urlscan.io logo urlscan.io
SecurityTrails logo

www.thor.ca Open in urlscan Pro
52.119.45.60  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.romulusrising.com/l/qUZ892c731P892gMPpj6xTgjKQ/3m2892z6zKbuYtaJPsKfVAfQ/TGAmKi10cY7GzOr3bkWjaw
Effective URL: https://www.thor.ca/
Submission: On October 13 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 15 domains to perform 41 HTTP transactions. The main IP is 52.119.45.60, located in United States and belongs to FUSED, US. The main domain is www.thor.ca.
TLS certificate: Issued by R3 on August 22nd 2022. Valid for: 3 months.
This is the only time www.thor.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.227.248.177 32244 (LIQUIDWEB)
1 21 52.119.45.60 394949 (FUSED)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2600:9000:251... 16509 (AMAZON-02)
1 7 3.132.155.94 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 23.219.17.240 16625 (AKAMAI-AS)
2 2 34.229.3.43 14618 (AMAZON-AES)
2 2 52.86.197.41 14618 (AMAZON-AES)
2 2 52.223.40.198 16509 (AMAZON-02)
2 2 52.3.138.212 14618 (AMAZON-AES)
1 2 34.111.234.236 396982 (GOOGLE-CL...)
2 2 35.190.60.146 15169 (GOOGLE)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.100.194 13335 (CLOUDFLAR...)
41 9
1    67.227.248.177 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: cloudvpsserver.www.romulusrising.com
app.romulusrising.com
21    52.119.45.60 (United States)

ASN394949 (FUSED, US)
PTR: s29.fused.com
www.thor.ca
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2600:9000:2510:9400:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
7    3.132.155.94 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-155-94.us-east-2.compute.amazonaws.com
l.sharethis.com
sync.sharethis.com
2    2607:f8b0:4006:80c::2008 (United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    23.219.17.240 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-17-240.deploy.static.akamaitechnologies.com
t.sharethis.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadus.exelator.com
2    52.86.197.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-197-41.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    52.3.138.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-138-212.compute-1.amazonaws.com
ps.eyeota.net
2    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.100.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
Apex Domain
Subdomains		 Transfer
21 thor.ca
www.thor.ca
2 MB
15 sharethis.com
ws.sharethis.com — Cisco Umbrella Rank: 8587
l.sharethis.com — Cisco Umbrella Rank: 4781
t.sharethis.com — Cisco Umbrella Rank: 6335
sync.sharethis.com — Cisco Umbrella Rank: 3364
105 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 499
445 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 344
490 B
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1665
468 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1010
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
926 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 818
900 B
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1270
2 KB
2 gstatic.com
fonts.gstatic.com
67 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 278
17 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
662 B
1 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 871
830 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 romulusrising.com
app.romulusrising.com
353 B
41 15
Domain Requested by
21 www.thor.ca 1 redirects www.thor.ca
5 sync.sharethis.com
5 ws.sharethis.com www.thor.ca
ws.sharethis.com
3 t.sharethis.com ws.sharethis.com
t.sharethis.com
2 p.adsymptotic.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 ml314.com 1 redirects
2 ps.eyeota.net 2 redirects
2 match.adsrvr.org 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 loadus.exelator.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 ssl.google-analytics.com www.thor.ca
2 l.sharethis.com 1 redirects www.thor.ca
1 px.ads.linkedin.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 fonts.googleapis.com www.thor.ca
1 app.romulusrising.com 1 redirects
41 18

This site contains no links.

Subject Issuer Validity Valid
www.thor.ca
R3		 2022-08-22 -
2022-11-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sharethis.com
Amazon		 2022-06-19 -
2023-07-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
cert1.a1.atm.aqfer.net
R3		 2022-10-13 -
2023-01-11		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.thor.ca/
Frame ID: 9697880D03735A64097183C1D1A0B977
Requests: 30 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010
Frame ID: 77194F03574BB6F4A3A52F261040551F
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1065.23347/a/CA/t_.js?cid=c010
Frame ID: C66B023D6CA911F5EC094FE8BB0EDB36
Requests: 8 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: 7245F1B32C162DF1A26C9040CD20360F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Thorsteinssons LLP Tax Lawyers | Canada's Premier Tax Law Firm | Toronto, VancouverThorsteinssons LLP Tax Lawyers | Canada's Premier Tax Law Firm | Toronto, Vancouver

