urlscan.io logo urlscan.io
SecurityTrails logo

canadianvisa.org Open in urlscan Pro
167.99.182.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-exam/-british/-counci...
Effective URL: https://canadianvisa.org/
Submission: On September 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 21 HTTP transactions. The main IP is 167.99.182.231, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is canadianvisa.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 29th 2024. Valid for: a year.
This is the only time canadianvisa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:20::ac43:482c (United States)

ASN13335 (CLOUDFLARENET, US)
www.canadianvisa.org
2    167.99.182.231 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
canadianvisa.org
5    2600:9000:2514:6a00:15:20a2:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d1ac9zce9817ms.cloudfront.net
1    2600:9000:2510:f600:c:ec32:f140:21 (United States)

ASN16509 (AMAZON-02, US)
d1dje5mxb6emkl.cloudfront.net
3    2607:f8b0:4006:81e::2008 (None, )

ASN- ()
www.googletagmanager.com
1    34.96.75.226 (None, )

ASN- ()
api.exponea.com
1    2607:f8b0:4006:80e::200e (None, )

ASN- ()
www.google-analytics.com
1    2a03:2880:f012:8:face:b00c:0:1 (None, )

ASN- ()
connect.facebook.net
1    2607:f8b0:4006:824::200e (None, )

ASN- ()
www.youtube.com
1    76.223.64.65 (None, )

ASN- ()
lcgroups-org.freshchat.com
Domain Requested by
5 d1ac9zce9817ms.cloudfront.net canadianvisa.org
3 www.googletagmanager.com canadianvisa.org
www.googletagmanager.com
2 canadianvisa.org 1 redirects
1 lcgroups-org.freshchat.com canadianvisa.org
lcgroups-org.freshchat.com
1 www.youtube.com www.googletagmanager.com
www.youtube.com
1 connect.facebook.net canadianvisa.org
connect.facebook.net
1 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 api.exponea.com canadianvisa.org
1 d1dje5mxb6emkl.cloudfront.net canadianvisa.org
1 www.canadianvisa.org 1 redirects
0 stats.g.doubleclick.net Failed www.google-analytics.com
0 analytics.tiktok.com Failed canadianvisa.org
21 12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.trustpilot.com
college-ic.ca
Subject Issuer Validity Valid
*.canadianvisa.org
Sectigo RSA Domain Validation Secure Server CA		 2024-08-29 -
2025-09-29		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
api.exponea.com
WR3		 2024-09-07 -
2024-12-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.freshchat.com
Amazon RSA 2048 M02		 2024-01-22 -
2025-02-18		 a year crt.sh

This page contains 2 frames:

Primary Page: https://canadianvisa.org/
Frame ID: 14844B0E82383C1D8C9C0C48B35F6EBA
Requests: 30 HTTP requests in this frame

Frame: https://lcgroups-org.freshchat.com/widget/config_iframe.html?host=https://lcgroups-org.freshchat.com&token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&origin=https://canadianvisa.org&widgetUuid=0f8202d2-085a-46a7-880a-8d3cea2076b2
Frame ID: 6213CD2FA02CD04D31C4E82452F9819F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canadian Visa | Canadian Immigration Consultants - CanadianVisa.org

Page URL History Show full URLs

  1. http://www.canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-e... HTTP 307
    https://www.canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-e... HTTP 301
    https://canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-e... HTTP 302
    https://canadianvisa.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

71 %
HTTPS

70 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

735 kB
Transfer

2130 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-exam/-british/-council/-tips HTTP 307
    https://www.canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-exam/-british/-council/-tips HTTP 301
    https://canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-exam/-british/-council/-tips HTTP 302
    https://canadianvisa.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
canadianvisa.org/
Redirect Chain
  • http://www.canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-exam/-british/-council/-tips
  • https://www.canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-exam/-british/-council/-tips
  • https://canadianvisa.org//canada/-immigration//study/-in/-canada//how/-to/-prepare/-for/-an/-ielts/-exam/-british/-council/-tips
  • https://canadianvisa.org/
259 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://canadianvisa.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
e6eadc77dea8aa94fa10f5419c0a327a22cc9d5986a369ef25b16b63787c6308

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
secret_key,language,x-api-key,x-api-password,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 19 Sep 2024 23:33:53 GMT
etag
W/"40b70-jiRknOX6EAJmdI/AugZhCw"
server
nginx
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

access-control-allow-headers
secret_key,language,x-api-key,x-api-password,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-origin
*
content-length
46
content-type
text/html; charset=utf-8
date
Thu, 19 Sep 2024 23:33:53 GMT
location
/
server
nginx
vary
Accept, Accept-Encoding
x-powered-by
Express
logo_dark.svg
d1ac9zce9817ms.cloudfront.net/images-new/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ac9zce9817ms.cloudfront.net/images-new/icons/logo_dark.svg
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:6a00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dcef7571c7a81d58988666316fdf1895ce18814907cb8b58cad5597f9f59565

