urlscan.io logo urlscan.io
SecurityTrails logo

www.whatsopenontario.com Open in urlscan Pro
51.79.94.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://whatsopenontario.com/
Effective URL: http://www.whatsopenontario.com/
Submission: On March 09 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 51.79.94.77, located in Canada and belongs to OVH, FR. The main domain is www.whatsopenontario.com.
This is the only time www.whatsopenontario.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 51.79.94.77 16276 (OVH)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 104.102.252.25 16625 (AKAMAI-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
2 23.43.59.161 20940 (AKAMAI-ASN1)
7 18.211.217.109 14618 (AMAZON-AES)
1 2600:1f18:42d... 14618 (AMAZON-AES)
32 9
13    51.79.94.77 (Canada)

ASN16276 (OVH, FR)
PTR: mail.jordanlavin.com
whatsopenontario.com
www.whatsopenontario.com
2    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2607:f8b0:4006:80d::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    104.102.252.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-252-25.deploy.static.akamaitechnologies.com
contextual.media.net
lg3.media.net
3    2607:f8b0:4006:80f::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    23.43.59.161 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-59-161.deploy.static.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
7    18.211.217.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-217-109.compute-1.amazonaws.com
dt.clnmde.com
1    2600:1f18:42df:3a01:a063:fb7f:f8cf:f1f9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt6.clnmde.com
Apex Domain
Subdomains		 Transfer
13 whatsopenontario.com
whatsopenontario.com
www.whatsopenontario.com
130 KB
8 clnmde.com
dt.clnmde.com — Cisco Umbrella Rank: 13257
dt6.clnmde.com — Cisco Umbrella Rank: 14693
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 media.net
contextual.media.net — Cisco Umbrella Rank: 469
lg3.media.net — Cisco Umbrella Rank: 2569
49 KB
2 akamaihd.net
pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 8463
35 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
92 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 828
18 KB
32 7
Domain Requested by
12 www.whatsopenontario.com www.whatsopenontario.com
7 dt.clnmde.com pxlclnmdecom-a.akamaihd.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pxlclnmdecom-a.akamaihd.net contextual.media.net
pxlclnmdecom-a.akamaihd.net
2 contextual.media.net www.whatsopenontario.com
contextual.media.net
2 www.googletagmanager.com www.whatsopenontario.com
2 use.fontawesome.com www.whatsopenontario.com
1 dt6.clnmde.com www.whatsopenontario.com
1 lg3.media.net www.whatsopenontario.com
1 whatsopenontario.com 1 redirects
32 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.clnmde.com
Amazon		 2021-05-06 -
2022-06-04		 a year crt.sh
dt6.clnmde.com
Amazon		 2022-02-27 -
2023-03-28		 a year crt.sh

This page contains 2 frames:

Primary Page: http://www.whatsopenontario.com/
Frame ID: 229D4EF0CEB60266EAC7346F6E1D05EA
Requests: 31 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: 13F60372B914296DB92615B75EB12913
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

What's open and closed in Ontario, Canada on holidays?

Page URL History Show full URLs

  1. http://whatsopenontario.com/ HTTP 301
    http://www.whatsopenontario.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

32
Requests

59 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

346 kB
Transfer

1207 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://whatsopenontario.com/ HTTP 301
    http://www.whatsopenontario.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://www.googletagmanager.com/gtag/js?id=G-VVJGY1C5NN&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-VVJGY1C5NN&l=dataLayer&cx=c

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.whatsopenontario.com/
Redirect Chain
  • http://whatsopenontario.com/
  • http://www.whatsopenontario.com/
68 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
e31d5e54cb5da4ab40f2ec3858e20afda39281b9441ffdf4e02abc663f0c322d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
nginx
Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
12082
Connection
keep-alive
Vary
Accept-Encoding,Cookie
Cache-Control
max-age=3, must-revalidate
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
240
Connection
keep-alive
Location
http://www.whatsopenontario.com/
style.min.css
www.whatsopenontario.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.1
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Feb 2022 20:22:59 GMT
Server
nginx
ETag
W/"62154623-145a9"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
www.whatsopenontario.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.5
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Feb 2022 15:45:34 GMT
Server
nginx
ETag
W/"620fbf1e-aab"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
www.whatsopenontario.com/wp-content/themes/whats-open-ontario/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-content/themes/whats-open-ontario/style.css?ver=3.0.3
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
dc20adae3471f4d6977962ba6bd1ffcec7c4fc278ce8ba7cb22b9d68a5a6b657

