immigrationmedical.ca Open in urlscan Pro
64.34.109.31  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request emedical.html Show response immigrationmedical.ca/	11 KB 12 KB	339ms 83ms	Document text/html	64.34.109.31 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://immigrationmedical.ca/emedical.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.34.109.31 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Apache / Resource Hash b478db6373eecedb2b654d3e3455b0f3da782766e4d81664be8cd18c19901f81 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 11675 Content-Type text/html Date Mon, 07 Aug 2023 20:29:54 GMT Keep-Alive timeout=5, max=100 Last-Modified Thu, 09 Feb 2023 04:04:29 GMT Server Apache
GET H/1.1	200 OK	alldevices.css immigrationmedical.ca/	30 KB 31 KB	136ms 82ms	Stylesheet text/css	64.34.109.31 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://immigrationmedical.ca/alldevices.css Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.34.109.31 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Apache / Resource Hash d6770193676de3246022b7d8a8fd1ca355626b9d92e007e24f905a19464a4b2d Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/emedical.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 20:29:54 GMT Last-Modified Wed, 24 May 2023 21:29:46 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 31157
GET H/1.1	200 OK	SpryMenuBar.js Show response immigrationmedical.ca/SpryAssets/	21 KB 21 KB	241ms 81ms	Script application/javascript	64.34.109.31 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://immigrationmedical.ca/SpryAssets/SpryMenuBar.js Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.34.109.31 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Apache / Resource Hash 63b2adfbd78e7db85682310f8471d7ade06f7525e720102b95f269296d572f5f Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/emedical.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 20:29:54 GMT Last-Modified Sat, 15 Apr 2023 14:14:09 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 21248
GET H/1.1	200 OK	SpryMenuBarVertical.css immigrationmedical.ca/SpryAssets/	5 KB 6 KB	240ms 80ms	Stylesheet text/css	64.34.109.31 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://immigrationmedical.ca/SpryAssets/SpryMenuBarVertical.css Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.34.109.31 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Apache / Resource Hash cd0f8249e16f6af59be7e5cbc3b3f2ef8d9eac9cf42ad06249ba439eff6dc535 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/emedical.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 20:29:54 GMT Last-Modified Sat, 15 Apr 2023 14:14:09 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5396
GET H2	200	js Show response www.googletagmanager.com/gtag/	248 KB 85 KB	161ms 69ms	Script application/javascript	172.217.13.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7G7BM8C3GW Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash f23fa5f08e0325eadfac1d1217624fc1859163a7a708946363a24b6467b7a26a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 20:29:55 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86316 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 07 Aug 2023 20:29:55 GMT
GET H/1.1	200 OK	banner_globe_only.jpg immigrationmedical.ca/images/	10 KB 10 KB	236ms 82ms	Image image/jpeg	64.34.109.31 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://immigrationmedical.ca/images/banner_globe_only.jpg Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.34.109.31 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Apache / Resource Hash 86b8906fd2053308d1e97c8ac249db8ecce31db9532647f4b589448209947b19 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/emedical.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 20:29:54 GMT Last-Modified Tue, 11 Jul 2023 03:10:38 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10366
GET H/1.1	200 OK	Dr%20Wojtek%20Ciszak%20thumbnail.jpg immigrationmedical.ca/images/	21 KB 22 KB	244ms 82ms	Image image/jpeg	64.34.109.31 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://immigrationmedical.ca/images/Dr%20Wojtek%20Ciszak%20thumbnail.jpg Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.34.109.31 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Apache / Resource Hash cc42e875732166fa808908075520104e799595a7d51e017e3f218c3734883ad2 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/emedical.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 20:29:54 GMT Last-Modified Tue, 07 Jun 2022 19:15:26 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 21771
GET H/1.1	200 OK	right-arrow-green-th.png immigrationmedical.ca/images/	1 KB 2 KB	195ms 79ms	Image image/png	64.34.109.31 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://immigrationmedical.ca/images/right-arrow-green-th.png Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.34.109.31 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Apache / Resource Hash 6bcfed12d0b712165d03dc0b67b5dc370fff5820def0b037732f8295e63ea75b Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/emedical.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 20:29:54 GMT Last-Modified Mon, 01 May 2023 22:49:28 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1320
