urlscan.io logo urlscan.io
SecurityTrails logo

a11yrmt.ca Open in urlscan Pro
35.209.222.44  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://a11yrmt.ca/
Effective URL: https://a11yrmt.ca/index-en.php
Submission: On July 13 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 35.209.222.44, located in Council Bluffs, United States and belongs to GOOGLE-2, US. The main domain is a11yrmt.ca.
TLS certificate: Issued by R3 on June 20th 2023. Valid for: 3 months.
This is the only time a11yrmt.ca was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canadian Government (Government)

Domain & IP information

IP Address AS Autonomous System
1 3 35.209.222.44 19527 (GOOGLE-2)
16 2600:1400:d:4... 20940 (AKAMAI-ASN1)
4 2607:f8b0:402... 15169 (GOOGLE)
22 3
Apex Domain
Subdomains		 Transfer
16 canada.ca
www.canada.ca — Cisco Umbrella Rank: 36603
349 KB
4 gstatic.com
fonts.gstatic.com
78 KB
3 a11yrmt.ca
a11yrmt.ca
7 KB
22 3
Domain Requested by
16 www.canada.ca a11yrmt.ca
www.canada.ca
4 fonts.gstatic.com www.canada.ca
3 a11yrmt.ca 1 redirects www.canada.ca
22 3

This site contains links to these domains. Also see Links.

Domain
www.canada.ca
iservice.prv
arweb.prv
Subject Issuer Validity Valid
*.a11yrmt.ca
R3		 2023-06-20 -
2023-09-18		 3 months crt.sh
*.canada.ca
GeoTrust RSA CA 2018		 2023-01-27 -
2024-01-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://a11yrmt.ca/index-en.php
Frame ID: E8346931A96CE0FDB779B9FAC48F55CC
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Request Management Tool - IT Accessibility Office

Page URL History Show full URLs

  1. http://a11yrmt.ca/ HTTP 302
    https://a11yrmt.ca/index-en.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

434 kB
Transfer

1112 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://a11yrmt.ca/ HTTP 302
    https://a11yrmt.ca/index-en.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index-en.php
a11yrmt.ca/
Redirect Chain
  • http://a11yrmt.ca/
  • https://a11yrmt.ca/index-en.php
67 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.222.44 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.222.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3f7c7585d85eb9f8aaab4395f687904fcc3349841b372a68b558dd8cd6fa7b6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 06:34:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-httpd-modphp
1
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_PRIVATE

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Jul 2023 06:34:21 GMT
Host-Header
6b7412fb82ca5edfd0917e3957f05d89
Server
nginx
X-Httpd-Modphp
1
X-Proxy-Cache
MISS
X-Proxy-Cache-Info
0302 NC:000000 UP:SKIP_CACHE_PRIVATE
location
https://a11yrmt.ca/index-en.php
soyutils.js
www.canada.ca/etc/designs/canada/cdts/gcweb/rn/cdts/compiled/ 		47 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/rn/cdts/compiled/soyutils.js
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
3fa63567b9e453d8748e6a522943c86f54fd9f23204a8b1b02ad59f8e37066ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 16 Aug 2022 17:35:13 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692575_65_9649_20_0_-";dur=1
accept-ranges
bytes
content-length
67
wet-en.js
www.canada.ca/etc/designs/canada/cdts/gcweb/rn/cdts/compiled/ 		53 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/rn/cdts/compiled/wet-en.js
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
658815ad63732afaefaad6eac3b4744cb3d85a34a1b8b442e0b35f1978a429f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Mar 2023 18:11:22 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692576_65_9681_20_0_-";dur=1
accept-ranges
bytes
content-length
10102
theme.min.css
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/css/ 		368 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/css/theme.min.css
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
98b6d5a0740a879b24636edc12d1209757b93ea5272b1b555a7c6e593aed3e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=12, ak_p; desc="469230_388099716_755692590_1143_12316_20_0_-";dur=1
accept-ranges
bytes
content-length
77986
cdtsfixes.css
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/cdts/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/cdts/cdtsfixes.css
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c2e69f173780e06e56bb7116a54d69a753cf3e72fe9782590cb582ab3ee422ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Feb 2023 19:35:16 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692594_85_9154_20_0_-";dur=1
accept-ranges
bytes
content-length
1484
cdtsapps.css
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/cdts/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/cdts/cdtsapps.css
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
9aeed4161f8e2da2e3757499f273157ef012398a5068b2fe3ce2037bd8d4579c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="469230_388099716_755692595_241_9148_20_0_-";dur=1
accept-ranges
bytes
content-length
2376
sig-blk-en.svg
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/assets/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/assets/sig-blk-en.svg
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
b2e36d892559ddef5691afa5bfba0996945fade837eb649bf6761f583ed95007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692625_57_9816_20_0_-";dur=1
accept-ranges
bytes
content-length
2847
wmms-blk.svg
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/assets/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/assets/wmms-blk.svg
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=24, ak_p; desc="469230_388099716_755692631_2448_10261_20_0_-";dur=1
accept-ranges
bytes
content-length
1765
jquery.min.js
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/jquery/2.2.4/jquery.min.js
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://a11yrmt.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:40 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692633_138_10952_20_0_-";dur=1
accept-ranges
bytes
content-length
29822
wet-boew.min.js
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/ 		191 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/wet-boew.min.js
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
54644a7a977223d948e2fdd47d3cb9836549a582bbc936c37d15322d804bf006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://a11yrmt.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:40 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692634_125_10811_20_0_-";dur=1
accept-ranges
bytes
content-length
68318
theme.min.js
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/theme.min.js
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
bc7356b8925a7d7aa9d4b1d9bc7e58f40eacfcc23a880d858b9700c0cc857c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://a11yrmt.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:40 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="469230_388099716_755692635_1369_10610_20_0_-";dur=1
accept-ranges
bytes
content-length
15871
cdtscustom.js
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/cdts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/cdts/cdtscustom.js
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
ac5e0f053827c464799b89d832b51a7ef993c9d8fd6d1077361fd32ee6bb7826
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://a11yrmt.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=14, ak_p; desc="469230_388099716_755692636_1406_10799_20_0_-";dur=1
accept-ranges
bytes
content-length
1483
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: www.canada.ca
URL: https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.canada.ca/
Origin
https://a11yrmt.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 09:18:50 GMT
x-content-type-options
nosniff
age
508531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jul 2024 09:18:50 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v25/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: www.canada.ca
URL: https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.canada.ca/
Origin
https://a11yrmt.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 17:17:16 GMT
x-content-type-options
nosniff
age
393425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16088
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 17:17:16 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v25/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: www.canada.ca
URL: https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.canada.ca/
Origin
https://a11yrmt.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 10:41:34 GMT
x-content-type-options
nosniff
age
503567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16168
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:41:34 GMT
glyphicons-halflings-regular.woff2
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.canada.ca
URL: https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/css/theme.min.css
Origin
https://a11yrmt.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692650_72_10086_17_0_-";dur=1
accept-ranges
bytes
content-length
18030
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: www.canada.ca
URL: https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.canada.ca/
Origin
https://a11yrmt.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 09:23:36 GMT
x-content-type-options
nosniff
age
508245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jul 2024 09:23:36 GMT
en.min.js
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/i18n/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/i18n/en.min.js
Requested by
Host: a11yrmt.ca
URL: https://a11yrmt.ca/index-en.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692693_58_10000_20_0_-";dur=1
accept-ranges
bytes
content-length
2960
en.min.js
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/i18n/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/i18n/en.min.js
Requested by
Host: www.canada.ca
URL: https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/wet-boew.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
2af62f503e86b656aafceeb0a6e6d55483d0c1395482f4e2ac3c4355c7773be7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692704_38_12337_20_0_-";dur=1
accept-ranges
bytes
content-length
2960
appmenu-en.php
a11yrmt.ca/includes/ 		609 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a11yrmt.ca/includes/appmenu-en.php
Requested by
Host: www.canada.ca
URL: https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.222.44 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.222.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7901fbc41d295c10bd5fe95c654ab2af5d2b105e649a40966b7ab76b2cade6b0

