26 -
2025-01-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://encanpro.ca/encans/connexionculture
Frame ID: E4E78206732ED91FA6540D746D294BC7
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Encan Signature Pro

Page URL History Show full URLs

  1. https://connexionculture.encanpro.ca/ HTTP 301
    http://encanpro.ca/encans/connexionculture HTTP 307
    https://encanpro.ca/encans/connexionculture Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

30
Requests

97 %
HTTPS

30 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

1339 kB
Transfer

3951 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://connexionculture.encanpro.ca/ HTTP 301
    http://encanpro.ca/encans/connexionculture HTTP 307
    https://encanpro.ca/encans/connexionculture Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request connexionculture
encanpro.ca/encans/
Redirect Chain
  • https://connexionculture.encanpro.ca/
  • http://encanpro.ca/encans/connexionculture
  • https://encanpro.ca/encans/connexionculture
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4581bea2ebc8d0ffb4181d35cb23ef2ec8cba5034fcc48b0ca0d1966f7e54d7b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1616
content-type
text/html
date
Sat, 21 Sep 2024 02:21:21 GMT
etag
"0c35f1414db1:0"
last-modified
Wed, 11 Sep 2024 11:51:58 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

Location
https://encanpro.ca/encans/connexionculture
Non-Authoritative-Reason
HttpsUpgrades
polyfill.min.js
cdn.polyfill.io/v2/ 		0
0
css
fonts.googleapis.com/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2eff287a232d3b9bc11278891053a18d4b3f6e32e930a0b0b7b15781418b008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 21 Sep 2024 02:21:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 21 Sep 2024 02:21:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
age
1073742
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=baN2ynMcKuhGi193zB0f%2FGeoBO53cOxKc7DOkitXqWREK%2BRLfcqtG5D5YrLHY0vjwiH1fRqHYiZZ9fiK%2FzpXuUcqpW1H0GrUPRnXc6KfUdZW%2BK6m9cnCZBbfdoaaAQSOdmAdNoSvqFiWZKdSfKaP590L"}],"group":"cf-nel","max_age":604800}
cf-ray
8c6694d1eb4f7114-YYZ
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
vary
Accept-Encoding
server
cloudflare
2.3375da06.chunk.css
encanpro.ca/static/css/ 		79 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://encanpro.ca/static/css/2.3375da06.chunk.css
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
01647cfe58c254d3c016e4799895d34e0bfcf1e6742cbbe585911b94f521a386

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/encans/connexionculture

Response headers

content-encoding
gzip
etag
"0c35f1414db1:0"
accept-ranges
bytes
content-length
33674
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
text/css
last-modified
Wed, 11 Sep 2024 11:51:58 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
main.aed05b97.chunk.css
encanpro.ca/static/css/ 		51 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://encanpro.ca/static/css/main.aed05b97.chunk.css
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4560caa7e15c05a12e4d7c243e9ff6efa620adf12194fa9f230502dbe03f610f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/encans/connexionculture

Response headers

content-encoding
gzip
etag
"0c35f1414db1:0"
accept-ranges
bytes
content-length
10414
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
text/css
last-modified
Wed, 11 Sep 2024 11:51:58 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
2.09f97ee4.chunk.js
encanpro.ca/static/js/ 		2 MB
425 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://encanpro.ca/static/js/2.09f97ee4.chunk.js
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
59bc17f32713311830aec2bfe8107d9bb089a22267d59eaa50baa986153d9d29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/encans/connexionculture

Response headers

content-encoding
gzip
etag
"0c35f1414db1:0"
accept-ranges
bytes
content-length
435168
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 11:51:58 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
main.0d20f765.chunk.js
encanpro.ca/static/js/ 		797 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://encanpro.ca/static/js/main.0d20f765.chunk.js
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
70ac6115f1d72ec99bafe87a08b0e63d590f9170fb15cf7ffa215692636d5cfc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/encans/connexionculture