Page URL History Show full URLs

  1. http://app.romulusrising.com/l/qUZ892c731P892gMPpj6xTgjKQ/3m2892z6zKbuYtaJPsKfVAfQ/TGAmKi10cY7GzOr3bkWjaw HTTP 302
    http://www.thor.ca/ HTTP 301
    https://www.thor.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

41
Requests

80 %
HTTPS

29 %
IPv6

15
Domains

18
Subdomains

9
IPs

2
Countries

1958 kB
Transfer

2279 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.romulusrising.com/l/qUZ892c731P892gMPpj6xTgjKQ/3m2892z6zKbuYtaJPsKfVAfQ/TGAmKi10cY7GzOr3bkWjaw HTTP 302
    http://www.thor.ca/ HTTP 301
    https://www.thor.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1665672102672.98334&hostname=www.thor.ca&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.thor.ca%2F&title=Thorsteinssons%20LLP%20Tax%20Lawyers%20%7C%20Canada%27s%20Premier%20Tax%20Law%20Firm%20%7C%20Toronto%2C%20Vancouver&sop=false&description=Thorsteinssons%20is%20Canada%E2%80%99s%20largest%20law%20firm%20practicing%20exclusively%20in%20tax.%20Our%20lawyers%20are%20consistently%20recognized%20among%20Canada%E2%80%99s%20leading%20tax%20practitioners. HTTP 301
  • https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1665672102672.98334&hostname=www.thor.ca&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.thor.ca%2F&title=Thorsteinssons%20LLP%20Tax%20Lawyers%20%7C%20Canada%27s%20Premier%20Tax%20Law%20Firm%20%7C%20Toronto%2C%20Vancouver&sop=false&description=Thorsteinssons%20is%20Canada%E2%80%99s%20largest%20law%20firm%20practicing%20exclusively%20in%20tax.%20Our%20lawyers%20are%20consistently%20recognized%20among%20Canada%E2%80%99s%20leading%20tax%20practitioners.&samesite=None
Request Chain 31
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://sync.sharethis.com/nlsn?uid=9e3a8e83e810e127d9aeea0fc32adebe
Request Chain 32
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.sharethis.com/int/lotame?uid=9f8853da0b8acdf75051b9a5950f1fc8&gdpr=0&gdpr_consent=
Request Chain 33
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=c64758be-b1d5-4e4a-aac0-72934528d721&gdpr=0&gdpr_consent=
Request Chain 34
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2aAYdXPFsb6-bxD78cNB8_S4kAMZ7wGHxNl1VOw5xD7c&gdpr=0&gdpr_consent=
Request Chain 35
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3630725291020648470 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDcyNTI5MTAyMDY0ODQ3MBAAGg0Ip8egmgYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=5958f8c236417f5a254d4923fcf635b45e4abfc13cd635da734917742af425e9f4cb09cee1a4f8eb&person_id=3630725291020648470&eid=50082
Request Chain 36
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
  • https://sync.sharethis.com/yahoo?uid=y-Z7oynHJE2oPYgjfSNElf3v7Odsd4nf6AOM0-~A
Request Chain 37
  • https://px.ads.linkedin.com/db_sync?pid=12608&puuid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&rand=1665672103274&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&_pu HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&_pu&_expected_cookie=da5e0ea3f4c1b4d167dd54514f2b45cc

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thor.ca/
Redirect Chain
  • http://app.romulusrising.com/l/qUZ892c731P892gMPpj6xTgjKQ/3m2892z6zKbuYtaJPsKfVAfQ/TGAmKi10cY7GzOr3bkWjaw
  • http://www.thor.ca/
  • https://www.thor.ca/
34 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
f20a1fb0239b90fe9125e166502491fc683b66324a4c07090c44cb31fab4d300

