urlscan.io logo urlscan.io
SecurityTrails logo

becascanada2022.nextpelis.com Open in urlscan Pro
95.175.110.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/JOB-RECRUITMENT-CANADA-2022
Effective URL: https://becascanada2022.nextpelis.com/
Submission: On February 16 via manual from CL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 27 HTTP transactions. The main IP is 95.175.110.187, located in Helsinki, Finland and belongs to FICOLO, FI. The main domain is becascanada2022.nextpelis.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 15th 2022. Valid for: 3 months.
This is the only time becascanada2022.nextpelis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 199.188.200.231 22612 (NAMECHEAP...)
19 95.175.110.187 49282 (FICOLO)
3 2600:9000:215... 16509 (AMAZON-02)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 172.104.29.90 63949 (LINODE-AP...)
2 103.231.212.226 18229 (CTRLS-AS-...)
27 5
1    2606:4700:10::6814:8a41 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
1    199.188.200.231 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium64-3.web-hosting.com
trabajo.finanzasjuegos.com
19    95.175.110.187 (Helsinki, Finland)

ASN49282 (FICOLO, FI)
becascanada2022.nextpelis.com
3    2600:9000:215b:b600:7:6b7b:1000:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdki.truepush.com
2    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
widget.supercounters.com
1    172.104.29.90 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com
www.supercounters.com
2    103.231.212.226 (India)

ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN)
PTR: static-103-231-212-226.ctrls.in
sdk.truepush.com
Apex Domain
Subdomains		 Transfer
19 nextpelis.com
becascanada2022.nextpelis.com
326 KB
5 truepush.com
sdki.truepush.com — Cisco Umbrella Rank: 53194
sdk.truepush.com — Cisco Umbrella Rank: 66834
21 KB
3 supercounters.com
widget.supercounters.com — Cisco Umbrella Rank: 197016
www.supercounters.com — Cisco Umbrella Rank: 188464
3 KB
1 finanzasjuegos.com
trabajo.finanzasjuegos.com
142 B
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 17283
421 B
27 5
Domain Requested by
19 becascanada2022.nextpelis.com becascanada2022.nextpelis.com
3 sdki.truepush.com becascanada2022.nextpelis.com
sdki.truepush.com
2 sdk.truepush.com sdki.truepush.com
2 widget.supercounters.com becascanada2022.nextpelis.com
1 www.supercounters.com widget.supercounters.com
1 trabajo.finanzasjuegos.com 1 redirects
1 tinyurl.com 1 redirects
27 7

This site contains no links.

Subject Issuer Validity Valid
becascanada2022.nextpelis.com
cPanel, Inc. Certification Authority		 2022-02-15 -
2022-05-16		 3 months crt.sh
sdki.truepush.com
Amazon		 2021-09-24 -
2022-10-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-21 -
2022-06-20		 a year crt.sh
*.supercounters.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-24 -
2022-09-26		 2 years crt.sh
*.truepush.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://becascanada2022.nextpelis.com/
Frame ID: D35E31583327853B09BB40AE4DFC3A1C
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CONTRATACIÓN DE EMPLEO EN CANADA 2022

Page URL History Show full URLs

  1. https://tinyurl.com/JOB-RECRUITMENT-CANADA-2022 HTTP 301
    https://trabajo.finanzasjuegos.com/ HTTP 301
    https://becascanada2022.nextpelis.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

350 kB
Transfer

650 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/JOB-RECRUITMENT-CANADA-2022 HTTP 301
    https://trabajo.finanzasjuegos.com/ HTTP 301
    https://becascanada2022.nextpelis.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
becascanada2022.nextpelis.com/
Redirect Chain
  • https://tinyurl.com/JOB-RECRUITMENT-CANADA-2022
  • https://trabajo.finanzasjuegos.com/
  • https://becascanada2022.nextpelis.com/
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
deb7c8f886a3bc2c3e3969e741486e9040d0c74a119daeba1daaeae2d2e72ada

