urlscan.io logo urlscan.io
SecurityTrails logo

harmeet-sandhu.c21.ca Open in urlscan Pro
151.139.236.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.billsandhu.com/
Effective URL: https://harmeet-sandhu.c21.ca/
Submission: On September 17 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 21 HTTP transactions. The main IP is 151.139.236.192, located in Dallas, United States and belongs to HIGHWINDS2, US. The main domain is harmeet-sandhu.c21.ca.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 29th 2019. Valid for: a year.
This is the only time harmeet-sandhu.c21.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 69.89.20.47 46606 (UNIFIEDLA...)
1 1 104.197.27.90 15169 (GOOGLE)
1 13 151.139.236.192 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.175.20.97 14618 (AMAZON-AES)
1 151.101.113.194 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.60.34.229 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
21 9
1    69.89.20.47 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box47.bluehost.com
www.billsandhu.com
1    104.197.27.90 (United States)

ASN15169 (GOOGLE, US)
PTR: 90.27.197.104.bc.googleusercontent.com
www.century21.ca
13    151.139.236.192 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
www.c21.ca
harmeet-sandhu.c21.ca
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.175.20.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-20-97.compute-1.amazonaws.com
www.bugherd.com
1    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
c21-listing-images.global.ssl.fastly.net
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    52.60.34.229 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-34-229.ca-central-1.compute.amazonaws.com
centumsites.scarlettnetwork.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
12 harmeet-sandhu.c21.ca harmeet-sandhu.c21.ca
ajax.googleapis.com
2 centumsites.scarlettnetwork.com harmeet-sandhu.c21.ca
centumsites.scarlettnetwork.com
2 www.google-analytics.com harmeet-sandhu.c21.ca
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ajax.googleapis.com harmeet-sandhu.c21.ca
1 c21-listing-images.global.ssl.fastly.net harmeet-sandhu.c21.ca
1 www.bugherd.com harmeet-sandhu.c21.ca
1 www.c21.ca 1 redirects
1 www.century21.ca 1 redirects
1 www.billsandhu.com
21 10

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.realestatewebmasters.com
Subject Issuer Validity Valid
www.billsandhu.com
Let's Encrypt Authority X3		 2020-09-17 -
2020-12-16		 3 months crt.sh
*.c21.ca
Sectigo RSA Domain Validation Secure Server CA		 2019-10-29 -
2020-10-28		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
www.bugherd.com
Let's Encrypt Authority X3		 2020-09-16 -
2020-12-15		 3 months crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-21 -
2021-04-22		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.scarlettnetwork.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-09-08 -
2021-09-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://harmeet-sandhu.c21.ca/
Frame ID: DAFE49D7352FE1AD99F437AC2F62E045
Requests: 21 HTTP requests in this frame

Frame: https://centumsites.scarlettnetwork.com/express-mortgage?src=https%3A%2F%2Fharmeet-sandhu.c21.ca%2F&lang=en-CA&mortgagelead=realtysandhu%40gmail.com&realtorlead=realtysandhu%40gmail.com
Frame ID: 834129A6D0216DBE1022D4D46F8D0AC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.billsandhu.com/ Page URL
  2. http://www.century21.ca/harmeet.sandhu HTTP 301
    https://www.c21.ca/harmeet.sandhu HTTP 301
    https://harmeet-sandhu.c21.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

1359 kB
Transfer

1941 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.billsandhu.com/ Page URL
  2. http://www.century21.ca/harmeet.sandhu HTTP 301
    https://www.c21.ca/harmeet.sandhu HTTP 301
    https://harmeet-sandhu.c21.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.billsandhu.com/ 		496 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.billsandhu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.20.47 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box47.bluehost.com
Software
nginx/1.14.1 /
Resource Hash
fd2c950bb2127e9175c22107ed0890d737009fbc455896d4d5aff230938f4ca6