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Feb 2022 15:35:52 GMT
Server
nginx
ETag
W/"62165458-140b"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
www.whatsopenontario.com/wp-content/themes/whats-open-ontario/assets/css/ 		199 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-content/themes/whats-open-ontario/assets/css/main.css?ver=3.0.3
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
56767b05b3397d88864779a527c7acd45675de7165f922ca2c3ead712a2362f5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Feb 2022 15:35:52 GMT
Server
nginx
ETag
W/"62165458-31d13"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.css
use.fontawesome.com/releases/v5.15.4/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/all.css
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

Referer
http://www.whatsopenontario.com/
Origin
http://www.whatsopenontario.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 23:30:32 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YKVXWR3P6JFP7M30
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
a1MoI7dkSLAwB9bUbbUZl0KyYRSvIAWVMTblJHYteUQ7dUUtb0ro/JYUlcVNThYwahNOPnhhFpU=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"ecd507b3125edc4d2a03aa6ae5d07da9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi%2F1NBlwRRWUYxAz7eZUX9N3qWor5prRWFdb9cVlWSDOLrmv9CeHei0MKgSvM1Rh8MnJ1ZtHuKNa9BgObOrXiTMWOzF4bbHb2cvHEDjTricA0CuT3c4LWhhoiwsXN0Z90k%2Bg8KXnctPMRuQBWsPfd%2FGF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6e97995aa9c74bbe-YUL
v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

Referer
http://www.whatsopenontario.com/
Origin
http://www.whatsopenontario.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 23:30:32 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YKVRFQ0FQ15P5QQ3
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
PuK/6KR5YBFCeKt2DYr0ZeEe/AzYJ0ZudetvZqVYIawp6916eI12eixqBZBzPyS/rflm4S4fqnA=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"a034d3c71bee546f625877d7932917f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPKXlpxxT5B7T2xLgqmf7kwWVVbNS1RWSBHFcCjoq0F6DeNxautbDt8NfFmLMAH3A%2BOcRkAOLb1f%2FtJkrqf75xAQzo51PnTIqoZfdHfdNHoIpSa%2F0qiLC1d8Zt2qdsnhXDKWoj2F0TJROxmNnvWzIW0K"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6e97995aa9cb4bbe-YUL
jquery-3.6.0.min.js
www.whatsopenontario.com/wp-content/themes/whats-open-ontario/assets/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-content/themes/whats-open-ontario/assets/jquery-3.6.0.min.js?ver=5.9.1
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Feb 2022 15:35:52 GMT
Server
nginx
ETag
W/"62165458-15d9d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
www.whatsopenontario.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Nov 2020 09:06:06 GMT
Server
nginx
ETag
W/"5fb4e3fe-2bd8"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-216612424-1
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a37da9660438f1d15ce11b72a2c9faa88de902ffffa767289a2d027e88e0345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 23:30:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36971
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Mar 2022 23:30:34 GMT
dmedianet.js
contextual.media.net/ 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CUI8363Q
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
12bed8304f4c02e4a17ce85197ca195225c34f157a886274333d9f0637765622
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-mnt-h
10-9
content-encoding
gzip
server
Apache
etag
"164434acd5617895d0c763ad5986279f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Wed, 09 Mar 2022 23:30:34 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-18
expires
Wed, 09 Mar 2022 23:35:34 GMT
regenerator-runtime.min.js
www.whatsopenontario.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jan 2022 04:32:24 GMT
Server
nginx
ETag
W/"61f0ced8-195e"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-polyfill.min.js
www.whatsopenontario.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jan 2022 04:32:24 GMT
Server
nginx
ETag
W/"61f0ced8-4b3d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
www.whatsopenontario.com/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Feb 2022 15:45:34 GMT
Server
nginx
ETag
W/"620fbf1e-25f8"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.bundle.js
www.whatsopenontario.com/wp-content/themes/whats-open-ontario/assets/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-content/themes/whats-open-ontario/assets/js/main.bundle.js?ver=3.0.3
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
2f6c7adb78b87981d50f4ebe7e9c6ed2d49d9972e8dc640238ca0469ea889742

