urlscan.io logo urlscan.io
SecurityTrails logo

ocr211.wspox4.com Open in urlscan Pro
184.107.149.198  Public Scan

Go To Rescan Add Verdict Report
URL: https://ocr211.wspox4.com/
Submission: On June 21 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 184.107.149.198, located in Canada and belongs to IWEB-AS, CA. The main domain is ocr211.wspox4.com.
TLS certificate: Issued by R10 on June 15th 2024. Valid for: 3 months.
This is the only time ocr211.wspox4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 184.107.149.198 32613 (IWEB-AS)
2 173.194.66.95 15169 (GOOGLE)
4 151.101.1.229 54113 (FASTLY)
1 209.85.144.147 15169 (GOOGLE)
1 209.85.144.94 15169 (GOOGLE)
1 173.194.68.94 15169 (GOOGLE)
2 157.240.244.1 32934 (FACEBOOK)
3 3.162.3.16 16509 (AMAZON-02)
2 3.162.7.157 16509 (AMAZON-02)
29 9
13    184.107.149.198 (Canada)

ASN32613 (IWEB-AS, CA)
ocr211.wspox4.com
2    173.194.66.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f95.1e100.net
fonts.googleapis.com
4    151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    209.85.144.147 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f147.1e100.net
www.google.com
1    209.85.144.94 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f94.1e100.net
fonts.gstatic.com
1    173.194.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f94.1e100.net
www.gstatic.com
2    157.240.244.1 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-mty2.fbcdn.net
connect.facebook.net
3    3.162.3.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-16.yul62.r.cloudfront.net
beacon-v2.helpscout.net
2    3.162.7.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-7-157.yul62.r.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
Apex Domain
Subdomains		 Transfer
13 wspox4.com
ocr211.wspox4.com
620 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
199 KB
3 helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 14068
32 KB
2 cloudfront.net
d3hb14vkzrxvla.cloudfront.net
9 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
89 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
221 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
949 B
29 8
Domain Requested by
13 ocr211.wspox4.com ocr211.wspox4.com
4 cdn.jsdelivr.net ocr211.wspox4.com
3 beacon-v2.helpscout.net ocr211.wspox4.com
beacon-v2.helpscout.net
2 d3hb14vkzrxvla.cloudfront.net beacon-v2.helpscout.net
2 connect.facebook.net ocr211.wspox4.com
connect.facebook.net
2 fonts.googleapis.com ocr211.wspox4.com
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.google.com ocr211.wspox4.com
29 9
Subject Issuer Validity Valid
tpo186.wspox4.com
R10		 2024-06-15 -
2024-09-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-31 -
2024-06-29		 3 months crt.sh
*.helpscout.net
Amazon RSA 2048 M03		 2024-03-18 -
2025-04-15		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ocr211.wspox4.com/
Frame ID: 1F6D99D51C024D5B9E07652D9EAB7FD6
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Needs Snack, Scratch & Win

