urlscan.io logo urlscan.io
SecurityTrails logo

one.bidpal.net Open in urlscan Pro
35.169.230.239  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r20.rs6.net/tn.jsp?f=0018HdMvKaagsnTjn66I6T6IhcIrdhzBBkhyCQlCCwgepjbVouXnem8k-toJKXVQ5XAsJYTDJYz4iXlA3VVozOl...
Effective URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Submission: On January 19 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 22 HTTP transactions. The main IP is 35.169.230.239, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is one.bidpal.net. The Cisco Umbrella rank of the primary domain is 316144.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 17th 2023. Valid for: a year.
This is the only time one.bidpal.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 208.75.122.11 40444 (ASN-CC)
14 35.169.230.239 14618 (AMAZON-AES)
1 151.101.1.26 54113 (FASTLY)
2 31.13.66.19 32934 (FACEBOOK)
1 172.253.63.100 15169 (GOOGLE)
1 142.251.163.97 15169 (GOOGLE)
2 52.0.165.195 14618 (AMAZON-AES)
1 54.210.168.233 14618 (AMAZON-AES)
22 7
1    208.75.122.11 (United States)

ASN40444 (ASN-CC, US)
PTR: rs6.net
r20.rs6.net
14    35.169.230.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-230-239.compute-1.amazonaws.com
one.bidpal.net
1    151.101.1.26 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
1    172.253.63.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f100.1e100.net
apis.google.com
1    142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net
www.googletagmanager.com
2    52.0.165.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-165-195.compute-1.amazonaws.com
my.bidpal.net
1    54.210.168.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-168-233.compute-1.amazonaws.com
api11.bidpal.net
Apex Domain
Subdomains		 Transfer
17 bidpal.net
one.bidpal.net — Cisco Umbrella Rank: 316144
my.bidpal.net — Cisco Umbrella Rank: 307079
api11.bidpal.net — Cisco Umbrella Rank: 257139
863 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
52 KB
1 google.com
apis.google.com — Cisco Umbrella Rank: 106
22 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2677
617 B
1 rs6.net
r20.rs6.net — Cisco Umbrella Rank: 7448
376 B
22 6
Domain Requested by
14 one.bidpal.net one.bidpal.net
2 my.bidpal.net one.bidpal.net
2 connect.facebook.net one.bidpal.net
connect.facebook.net
1 api11.bidpal.net one.bidpal.net
1 www.googletagmanager.com one.bidpal.net
1 apis.google.com one.bidpal.net
1 cdn.polyfill.io one.bidpal.net
1 r20.rs6.net 1 redirects
22 8

This site contains links to these domains. Also see Links.

Domain
www.onecause.com
Subject Issuer Validity Valid
*.bidpal.net
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2024-01-11 -
2024-02-10		 a month crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
bidpal.net
Amazon RSA 2048 M03		 2023-12-03 -
2024-12-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Frame ID: 5F47741BCBC0AB86045D9CBE18588DDB
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BidPal One

Page URL History Show full URLs

  1. https://r20.rs6.net/tn.jsp?f=0018HdMvKaagsnTjn66I6T6IhcIrdhzBBkhyCQlCCwgepjbVouXnem8k-toJKXVQ5XA... HTTP 302
    https://one.bidpal.net/mnsciwildgamechristmasparty/welcome Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

1
Countries

1027 kB
Transfer

5341 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r20.rs6.net/tn.jsp?f=0018HdMvKaagsnTjn66I6T6IhcIrdhzBBkhyCQlCCwgepjbVouXnem8k-toJKXVQ5XAsJYTDJYz4iXlA3VVozOlFZgh2VX26CrrXzYGOiPRL0j2N5QJipYQ_ajAKJPSPgiaTZH6hOlviXBiNt6d8AAJkRjtsQVg9qawLCY23ttXPzNpCWEMfMyazzZnQVp4XdVH&c=yozdAA5FQm4NiIjr3xV9ybhG-7L4LgvapVkhlWOMYDmOKFJrG_p43g==&ch=E-4hp0ZPPYQ3AyFflAhFwp4WwX9LCVjPCexezEwuEM3Br1-DAqUPDA== HTTP 302
    https://one.bidpal.net/mnsciwildgamechristmasparty/welcome Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request welcome
one.bidpal.net/mnsciwildgamechristmasparty/
Redirect Chain
  • https://r20.rs6.net/tn.jsp?f=0018HdMvKaagsnTjn66I6T6IhcIrdhzBBkhyCQlCCwgepjbVouXnem8k-toJKXVQ5XAsJYTDJYz4iXlA3VVozOlFZgh2VX26CrrXzYGOiPRL0j2N5QJipYQ_ajAKJPSPgiaTZH6hOlviXBiNt6d8AAJkRjtsQVg9qawLCY23...
  • https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a803d9f9d0b6a0d73565a8fb7ada77cbd03163b6eb2c0d63d82109e69aeeec17

