uat-drake-membersite.podiumrewards.com
Open in
urlscan Pro
54.198.18.218
Public Scan
Effective URL: https://uat-drake-membersite.podiumrewards.com/?error=timeout
Submission Tags: @phishunt_io
Submission: On May 07 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon on June 30th 2021. Valid for: a year.
This is the only time uat-drake-membersite.podiumrewards.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-164-98.compute-1.amazonaws.com
uat-hsbc-travel-membersite.podiumrewards.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-96.fra56.r.cloudfront.net
3483aa961f45.cdn4.forter.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-18-218.compute-1.amazonaws.com
uat-drake-membersite.podiumrewards.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-68-113.compute-1.amazonaws.com
cdn3.forter.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-46.fra60.r.cloudfront.net
cdn9.forter.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com | |
akamai.tiqcdn.com |
ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-122.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-90-153-39.deploy.static.akamaitechnologies.com
a19069622224.cdn.optimizely.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-114-251.compute-1.amazonaws.com
uat-hsbc-api.podiumrewards.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-46-66.compute-1.amazonaws.com
logx.optimizely.com |
ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-200-158.eu-central-1.compute.amazonaws.com
datacloud.tealiumiq.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-47-227.compute-1.amazonaws.com
collect-us-east-1.tealiumiq.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-123-240.compute-1.amazonaws.com
visitor-service-us-east-1.tealiumiq.com |
Domain | Requested by | |
---|---|---|
21 | uat-drake-membersite.podiumrewards.com |
uat-drake-membersite.podiumrewards.com
|
10 | tags.tiqcdn.com |
uat-drake-membersite.podiumrewards.com
uat-hsbc-travel-membersite.podiumrewards.com tags.tiqcdn.com |
9 | uat-hsbc-travel-membersite.podiumrewards.com |
uat-hsbc-travel-membersite.podiumrewards.com
|
4 | uat-hsbc-api.podiumrewards.com |
uat-drake-membersite.podiumrewards.com
|
3 | connect.facebook.net |
tags.tiqcdn.com
connect.facebook.net |
2 | www.facebook.com |
uat-drake-membersite.podiumrewards.com
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | www.google-analytics.com |
www.googletagmanager.com
|
2 | cdn9.forter.com | 1 redirects |
2 | cdn3.forter.com | |
2 | www.googletagmanager.com |
uat-drake-membersite.podiumrewards.com
|
1 | visitor-service-us-east-1.tealiumiq.com |
tags.tiqcdn.com
|
1 | mcm-sit-us.hsbc.com.hk |
tags.tiqcdn.com
|
1 | collect-us-east-1.tealiumiq.com |
tags.tiqcdn.com
|
1 | lptag.liveperson.net |
tags.tiqcdn.com
|
1 | datacloud.tealiumiq.com |
uat-drake-membersite.podiumrewards.com
|
1 | logx.optimizely.com |
cdn.optimizely.com
|
1 | t.co |
uat-drake-membersite.podiumrewards.com
|
1 | akamai.tiqcdn.com |
tags.tiqcdn.com
|
1 | a19069622224.cdn.optimizely.com |
cdn.optimizely.com
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | cdn.optimizely.com |
tags.tiqcdn.com
|
1 | 3483aa961f45.cdn4.forter.com |
uat-hsbc-travel-membersite.podiumrewards.com
|
1 | secure.rezserver.com | |
1 | fonts.googleapis.com |
uat-hsbc-travel-membersite.podiumrewards.com
|
0 | d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com Failed | |
77 | 26 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.us.hsbc.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
uat-hsbc-travel-membersite.podiumrewards.com Amazon |
2022-05-07 - 2023-06-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-18 - 2022-07-11 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-04-18 - 2022-07-11 |