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

vary
Accept-Encoding
x-amz-replication-status
REPLICA
content-encoding
gzip
x-amz-version-id
Nn91e5iAjNfXRtVQ3LZwF_4jw1KB9t88
etag
W/"1a8810eed522f459ce56339985b9d468"
age
40168
via
1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ELbxm16v2YG101VkCRI5IfudN2GZhTcSTbgQb8Vk7cNuX3SGotFPcg==
date
Thu, 19 Sep 2024 12:24:44 GMT
content-type
image/svg+xml
last-modified
Fri, 24 Feb 2023 20:21:43 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
x-amz-server-side-encryption
AES256
hp_intro_1_1.jpg
d1ac9zce9817ms.cloudfront.net/images-new/banners/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ac9zce9817ms.cloudfront.net/images-new/banners/hp_intro_1_1.jpg
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:6a00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fa1a287a26a46c4e20a8aef15bb8bc19988b3f0ec09c37b233f0b626d5d7cf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

x-amz-version-id
iSmESEU2cxmzYMhjDo.92IEA2Bd2kGhZ
etag
"1ae438f5669b4467f8ee5ce237f1ae77"
age
41119
x-cache
Hit from cloudfront
x-amz-cf-id
0kvBeBPwfYJRygYqTtguReXQO_M005cecc8iir9WWDoYShPbJrDIZQ==
date
Thu, 19 Sep 2024 15:24:50 GMT
content-type
image/jpeg
vary
Accept-Encoding
last-modified
Wed, 13 Sep 2023 09:29:03 GMT
x-amz-replication-status
REPLICA
via
1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
108509
x-amz-cf-pop
JFK50-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
hp_intro_1_2.jpg
d1ac9zce9817ms.cloudfront.net/images-new/banners/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ac9zce9817ms.cloudfront.net/images-new/banners/hp_intro_1_2.jpg
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:6a00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6085fd6db5a344a62ae3dfc54e322f04c2e1aad6759258d136e15308cc799cc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

x-amz-version-id
YNW4VR8btYkpWn4w8ha2Zhv1M.UL52HF
etag
"5d6a44b10f47e712e133a36d3bc83635"
age
47635
x-cache
Hit from cloudfront
x-amz-cf-id
hTHSxde_grt8-24hGK5lItYwtV9Je0GaKSEZ7GvuidBFHR0a7M21kQ==
date
Thu, 19 Sep 2024 16:54:20 GMT
content-type
image/jpeg
vary
Accept-Encoding
last-modified
Wed, 13 Sep 2023 09:29:02 GMT
x-amz-replication-status
REPLICA
via
1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
107571
x-amz-cf-pop
JFK50-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/ 		342 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
191eecfbeac4b117c0ef38dc4010cc9dca89b85aff1c78c831519ac6091d3026

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		458 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44e1a7f23a3f2080e964f978c227133b54abef1d37513bc986b820758de3344f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		634 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe9ff4b7d446db9808e137ee48c6dbb4eac338d80c98fde761b2da97a760c68e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		967 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0aa46a7e3d9463bd836dada3eedd9fa8da29ccabd03eff603365d54c416bb4d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		461 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
387fe7869d96c8b789d2a82e16fe63127134e3bc40dcf0660354df20e51b2029

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		543 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a8ab08ac91385fc5936570478f3210293f0842b3490d4a602dabd44d7eee3bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f140a077b90f5cee49da445e08eb1fe29028132c20084b4351fc6b13b48f557

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23b2cec6c9860b9e60e8f7f966a386a2040e564bb9c8c3462d46f09d01601b3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b09369f2b8aa6ff0ac771734b3a78cacdd4e92db19dd582b116a20ad40f40340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
select-arrow.svg
d1ac9zce9817ms.cloudfront.net/images-new/icons/ 		640 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ac9zce9817ms.cloudfront.net/images-new/icons/select-arrow.svg
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:6a00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85b6810b918333166d4eac8f7135ea1a9caef685c970c59baba3b7324d5c5508

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

x-amz-replication-status
REPLICA
cache-control
max-age=31536000
etag
"e6c71ba80e50fbde4383da1de36f0867"
x-amz-version-id
bgl6bQnJgEpFPBZYfkGtu1SmrOmnYHYK
age
24713103
via
1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
640
x-amz-cf-id
-XYZOo0pYCPZYyLra8ZXeed5rwdbfbfzHkeadCAmWkD_ytvBXk3kbA==
date
Fri, 08 Dec 2023 22:48:50 GMT
content-type
image/svg+xml
last-modified
Tue, 20 Apr 2021 13:35:43 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
favicon.ico
d1ac9zce9817ms.cloudfront.net/favicon/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1ac9zce9817ms.cloudfront.net/favicon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:6a00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa92b4261e29c6302ad6e5d3e73798eaf541ffbbf202438fc39da46a7e3a9e80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

x-amz-replication-status
REPLICA
x-amz-version-id
ib3YOM6jbuON_MWtIOmKsTeALwtHAudk
etag
"954445bcc466fe7bac5f3ee68eb7daff"
age
32966
via
1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15086
x-amz-cf-id
932khcGAcKO_6BEc_ZL_s2B13zI9hCcbc0qBmwYD-oHl-vuWNTnwqQ==
date
Thu, 19 Sep 2024 14:24:28 GMT
content-type
image/x-icon
last-modified
Wed, 14 Apr 2021 14:47:14 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
vary
Accept-Encoding
cve.js.br
d1dje5mxb6emkl.cloudfront.net/cve/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1dje5mxb6emkl.cloudfront.net/cve/cve.js.br
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:f600:c:ec32:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f3270c409718eabbe3a6f94875ce4e2637b2898a372a1dfac2e9af461402fbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

content-encoding
br
etag
"2acb15d67c461c3311921d98d2094649"
age
82181
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
UvjdBCtrY5D3k2LoS1YUFTs_vls_RSrFFRlLxIe_uraOtPMMz0ns8Q==
date
Thu, 19 Sep 2024 00:44:15 GMT
content-type
binary/octet-stream
last-modified
Wed, 10 Jul 2024 11:39:27 GMT
cache-control
none
via
1.1 52143757d25f4b31ebf04bc09765f6c0.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
16961
x-amz-cf-pop
JFK50-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		351 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e6de6bcbc457a9e9a7c96246bbb9be957bc73c419432d34e97fdc943d50682af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

content-encoding
br
expires
Thu, 19 Sep 2024 23:33:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 23:33:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 19 Sep 2024 22:36:19 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
113479
x-xss-protection
0
server
Google Tag Manager
exponea.min.js
api.exponea.com/js/ 		128 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://api.exponea.com/js/exponea.min.js
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.75.226 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

cache-control
max-age=3600
content-encoding
gzip
etag
"66e2b7e2-df4a"
via
1.1 google
expires
Fri, 20 Sep 2024 00:33:58 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57162
date
Thu, 19 Sep 2024 23:33:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Sep 2024 09:44:02 GMT
server
nginx
js
www.googletagmanager.com/gtag/ 		350 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7ZX12XDL4S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Thu, 19 Sep 2024 23:33:58 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110959
date
Thu, 19 Sep 2024 23:33:58 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
content-encoding
gzip
age
5274
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 00:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
date
Thu, 19 Sep 2024 22:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
server
Golfe2
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 19 Sep 2024 23:33:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=5686, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
A05HRkxSnxpuUuI3+8EviXPPHHiEMhagl2r1ZSAywVx4le+w9GxlDXx8AnnWGbTFGPunKyI+LA+joT7+k2UHHQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
9c72baa546b07c7eb296c3b83867d1dc7105a9e78722916e4fdbb84bd25fe664
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