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1586
content-type
text/html
date
Fri, 19 Jan 2024 13:19:59 GMT
etag
"10d6-5b0a18b02e800-gzip"
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding

Redirect headers

Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection
close
Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 19 Jan 2024 13:19:58 GMT
Location
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
P3P
CP="CAO DSP TAIa OUR NOR UNI"
Pragma
no-cache
Server
Apache
polyfill.min.js
cdn.polyfill.io/v2/ 		103 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 13:19:59 GMT
age
872615
detected-user-agent
Chrome Mobile/120.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
2b753d6599b8b1afa00de1af15f5b79360661abfa21fa44a2abec130380d0527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 13:19:59 GMT
content-md5
UlI21NCL7OKFFyOmLP7GEw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
x-fb-debug
WKXJLnEW0nu01XUqhwU68Ne5kR9MwIBs2qVexmHxb2FEGXN0RqgtxFDBBXO0dmC7wCX7xDVMbCBcHGtLNG/dHg==
x-fb-content-md5
68f14cfa5ad96ae264cd4e7e9d1bb232
cross-origin-opener-policy
same-origin-allow-popups
etag
"94a428c1e43d91122efac24b8b1f8306"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
1
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 19 Jan 2024 13:22:01 GMT
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=onGoogleLoad
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
sffe /
Resource Hash
bb9950decdb475783ba6dbad0eb9401c6489ed49f10fdbc93aa235ccfc42557c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 13:19:59 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21933
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"a16cd00c24bf0450"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 13:19:59 GMT
styles.2ee073a69940ca745f9d.bundle.css
one.bidpal.net/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one.bidpal.net/styles.2ee073a69940ca745f9d.bundle.css
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
40ccc385607ed1bd38be3f092187bd1a93b69c4636df3101c6a2f9615da2dcca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"64f6-5b0a18b02e800-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4405
loading.gif
one.bidpal.net/assets/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.bidpal.net/assets/loading.gif
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ff2d91058def012e9adb3e84a7fedebaa30c668aee9fb66e7a37792ce50654e6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:59 GMT
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"65fa-5b0a18b02e800"
content-length
26106
content-type
image/gif
inline.339483c63718442eee56.bundle.js
one.bidpal.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.bidpal.net/inline.339483c63718442eee56.bundle.js
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a764e392b33b921e7285799ceaf39e75a3476401a94285627a3ef3e05ebc2e99

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"5b4-5b0a18b02e800-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
818
polyfills.59ad331eacf02dcf9377.bundle.js
one.bidpal.net/ 		178 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.bidpal.net/polyfills.59ad331eacf02dcf9377.bundle.js
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8181f4fdfde84117312426317c7b92d4ed2c5043c03c22b7be76b1eff0fc326c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"2c6f7-5b0a18b02e800-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
56088
vendor.4fb24f9b7688cbf3f9d1.bundle.js
one.bidpal.net/ 		1 MB
308 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.bidpal.net/vendor.4fb24f9b7688cbf3f9d1.bundle.js
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2647f76e68a04df656db82cb46b127eb255dda4f9cb92446fffa4acbee99f280

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"16da4c-5b0a18b02e800-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
main.bbb24b15b9886afab4cf.bundle.js
one.bidpal.net/ 		3 MB
411 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.bidpal.net/main.bbb24b15b9886afab4cf.bundle.js
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e3cf18f41fc249b2afaaa06e64775d5f318138b4ef1018b05668c22e3edcdf4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"305682-5b0a18b02e800-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		137 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQWM9X9
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1b946d53594e45a44c81cccf75cafafbb5a17027e058771a3eb6736a312917c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52853
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Jan 2024 13:19:59 GMT
Lato-italic.woff2
one.bidpal.net/assets/fonts/Lato-italic/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://one.bidpal.net/assets/fonts/Lato-italic/Lato-italic.woff2
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/styles.2ee073a69940ca745f9d.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0620647c7e8e7ff7097b3919ed985e28c5f7145e82184bdbe68f79658e63f0c0

Request headers

Referer
https://one.bidpal.net/styles.2ee073a69940ca745f9d.bundle.css
Origin
https://one.bidpal.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:59 GMT
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"4200-5b0a18b02e800"
content-length
16896
content-type
font/woff2
Lato-regular.woff2
one.bidpal.net/assets/fonts/Lato-regular/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://one.bidpal.net/assets/fonts/Lato-regular/Lato-regular.woff2
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/styles.2ee073a69940ca745f9d.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b3c414806e659b347c31f9205558d257b959cb5a465ba7c83943a3a8ca6aa59f