Response headers

content-encoding
gzip
etag
"0c35f1414db1:0"
accept-ranges
bytes
content-length
170599
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 11:51:58 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4452, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
RLek/aqfFycPYexhuenVzCmiwmQ03/BDLmCojXhH6GQcZ8D9trAXssXvI1S2cfd7pmW18c07zBimHDrr4fXQcw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
origin-agent-cluster
?0
negotiate
api.encanpro.ca/api/BidNotificationHub/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.encanpro.ca/api/BidNotificationHub/negotiate?negotiateVersion=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with,x-signalr-user-agent
Access-Control-Request-Method
POST
Origin
https://encanpro.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with,x-signalr-user-agent
access-control-allow-methods
POST
access-control-allow-origin
https://encanpro.ca
date
Sat, 21 Sep 2024 02:21:21 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
vary
Origin
x-powered-by
ASP.NET
negotiate
api.encanpro.ca/api/BidNotificationHub/ 		316 B
487 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.encanpro.ca/api/BidNotificationHub/negotiate?negotiateVersion=1
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/static/js/2.09f97ee4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7694b6c89b7c982498d2d8665a79078a7f055e4a24059acf54cbb1ca3181ee17
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://encanpro.ca/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-SignalR-User-Agent
Microsoft SignalR/5.0 (5.0.17; Unknown OS; Browser; Unknown Runtime Version)

Response headers

strict-transport-security
max-age=2592000
access-control-allow-credentials
true
access-control-allow-origin
https://encanpro.ca
content-length
316
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
application/json
vary
Origin
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://encanpro.ca
Referer
https://fonts.googleapis.com/

Response headers

age
210046
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:00:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:00:36 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://encanpro.ca
Referer
https://fonts.googleapis.com/

Response headers

age
209581
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:08:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:08:21 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://encanpro.ca
Referer
https://fonts.googleapis.com/

Response headers

age
207086
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:49:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:49:56 GMT
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
34328
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://encanpro.ca
Referer
https://fonts.googleapis.com/

Response headers

age
209249
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:13:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:13:53 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://encanpro.ca
Referer
https://fonts.googleapis.com/

Response headers

age
210073
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:00:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:00:09 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
1
api.encanpro.ca/api/dropdowns/stripeinformations/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.encanpro.ca/api/dropdowns/stripeinformations/1
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/static/js/2.09f97ee4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
57841c9edf5988d17041c17e982f74bae1aaef0a05aaec62001326fe6d0381ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://encanpro.ca/
Accept-Language
fr
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
access-control-allow-credentials
true
access-control-allow-origin
https://encanpro.ca
content-length
7266
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
client-synchronization-time
api.encanpro.ca/api/account/ 		33 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.encanpro.ca/api/account/client-synchronization-time
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/static/js/2.09f97ee4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d14cf2867a6bcfce7d35709f82ca886c7c75ad86b9752d187da594d6466b4939
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://encanpro.ca/
Accept-Language
fr
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
access-control-allow-credentials
true
access-control-allow-origin
https://encanpro.ca
content-length
33
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
auction-lot-items
api.encanpro.ca/api/ 		12 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.encanpro.ca/api/auction-lot-items?currentPage=1&pageSize=6&sorts[0].asc=true&sorts[0].column=status%20==%203&sorts[1].asc=false&sorts[1].column=allowsTimeExtension&sorts[2].asc=true&sorts[2].column=dateCompleted%20==%20NULL%20?%201%20:%200&sorts[3].asc=true&sorts[3].column=dateCompleted&sorts[4].asc=false&sorts[4].column=status%20==%209&sorts[5].asc=false&sorts[5].column=isFavorite&sorts[6].asc=true&sorts[6].column=lotNumber&urlMagicLink=connexionculture
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/static/js/2.09f97ee4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
648937be9a3a3f46784197adec183beed20d4ca42e4e8043f1e2fd72f52a983d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://encanpro.ca/
Accept-Language
fr
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
access-control-allow-credentials
true
access-control-allow-origin
https://encanpro.ca
content-length
11811
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
url-magic-link
api.encanpro.ca/api/auctions/ 		35 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.encanpro.ca/api/auctions/url-magic-link?urlMagicLink=connexionculture
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/static/js/2.09f97ee4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6e6561ea9d97f1cd7781d89b0f2c101554b79fedaf6b70ba34b1416588820661
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://encanpro.ca/
Accept-Language
fr
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
access-control-allow-credentials
true
access-control-allow-origin
https://encanpro.ca
content-length
35496
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
url-magic-link
api.encanpro.ca/api/auctions/organization-teams/ 		2 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.encanpro.ca/api/auctions/organization-teams/url-magic-link?urlMagicLink=connexionculture
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/static/js/2.09f97ee4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://encanpro.ca/
Accept-Language
fr
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
access-control-allow-credentials
true
access-control-allow-origin
https://encanpro.ca
content-length
2
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
v3
js.stripe.com/ 		658 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/static/js/2.09f97ee4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
58c953b40f55425f3694c061cb6565c73e4255bb0bed34d99abe3297d44db9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