3 months | crt.sh |
*.rezserver.com GeoTrust TLS RSA CA G1 |
2022-03-09 - 2023-04-09 |
a year | crt.sh |
*.cdn4.forter.com GeoTrust RSA CA 2018 |
2021-11-16 - 2022-12-16 |
a year | crt.sh |
uat-drake-membersite.podiumrewards.com Amazon |
2021-06-30 - 2022-07-29 |
a year | crt.sh |
cdn3.forter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-06-02 - 2022-07-03 |
a year | crt.sh |
*.tiqcdn.com DigiCert SHA2 Secure Server CA |
2022-02-27 - 2023-02-28 |
a year | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2021-12-24 - 2022-12-24 |
a year | crt.sh |
*.optimizely.com DigiCert SHA2 Secure Server CA |
2021-12-24 - 2022-12-24 |
a year | crt.sh |
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-06-02 - 2022-06-07 |
a year | crt.sh |
uat-hsbc-api.podiumrewards.com Amazon |
2022-05-07 - 2023-06-05 |
a year | crt.sh |
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
logx.optimizely.com Amazon |
2021-08-23 - 2022-09-21 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-02-13 - 2022-05-14 |
3 months | crt.sh |
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2022-04-26 - 2023-04-26 |
a year | crt.sh |
*.tealiumiq.com Amazon |
2021-09-24 - 2022-10-23 |
a year | crt.sh |
mcm-sit-us.hsbc.com.hk DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-14 - 2023-05-15 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://uat-drake-membersite.podiumrewards.com/?error=timeout
Frame ID: 42052EE7569BC6C5DA0C20BF5010A6BF
Requests: 82 HTTP requests in this frame
Frame:
https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Frame ID: 641865AFFC986957152896215F9CF0E7
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
HSBC Rewards - LoginPage URL History Show full URLs
- https://uat-hsbc-travel-membersite.podiumrewards.com/ Page URL
- https://uat-drake-membersite.podiumrewards.com/?error=timeout Page URL
Detected technologies
Nuxt.js (JavaScript Frameworks) ExpandDetected patterns
- /_nuxt/
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Forter (Analytics) Expand
Detected patterns
- forter\.com
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Optimizely (Analytics) Expand
Detected patterns
- optimizely\.com.*\.js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: HSBC Terms and Conditions open in new tab
Search URL Search Domain Scan URL
Title: Privacy open in new tab
Search URL Search Domain Scan URL
Title: Accessibility open in new tab
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://uat-hsbc-travel-membersite.podiumrewards.com/ Page URL
- https://uat-drake-membersite.podiumrewards.com/?error=timeout Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://cdn9.forter.com/vchk2 HTTP 301
- https://cdn9.forter.com/vchk2/v1/2abd58ce6819797d6f75b61218fb0fbca2b29d03278a4461bce1300eb697c242ac7f4bcb621e57e0dbf64bdda376
- https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=01809d58805600515145e6d7505c03073004206b00b08&tealium_account=hsbc&tealium_profile=wpb-stream-us HTTP 302
- https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=01809d58805600515145e6d7505c03073004206b00b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_tc= HTTP 302
- https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01809d58805600515145e6d7505c03073004206b00b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_gid=CAESEO_oVtCTJz7FsRBhUxUhlzQ&google_cver=1
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
uat-hsbc-travel-membersite.podiumrewards.com/ |
625 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
env.js
uat-hsbc-travel-membersite.podiumrewards.com/ |
363 B 833 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.js