Request headers

Referer
https://one.bidpal.net/styles.2ee073a69940ca745f9d.bundle.css
Origin
https://one.bidpal.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:59 GMT
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"4034-5b0a18b02e800"
content-length
16436
content-type
font/woff2
sdk.js
connect.facebook.net/en_US/ 		303 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=800624f54130557c7350e8c078e49fc7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
fede148f072f0811852178acf573a49dad605175821edc1ddf978970410dc576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://one.bidpal.net/
Origin
https://one.bidpal.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 13:19:59 GMT
content-md5
Y9LGEr0O9VBcd8dV2PF+Jw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88390
reporting-endpoints
x-fb-debug
Qny9TFh4FN9wEReckg5C/tfLMRGMafZhIq9Je9lLRHEcmmX4P4gKvJUSX/UxUVZ3CRmCACfoo8u4bP2h5QcyHg==
x-fb-content-md5
f765a670592853d71b9fd94848e0556c
cross-origin-opener-policy
same-origin-allow-popups
etag
"cd0d9f7069d4e3bd15fbc27ac0b6fc3b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 18 Jan 2025 12:20:17 GMT
OneCause.svg
one.bidpal.net/assets/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://one.bidpal.net/assets/OneCause.svg
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/vendor.4fb24f9b7688cbf3f9d1.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0c66f528feeba0cccd2ee2e9ad79caeb46c4883f1898ae5018b273d421bf8a35

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:20:00 GMT
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"14fe-5b0a18b02e800"
content-length
5374
content-type
image/svg+xml
findAPI.json
my.bidpal.net/one/ 		199 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.bidpal.net/one/findAPI.json?friendly=mnsciwildgamechristmasparty
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/polyfills.59ad331eacf02dcf9377.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.165.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-165-195.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
bf870def018b8fa1db80dd5659aebdbf911e75b909df9450d9300ae753665edd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://one.bidpal.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:20:00 GMT
x-content-type-options
nosniff
server
Apache-Coyote/1.1
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://one.bidpal.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
x-application-context
bigmama-public:prod:80
expires
0
facebook.svg
one.bidpal.net/assets/social-media-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.bidpal.net/assets/social-media-icons/facebook.svg
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
99d06106f2b372904bf4e8ff132e86f4b196876f63d625ac9110e35c78e9b94e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:20:00 GMT
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"797-5b0a18b02e800"
content-length
1943
content-type
image/svg+xml
twitter.svg
one.bidpal.net/assets/social-media-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.bidpal.net/assets/social-media-icons/twitter.svg
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
146b4b1d67b08a79967ea418efe0e34cab929a18c18373f02abef33ab98ae321

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:20:00 GMT
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"7cb-5b0a18b02e800"
content-length
1995
content-type
image/svg+xml
copyUrl.svg
one.bidpal.net/assets/social-media-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.bidpal.net/assets/social-media-icons/copyUrl.svg
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6b3cc8fc9f1de58b883fba12661efe9bc7bacfeaefec91b044d7cab081c587df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:20:00 GMT
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"846-5b0a18b02e800"
content-length
2118
content-type
image/svg+xml
getGlobalEventByFriendly.json
my.bidpal.net/one/ 		95 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.bidpal.net/one/getGlobalEventByFriendly.json?friendly=mnsciwildgamechristmasparty
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/polyfills.59ad331eacf02dcf9377.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.165.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-165-195.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
0b599b417b49e090d7e8c7cfeb68590d55489daad84df2d2a74e446c7c534e5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://one.bidpal.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:20:01 GMT
x-content-type-options
nosniff
server
Apache-Coyote/1.1
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://one.bidpal.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
x-application-context
bigmama-public:prod:80
expires
0
getEvent
api11.bidpal.net/v1/BPE455626/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api11.bidpal.net/v1/BPE455626/getEvent
Requested by
Host: one.bidpal.net
URL: https://one.bidpal.net/polyfills.59ad331eacf02dcf9377.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.168.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-168-233.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1f41fbf13484af69c47e7ac0bf6e2c4f0da04f1d2823d880045cc42a3205536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://one.bidpal.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:20:01 GMT
x-content-type-options
nosniff
server
Apache-Coyote/1.1
authorization
Bearer eyJhbGciOiJIUzUxMiJ9.eyJqdGkiOiIwYTgwYjAzZC1jMDVhLTQyYjUtODczMy00NjcyMmE3YTdlMDIiLCJpYXQiOjE3MDU2NzA0MDEsIm5iZiI6MTcwNTY3MDQwMSwiZXhwIjoxNzA1NzU2ODAxLCJpc3MiOiJPTkUtQVBJIiwiYXVkIjoiT05FLVVJIiwic3ViIjoiQlBFNDU1NjI2In0.rLw_x3LAvVQljYhtkl3-pHQ403IuaQTFCyRoc4sA8kwKDz4tak8L5WtksuWLHXCFL_kzfKMmv-mWjV_wvSFYPg
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://one.bidpal.net
access-control-expose-headers
Authorization
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-xss-protection
1; mode=block
x-application-context
application:prod:8080
expires
0
ocLogoGradient.png
one.bidpal.net/assets/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.bidpal.net/assets/ocLogoGradient.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.230.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-230-239.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
78fc7d55e9ac0129f52b991121be47fe56e2d07a57bf0efb356ad9dd5244690b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://one.bidpal.net/mnsciwildgamechristmasparty/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:20:02 GMT
last-modified
Thu, 01 Oct 2020 20:05:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1bd2-5b0a18b02e800"
content-length
7122
content-type
image/png