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

1173 kB
Transfer

2461 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ocr211.wspox4.com/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache / deny
Resource Hash
ee6cae18120f68ba3c4d150fac3677e7a20d333d18131bd29cb401bd71f66556
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
3872
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Jun 2024 18:22:30 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Powered-By
deny
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
strict-transport-security
max-age=7200
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:400,400italic,800,700
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f95.1e100.net
Software
ESF /
Resource Hash
1843085c2bb1cb9d8537b863ea1574e2f19493392e0d6ea46929465b1755d3a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Jun 2024 18:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Jun 2024 18:22:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jun 2024 18:22:34 GMT
css2
fonts.googleapis.com/ 		21 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f95.1e100.net
Software
ESF /
Resource Hash
bd4bb9bd2a39844fa841d35ad0b27b3aeb1f625cc0d7763caf1377d7d36d6fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Jun 2024 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Jun 2024 18:08:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jun 2024 18:22:35 GMT
jquery-ui.min.css
cdn.jsdelivr.net/jquery.ui/1.11.4/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.ui/1.11.4/jquery-ui.min.css
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 18:22:32 GMT
age
2555861
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7847
x-served-by
cache-fra-etou8220067-FRA, cache-yyz4567-YYZ
etag
W/"75d3-aXMSI//k9mlETpbyTFSBEBXmp3Y"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.6/css/ 		118 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 18:22:32 GMT
age
1452458
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21318
x-served-by
cache-fra-etou8220117-FRA, cache-yyz4567-YYZ
etag
W/"1d9ac-jrF2xwuc+mhxt21tyY+1Jufps94"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
new-styles.css
ocr211.wspox4.com/module/OCR211/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/module/OCR211/css/new-styles.css
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
f002105880efd01d7d960e0def20a67583b6f1a5b39e4fcd8d495bf9d438cc2e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 May 2024 15:36:49 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
2740
jquery@1.12.1,jquery.ui@1.11.4,bootstrap@3.3.6
cdn.jsdelivr.net/g/ 		366 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/g/jquery@1.12.1,jquery.ui@1.11.4,bootstrap@3.3.6
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9c72687a5b4b636152f188c1012b7d33a2f9947f35784f671407d865d089296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 18:22:32 GMT
age
817399
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
112421
x-served-by
cache-fra-eddf8230078-FRA, cache-yyz4567-YYZ
etag
W/"5b7b6-O0hxZ0obS/Kmi1zP5tysZaBHGp8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
vue.js
cdn.jsdelivr.net/vue/2.1.3/ 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/vue/2.1.3/vue.js
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10b76de5595cf1e1a703fad27bd135c81aa06700f9c0e057b79f1f3550caf662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 18:22:32 GMT
age
1432396
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
61260
x-served-by
cache-fra-eddf8230105-FRA, cache-yyz4567-YYZ
etag
W/"33891-EZIuXCkNsbey9t+g1sLmjPJYB5A"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
api.js
www.google.com/recaptcha/ 		1 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.147 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f147.1e100.net
Software
GSE /
Resource Hash
e120bb5ca9c62d21b247ac3f4a564dabb0aeeda65742f453e2b2675cc420d9ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 21 Jun 2024 18:22:35 GMT
fontawesome.min.css
ocr211.wspox4.com/module/OCR211/fontawesome/css/ 		162 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/module/OCR211/fontawesome/css/fontawesome.min.css
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
c4385c5a1aa89e18b2aa3bd897212b123c979532e70df90d0d3e24a3840d3709

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:31 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2024 18:24:26 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
37119
fa-brands-400.woff2
ocr211.wspox4.com/module/OCR211/fontawesome/webfonts/ 		108 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/module/OCR211/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Origin
https://ocr211.wspox4.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2024 18:24:30 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/woff2
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
fa-solid-900.woff2
ocr211.wspox4.com/module/OCR211/fontawesome/webfonts/ 		320 KB
321 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/module/OCR211/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Origin
https://ocr211.wspox4.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2024 18:24:30 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/woff2
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
brands.min.css
ocr211.wspox4.com/module/OCR211/fontawesome/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/module/OCR211/fontawesome/css/brands.min.css
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
c11506b379ab79eb8ba3b5e842832fb4c9275b0aa1e61a6d2540f092c35ac18f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:31 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2024 18:24:25 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
4742
solid.min.css
ocr211.wspox4.com/module/OCR211/fontawesome/css/ 		526 B
576 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/module/OCR211/fontawesome/css/solid.min.css
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
49bcc7e2f21efd9e11e868f5323c773a3ad29b9b8d2c2d7cb2dab4f748f52cb2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:31 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2024 18:24:27 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
292
load.css
ocr211.wspox4.com/helper/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/helper/load.css?lib=1WjCBj4jk9QJgNZFBldzpWJgSP4bhvpxWl
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache / deny
Resource Hash
c71e81c475c400bbc8e39af6eb92c34e90e6b5588067f219f9a61aecb5b7e3a1
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Fri, 21 Jun 2024 18:22:31 GMT
strict-transport-security
max-age=7200
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
X-Powered-By
deny
ETag
9016e8c9a6d1eb7e6860e46c05fde675
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
public, max-age=43200
Connection
close
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
Expires
Sat, 22 Jun 2024 06:22:31 GMT
D-Hero.png
ocr211.wspox4.com/module/OCR211/img/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocr211.wspox4.com/module/OCR211/img/D-Hero.png
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
8d25dffbcb3f8d364ffb0f9861a6971f096a793b9ce9c136279aa5f337d8e8cb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:35 GMT
Last-Modified
Tue, 07 May 2024 18:24:13 GMT
Server
Apache
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
120328
Needs-white.svg
ocr211.wspox4.com/module/OCR211/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocr211.wspox4.com/module/OCR211/img/Needs-white.svg
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
fe3f15f944a2e7beeef7a9846db01e2f4d77b54244e98c5942349aa2f56aa9bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2024 18:24:13 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
1603
SceneNeeds.png
ocr211.wspox4.com/module/OCR211/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocr211.wspox4.com/module/OCR211/img/SceneNeeds.png
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
2adf3e8fc25f772d5b8dd3db81a1b8d296014d2d78c07419d9b54774d51c3c30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:38 GMT
Last-Modified
Tue, 07 May 2024 18:24:07 GMT
Server
Apache
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
7282
load.js
ocr211.wspox4.com/helper/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/helper/load.js?lib=5TM0VD9NsCN3PGP2dZhsdfyF9nfKFb3LF7WCkRdFgrMJpwNDS7yP8Zy
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache / deny
Resource Hash
73e57e5e984e32363b5a8c06fdf4daa11a1191bda08cc3f40e8b2884338c7c6d
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Fri, 21 Jun 2024 18:22:38 GMT
strict-transport-security
max-age=7200
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
X-Powered-By
deny
ETag
a0f5a698f3247b8276ca9dff410caa51
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
public, max-age=43200
Connection
close
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
Expires
Sat, 22 Jun 2024 06:22:38 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:400,400italic,800,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.94 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f94.1e100.net
Software
sffe /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ocr211.wspox4.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:14:34 GMT
x-content-type-options
nosniff
age
169681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16324
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:08:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jun 2025 19:14:34 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 		517 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f94.1e100.net
Software
sffe /
Resource Hash
4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Origin
https://ocr211.wspox4.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 20:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
336743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209238
x-xss-protection
0
last-modified
Sat, 15 Jun 2024 04:02:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jun 2025 20:50:12 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/helper/load.js?lib=5TM0VD9NsCN3PGP2dZhsdfyF9nfKFb3LF7WCkRdFgrMJpwNDS7yP8Zy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mty2.fbcdn.net
Software
/
Resource Hash
25b70fd11c7c8747dc449a4a3a83a52a7df814f074cc603964686c63993792a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 18:22:38 GMT
content-md5
7yJk7MYyEYHX0vnaYaYIbg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=71, rtx=0, c=12, mss=1316, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
/GSwyEZ2JcoCCvUi29T6w6V3Oqve3f2sGTJkN7qm0hk2nUz5OKf9zNJrz/JJbVwqAXE4LXsVDRWggZw6RLf2CA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
dedf8f8c9f50d72eadf632a0ee332cc0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"8f5faa101e11f4dd09a24fdefb97f746"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:28:06 GMT
sdk.js
connect.facebook.net/en_US/ 		299 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=13e37613fd348aa7082824bd69b56211
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mty2.fbcdn.net
Software
/
Resource Hash
09582811e6426559b8c646e20b4bfca5a2d37c26a7fdfca9f9724e23903fc729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Origin
https://ocr211.wspox4.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 18:22:39 GMT
content-md5
vRf17a4UF0x4Pt/useoSOg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87599
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=69, rtx=0, c=23, mss=1232, tbw=4297, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
Mz7a9dWukg1AV5dsHesZ7QE/lrWiTP1Vn/uBLTZm1rDIbskMtHiAJOPfoAQVS2inClGXZcA83YSEtVtwyEJOIA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
49c2a7bcc1f8de08d9694c9a8905f2d9
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"b93abb6dd143fd84d825bd56b750746f"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 21 Jun 2025 15:56:05 GMT
/
beacon-v2.helpscout.net/ 		458 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: ocr211.wspox4.com
URL: https://ocr211.wspox4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-16.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b7d17bd68b11a8a1e41fa64a7682994cf6bf73f95a8b8f512a52d8db37c400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 18:22:17 GMT
content-encoding
gzip
via
1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
YUL62-P2
age
35
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
327
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 17 Jun 2024 12:52:22 GMT
server
AmazonS3
etag
"3b480f0bbd8ec0abbc7871821ec510a1"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=120, s-maxage=120, public
accept-ranges
bytes
x-amz-cf-id
xINPtf5dhzarZ0rDgqewcjspeOplbs9MOHVti04JcQssuHvX9Z6Slw==
Favicon.png
ocr211.wspox4.com/module/OCR211/img/ 		6 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ocr211.wspox4.com/module/OCR211/img/Favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
50e6fc40fd979baa5b5f8a16bc3ab11b894adf54f76088c608617dd382f0a160