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Feb 2022 15:35:52 GMT
Server
nginx
ETag
W/"62165458-13456"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
www.whatsopenontario.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.whatsopenontario.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.1
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
HTTP/1.1
Server
51.79.94.77 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.jordanlavin.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 22:15:12 GMT
Server
nginx
ETag
W/"60bfebf0-4705"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		183 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216612424-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2798
date
Wed, 09 Mar 2022 22:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 10 Mar 2022 00:43:56 GMT
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-VVJGY1C5NN&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-VVJGY1C5NN&l=dataLayer&cx=c
149 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VVJGY1C5NN&l=dataLayer&cx=c
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
H2
Server
2607:f8b0:4006:80d::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28acb3ff62fd27125dd05f34da45da7a83debb10e121f2423e42231cd385e4a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 23:30:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56982
x-xss-protection
0
expires
Wed, 09 Mar 2022 23:30:34 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-VVJGY1C5NN&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1638050112&t=pageview&_s=1&dl=http%3A%2F%2Fwww.whatsopenontario.com%2F&ul=en-us&de=UTF-8&dt=What%27s%20open%20and%20closed%20in%20Ontario%2C%20Canada%20on%20holidays%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1176899655&gjid=940967487&cid=1162529665.1646868634&tid=UA-216612424-1&_gid=81520232.1646868634&_r=1&gtm=2ou370&did=dZTNiMT&gdid=dZTNiMT&z=1907514181
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.whatsopenontario.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Mar 2022 23:30:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.whatsopenontario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VVJGY1C5NN&gtm=2oe370&_p=1638050112&sr=1600x1200&gdid=dZTNiMT&ul=en-us&cid=1162529665.1646868634&_s=1&dl=http%3A%2F%2Fwww.whatsopenontario.com%2F&dt=What%27s%20open%20and%20closed%20in%20Ontario%2C%20Canada%20on%20holidays%3F&sid=1646868634&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-VVJGY1C5NN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Mar 2022 23:30:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.whatsopenontario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUI8363Q
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUI8363Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.43.59.161 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-59-161.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
261faf89c68dc8f887235226325c6ec8b8c72038cdce188a98fb360903eb845b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 23:30:34 GMT
Content-Encoding
gzip
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
31131
Expires
Thu, 10 Mar 2022 00:00:34 GMT
smtr
contextual.media.net/ 		1 KB
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUI8363Q&cpcd=ePIfeY6NgAPCuODiPJZiRQ%3D%3D&crid=594296894&size=728x90&cc=CA&https=1&vif=1&requrl=http%3A%2F%2Fwww.whatsopenontario.com%2F&nse=5&vi=1646868634370989697&ugd=4&pgid=p11041324453t202203092330&nb=1&allsc=QC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUI8363Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
614e08bed2074296b132813450d83b8f8e45bf4b10c6c944c81ab9e78826a8ad
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Mar 2022 23:30:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-6m5z
strict-transport-security
max-age=604800
content-length
508
expires
Wed, 09 Mar 2022 23:30:34 GMT
bping.php
lg3.media.net/ 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CUI8363Q&crid=594296894&vi=1646868634370989697&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886781335&r=1646868634452&requrl=http%3A%2F%2Fwww.whatsopenontario.com%2F&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1646868634176025453&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p11041324453t202203092330&vgd_pgids=1&vgd_uspa=0&hvsid=00001646868634439025035145532698&gdpr=0&vgd_end=1
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 09 Mar 2022 23:30:34 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 09 Mar 2022 23:30:34 GMT
bfp_ssn.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 13F6 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUI8363Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.43.59.161 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-59-161.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/