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 14:41:40 GMT
Keep-Alive
timeout=5, max=200
Link
<https://www.thor.ca/wp-json/>; rel="https://api.w.org/", <https://www.thor.ca/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.thor.ca/>; rel=shortlink
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding,Cookie

Redirect headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 14:41:39 GMT
Keep-Alive
timeout=5, max=200
Location
https://www.thor.ca/
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding,Cookie
X-Redirect-By
WordPress
wp-emoji-release.min.js
www.thor.ca/wp-includes/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-includes/js/wp-emoji-release.min.js?ver=21d829086ebb6b7c196ef9a7345a7907
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 12 Apr 2022 05:56:23 GMT
Server
Apache
ETag
"6ccb5d-48b9-5dc6eb878efc0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
18617
style.min.css
www.thor.ca/wp-includes/css/dist/block-library/ 		87 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-includes/css/dist/block-library/style.min.css?ver=21d829086ebb6b7c196ef9a7345a7907
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 12 Jul 2022 17:30:55 GMT
Server
Apache
ETag
"6cb8c8-15b64-5e39f07e5d3cf"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
88932
styles.css
www.thor.ca/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Fri, 02 Sep 2022 01:48:31 GMT
Server
Apache
ETag
"6c0968-aab-5e7a7ed6311b9"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
2731
pagenavi-css.css
www.thor.ca/wp-content/plugins/wp-pagenavi/ 		374 B
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 25 May 2021 07:46:55 GMT
Server
Apache
ETag
"6c0ba2-176-5c322bae02a43"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
374
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%7COpen+Sans%3A400%2C300%2C700&ver=21d829086ebb6b7c196ef9a7345a7907
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6fb2d3407a8ab9ed572b56fa16bbecfd999780e36e935a253642e739fa2d8734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 14:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 14:41:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Oct 2022 14:41:42 GMT
style.css
www.thor.ca/wp-content/themes/thorsteinssons/ 		61 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/style.css?ver=21d829086ebb6b7c196ef9a7345a7907
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
bce2acaab5d291754c7430618ac23c1fef8f5842797c52f1a5dc561fe78ef940

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Wed, 12 Feb 2020 15:44:33 GMT
Server
Apache
ETag
"6c2644-f24a-59e62d950d44e"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
62026
theme.css
www.thor.ca/wp-content/themes/thorsteinssons/ 		433 B
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/theme.css?ver=21d829086ebb6b7c196ef9a7345a7907
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
f8c7d9ff5b35ac2e54ae02c06aedac0b7d6f39ae1ccf6ec8a068456b73dc457b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 04 Aug 2015 20:27:46 GMT
Server
Apache
ETag
"6c0de8-1b1-51c821e771480"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
433
jquery.min.js
www.thor.ca/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Wed, 10 Mar 2021 15:07:24 GMT
Server
Apache
ETag
"6cca88-15db1-5bd3006388300"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
89521
jquery-migrate.min.js
www.thor.ca/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Wed, 18 Nov 2020 09:06:06 GMT
Server
Apache
ETag
"6cca7e-2bd8-5b45debe27b80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
11224
buttons.js
ws.sharethis.com/button/ 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/buttons.js
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:9400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
748718063bc84d056b5d0cf947b83aa71d7dbef7358d6ec62eab82c2f3881a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:10:21 GMT
content-encoding
gzip
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
JFK50-P5
age
37881
x-cache
Hit from cloudfront
content-length
26307
server
nginx/1.20.1
etag
W/"62bdf23a-19615"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
vp0nWypPGEyauKTQCDqNlEvZoJIScEfkIdtPgsaJnCYXSpNA7iotHA==
expires
Sun, 16 Oct 2022 04:10:21 GMT
logo.png
www.thor.ca/wp-content/themes/thorsteinssons/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/images/logo.png
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
635768367c28295782b1a82ac4070158429af70be9b53919640d616cecf849d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 04 Aug 2015 20:27:46 GMT
Server
Apache
ETag
"6c0da2-1d10-51c821e771480"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
7440
logo3.png
www.thor.ca/wp-content/themes/thorsteinssons/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/images/logo3.png
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
b17807509d8ceee6c684b3d1eedef67282ad2066a0b97c0869244659a7bce0ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 04 Aug 2015 20:27:46 GMT
Server
Apache
ETag
"6c0daa-11d7-51c821e771480"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
4567
logo2.png
www.thor.ca/wp-content/themes/thorsteinssons/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/images/logo2.png
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
d5f0bf09cf387370534bba0da247f7c7e69dded82f5da439f2a676256ef9cb8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 04 Aug 2015 20:27:46 GMT
Server
Apache
ETag
"6c0da6-1d10-51c821e771480"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
7440
logo4.png
www.thor.ca/wp-content/themes/thorsteinssons/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/images/logo4.png
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
953466af6ddcf28e9f25480741b3808089c9a539bd60de78e2c1cfd25eef7123