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	59ms 32ms	Script text/javascript	172.217.13.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f8.1e100.net Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 07 Aug 2023 19:07:46 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4929 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Mon, 07 Aug 2023 21:07:46 GMT
GET H/1.1	200 OK	SpryMenuBarRight.gif immigrationmedical.ca/SpryAssets/	55 B 295 B	87ms 87ms	Image image/gif	64.34.109.31 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://immigrationmedical.ca/SpryAssets/SpryMenuBarRight.gif Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/SpryAssets/SpryMenuBarVertical.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.34.109.31 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Apache / Resource Hash 09d42e7f1ae1c21e37adaf6fc63ac7fb5d18812ee10feb2e5b4f7462707fae15 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/SpryAssets/SpryMenuBarVertical.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 20:29:54 GMT Last-Modified Sat, 15 Apr 2023 14:14:09 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 55
GET H2	200	plusone.js Show response apis.google.com/js/	57 KB 22 KB	139ms 53ms	Script text/javascript	142.250.80.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.14 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f14.1e100.net Software sffe / Resource Hash 853bd17a8c35651f6d4d157ec6320179f5dc319a2da3b6b413a9fe45abd566b8 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Mon, 07 Aug 2023 20:29:56 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22287 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "9b35aad868864122" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Mon, 07 Aug 2023 20:29:56 GMT
GET H/1.1	200 OK	SpryMenuBarRightHover.gif immigrationmedical.ca/SpryAssets/	55 B 295 B	79ms 79ms	Image image/gif	64.34.109.31 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://immigrationmedical.ca/SpryAssets/SpryMenuBarRightHover.gif Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.34.109.31 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Apache / Resource Hash 52723cb995d2748cffe825a904ce8aa3e1c2f7b1882cda1b51d0e2d7aa9cd269 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/emedical.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 20:29:54 GMT Last-Modified Sat, 15 Apr 2023 14:14:09 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 55
GET		wsv2.cgi hits.webstat.com/cgi-bin/	0 0
POST H2	204	collect www.google-analytics.com/g/	0 257 B	111ms 43ms	Ping text/plain	142.250.65.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-7G7BM8C3GW&gtm=45je3820&_p=205520307&cid=1373424634.1691440196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691440195&sct=1&seg=0&dl=https%3A%2F%2Fimmigrationmedical.ca%2Femedical.html&dt=eMedical%20in%20Canada&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7G7BM8C3GW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 07 Aug 2023 20:29:56 GMT server Golfe2 content-type text/plain access-control-allow-origin https://immigrationmedical.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect www.google-analytics.com/g/	0 45 B	107ms 45ms	Ping text/plain	142.250.65.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8W0N7CE0CJ&gtm=45je3820&_p=205520307&cid=1373424634.1691440196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691440195&sct=1&seg=0&dl=https%3A%2F%2Fimmigrationmedical.ca%2Femedical.html&dt=eMedical%20in%20Canada&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7G7BM8C3GW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 07 Aug 2023 20:29:56 GMT server Golfe2 content-type text/plain access-control-allow-origin https://immigrationmedical.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	__utm.gif ssl.google-analytics.com/r/	35 B 195 B	50ms 49ms	Image image/gif	172.217.13.104 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=467178026&utmhn=immigrationmedical.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=eMedical%20in%20Canada&utmhid=205520307&utmr=-&utmp=%2Femedical.html&utmht=1691440195954&utmac=UA-35675740-3&utmcc=__utma%3D123078291.1373424634.1691440196.1691440196.1691440196.1%3B%2B__utmz%3D123078291.1691440196.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1594000307&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f8.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 07 Aug 2023 20:29:55 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/	157 KB 55 KB	43ms 42ms	Script text/javascript	142.250.80.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.14 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f14.1e100.net Software sffe / Resource Hash 50215de724ac10f55e302d1db04574fecaa139c022042ce3c69f669bd1d679e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 04 Aug 2023 19:22:23 GMT content-encoding gzip x-content-type-options nosniff age 263253 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55605 x-xss-protection 0 last-modified Tue, 04 Jul 2023 15:24:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 03 Aug 2024 19:22:23 GMT
