secure.dominionlending.ca Open in urlscan Pro
64.34.50.34  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response secure.dominionlending.ca/	133 KB 23 KB	1425ms 1065ms	Document text/html	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://secure.dominionlending.ca/?app=12678&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / PHP/5.2.17 Resource Hash 5ea8ecd04ff0a2b5e8b9cec3821544565a4d42088f702ac872fc6566c8443ae1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host secure.dominionlending.ca Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx/1.14.0 (Ubuntu) Date Sun, 17 Jan 2021 18:23:34 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.2.17 Set-Cookie PHPSESSID=uha4dt2rlt6fn14elk59ck2ot4; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Content-Security-Policy upgrade-insecure-requests Content-Encoding gzip
GET H/1.1	200 OK	form.css secure.dominionlending.ca/src/css/	9 KB 10 KB	204ms 202ms	Stylesheet text/css	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://secure.dominionlending.ca/src/css/form.css Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 269c140191f539f45cabdfeea609ed5d58afbe757885099447187f45e60ca668 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:34 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 12 Jul 2018 21:36:43 GMT Server nginx/1.14.0 (Ubuntu) ETag "1263b60-2542-570d428c610c0" X-Frame-Options SAMEORIGIN Content-Type text/css X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 9538 X-Content-Type-Options nosniff
GET H2	200	css fonts.googleapis.com/	4 KB 754 B	18ms 16ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400 Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7e24c7ee6a3bc9d509b1df2473a8159607df169b7c18d0dd5ed154ff084e6ba5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 17 Jan 2021 18:15:45 GMT server ESF date Sun, 17 Jan 2021 18:23:34 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 17 Jan 2021 18:23:34 GMT
GET H/1.1	200 OK	jquery-ui.css secure.dominionlending.ca/src/js/jquery-ui/	35 KB 36 KB	410ms 205ms	Stylesheet text/css	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://secure.dominionlending.ca/src/js/jquery-ui/jquery-ui.css Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash ef8cb93468e0ee9f6c680603a7103fcc5c442d8ea3376932201f16172080fe6b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:34 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Fri, 03 Mar 2017 02:58:02 GMT Server nginx/1.14.0 (Ubuntu) ETag "e43d57-8c9d-549cab6c2e280" X-Frame-Options SAMEORIGIN Content-Type text/css X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 35997 X-Content-Type-Options nosniff
GET H/1.1	200 OK	jquery-3.1.1.min.js Show response secure.dominionlending.ca/src/js/	85 KB 85 KB	728ms 336ms	Script application/javascript	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://secure.dominionlending.ca/src/js/jquery-3.1.1.min.js Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 02 Mar 2017 19:06:23 GMT Server nginx/1.14.0 (Ubuntu) ETag "e43d61-152b5-549c4200269c0" X-Frame-Options SAMEORIGIN Content-Type application/javascript X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 86709 X-Content-Type-Options nosniff
GET H/1.1	200 OK	jquery-ui.js Show response secure.dominionlending.ca/src/js/jquery-ui/	509 KB 509 KB	728ms 337ms	Script application/javascript	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://secure.dominionlending.ca/src/js/jquery-ui/jquery-ui.js Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 4aad121187afb628717ea0391a1ab8cecc85f5e1fe5fd45fb808a524d4beb915 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Fri, 03 Mar 2017 21:57:08 GMT Server nginx/1.14.0 (Ubuntu) ETag "e43d58-7f215-549daa0801500" X-Frame-Options SAMEORIGIN Content-Type application/javascript X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 520725 X-Content-Type-Options nosniff
GET H/1.1	200 OK	form.js Show response secure.dominionlending.ca/src/js/	4 KB 5 KB	577ms 185ms	Script application/javascript	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://secure.dominionlending.ca/src/js/form.js Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 48a64599faed6e42661401e31276782ec4a6bef5eeac05ce0c7c65a20f640962 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Fri, 10 Mar 2017 20:25:23 GMT Server nginx/1.14.0 (Ubuntu) ETag "e41ac1-1145-54a66294412c0" X-Frame-Options SAMEORIGIN Content-Type application/javascript X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 4421 X-Content-Type-Options nosniff
GET H2	200	api.js Show response www.google.com/recaptcha/	909 B 669 B	15ms 15ms	Script text/javascript	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=recaptchaSetup&render=explicit Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9b5bd0d358430ea45a09395cb10962258d3762ccc9ed0fb3cc66337c0cbcb5da Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 17 Jan 2021 18:23:35 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 577 x-xss-protection 1; mode=block expires Sun, 17 Jan 2021 18:23:35 GMT
GET H/1.1	200 OK	s12678_1350394506.jpg media.dominionintranet.ca/emp/images/	5 KB 5 KB	549ms 176ms	Image image/jpeg	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://media.dominionintranet.ca/emp/images/s12678_1350394506.jpg Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 10f287d03652882721974728b8fb0edbc2629f83b37f1f87663102c7f24c70df Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:36 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 16 Oct 2012 13:35:33 GMT Server nginx/1.14.0 (Ubuntu) ETag "9a8a20-124c-4cc2d3a723340" X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 4684 X-Content-Type-Options nosniff