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 04 Aug 2015 20:27:46 GMT
Server
Apache
ETag
"6c0dac-18a8-51c821e771480"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
6312
index.js
www.thor.ca/wp-content/plugins/contact-form-7/includes/swv/js/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Fri, 02 Sep 2022 01:48:31 GMT
Server
Apache
ETag
"6c09ea-25d0-5e7a7ed632159"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
9680
index.js
www.thor.ca/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Fri, 02 Sep 2022 01:48:31 GMT
Server
Apache
ETag
"6c09fb-2fb3-5e7a7ed632541"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
12211
jquery.main.js
www.thor.ca/wp-content/themes/thorsteinssons/js/ 		114 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/js/jquery.main.js?ver=21d829086ebb6b7c196ef9a7345a7907
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
a3ad94f1972b9d28504f185a0d9754cc2a6d33c786a40eac91886571993500de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 29 Sep 2015 23:08:58 GMT
Server
Apache
ETag
"6c0db5-1c68d-520eae6131680"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
116365
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:9400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:41:55 GMT
content-encoding
gzip
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
JFK50-P5
age
197987
x-cache
Hit from cloudfront
content-length
18813
server
nginx/1.20.1
etag
W/"62bdf287-16245"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
GHqMD8hWLLFUa50M0Jkx9KSgM9fYT5WFWy685tDNTjOZAdUg0bKbxw==
expires
Fri, 14 Oct 2022 07:41:55 GMT
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1665672102672.98334&hostname=www.thor.ca&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-000...
  • https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1665672102672.98334&hostname=www.thor.ca&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0...
160 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1665672102672.98334&hostname=www.thor.ca&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.thor.ca%2F&title=Thorsteinssons%20LLP%20Tax%20Lawyers%20%7C%20Canada%27s%20Premier%20Tax%20Law%20Firm%20%7C%20Toronto%2C%20Vancouver&sop=false&description=Thorsteinssons%20is%20Canada%E2%80%99s%20largest%20law%20firm%20practicing%20exclusively%20in%20tax.%20Our%20lawyers%20are%20consistently%20recognized%20among%20Canada%E2%80%99s%20leading%20tax%20practitioners.&samesite=None
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Server
3.132.155.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-155-94.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
63fdda0188e7054be08b6e71c2a0f37fd885c124526ef90606e89ba6a4195f71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.thor.ca
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZHwAB2NII6YAAAAIFHXrAw==
Access-Control-Allow-Headers
*
Content-Length
160
X-Robots-Tag
noindex, nofollow