uat-hsbc-travel-membersite.podiumrewards.com/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.js
uat-hsbc-travel-membersite.podiumrewards.com/ |
11 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
uat-hsbc-travel-membersite.podiumrewards.com/ |
2 MB 258 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
104 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
secure.rezserver.com/sdk/v1/8971/ |
6 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
uat-hsbc-travel-membersite.podiumrewards.com/i18n/ |
45 KB 10 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
uat-hsbc-travel-membersite.podiumrewards.com/ |
469 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner-hsbc.svg
uat-hsbc-travel-membersite.podiumrewards.com/images/ |
250 B 649 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniversNext-regular.woff2
uat-hsbc-travel-membersite.podiumrewards.com/fonts/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
3483aa961f45.cdn4.forter.com/sn/3483aa961f45/ |
149 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
uat-drake-membersite.podiumrewards.com/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
cdn3.forter.com/ |
0 261 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
cdn3.forter.com/ |
0 260 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
events
cdn3.forter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2abd58ce6819797d6f75b61218fb0fbca2b29d03278a4461bce1300eb697c242ac7f4bcb621e57e0dbf64bdda376
cdn9.forter.com/vchk2/v1/ Redirect Chain
|
0 322 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
events
cdn3.forter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
prop.json
d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
prop.json
d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
prop.json
d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
events
cdn3.forter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
188 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2eef7b08544284eae849.js
uat-drake-membersite.podiumrewards.com/_nuxt/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a8e7fd1d0431e8f86955.js
uat-drake-membersite.podiumrewards.com/_nuxt/ |
212 KB 212 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cba64f3d944f3223fd95.js
uat-drake-membersite.podiumrewards.com/_nuxt/ |
865 KB 866 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6ea757d4be284087b87c.js
uat-drake-membersite.podiumrewards.com/_nuxt/ |
612 KB 613 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20375190679.js
cdn.optimizely.com/js/ |
1023 KB 150 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 363 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo4.js
cdn3.optimizely.com/js/ |
310 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a19069622224.html
a19069622224.cdn.optimizely.com/client_storage/ Frame 6418 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4effbcd966da8c5c783f.js
uat-drake-membersite.podiumrewards.com/_nuxt/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ce44bcb.woff2
uat-drake-membersite.podiumrewards.com/_nuxt/fonts/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
96c4df192e632ed3240f.js
uat-drake-membersite.podiumrewards.com/_nuxt/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HSBC_Thumbnail_2.jpg
uat-drake-membersite.podiumrewards.com/images/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HSBC_Thumbnail_3.jpg
uat-drake-membersite.podiumrewards.com/images/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
egift_banner.png
uat-drake-membersite.podiumrewards.com/images/ |
109 KB 109 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merch_tiles.png
uat-drake-membersite.podiumrewards.com/images/ |
49 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cash_back_tiles.png
uat-drake-membersite.podiumrewards.com/images/ |
41 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e1fae00.woff2
uat-drake-membersite.podiumrewards.com/_nuxt/fonts/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
15c1015.woff2
uat-drake-membersite.podiumrewards.com/_nuxt/fonts/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ |
281 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page
uat-hsbc-api.podiumrewards.com/v1/guest/program/hsbc/cms/ |
31 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu.svg
uat-drake-membersite.podiumrewards.com/images/icons/ |
502 B 656 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsbc-brand-logo-no-text.svg
uat-drake-membersite.podiumrewards.com/images/ |
543 B 697 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
program-registration
uat-hsbc-api.podiumrewards.com/v1/member/program/hsbc/ |
127 B 681 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
product
uat-hsbc-api.podiumrewards.com/v1/guest/ |
93 B 648 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pause.svg
uat-drake-membersite.podiumrewards.com/images/icons/ |
289 B 443 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
386 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
program-registration
uat-hsbc-api.podiumrewards.com/v1/member/program/hsbc/ |
127 B 682 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error.svg
uat-drake-membersite.podiumrewards.com/images/icons/ |
531 B 685 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close-black.svg
uat-drake-membersite.podiumrewards.com/images/icons/ |
562 B 716 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
location.js
akamai.tiqcdn.com/location/ |
18 B 560 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.455.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ |
133 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 337 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.87.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ |
37 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.384.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.518.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ |
22 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.550.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.595.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ |
47 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.612.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
638 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-right-thick-red.svg
uat-drake-membersite.podiumrewards.com/images/icons/ |
386 B 540 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 383 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i.gif
datacloud.tealiumiq.com/vdata/ Redirect Chain
|
43 B 1007 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
382 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
identity.js
connect.facebook.net/signals/plugins/ |
64 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
405421264201379
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i.gif
collect-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/2/ |
43 B 1 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
session.json
mcm-sit-us.hsbc.com.hk/5778/handler9/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JavascriptInsert.js
mcm-sit-us.hsbc.com.hk/ |
82 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 202 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01809d58805600515145e6d7505c03073004206b00b08
visitor-service-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/ |
36 B 250 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn3.forter.com
- URL
- https://cdn3.forter.com/events