Request headers

:method
GET
:authority
www.billsandhu.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx/1.14.1
date
Thu, 17 Sep 2020 10:08:23 GMT
content-type
text/html
last-modified
Sat, 07 Jul 2018 22:00:58 GMT
content-encoding
gzip
Primary Request /
harmeet-sandhu.c21.ca/
Redirect Chain
  • http://www.century21.ca/harmeet.sandhu
  • https://www.c21.ca/harmeet.sandhu
  • https://harmeet-sandhu.c21.ca/
322 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c63603e6d2fdf0ce3bb5536a087495d98d17c9c9dbb397ab6964b3467af51814
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
harmeet-sandhu.c21.ca
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.billsandhu.com/

Response headers

status
200
date
Thu, 17 Sep 2020 10:08:27 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
content-language
en,en-ca
set-cookie
PHPSESSID=b73809e76f186675a85c0c516af2962b; path=/ GCLB=COvk06aHm-fWigE; path=/; HttpOnly; expires=Thu, 17-Sep-2020 10:18:25 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
via
1.1 google
alt-svc
clear
server
NetDNA-cache/2.2
x-cache
EXPIRED
content-encoding
gzip

Redirect headers

status
301
date
Thu, 17 Sep 2020 10:08:25 GMT
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=32c1ba39226b4e497d6750ebb2e818a4; path=/ GCLB=COzKpqyQudLvUA; path=/; HttpOnly; expires=Thu, 17-Sep-2020 10:18:25 GMT
location
https://harmeet-sandhu.c21.ca/
x-content-type-options
nosniff
content-language
en
via
1.1 google
alt-svc
clear
server
NetDNA-cache/2.2
x-cache
MISS
svgxuse.js
harmeet-sandhu.c21.ca/inc/skins/c21/node_modules/svgxuse/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmeet-sandhu.c21.ca/inc/skins/c21/node_modules/svgxuse/svgxuse.js
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
460959ddeb9298295f19b5abc77f7afb84903f13761df1614ba2e7f8261e0836
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 30 Oct 2019 00:36:43 GMT
server
NetDNA-cache/2.2
x-robots-tag
noindex
vary
Accept-Encoding
x-cache
HIT
content-language
en
status
200
content-encoding
gzip
cache-control
max-age=31536000
content-type
application/javascript; charset=utf-8
alt-svc
clear
expires
Thu, 28 Jan 2021 09:40:28 GMT
Pri_Red_Star_Realty_Inc._Gold.png
harmeet-sandhu.c21.ca/uploads/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harmeet-sandhu.c21.ca/uploads/Pri_Red_Star_Realty_Inc._Gold.png
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
641eca04013e12474258afc341226bdf9400d0093d0e8470da7bef977f3d08e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 25 Sep 2019 21:55:36 GMT
server
NetDNA-cache/2.2
x-cache
MISS
content-language
en
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
alt-svc
clear
content-length
31103
expires
Fri, 17 Sep 2021 10:08:28 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
5687
date
Thu, 17 Sep 2020 08:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Thu, 17 Sep 2020 10:33:41 GMT
sidebarv2.js
www.bugherd.com/ 		43 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bugherd.com/sidebarv2.js?apikey=ro9ywxjx6dfwixvfngaaaa
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.20.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-20-97.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Sep 2020 10:08:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
P3p
CP="NOI ADM DEV COM NAV OUR STP"
Connection
close
X-Xss-Protection
1; mode=block
X-Request-Id
b42628c1-0d4e-41f3-870c-e9b8a5c89848
X-Runtime
0.012661
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"fff7f391c1b488daa494bf9e65d95be2"
X-Download-Options
noopen
Vary
Accept-Encoding
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Via
1.1 vegur
Cache-Control
max-age=0, private, must-revalidate
assets.svg
harmeet-sandhu.c21.ca/inc/skins/ce/img/ 		27 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://harmeet-sandhu.c21.ca/inc/skins/ce/img/assets.svg
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c69f420f4351bd318158dc6383195d14fbee6d04dd37adb4fb7e46d1950d099b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 30 Oct 2019 00:36:43 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding
x-cache
HIT
content-language
en
status
200
content-encoding
gzip
cache-control
max-age=31536000
content-type
image/svg+xml
alt-svc
clear
expires
Thu, 28 Jan 2021 16:01:19 GMT
pic85391.jpg
c21-listing-images.global.ssl.fastly.net/organization/agents/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21-listing-images.global.ssl.fastly.net/organization/agents/pic85391.jpg
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f1b8b5248dd8c6e9309ba969b3c0ca62cd3f8035b58af9b8866d1fab460ecd98

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Sep 2020 10:08:28 GMT
Via
1.1 varnish
Age
12
X-GUploader-UploadID
ABg5-UyeX1o9h5sK9LpouEcAVdt4oROcZzRf0XYQXpEpC5h8MtGPY4c7ILDeujcKtNMtd1-z_IVCA-qyBv7bURr6HZg
X-Cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
180152
X-Served-By
cache-hhn4057-HHN
Last-Modified
Tue, 08 Oct 2019 23:32:12 GMT
Server
UploadServer
X-Timer
S1600337308.116155,VS0,VE70
ETag
"4218fe49be69ee8a066ca831c77a51e6"
x-goog-hash
crc32c=b8St9A==, md5=Qhj+Sb5p7ooGbKgxx3pR5g==
x-goog-generation
1570577532145390
Expires
Thu, 17 Sep 2020 11:08:15 GMT
Cache-Control
public, max-age=3600
x-goog-stored-content-length
180152
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Cache-Hits
1
message.svg
harmeet-sandhu.c21.ca/inc/skins/ce/img/ 		743 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harmeet-sandhu.c21.ca/inc/skins/ce/img/message.svg
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fec1601adb724ea7d540126a09c0dc8090fd3a93ed9aaa9bc0daae970c99b0dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 30 Oct 2019 00:36:43 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding
x-cache
HIT
content-language
en
status
200
content-encoding
gzip
cache-control
max-age=31536000
content-type
image/svg+xml
alt-svc
clear
expires
Thu, 28 Jan 2021 16:01:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 11:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255866
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Sep 2021 11:04:02 GMT
static.f3768cfbb437ac06391d2edf815d579f.1.dev.js
harmeet-sandhu.c21.ca/inc/cache/js/ 		237 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmeet-sandhu.c21.ca/inc/cache/js/static.f3768cfbb437ac06391d2edf815d579f.1.dev.js
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
55974c04ed060d894ae64d2d8a1670dd287492577f907c039d8302c79b0858d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Mon, 14 Sep 2020 21:41:55 GMT
server
NetDNA-cache/2.2
x-robots-tag
noindex
vary
Accept-Encoding
x-cache
HIT
content-language
en
status
200
content-encoding
gzip
cache-control
max-age=31536000
content-type
application/javascript; charset=utf-8
alt-svc
clear
expires
Wed, 15 Sep 2021 09:10:12 GMT
AgentHeroImage_922639992486811248.jpg
harmeet-sandhu.c21.ca/uploads/ 		237 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harmeet-sandhu.c21.ca/uploads/AgentHeroImage_922639992486811248.jpg
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
db2c2a15e39a8e2d8ada83fe24013cd341a89bddf36439edd519cba732e2b904
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Fri, 13 Sep 2019 21:29:05 GMT
server
NetDNA-cache/2.2
x-cache
MISS
content-language
en
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
alt-svc
clear
content-length
242683
expires
Fri, 17 Sep 2021 10:08:28 GMT
background__cma-cta.jpg
harmeet-sandhu.c21.ca/inc/skins/c21/assets/images/ 		640 KB
641 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harmeet-sandhu.c21.ca/inc/skins/c21/assets/images/background__cma-cta.jpg