x-request-id
a2333faa-bc55-4421-88bc-0477ce323407
content-encoding
br
etag
"90aee667f4d69902b9029eec81aab67b"
age
37
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 21 Sep 2024 02:21:22 GMT
last-modified
Fri, 20 Sep 2024 20:30:18 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-yul1970024-YUL
x-cache-hits
2070
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
162449
server
Fastly
e6a2e16f-5a73-4168-8fba-2b7eed818764.jpg
encanstorageproduction.blob.core.windows.net/auctionfooterphoto/1651/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encanstorageproduction.blob.core.windows.net/auctionfooterphoto/1651/e6a2e16f-5a73-4168-8fba-2b7eed818764.jpg
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.16.132 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ec3d4ad3dd6bf18fc59ef40ad8ef0b818a28e33df7a22c2195dcae760dddf9b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

Content-MD5
7Gt3KD1Cl5i4jf5ugpgbCA==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DCD65CACDE7D96
x-ms-request-id
5048d9ef-201e-0080-12cc-0b6e84000000
Content-Length
8818
Date
Sat, 21 Sep 2024 02:21:22 GMT
Content-Type
image/png
Last-Modified
Mon, 16 Sep 2024 14:34:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
noir_fr.png
encanpro.ca/assets/img/PoweredBySP/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encanpro.ca/assets/img/PoweredBySP/noir_fr.png
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eb649296bbd9b90e024c59cd6c8d94b6ffc818f422d9bba20bbae9592d93d2d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/encans/connexionculture

Response headers

etag
"4e71f5c1abb1d81:0"
accept-ranges
bytes
content-length
261438
date
Sat, 21 Sep 2024 02:21:21 GMT
content-type
image/png
last-modified
Tue, 16 Aug 2022 20:07:05 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
0409e96b-a5d0-4211-977f-04f396eac225.jpeg
encanstorageproduction.blob.core.windows.net/auctionsphoto/1651/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encanstorageproduction.blob.core.windows.net/auctionsphoto/1651/0409e96b-a5d0-4211-977f-04f396eac225.jpeg
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.16.132 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c199b4904cca417fb0d9053aea2bad750421fb75732f5fc98fbfe8ee4b0e9978

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

Content-MD5
jy8EIhF6wLLsqsswkgbCeg==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DCD8DEA170E1CA
x-ms-request-id
5fd85ba8-501e-001c-78cc-0bc3e2000000
Content-Length
24853
Date
Sat, 21 Sep 2024 02:21:22 GMT
Content-Type
image/png
Last-Modified
Thu, 19 Sep 2024 19:09:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
329153598787873
connect.facebook.net/signals/config/ 		75 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/329153598787873?v=2.9.167&r=stable&domain=encanpro.ca&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
10af70669efb94a286b6c913cb7e7c9538279419ec329fa7c91a375d1f739dcd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 21 Sep 2024 02:21:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=74, mss=1232, tbw=67124, tp=62, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
CBvHG0xsb9Zjcd5nXKEoBbeJj3NFt+9adxw+WO/SaByiXpASELWojKwRo79VhDlK4HG06sDPBPxXf0QXu7jMDw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
content-length
14967
x-xss-protection
0
500x500.jpg
via.placeholder.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://via.placeholder.com/500x500.jpg
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.38.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-38-164.compute-1.amazonaws.com
Software
Werkzeug/2.2.2 Python/3.9.16 /
Resource Hash
c20f1a668e2904f2c2b43fd830400dae68b47f1ad2b273799647a616ab6e7cec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