Response headers

Content-Type
text/html; charset=utf-8
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Cache-Control
max-age=1800
Expires
Thu, 10 Mar 2022 00:00:34 GMT
Date
Wed, 09 Mar 2022 23:30:34 GMT
Content-Length
3751
Connection
keep-alive
ptmdP
dt.clnmde.com/ 		7 B
329 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dt.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUI8363Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.217.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-217-109.compute-1.amazonaws.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
http://www.whatsopenontario.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Mar 2022 23:30:34 GMT
vary
Accept-Encoding
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
cenw.js
dt.clnmde.com/ 		36 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dt.clnmde.com/cenw.js?identifier=bafp
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUI8363Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.217.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-217-109.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f7a846c97e7c5b62c4e6193a9c76ecdb4c590a86634141d561295050aaa8edf0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 23:30:34 GMT
vary
Accept-Encoding
x-powered-by
Express
etag
W/"24-rxwilIn9wID1KhnNAaXokQ"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
36
ptmdDual
dt6.clnmde.com/ 		70 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22164686863478432366773433%22%2C%22za%22%3A1%2C%22gcd%22%3A1646868634800%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by
Host: www.whatsopenontario.com
URL: http://www.whatsopenontario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:42df:3a01:a063:fb7f:f8cf:f1f9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Mar 2022 23:30:34 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
cenw.js
dt.clnmde.com/ Frame 13F6 		36 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dt.clnmde.com/cenw.js
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.217.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-217-109.compute-1.amazonaws.com
Software
/ Express
Resource Hash
642dd2b5cbe2c87f0282d120efc47c45e7468a5cfc219ea21f46eb6b1a3be85d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pxlclnmdecom-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 23:30:34 GMT
vary
Accept-Encoding
x-powered-by
Express
etag
W/"24-YbSEhQT/+El47eYA1O8iFA"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
36
ptmd
dt.clnmde.com/ 		70 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.clnmde.com/ptmd?t=164686863478432366773433_N4IgxmAWDWIFwG0QFYCcAWATKgbADgxAF0AaEABwEsATAF3iQAZiyAnAUwDMBVVgG3qIQLEAGdWYXgIYhItWuQCkAZgCCizADENmgO76AdLsgBDWqID25dgDsLN2idaULBsBYC2OkQDdRAfRpBBBsAVz4+Ulk-QLoZRgTGAEYcdHx05XR0ZVRGTGRGZWQk9GRkZUwcVDwRMFDRWljgkDwAYW4ASTxlHGUARVrWHxlgAB0UDGx8DHG4MZBaAE9rWfGwVljxknGfSk34cZS0vAzsgHZGatxUM63xyBiaVZBE5NT0k8zs3PzC4tLypVquMAL4gkQ2EwMLAYXBnSroEhJTKMPAXHIkcoJPDobqMKKQ0TwbBkSgmDwMfGkkxEuB4MjsAAe8BeIDIoncLKOH166H8SUw2UqygSOGwbLE7k48CS7PcghA3JOnz5AqFvVF2H8eAARphUWcdUk8mBUOxlOxkJxOOxqEkwCUznhbbqnRKORZaNK4LLJZ7qFz3srefzBRUNYwxah-Jx7ThkmAdcodchqDhqBd05xE2dUPlU2BMDqdeh3fLqN7fexoFC4CB2EnODrqDrGABaEyJNtJJLsMBt5upAdWivKbpVHA4CXVnUyshgPws+Z8CxgEx8fwNCysEwAc3YzwbyibLfbnYS3d7-cH6GHnFH49wODuYnYolELhsm9o273B4O9aNs2rYdl2PZ9gOaa3im96cGOPRPi+7gWNAlDsP41BmCYh5AaeoEXuB15QXeD4IZOoISjWLINugCTNmeYFXh2ArIG21DwXk1AOugJjKJRs4+vOwx1suq7rt+v77jhtGMPR+HtoRzH5GxHGYFxJS8S+ohvh+9gSTuUkATRdHUAxBFMSYLEqXiancZpbJrBYKFoRhWHSSZZkKRZVnsTZ6k8coFFkLuXqUiQjBIuF4VRCFtIIBFCVRVSYiOLQ9TQiQyjKJliJFJlOCZWcmX0hiJKYNlqBRAAXrWvrkLuLLDMFkCBscpxOkKPQ4GcZyZFlEqLnWOAGIwBhpKWZDrvA2UgNm8DdgytCUK1PKZO6tANXAEViLAdZKqcobqiKkbigylDkFy6CoAYyDDUk5QGEkeDIAN7CsCy5CsBYAYMqEtVkKEy1bQyPh8AwoCQh47AsjqNDUG9sQSphjjwKAsPUPDGw0PAYQRGQuyI3tQanMoFxXFUZwgGCJAQ+S0N1iYYDY2QyO1qAjPY3AuN8Pjeyc4qxMqqTlwEBTVMglE5CDQgUSiHwDQrcGmQ9VOZB8JW871I0-NtJ0479ANfMBkTbVC2Tos3BKu5gDKgu9MUgpkAAjvTvqcEDmAgkAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.217.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-217-109.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Mar 2022 23:30:35 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