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cb058d056474478a9bd7bb341579481db352abe37deba71ce564f32a37ac1040
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 30 Oct 2019 00:36:41 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-language
en
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
alt-svc
clear
content-length
655845
expires
Thu, 28 Jan 2021 16:01:19 GMT
barlowsemicondensed-medium-webfont.woff2
harmeet-sandhu.c21.ca/inc/skins/c21/assets/fonts/barlow-semi-condensed/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://harmeet-sandhu.c21.ca/inc/skins/c21/assets/fonts/barlow-semi-condensed/barlowsemicondensed-medium-webfont.woff2
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a036b8b53d12e6a1ff0a6463fd4368890d929fbdc320361498759e996550dfa2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://harmeet-sandhu.c21.ca
Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 30 Oct 2019 00:36:41 GMT
server
NetDNA-cache/2.2
status
200
x-cache
HIT
content-language
en
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/font-woff2
alt-svc
clear
content-length
19364
expires
Tue, 26 Jan 2021 15:11:16 GMT
barlowsemicondensed-regular-webfont.woff2
harmeet-sandhu.c21.ca/inc/skins/c21/assets/fonts/barlow-semi-condensed/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://harmeet-sandhu.c21.ca/inc/skins/c21/assets/fonts/barlow-semi-condensed/barlowsemicondensed-regular-webfont.woff2
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ea8d9feee4147cd7e4b404107b97490025c272bd6cf63f7f2b7f0a44d577c84b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://harmeet-sandhu.c21.ca
Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 30 Oct 2019 00:36:41 GMT
server
NetDNA-cache/2.2
status
200
x-cache
HIT
content-language
en
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/font-woff2
alt-svc
clear
content-length
19136
expires
Thu, 28 Jan 2021 16:01:19 GMT
collect
www.google-analytics.com/j/ 		4 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=24943304&t=pageview&_s=1&dl=https%3A%2F%2Fharmeet-sandhu.c21.ca%2F&ul=en-us&de=UTF-8&dt=Harmeet%20Sandhu%20-%20Real%20Estate%20Professional%20-%20CENTURY%2021%20Red%20Star%20Realty%20Inc.%20-%20Greater%20Toronto%20Area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1864802434&gjid=1800215561&cid=1140950988.1600337308&tid=UA-30661-15&_gid=561937234.1600337308&_r=1&_slc=1&z=783346372
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Sep 2020 10:08:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://harmeet-sandhu.c21.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
MortgageWidget.js
centumsites.scarlettnetwork.com/rootfolder/js/designer/ 		1 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://centumsites.scarlettnetwork.com/rootfolder/js/designer/MortgageWidget.js
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.60.34.229 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-34-229.ca-central-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
082a9e47031d707b24688984432edc67f1caed94d7fcfbf280a47c457a7d021c