Redirect headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.thor.ca
Location
/sc?event=pview&version=buttons.js&lang=en&sessionID=1665672102672.98334&hostname=www.thor.ca&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.thor.ca%2F&title=Thorsteinssons%20LLP%20Tax%20Lawyers%20%7C%20Canada%27s%20Premier%20Tax%20Law%20Firm%20%7C%20Toronto%2C%20Vancouver&sop=false&description=Thorsteinssons%20is%20Canada%E2%80%99s%20largest%20law%20firm%20practicing%20exclusively%20in%20tax.%20Our%20lawyers%20are%20consistently%20recognized%20among%20Canada%E2%80%99s%20leading%20tax%20practitioners.&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZHwAB2NII6YAAAAIFHXrAw==
Access-Control-Allow-Headers
*
Content-Length
688
X-Robots-Tag
noindex, nofollow
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 12:46:18 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6924
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 13 Oct 2022 14:46:18 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%7COpen+Sans%3A400%2C300%2C700&ver=21d829086ebb6b7c196ef9a7345a7907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thor.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:52:46 GMT
x-content-type-options
nosniff
age
197336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 07:52:46 GMT
header-buildings-t-1280x463.png
www.thor.ca/wp-content/themes/thorsteinssons/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/images/header-buildings-t-1280x463.png
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
5d76baa2ece0cf1441985a1c33858b390a3d4c21db5d957242906c2d5ccb8b9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Wed, 12 Feb 2020 15:57:58 GMT
Server
Apache
ETag
"6c2296-13a176-59e630948a0b9"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
1286518
leaf.png
www.thor.ca/wp-content/themes/thorsteinssons/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/images/leaf.png
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/wp-content/themes/thorsteinssons/style.css?ver=21d829086ebb6b7c196ef9a7345a7907
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
a204003e2c3a05e8bca1d435f0a227a9c65cf51a87847ff834f890a3fea7f2c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/wp-content/themes/thorsteinssons/style.css?ver=21d829086ebb6b7c196ef9a7345a7907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 04 Aug 2015 20:27:46 GMT
Server
Apache
ETag
"6c0da0-13c7-51c821e771480"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
5063
bg2-blue.jpg
www.thor.ca/wp-content/themes/thorsteinssons/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/images/bg2-blue.jpg
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
0aa88408ea28d574581f518765ce8b4afe417021195c1713394daaf012836935

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Wed, 22 Jan 2020 20:26:43 GMT
Server
Apache
ETag
"6c00b0-90b3-59cc057bddbb6"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=197
Content-Length
37043
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C300%2C700%7COpen+Sans%3A400%2C300%2C700&ver=21d829086ebb6b7c196ef9a7345a7907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thor.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 10:34:59 GMT
x-content-type-options
nosniff
age
187603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 10:34:59 GMT
icomoon.woff
www.thor.ca/wp-content/themes/thorsteinssons/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thor.ca/wp-content/themes/thorsteinssons/fonts/icomoon.woff
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/wp-content/themes/thorsteinssons/style.css?ver=21d829086ebb6b7c196ef9a7345a7907
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.45.60 , United States, ASN394949 (FUSED, US),
Reverse DNS
s29.fused.com
Software
Apache /
Resource Hash
c2dd3e2ab2c212d7335c59d2cf12a6579278033ca34c10c84713509d8fd05a52

Request headers

Referer
https://www.thor.ca/wp-content/themes/thorsteinssons/style.css?ver=21d829086ebb6b7c196ef9a7345a7907
Origin
https://www.thor.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:42 GMT
Last-Modified
Tue, 04 Aug 2015 20:27:46 GMT
Server
Apache
ETag
"6c0d7b-afc-51c821e771480"
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=197
Content-Length
2812
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:9400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 07:52:42 GMT
content-encoding
gzip
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 30 Jun 2022 18:59:19 GMT
server
nginx/1.20.1
x-amz-cf-pop
JFK50-P5
age
24540
etag
W/"62bdf287-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
SsShxqRaz8VmGmilaLBA4112DY_5kYl9QmcmOrTZY2XVguReWrV_zw==
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1489637727&utmhn=www.thor.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Thorsteinssons%20LLP%20Tax%20Lawyers%20%7C%20Canada%27s%20Premier%20Tax%20Law%20Firm%20%7C%20Toronto%2C%20Vancouver&utmhid=332930403&utmr=-&utmp=%2F&utmht=1665672102970&utmac=UA-26882715-1&utmcc=__utma%3D8080503.739418548.1665672103.1665672103.1665672103.1%3B%2B__utmz%3D8080503.1665672103.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1690295981&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.thor.ca
URL: https://www.thor.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 14:41:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?rnd=1665672103001&cid=c010&dmn=www.thor.ca&gdpr_domain=false
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da59ffbea84d95413ad1f340cf50d5b7deacfca1c65ca07bbefa0ea12026f1c2
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1361
Expires
Thu, 13 Oct 2022 15:41:43 GMT
t_.htm
t.sharethis.com/a/ Frame 7719 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?rnd=1665672103001&cid=c010&dmn=www.thor.ca&gdpr_domain=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://www.thor.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Thu, 13 Oct 2022 14:41:43 GMT
Expires
Thu, 20 Oct 2022 14:41:43 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.js
t.sharethis.com/1.1065.23347/a/CA/ Frame C66B 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1065.23347/a/CA/t_.js?cid=c010
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d659fa836d031b3a9dde1dfbfc4948542fe134f4d6fc2951c6e06af2b3e5642
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
9524
Expires
Thu, 20 Oct 2022 14:41:43 GMT
nlsn
sync.sharethis.com/ Frame C66B
Redirect Chain
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
  • https://sync.sharethis.com/nlsn?uid=9e3a8e83e810e127d9aeea0fc32adebe
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/nlsn?uid=9e3a8e83e810e127d9aeea0fc32adebe
Protocol
HTTP/1.1
Server
3.132.155.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-155-94.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHwAB2NII6YAAAAIFHXrAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