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| onGoogleLoad object| googleLoadedPromise function| webpackJsonp object| FB object| core object| __core-js_shared__ function| __zone_symbol__Promise function| __zone_symbol__Error function| Zone function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm object| IntlPolyfill function| Hammer object| gapi object| ___jsl object| __zone_symbol__eventTasks object| __buffer object| google_tag_manager object| google_tag_data function| assert object| JSON3 object| Stomp function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers boolean| __zone_symbol__xhrScheduled function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=uWrluJNeSIl_uaCeijMF2ybG_R_WFdNucbwj_Hl5xX5d4B6Bly1AKzZWR6bUXAzpLtVS0bsJvEZtg05sO0gBSfJzCKuwLgJVSvZiGJzT484mN5KloJVmY42-E5BqM_Wm0jZKdFWx2g__E4HQCLvOoQtFbbkZ4RB4Y33Wkql-xnk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api11.bidpal.net
apis.google.com
cdn.polyfill.io
connect.facebook.net
my.bidpal.net
one.bidpal.net
r20.rs6.net
www.googletagmanager.com
142.251.163.97
151.101.1.26
172.253.63.100
208.75.122.11
31.13.66.19
35.169.230.239
52.0.165.195
54.210.168.233
0620647c7e8e7ff7097b3919ed985e28c5f7145e82184bdbe68f79658e63f0c0
0b599b417b49e090d7e8c7cfeb68590d55489daad84df2d2a74e446c7c534e5d
0c66f528feeba0cccd2ee2e9ad79caeb46c4883f1898ae5018b273d421bf8a35
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
146b4b1d67b08a79967ea418efe0e34cab929a18c18373f02abef33ab98ae321
1b946d53594e45a44c81cccf75cafafbb5a17027e058771a3eb6736a312917c6
2647f76e68a04df656db82cb46b127eb255dda4f9cb92446fffa4acbee99f280
2b753d6599b8b1afa00de1af15f5b79360661abfa21fa44a2abec130380d0527
40ccc385607ed1bd38be3f092187bd1a93b69c4636df3101c6a2f9615da2dcca
6b3cc8fc9f1de58b883fba12661efe9bc7bacfeaefec91b044d7cab081c587df
78fc7d55e9ac0129f52b991121be47fe56e2d07a57bf0efb356ad9dd5244690b
8181f4fdfde84117312426317c7b92d4ed2c5043c03c22b7be76b1eff0fc326c
99d06106f2b372904bf4e8ff132e86f4b196876f63d625ac9110e35c78e9b94e
a764e392b33b921e7285799ceaf39e75a3476401a94285627a3ef3e05ebc2e99
a803d9f9d0b6a0d73565a8fb7ada77cbd03163b6eb2c0d63d82109e69aeeec17
b1f41fbf13484af69c47e7ac0bf6e2c4f0da04f1d2823d880045cc42a3205536
b3c414806e659b347c31f9205558d257b959cb5a465ba7c83943a3a8ca6aa59f
bb9950decdb475783ba6dbad0eb9401c6489ed49f10fdbc93aa235ccfc42557c
bf870def018b8fa1db80dd5659aebdbf911e75b909df9450d9300ae753665edd
e3cf18f41fc249b2afaaa06e64775d5f318138b4ef1018b05668c22e3edcdf4f
fede148f072f0811852178acf573a49dad605175821edc1ddf978970410dc576
ff2d91058def012e9adb3e84a7fedebaa30c668aee9fb66e7a37792ce50654e6