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 32 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 17 Jan 2021 15:17:24 GMT content-encoding gzip x-content-type-options nosniff age 11171 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32954 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 17 Jan 2022 15:17:24 GMT
GET H/1.1	200 OK	jquery.cookie.js Show response secure.dominionlending.ca/common/js/jquery/libs/	3 KB 4 KB	172ms 171ms	Script application/javascript	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://secure.dominionlending.ca/common/js/jquery/libs/jquery.cookie.js Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash cd69c20a29cadb75eb72fc1cf9dd26a79e12ba2b549f7ec2e83c8e96db22b8ec Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Mon, 03 Feb 2014 20:55:02 GMT Server nginx/1.14.0 (Ubuntu) ETag "ec4d6f-bfa-4f186bcc85580" X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin * X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 3066 X-Content-Type-Options nosniff
GET H/1.1	200 OK	dlc-logo.png secure.dominionlending.ca/src/images/	6 KB 6 KB	175ms 175ms	Image image/png	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.dominionlending.ca/src/images/dlc-logo.png Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/src/css/form.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 1e25325871e6c01d049c33beae6a5f9a7ca9fe8d52e3f913ff1bd5dc9790c484 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/src/css/form.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Mon, 17 Mar 2014 23:27:15 GMT Server nginx/1.14.0 (Ubuntu) ETag "12a471b-16a9-4f4d5c27c9ac0" X-Frame-Options SAMEORIGIN Content-Type image/png X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 5801 X-Content-Type-Options nosniff
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2 fonts.gstatic.com/s/sourcesanspro/v14/	13 KB 13 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://secure.dominionlending.ca Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 14 Jan 2021 16:43:21 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:08 GMT server sffe age 265214 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13224 x-xss-protection 0 expires Fri, 14 Jan 2022 16:43:21 GMT
GET H/1.1	200 OK	swirl.png secure.dominionlending.ca/src/images/	123 KB 124 KB	326ms 325ms	Image image/png	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.dominionlending.ca/src/images/swirl.png Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/src/css/form.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54ca3863d9981915c5ced091da75be2b6ddeee696d11021e3ce63b505123019b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/src/css/form.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Mon, 05 Mar 2018 19:57:42 GMT Server nginx/1.14.0 (Ubuntu) ETag "12a46b0-1edcf-566afbd24b17e" X-Frame-Options SAMEORIGIN Content-Type image/png X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 126415 X-Content-Type-Options nosniff
GET H3-Q050	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 fonts.gstatic.com/s/sourcesanspro/v14/	13 KB 13 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://secure.dominionlending.ca Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 14 Jan 2021 21:51:51 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:14 GMT server sffe age 246704 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13324 x-xss-protection 0 expires Fri, 14 Jan 2022 21:51:51 GMT
GET H/1.1	200 OK	vibemedium-webfont.woff secure.dominionlending.ca/src/fonts/	26 KB 27 KB	178ms 177ms	Font application/x-font-woff	64.34.50.34 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://secure.dominionlending.ca/src/fonts/vibemedium-webfont.woff Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/src/css/form.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.34.50.34 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash d2c971064ced34db7b2d4f9801e757da387b7f8c23f55f23e41c037f2dfa7b23 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Origin https://secure.dominionlending.ca Referer https://secure.dominionlending.ca/src/css/form.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Mon, 17 Mar 2014 23:27:08 GMT Server nginx/1.14.0 (Ubuntu) ETag "1283ff9-69a4-4f4d5c211cb00" X-Frame-Options SAMEORIGIN Content-Type application/x-font-woff X-XSS-Protection 1; mode=block Connection keep-alive Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 27044 X-Content-Type-Options nosniff
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/	334 KB 131 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=recaptchaSetup&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://secure.dominionlending.ca Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 17 Jan 2021 17:40:05 GMT content-encoding gzip x-content-type-options nosniff age 2610 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133916 x-xss-protection 0 last-modified Sun, 06 Dec 2020 23:05:51 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 17 Jan 2022 17:40:05 GMT