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 18:22:39 GMT
Last-Modified
Tue, 07 May 2024 18:24:13 GMT
Server
Apache
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
6195
vendor.ec06f8ec.js
beacon-v2.helpscout.net/static/js/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.ec06f8ec.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-16.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab850ad464108a322046664c880f5366f3eff6edafbc2ca74d39ddf8805299fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 16:59:48 GMT
content-encoding
gzip
via
1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
YUL62-P2
age
4972
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17759
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 17 Jun 2024 12:52:23 GMT
server
AmazonS3
etag
"4f7df3b96aea0e17614278fab0e93749"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ChcvQtkTQroLPo235TwxMbFVMCANv9kcQQO_1tsamH0zV5Q-tfIxag==
main.63d07020.js
beacon-v2.helpscout.net/static/js/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.63d07020.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-16.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2312f9d28fcfe55564b427619148799f3d70b69d28542c9a10df1aa5358da13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocr211.wspox4.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 16:29:54 GMT
content-encoding
gzip
via
1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
YUL62-P2
age
6766
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12627
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 17 Jun 2024 12:52:23 GMT
server
AmazonS3
etag
"01b177e429180f0563986b3f9a821f48"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
huDYw8taDBGjPvqRlFq7VYZsd3z-97Nw_gTnptTILskMeXY7A5i_LQ==
cd984642-1e9e-4e6b-8410-02fc7abf4a4c
d3hb14vkzrxvla.cloudfront.net/v1/ 		8 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/cd984642-1e9e-4e6b-8410-02fc7abf4a4c
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/vendor.ec06f8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.7.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-7-157.yul62.r.cloudfront.net
Software
/
Resource Hash
3f9669d454852bd722fb19da6cc9a28bb58cb08ac3daf37519eb1de73d47c450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

correlationId
57c3f88b-d22b-4f2f-b0bc-a65164df3163
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Helpscout-Release
2.2.199
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Beacon-Device-ID
4fccebdb-8102-484a-bec7-3bd775970af0
Referer
https://ocr211.wspox4.com/
Beacon-Device-Instance-ID
40aa233d-6266-41a4-8ba7-7978bcb01548
Helpscout-Origin
Beacon-Embed
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 18:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
x-ratelimit-remaining-ai-ask-hour
25
x-ratelimit-remaining-identify-hour
25
x-ratelimit-limit-general-minute
60
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-limit-conversations-hour
10
x-ratelimit-limit-attachments-hour
10
vary
Origin,Access-Control-Request-Method
content-type
application/json
access-control-allow-origin
https://ocr211.wspox4.com
x-ratelimit-remaining-general-minute
60
access-control-expose-headers
Resource-ID
cache-control
max-age=300
access-control-allow-credentials
true
x-ratelimit-remaining-attachments-hour
10
x-ratelimit-limit-ai-ask-hour
25
x-amz-cf-id
dH4LooPfkndDd7ztD3HKR4up8pyt2uVYp4RAAlhUIoG_-7WXp4Sf0A==
x-ratelimit-limit-chat-tokens-hour
25
cd984642-1e9e-4e6b-8410-02fc7abf4a4c
d3hb14vkzrxvla.cloudfront.net/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/cd984642-1e9e-4e6b-8410-02fc7abf4a4c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.7.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-7-157.yul62.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
beacon-device-id,beacon-device-instance-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method
GET
Origin
https://ocr211.wspox4.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
beacon-device-id, beacon-device-instance-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods
GET
access-control-allow-origin
https://ocr211.wspox4.com
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length
0
date
Fri, 21 Jun 2024 18:22:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-amz-cf-id
45Lod1afN0c5wKw8cfp31gzWZpH-YtKbZhbC1caiEdR-HAsgUguGYQ==
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
x-ratelimit-limit-ai-ask-hour
25
x-ratelimit-limit-attachments-hour
10
x-ratelimit-limit-chat-tokens-hour
25
x-ratelimit-limit-conversations-hour
10
x-ratelimit-limit-general-minute
60
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-ai-ask-hour
25
x-ratelimit-remaining-attachments-hour
10
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-remaining-general-minute
60
x-ratelimit-remaining-identify-hour
25