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Tue, 15 Feb 2022 16:55:41 GMT
accept-ranges
bytes
content-encoding
br
vary
Accept-Encoding
content-length
4909
date
Wed, 16 Feb 2022 17:40:09 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

content-type
text/html
content-length
707
date
Wed, 16 Feb 2022 17:40:08 GMT
server
LiteSpeed
location
https://becascanada2022.nextpelis.com/
x-turbo-charged-by
LiteSpeed
datepicker.min.css
becascanada2022.nextpelis.com/css/ 		3 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/css/datepicker.min.css
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
af75bb7f36510ca91f06e43e208e2bea23fb01a077d5c99aaeed5145f49e526e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
796
expires
Wed, 23 Feb 2022 17:40:09 GMT
jquery-3.4.1.min.html
becascanada2022.nextpelis.com/code.jquery.com/ 		2 KB
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/code.jquery.com/jquery-3.4.1.min.html
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f83cbefa5d9683e72aeca86c635aea081f5acc015394ae53cca0afff36af9c3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
666
datepicker.min.js
becascanada2022.nextpelis.com/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/js/datepicker.min.js
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bcb25ed1065a531a8aa4694e804b08bc9e8c280e02e5bbc0a34eab545bb74660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5779
expires
Wed, 23 Feb 2022 17:40:09 GMT
mask.js
becascanada2022.nextpelis.com/js/ 		2 KB
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/js/mask.js
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
599f52225f41ae7cdcac353a2095e778c48830c919ce1fa77f81c5007babe5e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
610
expires
Wed, 23 Feb 2022 17:40:09 GMT
jquery.modal.min.html
becascanada2022.nextpelis.com/cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		2 KB
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.html
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fdb5aeffb0c9577c3f79975368b7a3c5ce62b4fa6280bd32b3f68a6de2383ab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
679
jquery.modal.min-2.html
becascanada2022.nextpelis.com/cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		2 KB
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min-2.html
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6c1cba3bb693f563188553b275690da5cce145ef216141f1173bd531c4b2ee98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
679
jquery.steps.js
becascanada2022.nextpelis.com/js/ 		54 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/js/jquery.steps.js
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2f33b25a9ec79e40d8945c607fc41bf9e63aa276bd2db1e3a21c562d38c5b6a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10424
expires
Wed, 23 Feb 2022 17:40:09 GMT
jquery.validate.min.js
becascanada2022.nextpelis.com/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/js/jquery.validate.min.js
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fc52359a3dbd53724de20d3755e5456019c593bf6d529e005e5b6b86b4910179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7269
expires
Wed, 23 Feb 2022 17:40:09 GMT
sweetalert.js
becascanada2022.nextpelis.com/js/ 		117 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/js/sweetalert.js
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
76b1e4d0faa4ccd50fa37e38db963512a261d72c3c36d342f977942b9ca4d957

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22186
expires
Wed, 23 Feb 2022 17:40:09 GMT
sweetalert2.min.css
becascanada2022.nextpelis.com/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/css/sweetalert2.min.css
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6e24065caf9dd2e1e66c3efeee04d60c12223bcb6c18f685c7f0ab830480d334

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3986
expires
Wed, 23 Feb 2022 17:40:09 GMT
select2.min.html
becascanada2022.nextpelis.com/cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/ 		2 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/select2.min.html
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
07cad801e8a68f2c1b10448c1b307e01c87f24ef2edae195dfab128d4544d851

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
680
select2.min.html
becascanada2022.nextpelis.com/cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/ 		2 KB
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/select2.min.html
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
94e3982333f20455c1becad84610733c4fc7c737ec17e4571a4975b2cd2303b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
680
canad.png
becascanada2022.nextpelis.com/ 		253 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://becascanada2022.nextpelis.com/canad.png
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d068eaa53f890e5a0541d5a8e0688f88bdafec68a8f7123e46e2ade85c5404ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
258812
expires
Wed, 23 Feb 2022 17:40:09 GMT
images%20(3).png
becascanada2022.nextpelis.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://becascanada2022.nextpelis.com/images%20(3).png
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d8b4415af6e7b284073207453ee3f0c9c028bd96ee03de3d4a47f5209aba1667