date
Thu, 13 Oct 2022 14:41:43 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sync.sharethis.com/nlsn?uid=9e3a8e83e810e127d9aeea0fc32adebe
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
lotame
sync.sharethis.com/int/ Frame C66B
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
  • https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
  • https://sync.sharethis.com/int/lotame?uid=9f8853da0b8acdf75051b9a5950f1fc8&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/int/lotame?uid=9f8853da0b8acdf75051b9a5950f1fc8&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.132.155.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-155-94.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHwAB2NII6YAAAAIFHXrAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 14:41:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.sharethis.com/int/lotame?uid=9f8853da0b8acdf75051b9a5950f1fc8&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.40.41.137
content-length
0
expires
0
ttd
sync.sharethis.com/ Frame C66B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=c64758be-b1d5-4e4a-aac0-72934528d721&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=c64758be-b1d5-4e4a-aac0-72934528d721&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.132.155.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-155-94.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHwAB2NII6YAAAAIFHXrAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 14:41:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.sharethis.com/ttd?uid=c64758be-b1d5-4e4a-aac0-72934528d721&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
215
eyeota
sync.sharethis.com/ Frame C66B
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2aAYdXPFsb6-bxD78cNB8_S4kAMZ7wGHxNl1VOw5xD7c&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2aAYdXPFsb6-bxD78cNB8_S4kAMZ7wGHxNl1VOw5xD7c&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.132.155.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-155-94.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHwAB2NII6YAAAAIFHXrAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2aAYdXPFsb6-bxD78cNB8_S4kAMZ7wGHxNl1VOw5xD7c&gdpr=0&gdpr_consent=
Date
Thu, 13 Oct 2022 14:41:43 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame C66B
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3630725291020648470
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDcyNTI5MTAyMDY0ODQ3MBAAGg0Ip8egmgYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=5958f8c236417f5a254d4923fcf635b45e4abfc13cd635da734917742af425e9f4cb09cee1a4f8eb&person_id=3630725291020648470&eid=50082
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=5958f8c236417f5a254d4923fcf635b45e4abfc13cd635da734917742af425e9f4cb09cee1a4f8eb&person_id=3630725291020648470&eid=50082
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 14:41:42 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 14 Oct 2022 10:41:43 GMT

Redirect headers

date
Thu, 13 Oct 2022 14:41:43 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=5958f8c236417f5a254d4923fcf635b45e4abfc13cd635da734917742af425e9f4cb09cee1a4f8eb&person_id=3630725291020648470&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
yahoo
sync.sharethis.com/ Frame C66B
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent=
  • https://sync.sharethis.com/yahoo?uid=y-Z7oynHJE2oPYgjfSNElf3v7Odsd4nf6AOM0-~A
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/yahoo?uid=y-Z7oynHJE2oPYgjfSNElf3v7Odsd4nf6AOM0-~A
Protocol
HTTP/1.1
Server
3.132.155.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-155-94.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 14:41:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHwAB2NII6YAAAAIFHXrAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