ptmd
dt.clnmde.com/ 		70 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.clnmde.com/ptmd?t=164686863478432366773433_N4IgzgLmIFwNoAYA0zkEYUF0kgKYGMIBbWEAZjQDYQcBLAN1gQDoBWHSAQwgFdp4AnEjQDsIAF6dYGEAAcA5qUY55AC1JUALJQAcuymU0B2HZrIAmMpUpGjhsmRoh6-EJWYttmp5wA2sMhwAM3xYAFoZXAhaDUptPT1DJ0hFGGRwAGtY+P1DAH00czNzAwQESnMBJ1xaWQ1NATZ3NFYyZjQdVid6XAAnUllegHsAE2qeKRgZHhi0nFx6f3hQADtOIlxSACNaEZG+vN2nEe5J0B29g6OYFZ5fXxx6WkOxmBAtfUSzIwQBHQFKAIjCAAL4gpCrdabN6cfBHHAnCBnECw663e6PZ7Xd5xT4Gb6-f6A4FgsSyFywOBiMC+SDZPGGWzUHC+ILSHD4PgQF6kHQAYQAqgBJHRWMgARW6WNeOJyXzIPz+AKBTnkoSmuISBlaCCMOAAjtCZEFZmQQUA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.217.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-217-109.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Mar 2022 23:30:35 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
ptmd
dt.clnmde.com/ 		70 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.clnmde.com/ptmd?t=164686863478432366773433_N4IgpghgNiBcDaBdANOCAHO8QEYAsAnAHQCsAbETiQMyUAcJIKIAlgG5wBMqAzgC4Q+AVx5YcdZDgLMAXhDg5U6AOZwQHVMoAWanGTxk6hstTwB2OnmqdqZMmbOnq1EKjajYICgAYiBvK4g0HDUqABmAMZwALSK4HwsuvrGRqaB-Kqw3rwA1kkGRql4APo4nFacJt7eZJwEgWAsmJ74xOSUNPSMbmAATmrovQD2ACYNQvKwcUKJWahgbDAIoAB2EAC2YGoARiwjI33Fe4EjgpOgu-uHx7ArQlBQbixHYy3JhSZWZt4EdARkBDMIAAvsDkKsNltPBAIsdUKcBHBQDCbncHk8XvkUp9qN9fv9ASDgcx0O4sCBvAACTjeHBUnBMXhQfhYj6mBxkQJQMIKVARER8TGeOgAYQAqgBJOi2agARUCbGeN1w72MTjxfwBQM0USmqtShm8ZlQAEcoXEwrM8MCgA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.217.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-217-109.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Mar 2022 23:30:36 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
ptmd
dt.clnmde.com/ 		70 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.clnmde.com/ptmd?t=164686863478432366773433_N4IgHgZiBcIAwDYIEYDGAmAnAEwEbowHYBWADnQFNcBmXUuAFhXWIWvULhABpwIAXGCFLUKCCpky4IDOLkIME6ahFTViyFdjipimOOmw8QEAIYwA2tRKlkcQqVbc7pbnDcf3Xzz+9eAurxmAM4wCLwAFhGW6O7oyIEmUNDovACuaTDEDJhBAG5CxgCWBdAMvMH8pvxpodBWccTOmIkAXubQyLwADgDmQgW8vdGwyAiKpAiT1AwODOzUCAiEhDPU1MZ5dSAIAHRwu4oMxqYANjDUQagwALRdIBT8RUJjE1NsxxX8-dDuIMEAaxe43e0wYAH1kOh5ug2HBEFhjBQit0XjldqxdshiNQsY5NhQAE5CbqEgD2Rl4FDSHXuaWevypeXO9VAADtTABbChCXBFbDYIng-nGbDVDqgPkCoUi6BstKnU68PJFYVGUYgyZg6xwTCkTAITCEEAAXxN3HZXJ5sFMqBFvDFVRgoFtsvliuVqtlIFeoI+Or1BqNppNiW6W0siWCp0qwLeYJWCGMp2S91QtX4aqEpAAwgBVACSIjYAEVNl71T7Ne81pxA4bjUNrp1q9NSPRCLwAI7W+4QBlwE1AA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.217.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-217-109.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
http://www.whatsopenontario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Mar 2022 23:30:38 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored object| _wpemojiSettings function| $ function| jQuery function| gtag object| dataLayer object| _mNHandle string| medianet_versionId object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 number| uidEvent object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _mN object| _mNSrv function| setup string| _mN_Idf string| _mN_ctrM undefined| _mN_ctr object| mnjs object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE object| _mNadPrvLog string| eti string| esi_ip string| esi_ua object| hs string| adod string| sdod string| sdodi string| customerId number| templateId string| cp string| pd object| ad_regex string| noCookies number| cstSmpPer string| dl number| staging string| ver function| browserfp object| sppx number| bfObjLdCnt