- Domain
- cdn3.forter.com
- URL
- https://cdn3.forter.com/events
- Domain
- d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com
- URL
- https://d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com/prop.json
- Domain
- d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com
- URL
- https://d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com/prop.json
- Domain
- d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com
- URL
- https://d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com/prop.json
- Domain
- cdn3.forter.com
- URL
- https://cdn3.forter.com/events
- Domain
- mcm-sit-us.hsbc.com.hk
- URL
- https://mcm-sit-us.hsbc.com.hk/5778/handler9/session.json
Verdicts & Comments Add Verdict or Comment
129 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| TMS number| maskTimeout boolean| syncChangesApplied object| cssRuleManager function| removeMask object| u object| HSBC object| _tag object| DCSext function| dcsGetHSBCCookie function| dcsVar function| dcsMultiTrack function| dcsMapHSBC function| dcsMeta function| dcsFunc function| dcsTag object| optimizely function| gtag object| dataLayer object| webpackJsonp object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal function| _ object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt object| tms object| utag_err boolean| utag_condload object| jwt undefined| JWTInternals object| utag function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| utag_data object| Evnt string| mn object| blist object| pixel_lib object| utag_extn function| targetPageParams object| wizconfig object| aemC object| moOpt object| WIZ_util function| prefixPriority object| WIZ_res boolean| pushIdentities function| tealium_liveperson_lib object| lpTag object| h function| fbq function| _fbq object| e number| f string| items string| storageData function| pLoaded boolean| impressiontrackingrunning string| HSBCUSSITPageID string| HSBCUSSITcompatVersion string| HSBCUSSITpacketVersion string| HSBCUSSITuseCorsForInitialRequest string| HSBCUSSITuseJsonFormatForInitialCorsRequest string| HSBCUSSITTCP string| HSBCUSSITSSL function| HSBCUSSITgPr object| HSBCUSSITpendingManualEvents object| HSBCUSSITqueuedYoutubeReferences function| HSBCUSSITevent function| HSBCUSSITclick function| HSBCUSSITtextchange function| HSBCUSSITformsubmit function| HSBCUSSITSendJsonData function| HSBCUSSITtrackYouTubeIframePlayer function| HSBCUSSITinitialExecutionCanProceed function| HSBCUSSITblockExecutionForInsertAlreadyPresent function| HSBCUSSITSL function| HSBCUSSITsendScriptRequests function| HSBCUSSITcookieAllowsScriptToProceed function| HSBCUSSITSC function| HSBCUSSITfindCookieVal function| HSBCUSSITdeleteLegacyCookies function| HSBCUSSITdoDeleteCookie boolean| HSBCUSSITLF function| HSBCUSSITclearStoppedState function| HSBCUSSITstop function| HSBCUSSITgenerateUUID object| HSBCUSSITcookieList function| HSBCUSSITgC function| HSBCUSSITae function| HSBCUSSITclient_event function| HSBCUSSITGP function| HSBCUSSITGPWID function| HSBCUSSITLC string| HSBCUSSITTWID function| HSBCUSSIToptOut function| HSBCUSSIToptIn function| HSBCUSSITanonymous function| HSBCUSSITresetCSA function| HSBCUSSITdoReInit function| HSBCUSSITtmoPoll boolean| HSBCUSSITjsInsertAlreadyLoaded function| HSBCUSSITgetSD string| HSBCUSSITwindowID number| HSBCUSSITTm object| HSBCUSSITsImgArr object| HSBCUSSITRTEHandler function| HSBCUSSITiBd function| HSBCUSSITBd boolean| HSBCUSSIToTP object| HSBCUSSIToWA number| HSBCUSSITwI boolean| HSBCUSSITsWO boolean| HSBCUSSITisReinit function| HSBCUSSITdoCelebrusInsertInvocation18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.uat-hsbc-travel-membersite.podiumrewards.com/ | Name: SITESERVER Value: ID=9381e03321ce72e7a6323b6eef79ab3d |