GET H/1.1	200 OK	seal.min.js Show response seal.digicert.com/seals/cascade/	4 KB 2 KB	558ms 469ms	Script application/javascript	63.33.186.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://seal.digicert.com/seals/cascade/seal.min.js Requested by Host: secure.dominionlending.ca URL: https://secure.dominionlending.ca/?app=12678&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-186-64.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 57297a12d8d5134042c8ea96ddb37c3fc3c9b84d9df93864be59a786b3e378e6 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:36 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 15 Jan 2021 16:23:07 GMT Server nginx ETag "fa3-5b8f2c992f0c0-gzip" X-Frame-Options SAMEORIGIN Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Vary Accept-Encoding Content-Length 1951 X-XSS-Protection 1; mode=block
GET H3-Q050	200	anchor www.google.com/recaptcha/api2/ Frame 391F	0 0	28ms 28ms	Document text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqniYTAAAAAKJ5aq1E3z5lKnRGZnuaUmmrYcx0&co=aHR0cHM6Ly9zZWN1cmUuZG9taW5pb25sZW5kaW5nLmNhOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=3z3ulgshh5ex Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-P68opHrS2xXldClK+Vj8PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LdqniYTAAAAAKJ5aq1E3z5lKnRGZnuaUmmrYcx0&co=aHR0cHM6Ly9zZWN1cmUuZG9taW5pb25sZW5kaW5nLmNhOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=3z3ulgshh5ex pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://secure.dominionlending.ca/?app=12678&lang=en accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://secure.dominionlending.ca/?app=12678&lang=en Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sun, 17 Jan 2021 18:23:36 GMT content-security-policy script-src 'report-sample' 'nonce-P68opHrS2xXldClK+Vj8PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 11299 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	bframe www.google.com/recaptcha/api2/ Frame BBC2	0 0	18ms 18ms	Document text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LdqniYTAAAAAKJ5aq1E3z5lKnRGZnuaUmmrYcx0&cb=cwk7zm3gb2lv Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-tI9AQuMypKmKpivsJ6lU3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LdqniYTAAAAAKJ5aq1E3z5lKnRGZnuaUmmrYcx0&cb=cwk7zm3gb2lv pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://secure.dominionlending.ca/?app=12678&lang=en accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://secure.dominionlending.ca/?app=12678&lang=en Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sun, 17 Jan 2021 18:23:36 GMT content-security-policy script-src 'report-sample' 'nonce-tI9AQuMypKmKpivsJ6lU3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1121 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	/ seal.digicert.com/seals/cascade/	159 B 513 B	556ms 556ms	Image image/png	63.33.186.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://seal.digicert.com/seals/cascade/?s=3W7ZR-0y,7,m,secure.dominionlending.ca&type=static Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-186-64.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 2707ebaa45efd183f1346054b3c821135ec6383fe937dc21b94614c22ca0d738 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.dominionlending.ca/?app=12678&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 17 Jan 2021 18:23:37 GMT X-Content-Type-Options nosniff Last-Modified Sun, 17 Jan 2021 18:23:36 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control max-age=7776000 Connection keep-alive Content-Length 159 X-XSS-Protection 1; mode=block Expires Sat, 17 Apr 2021 18:23:37 GMT

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| addYearPicker function| phoneFilter function| toggleProvinceStateAfterReload function| addMonthsDialogs function| toggleProvinceState function| showSaveDataSuccessMsg function| showReloadSuccessMsg number| recaptcha function| recaptchaSetup object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __dcid function| $j number| assetTotal number| liabilityTotal number| netWorth object| formCounts boolean| isSecondEnabled function| setNetWorth function| calcAssets function| calcLiabilities function| addPreviousAddress function| addPreviousEmployer function| addOtherProperties function| removeFields object| closure_lm_371726 object| __Cascade string| prop

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secure.dominionlending.ca/	1969-12-31 23:59:59	Name: PHPSESSID Value: uha4dt2rlt6fn14elk59ck2ot4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
media.dominionintranet.ca
seal.digicert.com
secure.dominionlending.ca
www.google.com
www.gstatic.com
2a00:1450:4001:802::200a
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:81d::2003
63.33.186.64
64.34.50.34
10f287d03652882721974728b8fb0edbc2629f83b37f1f87663102c7f24c70df
1e25325871e6c01d049c33beae6a5f9a7ca9fe8d52e3f913ff1bd5dc9790c484
269c140191f539f45cabdfeea609ed5d58afbe757885099447187f45e60ca668
2707ebaa45efd183f1346054b3c821135ec6383fe937dc21b94614c22ca0d738
48a64599faed6e42661401e31276782ec4a6bef5eeac05ce0c7c65a20f640962
4aad121187afb628717ea0391a1ab8cecc85f5e1fe5fd45fb808a524d4beb915
54ca3863d9981915c5ced091da75be2b6ddeee696d11021e3ce63b505123019b
57297a12d8d5134042c8ea96ddb37c3fc3c9b84d9df93864be59a786b3e378e6
5ea8ecd04ff0a2b5e8b9cec3821544565a4d42088f702ac872fc6566c8443ae1
7e24c7ee6a3bc9d509b1df2473a8159607df169b7c18d0dd5ed154ff084e6ba5
7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
9b5bd0d358430ea45a09395cb10962258d3762ccc9ed0fb3cc66337c0cbcb5da
cd69c20a29cadb75eb72fc1cf9dd26a79e12ba2b549f7ec2e83c8e96db22b8ec
d2c971064ced34db7b2d4f9801e757da387b7f8c23f55f23e41c037f2dfa7b23
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef8cb93468e0ee9f6c680603a7103fcc5c442d8ea3376932201f16172080fe6b
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb