covid-19.airmiles.ca
Open in
urlscan Pro
52.5.214.13
Public Scan
Submitted URL: https://email.airmiles.ca/T/v4000001714823396ea7ef396e96c569c8/be47ea17ccd749810000021ef3a0bcc3/be47ea17-ccd7-4981-a28d-3a...
Effective URL: https://covid-19.airmiles.ca/en/partner-updates?utm_campaign=45715_programupdateapril2020-solo&utm_source=airmiles&utm_medium...
Submission: On April 06 via api from US
Effective URL: https://covid-19.airmiles.ca/en/partner-updates?utm_campaign=45715_programupdateapril2020-solo&utm_source=airmiles&utm_medium...
Submission: On April 06 via api from US
Summary
This website contacted 13 IPs
in 6 countries
across 14 domains to perform 77 HTTP transactions.
The main IP is 52.5.214.13, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is covid-19.airmiles.ca.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on November 29th 2018. Valid for: 2 years.
This is the only time covid-19.airmiles.ca was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on November 29th 2018. Valid for: 2 years.
This is the only time covid-19.airmiles.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
47
52.5.214.13
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-214-13.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-214-13.compute-1.amazonaws.com
| covid-19.airmiles.ca |
3
2001:4de0:ac19::1:b:1a
(Netherlands)
ASN20446 (HIGHWINDS3, US)
ASN20446 (HIGHWINDS3, US)
| maxcdn.bootstrapcdn.com | |
| code.jquery.com |
2
2a00:1450:4001:800::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
6
2.17.187.165
(Ascension Island)
ASN16625 (AKAMAI-AS, US)
PTR: a2-17-187-165.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-17-187-165.deploy.static.akamaitechnologies.com
| squ.airmiles.ca |
5
2a00:1450:4001:817::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
2
143.204.103.39
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-39.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-39.fra50.r.cloudfront.net
| api.loyalty.com |
1
52.216.112.13
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
| s3.amazonaws.com |
1
107.21.248.30
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-248-30.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-248-30.compute-1.amazonaws.com
| dnt.qualaroo.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 54 |
airmiles.ca
1 redirects
email.airmiles.ca covid-19.airmiles.ca squ.airmiles.ca |
755 KB |
| 5 |
google-analytics.com
1 redirects
www.google-analytics.com |
42 KB |
| 3 |
facebook.com
www.facebook.com |
699 B |
| 3 |
facebook.net
connect.facebook.net |
256 KB |
| 3 |
cloudflare.com
cdnjs.cloudflare.com |
31 KB |
| 2 |
loyalty.com
api.loyalty.com |
2 KB |
| 2 |
google.de
www.google.de |
218 B |
| 2 |
google.com
2 redirects
www.google.com |
372 B |
| 2 |
doubleclick.net
2 redirects
stats.g.doubleclick.net |
325 B |
| 2 |
googletagmanager.com
www.googletagmanager.com |
70 KB |
| 2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
33 KB |
| 1 |
qualaroo.com
dnt.qualaroo.com |
|
| 1 |
amazonaws.com
s3.amazonaws.com |
48 KB |
| 1 |
jquery.com
code.jquery.com |
24 KB |
| 77 | 14 |
| Domain | Requested by | |
|---|---|---|
| 47 | covid-19.airmiles.ca |
covid-19.airmiles.ca
|
| 6 | squ.airmiles.ca |
covid-19.airmiles.ca
|
| 5 | www.google-analytics.com |
1 redirects
covid-19.airmiles.ca
www.google-analytics.com |
| 3 | www.facebook.com |
covid-19.airmiles.ca
|
| 3 | connect.facebook.net |
covid-19.airmiles.ca
connect.facebook.net |
| 3 | cdnjs.cloudflare.com |
covid-19.airmiles.ca
|
| 2 | api.loyalty.com |
covid-19.airmiles.ca
|
| 2 | www.google.de |
covid-19.airmiles.ca
|
| 2 | www.google.com | 2 redirects |
| 2 | stats.g.doubleclick.net | 2 redirects |
| 2 | www.googletagmanager.com |
covid-19.airmiles.ca
|
| 2 | maxcdn.bootstrapcdn.com |
covid-19.airmiles.ca
|
| 1 | dnt.qualaroo.com |
s3.amazonaws.com
|
| 1 | s3.amazonaws.com |
covid-19.airmiles.ca
|
| 1 | code.jquery.com |
covid-19.airmiles.ca
|
| 1 | email.airmiles.ca | 1 redirects |
| 77 | 16 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.airmiles.ca DigiCert SHA2 High Assurance Server CA |
2018-11-29 - 2021-02-19 |
2 years | crt.sh |
| *.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
| ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-12-05 - 2020-06-12 |
6 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
| www.google.de GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| *.api.loyalty.com DigiCert SHA2 High Assurance Server CA |
2019-01-20 - 2021-01-27 |
2 years | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-03-01 - 2020-05-30 |
3 months | crt.sh |
| s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2020-12-02 |
a year | crt.sh |
| *.qualaroo.com Amazon |
2020-01-16 - 2021-02-16 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://covid-19.airmiles.ca/en/partner-updates?utm_campaign=45715_programupdateapril2020-solo&utm_source=airmiles&utm_medium=email&utm_content=programupdate-admin
Frame ID: ED4234E37C2B9E9560F853E40DB74144
Requests: 77 HTTP requests in this frame
Frame:
https://dnt.qualaroo.com/frame.html
Frame ID: 60F9F60B33936A03BA1B152118BB459B
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://email.airmiles.ca/T/v4000001714823396ea7ef396e96c569c8/be47ea17ccd749810000021ef3a0bcc3/be47ea...
HTTP 302
https://covid-19.airmiles.ca/en/partner-updates?utm_campaign=45715_programupdateapril2020-solo&utm_source... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
40 Outgoing links
These are links going to different origins than the main page.
URL: https://www.airmiles.ca/arrow/Home?changeLocale=en_CA
Title:
Title:
Search URL Search Domain Scan URL
URL: https://corporate.sobeys.com/coronavirus/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.iga.net/en/in_the_community/information_about_covid-19
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.marchestradition.com/wp-content/uploads/2020/03/marches-covid-19-en.pdf
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.metro.ca/en
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.rexall.ca/covid-19
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.jeancoutu.com/en/health/coronavirus-covid-19/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://pharmasave.com/caring-for-our-community/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://globalpetfoods.com/preventative-measures/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.shell.ca/en_ca/media/news-and-media-releases/news-releases-2020/meeting-customer-needs-during-uncertain-times.html
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.irvingoil.com/en-CA/irving-values/covid-19
Title:
Title:
Search URL Search Domain Scan URL
URL: https://liquor.sobeys.com/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://safewayliquorbc.com/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://thriftyfoodsliquor.com/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.liquormarts.ca/covid-19
Title:
Title:
Search URL Search Domain Scan URL
URL: https://nlliquor.com/covid-19-updates/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.mynslc.com/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.lcbo.com/content/lcbo/en/homepage/covid-19-lcbo-response.html
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.bmo.com/main/personal/bmo-branches-coronavirus-update/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.americanexpress.com/ca/en/company/notice/covid-19/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.staples.ca/a/content/covid19-notice
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www3.hbc.com/press-release-container/hudsons-bay-provides-update-on-response-to-covid-19/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.rona.ca/en
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.lowes.ca/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.renodepot.com/en
Title:
Title:
Search URL Search Domain Scan URL
URL: https://timbermart.ca/en/covid-19/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://kent.ca/message-from-kent
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.goodyear.ca/en-CA/tires/tire-shop/all
Title:
Title:
Search URL Search Domain Scan URL
URL: https://jiffylubeservice.ca/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.jiffylubeontario.com/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.childrensplace.com/ca/content/covid-update
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.chefcookit.com/en/faq/security
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.hearinglife.ca/footer/clinic-closure
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.craftsmancollision.com/news/covid-19-our-response/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.gerrie.com/gerrieupdates
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.daoustforget.com/en/home.html
Title:
Title:
Search URL Search Domain Scan URL
URL: https://daousteco.com/promotions/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.airmiles.ca/?changeLocale=en_CA
Title: airmiles.ca
Title: airmiles.ca
Search URL Search Domain Scan URL
URL: https://www.airmiles.ca/arrow/PrivacyPolicy?changeLocale=en_CA
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://www.airmiles.ca/arrow/Enrollment?changeLocale=en_CA
Title: Not a Collector?
Title: Not a Collector?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://email.airmiles.ca/T/v4000001714823396ea7ef396e96c569c8/be47ea17ccd749810000021ef3a0bcc3/be47ea17-ccd7-4981-a28d-3abd3a90cc17?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0zgiV7ZksRmzBI6TTMVKMPoGOiD5zI4Fq71cLoGANM9AsVtJynN_gjVbGi0eIy0kQVOedVqmtzewOvFc3mMXXem03Ndfk_Aq7OSOg2OHcqI7rXBfn1lNmVU40_OOiZGWW9Z8Y3zfb8fofM5uiLkBLHnVse7ZQgQB5FHMNT4uz6ZlchXxifPsR1ssjW5G15u_RiB6UR9WQorhktlk216nD5OHNHONMYmS9fGdTlX42NALXvr7w81fbXUnDGtixj_NvgEi-uIJU0orDNls6iw1DPaMJUwKNfxdVROoFDBhrUUZr6O3emVySIOeungZyZvvL1Z8sF4S-Sfp7Ame0BqHcIf9gkAqVRr1gakLM-WjT6-28_oIzktSoI4XNb89xCh21jQnu2hPcmgY1Epzdnufhsy102OhlPC2pojTfMIXhkIQ==
HTTP 302
https://covid-19.airmiles.ca/en/partner-updates?utm_campaign=45715_programupdateapril2020-solo&utm_source=airmiles&utm_medium=email&utm_content=programupdate-admin Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 63- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=798386615&t=pageview&_s=1&dl=https%3A%2F%2Fcovid-19.airmiles.ca%2Fen%2Fpartner-updates%3Futm_campaign%3D45715_programupdateapril2020-solo%26utm_source%3Dairmiles%26utm_medium%3Demail%26utm_content%3Dprogramupdate-admin&ul=en-us&de=UTF-8&dt=Covid-19%20-%20Partner%20Updates&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAUADQ~&jid=543513229&gjid=1816743046&cid=1235745503.1586187214&tid=UA-76333024-1&_gid=1039759693.1586187214&_r=1>m=2ou3p1&z=1070077811 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76333024-1&cid=1235745503.1586187214&jid=543513229&_gid=1039759693.1586187214&gjid=1816743046&_v=j81&z=1070077811 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-1&cid=1235745503.1586187214&jid=543513229&_v=j81&z=1070077811 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-1&cid=1235745503.1586187214&jid=543513229&_v=j81&z=1070077811&slf_rd=1&random=1121269059
- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-76333024-1&cid=1235745503.1586187214&jid=1797132153&uid=80000515740&gjid=1267378196&_gid=1039759693.1586187214&_u=aGDAgUAjQ~&z=1925661860 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-1&cid=1235745503.1586187214&jid=1797132153&_v=j81&z=1925661860 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-1&cid=1235745503.1586187214&jid=1797132153&_v=j81&z=1925661860&slf_rd=1&random=566303629
77 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
partner-updates
covid-19.airmiles.ca/en/ Redirect Chain
|
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
covid-19.airmiles.ca/resources/css/ |
51 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ |
141 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ |
56 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
76 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-am.png
covid-19.airmiles.ca/src/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
safeway.png
covid-19.airmiles.ca/src/images/partners/en/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sobeys_west.png
covid-19.airmiles.ca/src/images/partners/en/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iga_west.png
covid-19.airmiles.ca/src/images/partners/en/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iga_express.png
covid-19.airmiles.ca/src/images/partners/en/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iga_que.png
covid-19.airmiles.ca/src/images/partners/en/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
les_marches_traditions.png
covid-19.airmiles.ca/src/images/partners/en/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
foodland_fresh.png
covid-19.airmiles.ca/src/images/partners/en/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
foodland_coops.png
covid-19.airmiles.ca/src/images/partners/en/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
thrifty_foods.png
covid-19.airmiles.ca/src/images/partners/en/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
metro.png
covid-19.airmiles.ca/src/images/partners/en/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rexall.png
covid-19.airmiles.ca/src/images/partners/en/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jean_coutu.png
covid-19.airmiles.ca/src/images/partners/en/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lawtons.png
covid-19.airmiles.ca/src/images/partners/en/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pharmasave.png
covid-19.airmiles.ca/src/images/partners/en/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
global_pet_foods.png
covid-19.airmiles.ca/src/images/partners/en/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shell.png
covid-19.airmiles.ca/src/images/partners/en/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
irving_oil.png
covid-19.airmiles.ca/src/images/partners/en/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sobeys_liquor.png
covid-19.airmiles.ca/src/images/partners/en/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
safeway_liquor.png
covid-19.airmiles.ca/src/images/partners/en/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sobeys_safeway_liquor.png
covid-19.airmiles.ca/src/images/partners/en/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
thrifty_foods_liquor.png
covid-19.airmiles.ca/src/images/partners/en/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mbll.png
covid-19.airmiles.ca/src/images/partners/en/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nlc.png
covid-19.airmiles.ca/src/images/partners/en/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nslc.png
covid-19.airmiles.ca/src/images/partners/en/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lcbo.png
covid-19.airmiles.ca/src/images/partners/en/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bmo.png
covid-19.airmiles.ca/src/images/partners/en/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amex.png
covid-19.airmiles.ca/src/images/partners/en/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
staples.png
covid-19.airmiles.ca/src/images/partners/en/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hudson_bay.png
covid-19.airmiles.ca/src/images/partners/en/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rona.png
covid-19.airmiles.ca/src/images/partners/en/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lowes.png
covid-19.airmiles.ca/src/images/partners/en/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
reno_depot.png
covid-19.airmiles.ca/src/images/partners/en/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
timber_mart.png
covid-19.airmiles.ca/src/images/partners/en/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kent.png
covid-19.airmiles.ca/src/images/partners/en/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
goodyear.png
covid-19.airmiles.ca/src/images/partners/en/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jiffy_lube.png
covid-19.airmiles.ca/src/images/partners/en/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tcp.png
covid-19.airmiles.ca/src/images/partners/en/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookit.png
covid-19.airmiles.ca/src/images/partners/en/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hearing_life_canada.png
covid-19.airmiles.ca/src/images/partners/en/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
craftsman_collision.png
covid-19.airmiles.ca/src/images/partners/en/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gerrie.png
covid-19.airmiles.ca/src/images/partners/en/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
daoust.png
covid-19.airmiles.ca/src/images/partners/en/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
daoust_eco.png
covid-19.airmiles.ca/src/images/partners/en/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.9.1.min.js
squ.airmiles.ca/cdn/js/ |
90 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.js
covid-19.airmiles.ca/resources/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.2.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/js/ |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
omneslight-fontface.css
squ.airmiles.ca/cdn/font/style/ |
379 B 381 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
omnes-regular-fontface.css
squ.airmiles.ca/cdn/font/style/ |
400 B 392 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
omnes-medium-fontface.css
squ.airmiles.ca/cdn/font/style/ |
386 B 381 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
181 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
113 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OmnesLight.otf
squ.airmiles.ca/cdn/font/files/ |
126 KB 127 KB |
Font
application/vnd.oasis.opendocument.formula-template |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Omnes-Regular.otf
squ.airmiles.ca/cdn/font/files/ |
115 KB 115 KB |
Font
application/vnd.oasis.opendocument.formula-template |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.google-analytics.com/gtm/ |
62 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 927 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
clickstream-amca
api.loyalty.com/v2/dh-spine/streams/ |
0 787 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gnm.js
s3.amazonaws.com/ki.js/68825/ |
147 KB 48 KB |
Script
application/ecmascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1622896811338454
connect.facebook.net/signals/config/ |
447 KB 113 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1876645655954142
connect.facebook.net/signals/config/ |
447 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 202 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
clickstream-amca
api.loyalty.com/v2/dh-spine/streams/ |
0 793 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 250 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
frame.html
dnt.qualaroo.com/ Frame 60F9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
38 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| env string| language string| region object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_optimize object| _kiq function| onShowNudge string| dataPacket object| httpRequest object| $CICS function| fbq function| _fbq function| $ function| jQuery boolean| debugging function| fbAsyncInit object| SKM object| SkmCommon function| Popper object| bootstrap object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome object| regionBlock object| partneBlock object| KI function| isIE function| isIosSafari3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| covid-19.airmiles.ca/ | Name: ki_r Value: |
|
| covid-19.airmiles.ca/ | Name: ki_t Value: 1586187216842%3B1586187216842%3B1586187216842%3B1%3B1 |
|
| .airmiles.ca/ | Name: _fbp Value: fb.1.1586187215779.592107712 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.loyalty.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
covid-19.airmiles.ca
dnt.qualaroo.com
email.airmiles.ca
maxcdn.bootstrapcdn.com
s3.amazonaws.com
squ.airmiles.ca
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
107.21.248.30
143.204.103.39
159.127.187.134
2.17.187.165
2001:4de0:ac19::1:b:1a
2606:4700::6811:4004
2a00:1450:4001:800::2008
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:817::200e
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.216.112.13
52.5.214.13
00b3c7256f106aaa3dc4e4e9fd95eff1ebd0eb9dee4e6d01f486fdb520222711
0541ca6d04eec3cf328f5ff5ca7818a6bed6c471f4d38e3ab7abb5b15cf1f024
055b0c07fc2afe5273ee7d0b460f94a8c7cca7258be7ec2c675a8fe5860648b3
057578e92f7b6ed37402c5832bda9ee6976fec13ab2abe38080209e77e10c60b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
190115dbb3fc8f800d3cbdfab4b9063d2647fadf88d56380ad3b2f8c5e30342e
199af40aa23486be891abf938021599767db224740632886e768cffbe2f37f75
1c4407b147420d35b55a2810c96ff66bc133ffb0a1f0b989b1e62ae3bab44968