|
.podiumrewards.com/ | Name: forterToken Value: d22edce6ba484e93b138922447aa9c0f_1651907261853__UDF43_9ck |
|
.podiumrewards.com/ | Name: ftr_ncd Value: 6 |
|
uat-hsbc-travel-membersite.podiumrewards.com/ | Name: RS-CLIENT Value: eyJpcCI6IjE0Ni43MC4xMTcuODgiLCJ1YSI6Ik1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjEwMS4wLjQ5NTEuNDElMjBTYWZhcmklMkY1MzcuMzYiLCJyZWZpZCI6Ijg5NzEiLCJ0b2tlbiI6ImQyMmVkY2U2YmE0ODRlOTNiMTM4OTIyNDQ3YWE5YzBmXzE2NTE5MDcyNjE4NTNfX1VERjQzXzljayIsInV1aWQiOiI5MzgxZTAzMzIxY2U3MmU3YTYzMjNiNmVlZjc5YWIzZCJ9 |
|
.podiumrewards.com/ | Name: _ga Value: GA1.1.1235281210.1651907264 |
|
.podiumrewards.com/ | Name: optimizelyEndUserId Value: oeu1651907263790r0.7070124515626646 |
|
.podiumrewards.com/ | Name: tms_ref Value: https://uat-hsbc-travel-membersite.podiumrewards.com/ |
|
.uat-drake-membersite.podiumrewards.com/ | Name: mkt_c Value: ZZZZZZZZZZ |
|
.t.co/ | Name: muc_ads Value: 5ed05ef9-9a68-4617-a715-b858130bf000 |
|
.podiumrewards.com/ | Name: _ga_X8HWFME6KP Value: GS1.1.1651907263.1.1.1651907265.0 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnkbVwVwLPHy6A_INlcSfsbr5DN1xlTu2vNG_T9bwQUTpmAo6xQ-wW2djGtFBU |
|
.tealiumiq.com/ | Name: tcs.google_cver Value: eyJoc2JjL3dwYi1zdHJlYW0tdXMiOiIxfDE2NTE5MDcyNjUyMzEifQ== |
|
.tealiumiq.com/ | Name: TAPID Value: hsbc/wpb-stream-us>01809d58805600515145e6d7505c03073004206b00b08| |
|
.tealiumiq.com/ | Name: tcs.google_gid Value: eyJoc2JjL3dwYi1zdHJlYW0tdXMiOiJDQUVTRU9fb1Z0Q1RKejdGc1JCaFV4VWhselF8MTY1MTkwNzI2NTIzMSJ9 |
|
.podiumrewards.com/ | Name: _fbp Value: fb.1.1651907265265.1192596489 |
|
.facebook.com/ | Name: fr Value: 0HyUqLCxSIRGWKUiO..BidhrB...1.0.BidhrB. |
|
.podiumrewards.com/ | Name: usy46gabsosd Value: HSBCUSSIT_16519072655050.a9246e9788aa4be1b0c7970bf529ad99_5778 |
|
.podiumrewards.com/ | Name: utag_main Value: v_id:01809d58805600515145e6d7505c03073004206b00b08$_sn:1$_se:1$_ss:1$_st:1651909064600$ses_id:1651907264600%3Bexp-session$_pn:1%3Bexp-session$dcsyncran:1%3Bexp-session$dc_group:55$dc_visit:1$dc_event:1%3Bexp-session$dc_region:us-east-1%3Bexp-session |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3483aa961f45.cdn4.forter.com
a19069622224.cdn.optimizely.com
akamai.tiqcdn.com
cdn.optimizely.com
cdn3.forter.com
cdn3.optimizely.com
cdn9.forter.com
cm.g.doubleclick.net
collect-us-east-1.tealiumiq.com
connect.facebook.net
d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com
datacloud.tealiumiq.com
fonts.googleapis.com
logx.optimizely.com
lptag.liveperson.net
mcm-sit-us.hsbc.com.hk
secure.rezserver.com
t.co
tags.tiqcdn.com
uat-drake-membersite.podiumrewards.com
uat-hsbc-api.podiumrewards.com
uat-hsbc-travel-membersite.podiumrewards.com
visitor-service-us-east-1.tealiumiq.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
cdn3.forter.com
d22edce6ba484e93b138922447aa9c0f-3483aa961f45.cdn.forter.com
mcm-sit-us.hsbc.com.hk
104.244.42.197
104.75.88.194
104.89.28.122
104.90.153.39
108.138.7.96
13.32.121.46
151.101.2.150
178.249.101.23
18.184.200.158
203.112.83.8
216.58.212.130
2a00:1450:4001:813::2008
2a00:1450:4001:829::200e
2a00:1450:4001:830::200a
2a02:26f0:1700:793::13b8
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.196.46.66
34.197.164.98
34.205.114.251
52.0.123.240
52.203.68.113
52.71.47.227
54.198.18.218
0041c354cb4a9123fdfec8415a9aabf5a792ccca256fad0d333f7d03e0451c07
07ce5f82c07092c5d17c8b8113065a65e42dc7b041996f41691c23b0355b4b41
097d266cc517d53f8f1aa7c2d6d7470d1ac7acc834bb6a55f21117ef6cb953cc
0d43104f0b9b5d8a450490507668990d5479a66ff60c0be0760d2f1a94ffd726
0df2d161eade5a076809ccabf0cfd668bb79065836b0445933dfaab65d532dbd