date
Thu, 13 Oct 2022 14:41:43 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0102.pbp.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
location
https://sync.sharethis.com/yahoo?uid=y-Z7oynHJE2oPYgjfSNElf3v7Odsd4nf6AOM0-~A
content-length
0
/
p.adsymptotic.com/d/px/ Frame C66B
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=12608&puuid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&rand=1665672103274&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D%26gdpr%3...
  • https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&_pu
  • https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&_pu&_expected_cookie=da5e0ea3f4c1b4d167dd54514f2b45cc
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&_pu&_expected_cookie=da5e0ea3f4c1b4d167dd54514f2b45cc
Protocol
H2
Server
104.18.100.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 13 Oct 2022 14:41:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7598d6775dd5a222-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHwAB2NII6YAAAAIFHXrAw%3D%3D&_pu&_expected_cookie=da5e0ea3f4c1b4d167dd54514f2b45cc
date
Thu, 13 Oct 2022 14:41:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7598d676fce2a222-YYZ
content-length
0
index.html
ws.sharethis.com/secure/ Frame 7245 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:9400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1d5d4a3d491d72214945792be081b07dc744bd7a67421f7e571aec699589ae4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thor.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37616
content-encoding
gzip
content-length
2090
content-type
text/html
date
Thu, 13 Oct 2022 04:14:47 GMT
etag
W/"62bdf287-1ade"
last-modified
Thu, 30 Jun 2022 18:59:19 GMT
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-id
7suYrDF81Gk4rlGryCgANJUVzsDInAa9GRs1HFGPoSwHuqtNcEGsvA==
x-amz-cf-pop
JFK50-P5
x-cache
Hit from cloudfront
x-robots-tag
noindex, nofollow
st.da2f6a88d7bfe891c2a6f4578518e3f4.js
ws.sharethis.com/secure/js/ Frame 7245 		148 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure/js/st.da2f6a88d7bfe891c2a6f4578518e3f4.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:9400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
fb0058690392ce74e443d304e2f2c81a70ca36eb25e0dfb1cadada9315074049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws.sharethis.com/secure/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:11:29 GMT
content-encoding
gzip
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
JFK50-P5
age
3817813
etag
W/"62bdf287-24e3c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
793FYk0WjUrqoVio-FKjgelD7LeADgPseUgibjYR3Vuzlr39c89dWQ==
expires
Wed, 30 Aug 2023 10:11:29 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| pathInfo object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing object| _gaq object| swv object| wpcf7 function| initCustomForms function| initCarousel function| initMobileNav function| initTouchNav function| TouchNav object| jcf object| lib function| Hammer function| picturefill function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog string| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback string| baseURL object| _gat object| gaGlobal string| messageSet