GET H2	200	cb=gapi.loaded_1 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/	98 KB 34 KB	60ms 60ms	Script text/javascript	142.250.80.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_1?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.14 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f14.1e100.net Software sffe / Resource Hash 1e8dd96fddb0575df27f9d1827addb3f89025c89bfbf5eb82a8e57b16c6119af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 04 Aug 2023 19:22:23 GMT content-encoding gzip x-content-type-options nosniff age 263253 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34454 x-xss-protection 0 last-modified Tue, 04 Jul 2023 15:24:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 03 Aug 2024 19:22:23 GMT
GET		fastbutton apis.google.com/u/0/se/0/_/+1/ Frame FED1	0 0
GET H2	200	postmessageRelay Show response accounts.google.com/o/oauth2/ Frame AF2B	566 B 810 B	171ms 97ms	Document text/html	172.217.13.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fimmigrationmedical.ca&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__ Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_1?le=scs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.141 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f13.1e100.net Software ESF / Resource Hash 18c783179d1e27e8c0eef60d4c65437dbf73fff0ddd2c5aeb80a1c72e8c9fb35 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-W8oeC8SYzdJAE1zJ31tUmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://immigrationmedical.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-W8oeC8SYzdJAE1zJ31tUmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport content-type text/html; charset=utf-8 date Mon, 07 Aug 2023 20:29:56 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache server ESF x-content-type-options nosniff x-xss-protection 0
POST H2	204	cspreport accounts.google.com/o/ Frame AF2B	0 250 B	65ms 65ms	Other text/html	172.217.13.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/cspreport Requested by Host: immigrationmedical.ca URL: https://immigrationmedical.ca/emedical.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.141 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f13.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-b7ZROEZn2cypjLPPodaJfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fimmigrationmedical.ca&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Mon, 07 Aug 2023 20:29:56 GMT content-security-policy script-src 'report-sample' 'nonce-b7ZROEZn2cypjLPPodaJfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	3698212825-postmessagerelay.js Show response ssl.gstatic.com/accounts/o/ Frame AF2B	12 KB 6 KB	122ms 30ms	Script text/javascript	172.217.13.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/accounts/o/3698212825-postmessagerelay.js Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fimmigrationmedical.ca&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s04-in-f3.1e100.net Software sffe / Resource Hash 37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Wed, 02 Aug 2023 20:46:57 GMT content-encoding gzip x-content-type-options nosniff age 430979 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5184 x-xss-protection 0 last-modified Thu, 27 Jul 2023 16:14:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="federated-signon-mpm-access" vary Accept-Encoding report-to {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 01 Aug 2024 20:46:57 GMT
GET H3	200	rpc:shindig_random.js Show response apis.google.com/js/ Frame AF2B	18 KB 7 KB	52ms 51ms	Script text/javascript	142.250.80.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/rpc:shindig_random.js?onload=init Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fimmigrationmedical.ca&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.14 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f14.1e100.net Software sffe / Resource Hash 4549585ab6893eac05cd096b7bf683cc2da38d28e33d9ce50778d301b8e3f3ae Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Mon, 07 Aug 2023 20:29:56 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7123 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "8326ee0bb7c7b6dc" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Mon, 07 Aug 2023 20:29:56 GMT
GET H3	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/ Frame AF2B	63 KB 22 KB	31ms 30ms	Script text/javascript	142.250.80.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.14 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f14.1e100.net Software sffe / Resource Hash 9d5f621e04c3d8d2b43a14588948a698b293d820adc7d6b6b314bd6527b716da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 13:21:29 GMT content-encoding gzip x-content-type-options nosniff age 198507 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22901 x-xss-protection 0 last-modified Tue, 04 Jul 2023 15:24:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 04 Aug 2024 13:21:29 GMT
POST H2	204	collect www.google-analytics.com/g/	0 45 B	46ms 45ms	Ping text/plain	142.250.65.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-7G7BM8C3GW&gtm=45je3820&_p=205520307&cid=1373424634.1691440196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1691440195&sct=1&seg=0&dl=https%3A%2F%2Fimmigrationmedical.ca%2Femedical.html&dt=eMedical%20in%20Canada&en=scroll&epn.percent_scrolled=90&_et=18 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7G7BM8C3GW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://immigrationmedical.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 07 Aug 2023 20:30:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://immigrationmedical.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