10ba9e7a6662d026ab340d7eb7a290fbb58c50474ff2d5f3813872445732194b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1880f74b39a669782e7ef8800523426c16f5dec6cfca5f02db31914f3930d3ca
21055e95b368241865cc854889cd946b5c0ef6eb18a18a55b12a616f318c8740
22c7523b4b9ad7189c506a5e0715340ad2f1586cf571c30eb690655daddcad33
28bd4df402376edc359aef268c08346fb99d5e9db5ae7dd490f3f9257f507031
2be62f3b530f1b20e785d0e385918ae1173fc0c5f53c3ff23b7bcc9ee477cd18
2c8cec942c7c765908405bef83812747304a8a62562250b0a1408c2cec6f3ce4
2ced9ec68648e9a3c963727b61729aff3d1ab0e9b5855755757c378419f58a48
2e9512add4739bbf00fe25389f67ffbb956d685f3dda622ed6f903e107d16081
3172fc418f1ff5593ef39678e9c89b2a005859f0f9f69ac5a74d9cb9ba46b903
32cbd86c0b651283b42a52687d702c7c9c361a7fbb7adbbdd8570d72a874dd57
343eeefac6b1cca883b0c1b31aa601938fcc2bd9097dd7eec928192a3dc7ec39
3ac309f04f0c734776ff936e703f48a3b33a2edf3873dfbf587eb02c6d8755ab
48abcf08a6ad1321717fe2983260475587b3f01c58d88316db37fb40546ef70a
552660cff11abb259b259dae8f9223f809b50055e7180325dc1b69ec75591741
57c0f1f107e213803cd5bb5381e30e8c6c35ce9ed4e750d946474bd64d4d763e
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
5c3972953bc31004e13c1dcf446f4903a566b5e74220622dc4eb4252cd69f578
5cffbe1c7d7622409592be8c15d9a8cb1df196546c98642feb6b353f143dd398
5dd3fc521488280d913b5ea1fe3a71c81187f3c317762aee2ed24c98dbf52baa
60a080589b9bcd17f6106db799e15ab8aa62922e0b07f9e4225658a7ebf8890e
66499b997a02b994e5a21d9d709263c83abb7e833702993d295e0a6c70948c4a
678fbf949b673a6d96730974d5acd5cece930eb86f3638fbedd3cc0d880a8414
72ebf7cb85ab170d1b73665739803a1d468e8701f2235bedf0e3e158e18ee31c
75e4fa560b31563d2e71521e169985f40ad14c64d8835db143a0d5e4f9a8d72c
7f7d4ce5c45750cefada3a5c466087bd49ccae7f0b4604cf895ab926615359c5
85882cfc8d171a9e5e50f6693f6c46359518f952d4f3c9a41e95d0f2b9f1d84f
890f753cf210a0eaad585082eb3c1b83caa76e4ae8ca51a75827440aa51fb3c9
8a021f5e3c868a14571c1da4418634b45d017422ae06843d1d7830db941db6f4
8b86691612d0c5212bae88d1e0eb944f84845be08fcc6ead02fa26777e0b2d3f
8d8c07bce4e11e56ee65646c1fde7e1f54ce9d2e09c5250f1a65174daf4e0cc0
8e91505e91e5989c88abc48d043144abd44030c98b56f292e1b5400a328cb1f6
960ae97b9b04f29932b71190a9d1100a30fb1f085a5dc2d4aa157c3023494bfa
961795468cf611f1b9feb1f69e375b3d2b20359ab193a9e082dd8b7f3888d1ac
971238e64de8f05672f9d7230fe2dafb9945778a3371e1cd865ac2013d356296
9dc84465435d0bde495590d79c972f1462196cef60b6036dc28eac63459d094c
9dddf5c5c9d65bfc2826dd4638f28e55aec29a598551b1c781c1fa5fb599f6c3
9de732f25d6c2f5d51857268a92569c543ed4cae375c3c0bf7371b1c03fe807e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a49d33a49bb55320721a532b8d32314b3b7e0393f5e249dc33e7071988d62e66
a8b5b6e00b93d05d3b146f9505d25e8ca0a46861002f2d794ab8b165925233f0
ac0c55a4a89b1d358e22ca3f8b704e93b74b70a92c21c53cd70301e07dd30721
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b4266221dd20d862fad9af69fefde6ecdb92191d66e293d8a5cd344f83d7bac6
b76f208ad774d5a280a2c531333eae263dad83cebf79f0c466908738f516ab43
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
b89950d04d9bb8466ca8e62078025295018aa558441a2ff2b3c50ab0e0797596
bdfff44ddb40c5dd231401973477b2dbad34ca05921f2ad38de2aeb435df31b2
c5ca11fea282f8b3834a7c953b182468a9ad9cf92e19bfe3ee6eb6864e9dae66
cbbbfe1080afcefc3c2518e6f5be9c449ae18084f56fdaad0e543be76e4466bf
ce820ddde3b57db396b814b8bbd40e27edef6f5eab951b2053e934dd47e9e1c2
d43d097c51de6572a93aef473b04339a54fb20a687d2b5303c2a581eb132bf8f
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
d834a5f3c652b93f55dbf6fa062a518b3a6c031affb7ba5968ed12f0bbdac04a
de441554d156f3d1587ad914d3bdd7abf0164852e00b9da68532d8659f683bcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e826d525e772eaeae32f6d313a0f7837ab7a8d6e92bc622087d32aefaa8da3c4
eecfea8c08a725d09ed85ba3fe6d284481a9b1b575fc3dcf736a2d11d2863574