25 Cookies

Domain/Path Name / Value
.sharethis.com/ Name: __stid
Value: ZHwAB2NII6YAAAAIFHXrAw==
.sharethis.com/ Name: __stidv
Value: 2
.thor.ca/ Name: __utma
Value: 8080503.739418548.1665672103.1665672103.1665672103.1
.thor.ca/ Name: __utmc
Value: 8080503
.thor.ca/ Name: __utmz
Value: 8080503.1665672103.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.thor.ca/ Name: __utmt
Value: 1
.thor.ca/ Name: __utmb
Value: 8080503.1.10.1665672103
.thor.ca/ Name: fpestid
Value: lQVa58wsBfxniv7KMVnCijEOG0x6TxgIbJ27W-AUjA6P-dkC0G3rZHGOYdjfeTZ7iGGqtg
.t.sharethis.com/ Name: pxcelPage_default_c010
Value: 0_7_1665672103274
.yahoo.com/ Name: A3
Value: d=AQABBKcjSGMCENcShZk5XL2WwWFxCWyzzuIFEgEBAQF1SWNSYwAAAAAA_eMAAA&S=AQAAAm7dwGYQ_hYModnXs1UhWWk
.ml314.com/ Name: pi
Value: 3630725291020648470
.exelator.com/ Name: EE
Value: "9e3a8e83e810e127d9aeea0fc32adebe"
.adsrvr.org/ Name: TDID
Value: c64758be-b1d5-4e4a-aac0-72934528d721
.eyeota.net/ Name: mako_uid
Value: 183d1cb45d5-264a0000010a4afe
.eyeota.net/ Name: SERVERID
Value: 19198~DM
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiQxY31-MyWOxAFOAE.
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEy1TjRItXCONXC0CDV0Mg8xTIxNTXRIC3Z2CgxJTUpdXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAbEl%252BUWb6ImfHxUUpaQyLSopPBR988QwA648sDQ%253D%253D"
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&76a5b820-d921-4974-808f-b42ae43fffaf"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2773:u=1:x=1:i=1665672103:t=1665758503:v=2:sig=AQG1tzN2RVrJKHjmaTtjiXTnMfRIebQf"
.rlcdn.com/ Name: rlas3
Value: IgB7Gz60UKR4VXEzvytUtUerVhfaTxf62WfIR4xe3kY=
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 9f8853da0b8acdf75051b9a5950f1fc8
.rlcdn.com/ Name: pxrc
Value: CKfHoJoGEgUI6AcQABIFCNtOEAA=
.adsymptotic.com/ Name: U
Value: da5e0ea3f4c1b4d167dd54514f2b45cc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.romulusrising.com
bcp.crwdcntrl.net
cms.analytics.yahoo.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
l.sharethis.com
loadus.exelator.com
match.adsrvr.org
ml314.com
p.adsymptotic.com
ps.eyeota.net
px.ads.linkedin.com
ssl.google-analytics.com
sync.sharethis.com
t.sharethis.com
ws.sharethis.com
www.thor.ca
104.18.100.194
23.219.17.240
2600:9000:2510:9400:3:c04e:c780:93a1
2607:f8b0:4006:80c::2008
2607:f8b0:4006:81c::200a
2607:f8b0:4006:822::2003
2620:1ec:21::14
3.132.155.94
34.111.234.236
34.229.3.43
35.190.60.146
52.119.45.60
52.223.40.198
52.3.138.212
52.86.197.41
67.227.248.177
76.13.32.147
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0aa88408ea28d574581f518765ce8b4afe417021195c1713394daaf012836935
0d659fa836d031b3a9dde1dfbfc4948542fe134f4d6fc2951c6e06af2b3e5642
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1d5d4a3d491d72214945792be081b07dc744bd7a67421f7e571aec699589ae4f
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d76baa2ece0cf1441985a1c33858b390a3d4c21db5d957242906c2d5ccb8b9a
635768367c28295782b1a82ac4070158429af70be9b53919640d616cecf849d9
63fdda0188e7054be08b6e71c2a0f37fd885c124526ef90606e89ba6a4195f71
6fb2d3407a8ab9ed572b56fa16bbecfd999780e36e935a253642e739fa2d8734
748718063bc84d056b5d0cf947b83aa71d7dbef7358d6ec62eab82c2f3881a1a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
953466af6ddcf28e9f25480741b3808089c9a539bd60de78e2c1cfd25eef7123
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
a204003e2c3a05e8bca1d435f0a227a9c65cf51a87847ff834f890a3fea7f2c3
a3ad94f1972b9d28504f185a0d9754cc2a6d33c786a40eac91886571993500de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17807509d8ceee6c684b3d1eedef67282ad2066a0b97c0869244659a7bce0ee
bce2acaab5d291754c7430618ac23c1fef8f5842797c52f1a5dc561fe78ef940
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c2dd3e2ab2c212d7335c59d2cf12a6579278033ca34c10c84713509d8fd05a52
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5f0bf09cf387370534bba0da247f7c7e69dded82f5da439f2a676256ef9cb8d
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
da59ffbea84d95413ad1f340cf50d5b7deacfca1c65ca07bbefa0ea12026f1c2
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20a1fb0239b90fe9125e166502491fc683b66324a4c07090c44cb31fab4d300
f8c7d9ff5b35ac2e54ae02c06aedac0b7d6f39ae1ccf6ec8a068456b73dc457b
fb0058690392ce74e443d304e2f2c81a70ca36eb25e0dfb1cadada9315074049