content-encoding
br
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options
nosniff
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires
Thu, 19 Sep 2024 23:33:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Thu, 19 Sep 2024 23:33:58 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
events.js
analytics.tiktok.com/i18n/pixel/ 		0
0
widget.js
lcgroups-org.freshchat.com/js/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lcgroups-org.freshchat.com/js/widget.js
Requested by
Host: canadianvisa.org
URL: https://canadianvisa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.64.65 -, , ASN (),
Reverse DNS
Software
fwe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
672de55b-dbda-4168-9e6f-7cd79593e9ad
cache-control
max-age=900, must-revalidate
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
content-encoding
gzip
x-fw-ratelimiting-managed
false
x-envoy-upstream-service-time
2
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-trace-id
00-3f7086d98ff287786d2f92acc435760f-790b68f740a95b11-00
date
Thu, 19 Sep 2024 23:33:58 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Tue, 17 Sep 2024 05:05:22 GMT
server
fwe
x-server
j55w6
destination
www.googletagmanager.com/gtag/ 		393 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-873086315&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTTXXK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://canadianvisa.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Thu, 19 Sep 2024 23:33:58 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125084
date
Thu, 19 Sep 2024 23:33:58 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
collect
www.google-analytics.com/j/ 		0
0
collect
stats.g.doubleclick.net/j/ 		0
0
www-widgetapi.js
www.youtube.com/s/player/a9d81eca/www-widgetapi.vflset/ 		0
0
638202162930393
connect.facebook.net/signals/config/ 		0
0
config_iframe.html
lcgroups-org.freshchat.com/widget/ Frame 6213 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJNG30RC77U5TJETLFEG&lib=ttq
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1021983930&t=pageview&_s=1&dl=https%3A%2F%2Fcanadianvisa.org%2F&ul=en-us&de=UTF-8&dt=Canadian%20Visa%20%7C%20Canadian%20Immigration%20Consultants%20-%20CanadianVisa.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=1920771366&gjid=1957908639&cid=197029737.1726788839&tid=UA-60594623-1&_gid=1783852820.1726788839&_slc=1&gtm=45He49h0n81PTTXXK2v812215509za200&cd6=&cd16=&cd18=&cd19=&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=1853329946
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60594623-1&cid=197029737.1726788839&jid=1920771366&gjid=1957908639&_gid=1783852820.1726788839&_u=YGBAiEABBAAAAGAAI~&z=998691962
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/a9d81eca/www-widgetapi.vflset/www-widgetapi.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/638202162930393?v=2.9.167&r=stable&domain=canadianvisa.org&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Domain
lcgroups-org.freshchat.com
URL
https://lcgroups-org.freshchat.com/widget/config_iframe.html?host=https://lcgroups-org.freshchat.com&token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&origin=https://canadianvisa.org&widgetUuid=0f8202d2-085a-46a7-880a-8d3cea2076b2

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| loadDeferredStyles function| loadScript function| firstInteraction function| cve

2 Cookies

Domain/Path Name / Value
canadianvisa.org/ Name: connect.sid
Value: s%3ApaUyTQjUfmxeLR_8y2apjZJbNHaBQBD7.kEkhJjYqVHJh9J6edU4SwCE25OxXgvwsJjlAv0qrJno
canadianvisa.org/ Name: cve_ip
Value: 208.252.80.125

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://canadianvisa.org/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.exponea.com
canadianvisa.org
connect.facebook.net
d1ac9zce9817ms.cloudfront.net
d1dje5mxb6emkl.cloudfront.net
lcgroups-org.freshchat.com
stats.g.doubleclick.net
www.canadianvisa.org
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
analytics.tiktok.com
connect.facebook.net
lcgroups-org.freshchat.com
stats.g.doubleclick.net
www.google-analytics.com
www.youtube.com
167.99.182.231
2600:9000:2510:f600:c:ec32:f140:21
2600:9000:2514:6a00:15:20a2:3900:21
2606:4700:20::ac43:482c
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81e::2008
2607:f8b0:4006:824::200e
2a03:2880:f012:8:face:b00c:0:1
34.96.75.226
76.223.64.65
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0aa46a7e3d9463bd836dada3eedd9fa8da29ccabd03eff603365d54c416bb4d9
0fa1a287a26a46c4e20a8aef15bb8bc19988b3f0ec09c37b233f0b626d5d7cf3
191eecfbeac4b117c0ef38dc4010cc9dca89b85aff1c78c831519ac6091d3026
1dcef7571c7a81d58988666316fdf1895ce18814907cb8b58cad5597f9f59565
23b2cec6c9860b9e60e8f7f966a386a2040e564bb9c8c3462d46f09d01601b3f
2a8ab08ac91385fc5936570478f3210293f0842b3490d4a602dabd44d7eee3bc
387fe7869d96c8b789d2a82e16fe63127134e3bc40dcf0660354df20e51b2029
44e1a7f23a3f2080e964f978c227133b54abef1d37513bc986b820758de3344f
5f140a077b90f5cee49da445e08eb1fe29028132c20084b4351fc6b13b48f557
5f3270c409718eabbe3a6f94875ce4e2637b2898a372a1dfac2e9af461402fbc
6085fd6db5a344a62ae3dfc54e322f04c2e1aad6759258d136e15308cc799cc5
85b6810b918333166d4eac8f7135ea1a9caef685c970c59baba3b7324d5c5508
9c72baa546b07c7eb296c3b83867d1dc7105a9e78722916e4fdbb84bd25fe664
b09369f2b8aa6ff0ac771734b3a78cacdd4e92db19dd582b116a20ad40f40340
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e6de6bcbc457a9e9a7c96246bbb9be957bc73c419432d34e97fdc943d50682af
e6eadc77dea8aa94fa10f5419c0a327a22cc9d5986a369ef25b16b63787c6308
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa92b4261e29c6302ad6e5d3e73798eaf541ffbbf202438fc39da46a7e3a9e80
fe9ff4b7d446db9808e137ee48c6dbb4eac338d80c98fde761b2da97a760c68e