1db677af896825a47cdecfbf1f06721492682d055e0103ef6d7fafe8945df379
22d70bfe88aa22a7577e5972277e1b26672fa67bc8b1fa84165b838cebd71d4a
2b49553f94e00f16d8216f25980b4a7193fd26979426c6005a5573822c982ec8
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
31fa8b4881989840e849a7eacb77295671ca3ad1b0abf216de1cae141c778fca
321c2a6ecd9a61910133f73c1d3186a7c1848837280ede625055566e2aa9c07e
34eda5ea008e3558b57b5841f5558512c61d11e21df6d2d7fc2c7f504de2f686
3b385b72e1d6110d4eb76bee428c1ca31890c70ad55d344ee7b246fac6757659
3b3f1457c3880becc8ee36269cb29b336320af45ab882969cbf74ffc82e278a2
3cf8538ed024eeace4b80dfcca923f57ca40e3b465115c74fa609ecfc952f37b
45d08cd4013b0835b5033778b4fb2f111375a2742ca8d261421e6910de54588a
48f9d15020cf14b2adefa1c9a62c8e019f61f19ba391f56d7a801096d192d808
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5bcc9924b0860952b52c6997473e1d8e57e0d62fc352f7022b0a68ada1f638ef
5d4244fef2962c2f28556d4d0d80a538fbd64f38ceca7b08f54b649bcedea733
720541aaa83a5399cdd0c7d0be7252e0d1d730b650454ed9e36cfb8486bcf1d9
751bcd0b9baf7c12d495194df3a5ca8cc05f58f8dcc07fdc5003e484d5b3c451
7e68b59e719e7b077122f914d79010e0be48e24802141e28a1690040421b5d68
804fbba683ba1d27a76c7589323c7ddcd4303c72336ca23b7cc8cd8d7143c25d
8249cd0370841921b65fdcfef9f66d02c260a40697f36bbfb5ffd898cc1890dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e
8569f2cd165dbf11ad1c1116df0f35a468b844ded5e12771b25519b2e9cb4a54
8609d284a026495819958e9991c5f04cb269c03c3612311c743d725c564c2352
8772e6555b9b5f81a64f5c4fdcd38804ab834e8b1147a86fbd43d9a433073439
87bb4f9f92247471f2650c9d46e2692033ebdcebdc11908f1ce82a6a232ebf15
8806bf3dfe4137de7239d53469471f1e7f4a579e08769f8a9e36b8cc03ef7b4a
8fd2848a6f6954c83f7328d8685bc27e089bcab8d030d016b2c67ed708341316
91639019972f65c471d5a7335baf11c64f9179c25295ee64369b02681693d675
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9408b982793e06bd89968c2cf6ed57542fcacf80b8a6497a1d8139edafd49fb9
97aa7f645c7f8f7da58037c265b99204f8eb90c875fcadf660c64d126c54edc0
98d8e0308a1a6d81ceb5f5c9e2c264ac03e6fc808f276d977ab694678d5b8ef9
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9cba8dac660617eea8125d6b21d590c563155e487d175d5ee60d864788881bb1
a056327cc323037ca7b4954ecb0cc5aa9ed7752d90515e23a62b97ab037946a1
a3e53a30421afcf8daab1824b0fb603acdd83d524a2a94cc476a766290788845
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a97e2b67e124b83127a702dd1eadb1393e138e37696385d7e7f8a1148242819d
b54cbb9fa3b8457bdd61819b4da3c056e70315124b04e6b9755e7c48c44d89c9
b8c46b4ce25db18676a680617cd60259749eb167a876c7cdf948d114dfcc3415
bbb522f1c3ee22118b66be179947d94376322e487add134e360d57cce364e90e
bbd07fefae530567f0347e973b97a963c69f300b50748b9ac64000547d3c2943
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cbbf8e3c5ede5a0b27b5d554293435360a8ba116ba6404413fa0cf373d063872
ccac4ebfee09311801232d512b33b001faf9da10f485605234a7b92b7dde70f8
ccccb3e84c29a7e24337dcf9a5f1985258c474802da1cc1be9be847da2d4de71
cd6224462e4b3e7fc398b378d629df74bed3d6fc065463feaa74f5a5e5c78b9d
d60e57ef583ac51e5c2b53cc86bc2acc682e0954380dbcd60c0097d0ec9b4064
d792ade56ebd9dd3b8be65f0c33a2fe765aa0517c1c3b0275feb76b3888eb4d2
db54eeb8ce4b9543c870f64b736528710a006374b8ca9b5512cf70b8569e365c
de0994ac145f60ae01d58dc2d525e31e4655382607664b6bfc6da6fc400c328e
e250191f53aa923a81f93cc036b1d09313e4ae248bd22288f50429307b778076
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec6bb13ef05ceff511b7bf9fd62e6a719ed55dd1a5c305bc0a4c8522a49c4dfc
ee63b4f721d8734dae1e562240135cf860a5e54fa14a772518bf5e174eba65b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3a992e204335b7cddd6ff9684235397ff9baf724f55d3287028e03d39ee3d3
f709344859a4a29ee8ec094cafd7ee24d2c441f8d557b993985d3a848082a703
fc200071ec2533c3aa246fe54dc2c2f7922537fa15ce7ca0cc15c1a82a4e0a50
fce4eef00bb501d9ba08e21edfd6bd3e6bb28f7b737d174a549528af23d94311
fd5e4b06d87121b4f8107244ab53d580c906313b6f625edfdd8ac41b288b4ece