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4663
expires
Wed, 23 Feb 2022 17:40:09 GMT
style-st.css
becascanada2022.nextpelis.com/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/css/style-st.css
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f741ccf4b7d1a28d2b3167aa59f48c5d530cf635642cb5ff178d0c539e57948e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2874
expires
Wed, 23 Feb 2022 17:40:09 GMT
api.html
becascanada2022.nextpelis.com/www.google.com/recaptcha/ 		2 KB
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/www.google.com/recaptcha/api.html
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f63e150bd093a70a30be65d878d35283f8469a4a3bace4a996152e76cdbded70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:43:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
663
app.js
sdki.truepush.com/sdk/v2.0.3/ 		1 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.3/app.js
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215b:b600:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 05:12:23 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 12:54:29 GMT
server
AmazonS3
age
1340867
etag
"b861f6349fdb27190bd25dbfcd7674ff"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dd9044f778a0203632be1c1b84d73ba8.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
LHR62-C2
accept-ranges
bytes
content-length
581
x-amz-cf-id
VXONmaRHPfzuYhGagfAEhI-e1_Ydm6oDsK9QrpCoAXHi--9GuABY5A==
online_i.js
widget.supercounters.com/ssl/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.supercounters.com/ssl/online_i.js
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2017 06:49:04 GMT
server
cloudflare
age
2710
etag
W/"596474e0-109e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuplayEX3PU7T4ObIASVfAhIL2DoKNdbADH8aVrt3Obmtk2zZls%2BNX8R9ZmFAt%2BHwjiZqrF0WSMIFPQU7fV1OdLxsLOGEDO0R5fdo8cDAchyyAjieDbvxxffrCqOeAtBMtgsjAoCiaxb%2BtqUqVEPbOOuvoejKwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6de88f399e02906d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
images%20(9.html).jpg
becascanada2022.nextpelis.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://becascanada2022.nextpelis.com/images%20(9.html).jpg
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e3499374c6af630f0cfb152145cce8260b2dacfbabc1c175459e8317a10d9e4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:40:09 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
1238
content-type
text/html
/
becascanada2022.nextpelis.com/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://becascanada2022.nextpelis.com/
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
95.175.110.187 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
Software
LiteSpeed /
Resource Hash
deb7c8f886a3bc2c3e3969e741486e9040d0c74a119daeba1daaeae2d2e72ada

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:09 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:55:41 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
4909
fc.php
www.supercounters.com/ 		31 B
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.supercounters.com/fc.php?id=1630611&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&ref=&url=https%3A%2F%2Fbecascanada2022.nextpelis.com%2F&sw=1600&sh=1200&rand=0
Requested by
Host: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/online_i.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1848-90.members.linode.com
Software
nginx/1.20.1 / PHP/7.4.13
Resource Hash
a9d361ce264190e41b42b35dcb3e5498ea4b254212aa86b290755d5634369008

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:40:10 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Connection
keep-alive
X-Powered-By
PHP/7.4.13
Transfer-Encoding
chunked
Content-Type
application/x-javascript
version.json
sdki.truepush.com/sdk/ 		176 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/version.json
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.3/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215b:b600:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53b432abc7b7bca1b37ea5a8eff17f1cf42c6bfee994afdac382516816eba433

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 07:20:24 GMT
via
1.1 81a5a0f348d8c55baa9c088dd6b5ecbc.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 13:02:02 GMT
server
AmazonS3
age
2024386
etag
"1750846158a87898512de997f08483cc"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
x-cache
Hit from cloudfront
x-amz-cf-pop
LHR62-C2
accept-ranges
bytes
content-length
176
x-amz-cf-id
RrkFj9wjeKndUDou82a6XznSMkdWYn-3UtihVkJBzt46uTVKCOR9zQ==
main.js
sdki.truepush.com/sdk/v2.0.3/ 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.3/main.js
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.3/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215b:b600:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f3fb15f561ea7342c0ea5169ea76b2c4b438968daa6f63bddd17ce77540cdf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:45:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 10:44:09 GMT
server
AmazonS3
age
111285
etag
"5a2c3e761383ded1b599587640880805"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dd9044f778a0203632be1c1b84d73ba8.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
LHR62-C2
accept-ranges
bytes
content-length
18934
x-amz-cf-id
-nriCCXYP9lupkcLKfMnl0lcUh2nG3_mULU8QAsZelLfQGs51aH8Rw==
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ 		108 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
static-103-231-212-226.ctrls.in
Software
/
Resource Hash
bb26329f6dbe7669b732c5dad2c9234ad356c6143dea8817ec7cdc9920ca4727
Security Headers
Name Value
Content-Security-Policy img-src * data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://becascanada2022.nextpelis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
img-src * data:
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Vary
Origin, X-HTTP-Method-Override, Accept-Encoding
Content-Length
108
X-XSS-Protection
0
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN
Date
Wed, 16 Feb 2022 17:40:11 GMT
Expect-CT
max-age=0
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://becascanada2022.nextpelis.com
Access-Control-Allow-Credentials
true
ETag
W/"6c-IIZvakiHCc3ylX3KkbgS4vEi0GM"
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
static-103-231-212-226.ctrls.in
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://becascanada2022.nextpelis.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