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Sep 2020 10:08:28 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/javascript
Cache-Control
public
Content-Length
489
Expires
Fri, 17 Sep 2021 10:08:28 GMT
truncated
/ 		622 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79d2c949a858e4529cc517f35803ac11a0d8a8c31b544765727570e1ffad8d35

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
json.php
harmeet-sandhu.c21.ca/idx/inc/php/ajax/ 		2 KB
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://harmeet-sandhu.c21.ca/idx/inc/php/ajax/json.php?searchTypes&locale=en_CA
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8383f52112c585966a3fc5908bff50503e9eeeb30d382450b28b9c09fda77965
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://harmeet-sandhu.c21.ca/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
server
NetDNA-cache/2.2
vary
Accept-Encoding
content-language
en
status
200
content-encoding
gzip
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/json
alt-svc
clear
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-30661-15&cid=1140950988.1600337308&jid=1864802434&gjid=1800215561&_gid=561937234.1600337308&_u=IEBAAEAAAAAAAC~&z=321522478
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 17 Sep 2020 10:08:28 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://harmeet-sandhu.c21.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
defer.bfbe6757091664a107a11708767f7848.1.dev.css
harmeet-sandhu.c21.ca/inc/cache/css/ 		81 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harmeet-sandhu.c21.ca/inc/cache/css/defer.bfbe6757091664a107a11708767f7848.1.dev.css
Requested by
Host: harmeet-sandhu.c21.ca
URL: https://harmeet-sandhu.c21.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8239dae2bf3c2c89b0c56478f3e6ee46d8391d0d5136b563425356e35ee4a5b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harmeet-sandhu.c21.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 10:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 08 Jan 2020 01:00:13 GMT
server
NetDNA-cache/2.2
x-robots-tag
noindex
vary
Accept-Encoding
x-cache
HIT
content-language
en
status
200
content-encoding
gzip
cache-control
max-age=31536000
content-type
text/css; charset=utf-8
alt-svc
clear
expires
Thu, 28 Jan 2021 16:01:19 GMT
Cookie set express-mortgage
centumsites.scarlettnetwork.com/ Frame 8341 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://centumsites.scarlettnetwork.com/express-mortgage?src=https%3A%2F%2Fharmeet-sandhu.c21.ca%2F&lang=en-CA&mortgagelead=realtysandhu%40gmail.com&realtorlead=realtysandhu%40gmail.com
Requested by
Host: centumsites.scarlettnetwork.com
URL: https://centumsites.scarlettnetwork.com/rootfolder/js/designer/MortgageWidget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.60.34.229 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-34-229.ca-central-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host
centumsites.scarlettnetwork.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://harmeet-sandhu.c21.ca/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://harmeet-sandhu.c21.ca/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=ftirb3kce0e4afvb5hmbcp3u; path=/; HttpOnly; SameSite=Lax CorporateLanguage=Lang=38; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Thu, 17 Sep 2020 10:08:31 GMT
Content-Length
7159

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| cb function| raf string| locale function| $ function| jQuery object| BREW object| IDX function| openPage function| saveSearch function| editSearch object| Locale function| FastClick object| jQuery1720512763038354275 object| Modernizr object| i18next

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c21-listing-images.global.ssl.fastly.net
centumsites.scarlettnetwork.com
harmeet-sandhu.c21.ca
stats.g.doubleclick.net
www.billsandhu.com
www.bugherd.com
www.c21.ca
www.century21.ca
www.google-analytics.com
104.197.27.90
151.101.113.194
151.139.236.192
2a00:1450:4001:803::200e
2a00:1450:4001:815::200a
2a00:1450:400c:c0c::9d
35.175.20.97
52.60.34.229
69.89.20.47
082a9e47031d707b24688984432edc67f1caed94d7fcfbf280a47c457a7d021c
460959ddeb9298295f19b5abc77f7afb84903f13761df1614ba2e7f8261e0836
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
55974c04ed060d894ae64d2d8a1670dd287492577f907c039d8302c79b0858d5
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
641eca04013e12474258afc341226bdf9400d0093d0e8470da7bef977f3d08e8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac
79d2c949a858e4529cc517f35803ac11a0d8a8c31b544765727570e1ffad8d35
8239dae2bf3c2c89b0c56478f3e6ee46d8391d0d5136b563425356e35ee4a5b0
8383f52112c585966a3fc5908bff50503e9eeeb30d382450b28b9c09fda77965
a036b8b53d12e6a1ff0a6463fd4368890d929fbdc320361498759e996550dfa2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c63603e6d2fdf0ce3bb5536a087495d98d17c9c9dbb397ab6964b3467af51814
c69f420f4351bd318158dc6383195d14fbee6d04dd37adb4fb7e46d1950d099b
cb058d056474478a9bd7bb341579481db352abe37deba71ce564f32a37ac1040
db2c2a15e39a8e2d8ada83fe24013cd341a89bddf36439edd519cba732e2b904
ea8d9feee4147cd7e4b404107b97490025c272bd6cf63f7f2b7f0a44d577c84b
f1b8b5248dd8c6e9309ba969b3c0ca62cd3f8035b58af9b8866d1fab460ecd98
fd2c950bb2127e9175c22107ed0890d737009fbc455896d4d5aff230938f4ca6
fec1601adb724ea7d540126a09c0dc8090fd3a93ed9aaa9bc0daae970c99b0dd