cache-control
public, max-age=31557600
content-length
6218
date
Sat, 21 Sep 2024 02:21:22 GMT
content-type
image/jpeg
server
Werkzeug/2.2.2 Python/3.9.16
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=329153598787873&ev=PageView&dl=https%3A%2F%2Fencanpro.ca%2Fencans%2Fconnexionculture&rl=&if=false&ts=1726885282702&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726885282694.598387613344377064&cs_est=true&ler=empty&cdl=API_unavailable&it=1726885282451&coo=false&rqm=GET
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 21 Sep 2024 02:21:22 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=329153598787873&ev=PageView&dl=https%3A%2F%2Fencanpro.ca%2Fencans%2Fconnexionculture&rl=&if=false&ts=1726885282702&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726885282694.598387613344377064&cs_est=true&ler=empty&cdl=API_unavailable&it=1726885282451&coo=false&rqm=FGET
Requested by
Host: encanpro.ca
URL: https://encanpro.ca/encans/connexionculture
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416915811534162349"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 21 Sep 2024 02:21:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
f5favEmqSj4L0jYtXkus58YPWKPu1kjGO6VBeYnWCJaJjcBi8p8zkKftcNNeXFiiFE0PQ6jgyycbe7wO8c4K1w==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416915811534162349", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=15, mss=1297, tbw=3118, tp=-1, tpl=-1, uplat=92, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
favicon.ico
encanpro.ca/ 		811 B
922 B 		Other
General
Check archive.org
Download Go to
Full URL
https://encanpro.ca/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.222.248.97 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5007728.ip-51-222-248.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
656db4f6436e325bb783bdcdc98e34679dbd197ac242f6a3a4395241631607c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://encanpro.ca/encans/connexionculture

Response headers

etag
"1d28d64d424db1:0"
accept-ranges
bytes
content-length
811
date
Sat, 21 Sep 2024 02:21:22 GMT
content-type
image/x-icon
last-modified
Wed, 11 Sep 2024 12:01:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.polyfill.io
URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=default,Array.prototype.includes,es6

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq object| webpackJsonpencan.clientapp object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| Payment object| webpackChunkStripeJSouter function| noop function| Stripe

1 Cookies

Domain/Path Name / Value
.encanpro.ca/ Name: _fbp
Value: fb.1.1726885282694.598387613344377064

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.polyfill.io/v2/polyfill.min.js?features=default,Array.prototype.includes,es6
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.encanpro.ca
cdn.polyfill.io
connect.facebook.net
connexionculture.encanpro.ca
encanpro.ca
encanstorageproduction.blob.core.windows.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
use.fontawesome.com
via.placeholder.com
www.facebook.com
cdn.polyfill.io
142.250.81.227
151.101.192.176
157.240.241.1
20.150.16.132
2606:4700:3037::ac43:8ef5
2607:f8b0:4006:80e::200a
2a03:2880:f112:182:face:b00c:0:25de
3.212.38.164
3.33.251.168
51.222.248.97
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
01647cfe58c254d3c016e4799895d34e0bfcf1e6742cbbe585911b94f521a386
10af70669efb94a286b6c913cb7e7c9538279419ec329fa7c91a375d1f739dcd
4560caa7e15c05a12e4d7c243e9ff6efa620adf12194fa9f230502dbe03f610f
4581bea2ebc8d0ffb4181d35cb23ef2ec8cba5034fcc48b0ca0d1966f7e54d7b
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
57841c9edf5988d17041c17e982f74bae1aaef0a05aaec62001326fe6d0381ae
58c953b40f55425f3694c061cb6565c73e4255bb0bed34d99abe3297d44db9a1
59bc17f32713311830aec2bfe8107d9bb089a22267d59eaa50baa986153d9d29
648937be9a3a3f46784197adec183beed20d4ca42e4e8043f1e2fd72f52a983d
656db4f6436e325bb783bdcdc98e34679dbd197ac242f6a3a4395241631607c7
6e6561ea9d97f1cd7781d89b0f2c101554b79fedaf6b70ba34b1416588820661
70ac6115f1d72ec99bafe87a08b0e63d590f9170fb15cf7ffa215692636d5cfc
7694b6c89b7c982498d2d8665a79078a7f055e4a24059acf54cbb1ca3181ee17
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b2eff287a232d3b9bc11278891053a18d4b3f6e32e930a0b0b7b15781418b008
c199b4904cca417fb0d9053aea2bad750421fb75732f5fc98fbfe8ee4b0e9978
c20f1a668e2904f2c2b43fd830400dae68b47f1ad2b273799647a616ab6e7cec
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d14cf2867a6bcfce7d35709f82ca886c7c75ad86b9752d187da594d6466b4939
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb649296bbd9b90e024c59cd6c8d94b6ffc818f422d9bba20bbae9592d93d2d6
ec3d4ad3dd6bf18fc59ef40ad8ef0b818a28e33df7a22c2195dcae760dddf9b6