X-Powered-By
Express
Access-Control-Allow-Origin
https://becascanada2022.nextpelis.com
Vary
Origin, Access-Control-Request-Headers
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers
content-type
Content-Length
0
Date
Wed, 16 Feb 2022 17:40:10 GMT
e61c1c.png
widget.supercounters.com/images/online/ 		568 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget.supercounters.com/images/online/e61c1c.png
Requested by
Host: becascanada2022.nextpelis.com
URL: https://becascanada2022.nextpelis.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://becascanada2022.nextpelis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:40:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2747
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
568
last-modified
Thu, 13 Jan 2022 06:43:21 GMT
server
cloudflare
etag
"61dfca09-238"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGdoqZUPTbhAVKeDzvJfJFxW9eCW7jtaY5cqzs%2FFDngU7LIzzFmTyB8sT7FBCkn9rz44tr7Pb5J0C%2B%2BqQZgw1hwgzAvZ6Qky1y2Q9RRUUKB1ahNcL7bsP%2FE%2F%2BJcXrq3l00UDtVzYKp4WKkgbfJoGY9grJAdFyks%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6de88f3bb8f29189-FRA

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| getCourse function| getId function| getIdResidence function| getInstitutionCategory function| getInstitutionZone undefined| select undefined| options undefined| d undefined| currentDate undefined| opt undefined| el function| handleChange object| truepush object| sc_olimg_var function| sc_online_i function| sc_onlineimage function| ct_insert function| drawText_online function| errorMsg object| truepushVersionInfo string| r object| HTTP undefined| key undefined| browserData undefined| subscription undefined| permissionAllowed undefined| iFrameReference undefined| skipSubscriberReport undefined| subscriberIdCallback boolean| isSubscribed string| optinStatus string| host string| cdnUrl string| imgUrl string| subDomainsHost boolean| fromSubDomain string| EnableHTTPLocalTest string| version string| defaultKey boolean| fromIframe boolean| fromWordpress boolean| fromshopifyDomain boolean| forShopifyCall object| xhttp object| desktopAllowedVersions object| mobileAllowedVersions function| isNotifAllowed function| CheckBrowserCampatability function| isPrivateMode function| truepushSDK function| loadAppJs

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://becascanada2022.nextpelis.com/images%20(9.html).jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

becascanada2022.nextpelis.com
sdk.truepush.com
sdki.truepush.com
tinyurl.com
trabajo.finanzasjuegos.com
widget.supercounters.com
www.supercounters.com
103.231.212.226
172.104.29.90
199.188.200.231
2600:9000:215b:b600:7:6b7b:1000:93a1
2606:4700:10::6814:8a41
2a06:98c1:3120::7
95.175.110.187
07cad801e8a68f2c1b10448c1b307e01c87f24ef2edae195dfab128d4544d851
2f33b25a9ec79e40d8945c607fc41bf9e63aa276bd2db1e3a21c562d38c5b6a9
53b432abc7b7bca1b37ea5a8eff17f1cf42c6bfee994afdac382516816eba433
599f52225f41ae7cdcac353a2095e778c48830c919ce1fa77f81c5007babe5e8
5f3fb15f561ea7342c0ea5169ea76b2c4b438968daa6f63bddd17ce77540cdf3
6c1cba3bb693f563188553b275690da5cce145ef216141f1173bd531c4b2ee98
6e24065caf9dd2e1e66c3efeee04d60c12223bcb6c18f685c7f0ab830480d334
76b1e4d0faa4ccd50fa37e38db963512a261d72c3c36d342f977942b9ca4d957
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294
94e3982333f20455c1becad84610733c4fc7c737ec17e4571a4975b2cd2303b6
a9d361ce264190e41b42b35dcb3e5498ea4b254212aa86b290755d5634369008
af75bb7f36510ca91f06e43e208e2bea23fb01a077d5c99aaeed5145f49e526e
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
bb26329f6dbe7669b732c5dad2c9234ad356c6143dea8817ec7cdc9920ca4727
bcb25ed1065a531a8aa4694e804b08bc9e8c280e02e5bbc0a34eab545bb74660
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461
d068eaa53f890e5a0541d5a8e0688f88bdafec68a8f7123e46e2ade85c5404ee
d8b4415af6e7b284073207453ee3f0c9c028bd96ee03de3d4a47f5209aba1667
deb7c8f886a3bc2c3e3969e741486e9040d0c74a119daeba1daaeae2d2e72ada
e3499374c6af630f0cfb152145cce8260b2dacfbabc1c175459e8317a10d9e4f
f63e150bd093a70a30be65d878d35283f8469a4a3bace4a996152e76cdbded70
f741ccf4b7d1a28d2b3167aa59f48c5d530cf635642cb5ff178d0c539e57948e
f83cbefa5d9683e72aeca86c635aea081f5acc015394ae53cca0afff36af9c3b
fc52359a3dbd53724de20d3755e5456019c593bf6d529e005e5b6b86b4910179
fdb5aeffb0c9577c3f79975368b7a3c5ce62b4fa6280bd32b3f68a6de2383ab8