hits.webstat.com

URL

http://hits.webstat.com/cgi-bin/wsv2.cgi?149459

Domain

apis.google.com

URL

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=200&origin=https%3A%2F%2Fimmigrationmedical.ca&url=https%3A%2F%2Fimmigrationmedical.ca%2Femedical.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| Spry object| _gaq function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| MenuBar1 function| onYouTubeIframeAPIReady object| gaGlobal object| _gat object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.immigrationmedical.ca/	1970-01-20 23:26:40	Name: _ga Value: GA1.1.1373424634.1691440196
			.immigrationmedical.ca/	1970-01-20 23:26:40	Name: _ga_8W0N7CE0CJ Value: GS1.1.1691440195.1.0.1691440195.0.0.0
			.immigrationmedical.ca/	1970-01-20 23:26:40	Name: _ga_7G7BM8C3GW Value: GS1.1.1691440195.1.0.1691440195.0.0.0
			.immigrationmedical.ca/	1970-01-20 23:26:40	Name: __utma Value: 123078291.1373424634.1691440196.1691440196.1691440196.1
			.immigrationmedical.ca/	1969-12-31 23:59:59	Name: __utmc Value: 123078291
			.immigrationmedical.ca/	1970-01-20 18:13:28	Name: __utmz Value: 123078291.1691440196.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
			.immigrationmedical.ca/	1970-01-20 13:50:40	Name: __utmt Value: 1
			.immigrationmedical.ca/	1970-01-20 13:50:41	Name: __utmb Value: 123078291.1.10.1691440196

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://immigrationmedical.ca/emedical.html Message: Mixed Content: The page at 'https://immigrationmedical.ca/emedical.html' was loaded over HTTPS, but requested an insecure script 'http://hits.webstat.com/cgi-bin/wsv2.cgi?149459'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://immigrationmedical.ca/emedical.html(Line 175) Message: Mixed Content: The page at 'https://immigrationmedical.ca/emedical.html' was loaded over HTTPS, but requested an insecure frame 'http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.immigrationmedical.ca&layout=button_count&show_faces=false&width=100&action=recommend&colorscheme=light&height=70'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 66) Message: Mixed Content: The page at 'https://immigrationmedical.ca/emedical.html' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Conload&id=I0_1691440196057&_gfid=I0_1691440196057&parent=https%3A%2F%2Fimmigrationmedical.ca&pfname=&rpctoken=27884578'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
hits.webstat.com
immigrationmedical.ca
ssl.google-analytics.com
ssl.gstatic.com
www.google-analytics.com
www.googletagmanager.com
apis.google.com
hits.webstat.com
142.250.65.238
142.250.80.14
172.217.13.104
172.217.13.141
172.217.13.163
64.34.109.31
09d42e7f1ae1c21e37adaf6fc63ac7fb5d18812ee10feb2e5b4f7462707fae15
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18c783179d1e27e8c0eef60d4c65437dbf73fff0ddd2c5aeb80a1c72e8c9fb35
1e8dd96fddb0575df27f9d1827addb3f89025c89bfbf5eb82a8e57b16c6119af
37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d
4549585ab6893eac05cd096b7bf683cc2da38d28e33d9ce50778d301b8e3f3ae
50215de724ac10f55e302d1db04574fecaa139c022042ce3c69f669bd1d679e0
52723cb995d2748cffe825a904ce8aa3e1c2f7b1882cda1b51d0e2d7aa9cd269
63b2adfbd78e7db85682310f8471d7ade06f7525e720102b95f269296d572f5f
6bcfed12d0b712165d03dc0b67b5dc370fff5820def0b037732f8295e63ea75b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853bd17a8c35651f6d4d157ec6320179f5dc319a2da3b6b413a9fe45abd566b8
86b8906fd2053308d1e97c8ac249db8ecce31db9532647f4b589448209947b19
9d5f621e04c3d8d2b43a14588948a698b293d820adc7d6b6b314bd6527b716da
b478db6373eecedb2b654d3e3455b0f3da782766e4d81664be8cd18c19901f81
cc42e875732166fa808908075520104e799595a7d51e017e3f218c3734883ad2
cd0f8249e16f6af59be7e5cbc3b3f2ef8d9eac9cf42ad06249ba439eff6dc535
d6770193676de3246022b7d8a8fd1ca355626b9d92e007e24f905a19464a4b2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f23fa5f08e0325eadfac1d1217624fc1859163a7a708946363a24b6467b7a26a