13 Cookies

Domain/Path Name / Value
.whatsopenontario.com/ Name: _gid
Value: GA1.2.81520232.1646868634
.whatsopenontario.com/ Name: _gat_gtag_UA_216612424_1
Value: 1
.whatsopenontario.com/ Name: _ga_VVJGY1C5NN
Value: GS1.1.1646868634.1.0.1646868634.0
.whatsopenontario.com/ Name: _ga
Value: GA1.1.1162529665.1646868634
www.whatsopenontario.com/ Name: session_depth
Value: www.whatsopenontario.com%3D1%7C594296894%3D1
.whatsopenontario.com/ Name: bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78
Value: Direct
.whatsopenontario.com/ Name: bfp_sn_rt_8b2087b102c9e3e5ffed1c1478ed8b78
Value: 1646868634787
.whatsopenontario.com/ Name: bfp_sn_pl
Value: 1646868634|1_124326300629
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn
Value: 1646868634_124326300629
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78
Value: 1646868634_124326300629_8b2087b102c9e3e5ffed1c1478ed8b78
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn_td_f1c601cb3b5d6d706dfcb79255dc2bb4
Value: 1646868634_124326300629_f1c601cb3b5d6d706dfcb79255dc2bb4
.pxlclnmdecom-a.akamaihd.net/ Name: bafp_t
Value: eb3fbdb0-a000-11ec-bd64-b5fdf3836966
.www.whatsopenontario.com/ Name: bafp
Value: eb400bd0-a000-11ec-a125-d38302dc14a3

1 Console Messages

Source Level URL
Text
other warning URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUI8363Q(Line 14)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

contextual.media.net
dt.clnmde.com
dt6.clnmde.com
lg3.media.net
pxlclnmdecom-a.akamaihd.net
use.fontawesome.com
whatsopenontario.com
www.google-analytics.com
www.googletagmanager.com
www.whatsopenontario.com
104.102.252.25
18.211.217.109
23.43.59.161
2600:1f18:42df:3a01:a063:fb7f:f8cf:f1f9
2606:4700:3032::ac43:a9f7
2607:f8b0:4006:80d::2008
2607:f8b0:4006:80f::200e
51.79.94.77
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
12bed8304f4c02e4a17ce85197ca195225c34f157a886274333d9f0637765622
261faf89c68dc8f887235226325c6ec8b8c72038cdce188a98fb360903eb845b
28acb3ff62fd27125dd05f34da45da7a83debb10e121f2423e42231cd385e4a5
2f6c7adb78b87981d50f4ebe7e9c6ed2d49d9972e8dc640238ca0469ea889742
56767b05b3397d88864779a527c7acd45675de7165f922ca2c3ead712a2362f5
614e08bed2074296b132813450d83b8f8e45bf4b10c6c944c81ab9e78826a8ad
642dd2b5cbe2c87f0282d120efc47c45e7468a5cfc219ea21f46eb6b1a3be85d
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a37da9660438f1d15ce11b72a2c9faa88de902ffffa767289a2d027e88e0345
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a
dc20adae3471f4d6977962ba6bd1ffcec7c4fc278ce8ba7cb22b9d68a5a6b657
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e31d5e54cb5da4ab40f2ec3858e20afda39281b9441ffdf4e02abc663f0c322d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
f7a846c97e7c5b62c4e6193a9c76ecdb4c590a86634141d561295050aaa8edf0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e