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| jQuery112101407714621071796 function| Vue function| Beacon object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| float_width function| same_height function| form_csrf_update function| add_input_error function| reset_input function| add_form_msg function| clear_form_msg function| form_validate function| json_post function| btn_load function| btn_reset number| timer function| start_timer function| list_ticker function| check_cookie function| get_url_parameter number| total_element number| animation_timer string| css_trans object| FB object| __buffer object| beaconJsonp

1 Cookies

Domain/Path Name / Value
.ocr211.wspox4.com/ Name: _OCR211_S
Value: 03549f6d0d5f0906d1864dd52e017a4e

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://ocr211.wspox4.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon-v2.helpscout.net
cdn.jsdelivr.net
connect.facebook.net
d3hb14vkzrxvla.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ocr211.wspox4.com
www.google.com
www.gstatic.com
151.101.1.229
157.240.244.1
173.194.66.95
173.194.68.94
184.107.149.198
209.85.144.147
209.85.144.94
3.162.3.16
3.162.7.157
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
09582811e6426559b8c646e20b4bfca5a2d37c26a7fdfca9f9724e23903fc729
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
10b76de5595cf1e1a703fad27bd135c81aa06700f9c0e057b79f1f3550caf662
1843085c2bb1cb9d8537b863ea1574e2f19493392e0d6ea46929465b1755d3a3
25b70fd11c7c8747dc449a4a3a83a52a7df814f074cc603964686c63993792a1
2adf3e8fc25f772d5b8dd3db81a1b8d296014d2d78c07419d9b54774d51c3c30
3f9669d454852bd722fb19da6cc9a28bb58cb08ac3daf37519eb1de73d47c450
42b7d17bd68b11a8a1e41fa64a7682994cf6bf73f95a8b8f512a52d8db37c400
49bcc7e2f21efd9e11e868f5323c773a3ad29b9b8d2c2d7cb2dab4f748f52cb2
4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e
50e6fc40fd979baa5b5f8a16bc3ab11b894adf54f76088c608617dd382f0a160
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
73e57e5e984e32363b5a8c06fdf4daa11a1191bda08cc3f40e8b2884338c7c6d
8d25dffbcb3f8d364ffb0f9861a6971f096a793b9ce9c136279aa5f337d8e8cb
ab850ad464108a322046664c880f5366f3eff6edafbc2ca74d39ddf8805299fd
bd4bb9bd2a39844fa841d35ad0b27b3aeb1f625cc0d7763caf1377d7d36d6fae
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
c11506b379ab79eb8ba3b5e842832fb4c9275b0aa1e61a6d2540f092c35ac18f
c4385c5a1aa89e18b2aa3bd897212b123c979532e70df90d0d3e24a3840d3709
c71e81c475c400bbc8e39af6eb92c34e90e6b5588067f219f9a61aecb5b7e3a1
e120bb5ca9c62d21b247ac3f4a564dabb0aeeda65742f453e2b2675cc420d9ad
ee6cae18120f68ba3c4d150fac3677e7a20d333d18131bd29cb401bd71f66556
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f002105880efd01d7d960e0def20a67583b6f1a5b39e4fcd8d495bf9d438cc2e
f2312f9d28fcfe55564b427619148799f3d70b69d28542c9a10df1aa5358da13
f9c72687a5b4b636152f188c1012b7d33a2f9947f35784f671407d865d089296
fe3f15f944a2e7beeef7a9846db01e2f4d77b54244e98c5942349aa2f56aa9bc