Request headers

Accept
*/*
Referer
https://a11yrmt.ca/index-en.php
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
date
Thu, 13 Jul 2023 06:34:22 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_PRIVATE
content-type
text/html; charset=UTF-8
cache-control
private
x-httpd-modphp
1
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
jquery.dataTables.min.js
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/deps/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/deps/jquery.dataTables.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692752_72_9826_20_0_-";dur=1
accept-ranges
bytes
content-length
28653
jquery.dataTables.min.js
www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/deps/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/deps/jquery.dataTables.min.js
Requested by
Host: www.canada.ca
URL: https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/wet-boew.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
adcc89cfa708c7364674f94c1e93540de624fa6e3772b54ac4f2b199b7c42768
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a11yrmt.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-dispatcher
dispatcher2cacentral1
date
Thu, 13 Jul 2023 06:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 17:23:38 GMT
server
Apache
x-vhost
publish
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469230_388099716_755692766_24_9527_20_0_-";dur=1
accept-ranges
bytes
content-length
28653

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canadian Government (Government)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| wet object| defTop object| defPreFooter object| defFooter function| $ function| jQuery function| DOMPurify object| Modernizr function| yepnope object| wb function| onYouTubeIframeAPIReady object| youTube function| DataTable

1 Cookies

Domain/Path Name / Value
a11yrmt.ca/ Name: PHPSESSID
Value: 1ba1bf101877d14d9052d88d10e8e242

5 Console Messages

Source Level URL
Text
javascript warning URL: https://a11yrmt.ca/index-en.php(Line 948)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://a11yrmt.ca/index-en.php(Line 948)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://a11yrmt.ca/index-en.php(Line 948)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/wet-boew.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://a11yrmt.ca/index-en.php(Line 948)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/wet-boew/js/theme.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://a11yrmt.ca/index-en.php(Line 948)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.canada.ca/etc/designs/canada/cdts/gcweb/v4_0_47/cdts/cdtscustom.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a11yrmt.ca
fonts.gstatic.com
www.canada.ca
2600:1400:d:496::fe9
2607:f8b0:4020:806::2003
35.209.222.44
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
2af62f503e86b656aafceeb0a6e6d55483d0c1395482f4e2ac3c4355c7773be7
3f7c7585d85eb9f8aaab4395f687904fcc3349841b372a68b558dd8cd6fa7b6a
3fa63567b9e453d8748e6a522943c86f54fd9f23204a8b1b02ad59f8e37066ce
54644a7a977223d948e2fdd47d3cb9836549a582bbc936c37d15322d804bf006
658815ad63732afaefaad6eac3b4744cb3d85a34a1b8b442e0b35f1978a429f5
7901fbc41d295c10bd5fe95c654ab2af5d2b105e649a40966b7ab76b2cade6b0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98b6d5a0740a879b24636edc12d1209757b93ea5272b1b555a7c6e593aed3e08
9aeed4161f8e2da2e3757499f273157ef012398a5068b2fe3ce2037bd8d4579c
ac5e0f053827c464799b89d832b51a7ef993c9d8fd6d1077361fd32ee6bb7826
adcc89cfa708c7364674f94c1e93540de624fa6e3772b54ac4f2b199b7c42768
b2e36d892559ddef5691afa5bfba0996945fade837eb649bf6761f583ed95007
bc7356b8925a7d7aa9d4b1d9bc7e58f40eacfcc23a880d858b9700c0cc857c58
c2e69f173780e06e56bb7116a54d69a753cf3e72fe9782590cb582ab3ee422ab
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c