hnl.ca
Open in
urlscan Pro
198.54.116.196
Public Scan
Submitted URL: http://members.hnl.ca/communication/link?l=1b123edea4324ca7ee18c37100710a3d&i=354742
Effective URL: https://hnl.ca/training/
Submission Tags: phishing
Submission: On April 28 via api from US — Scanned from CA
Effective URL: https://hnl.ca/training/
Submission Tags: phishing
Submission: On April 28 via api from US — Scanned from CA
Summary
This website contacted 15 IPs
in 1 countries
across 17 domains to perform 59 HTTP transactions.
The main IP is 198.54.116.196, located in
United States and
belongs to NAMECHEAP-NET, US.
The main domain is hnl.ca.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 11th 2022. Valid for: a year.
This is the only time hnl.ca was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 11th 2022. Valid for: a year.
This is the only time hnl.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
216.17.94.185
(Minneapolis, United States)
ASN10242 (USINTERNET, US)
PTR: 216.17.94.185.ip.usinternet.com
ASN10242 (USINTERNET, US)
PTR: 216.17.94.185.ip.usinternet.com
| members.hnl.ca |
33
198.54.116.196
(United States)
ASN22612 (NAMECHEAP-NET, US)
PTR: host42.registrar-servers.com
ASN22612 (NAMECHEAP-NET, US)
PTR: host42.registrar-servers.com
| hnl.ca |
2
2607:f8b0:4006:81d::200a
(Staten Island, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| fonts.googleapis.com |
3
2a03:2880:f012:8:face:b00c:0:1
(Secaucus, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
5
2a03:2880:f112:182:face:b00c:0:25de
(Secaucus, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
2607:f8b0:4006:822::2008
(Staten Island, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
3
2607:f8b0:4006:809::200e
(Staten Island, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
3
107.178.246.49
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
| pixel.tapad.com |
2
52.223.40.198
(United States)
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
| match.adsrvr.org |
2
35.211.178.172
(North Charleston, United States)
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
| x.bidswitch.net |
2
18.234.11.64
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-11-64.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-11-64.compute-1.amazonaws.com
| pixel.advertising.com |
2
52.45.33.138
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
| ups.analytics.yahoo.com |
2
23.204.152.44
(Edison, United States)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-44.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-44.deploy.static.akamaitechnologies.com
| secure-ds.serving-sys.com |
1
34.194.180.137
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-180-137.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-180-137.compute-1.amazonaws.com
| bs.serving-sys.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 34 |
hnl.ca
1 redirects
members.hnl.ca hnl.ca |
1 MB |
| 5 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
1 KB |
| 3 |
serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1728 bs.serving-sys.com — Cisco Umbrella Rank: 1041 |
22 KB |
| 3 |
tapad.com
3 redirects
pixel.tapad.com — Cisco Umbrella Rank: 400 |
583 B |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32 |
20 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
72 KB |
| 3 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 131 |
200 KB |
| 2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 281 |
599 B |
| 2 |
advertising.com
2 redirects
pixel.advertising.com — Cisco Umbrella Rank: 394 |
669 B |
| 2 |
bidswitch.net
2 redirects
x.bidswitch.net — Cisco Umbrella Rank: 274 |
1 KB |
| 2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 325 |
1 KB |
| 2 |
acuityplatform.com
acuityplatform.com — Cisco Umbrella Rank: 977 ums.acuityplatform.com — Cisco Umbrella Rank: 1066 |
2 KB |
| 2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39 |
1 KB |
| 1 |
smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 701 |
239 B |
| 1 |
sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 880 |
533 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 71 |
432 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53 |
48 KB |
| 59 | 17 |
| Domain | Requested by | |
|---|---|---|
| 33 | hnl.ca |
hnl.ca
|
| 5 | www.facebook.com |
hnl.ca
connect.facebook.net |
| 3 | pixel.tapad.com | 3 redirects |
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 3 | fonts.gstatic.com |
fonts.googleapis.com
|
| 3 | connect.facebook.net |
hnl.ca
connect.facebook.net |
| 2 | secure-ds.serving-sys.com |
hnl.ca
secure-ds.serving-sys.com |
| 2 | ups.analytics.yahoo.com |
1 redirects
hnl.ca
|
| 2 | pixel.advertising.com | 2 redirects |
| 2 | x.bidswitch.net | 2 redirects |
| 2 | match.adsrvr.org | 2 redirects |
| 2 | fonts.googleapis.com |
hnl.ca
|
| 1 | bs.serving-sys.com |
secure-ds.serving-sys.com
|
| 1 | s.ad.smaato.net |
hnl.ca
|
| 1 | sync.go.sonobi.com |
hnl.ca
|
| 1 | ums.acuityplatform.com |
hnl.ca
|
| 1 | acuityplatform.com |
www.googletagmanager.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | www.googletagmanager.com |
hnl.ca
|
| 1 | members.hnl.ca | 1 redirects |
| 59 | 20 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| members.hnl.ca |
| www.facebook.com |
| twitter.com |
| www.instagram.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| hnl.ca Sectigo RSA Domain Validation Secure Server CA |
2022-02-11 - 2023-03-14 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-02-04 - 2022-05-05 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| *.acuityplatform.com Go Daddy Secure Certificate Authority - G2 |
2022-04-11 - 2023-05-13 |
a year | crt.sh |
| s.ad.smaato.net Amazon |
2021-09-21 - 2022-10-20 |
a year | crt.sh |
| secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-05 - 2023-03-08 |
a year | crt.sh |
| bs.serving-sys.com Amazon |
2022-04-20 - 2023-05-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hnl.ca/training/
Frame ID: C7D31530D00710D23C4A78EBEE7C7D3C
Requests: 59 HTTP requests in this frame
Screenshot
Page Title
Training Programs – HNL | Hospitality Newfoundland and LabradorPage URL History Show full URLs
-
http://members.hnl.ca/communication/link?l=1b123edea4324ca7ee18c37100710a3d&i=354742
HTTP 302
https://hnl.ca/training/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
- wp-embed\.min\.js\?ver=([\d.]+)
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googleapis\.com/.+webfont
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
Sizmek
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- serving-sys\.com/
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://members.hnl.ca/members
Title: Member Directory
Title: Member Directory
Search URL Search Domain Scan URL
URL: https://members.hnl.ca/events
Title: Events
Title: Events
Search URL Search Domain Scan URL
URL: http://members.hnl.ca/events
Title: Events
Title: Events
Search URL Search Domain Scan URL
URL: https://www.facebook.com/HospitalityNL/
Search URL Search Domain Scan URL
URL: https://twitter.com/hospitalitynl?lang=en
Search URL Search Domain Scan URL
URL: https://www.instagram.com/hospitalitynl/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://members.hnl.ca/communication/link?l=1b123edea4324ca7ee18c37100710a3d&i=354742
HTTP 302
https://hnl.ca/training/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 50- https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=666074811867&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
- https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=666074811867&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5e3db38c-82e2-4055-ba64-3c78c829a09a%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526uid%253D5e3db38c-82e2-4055-ba64-3c78c829a09a&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5e3db38c-82e2-4055-ba64-3c78c829a09a%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526uid%253D5e3db38c-82e2-4055-ba64-3c78c829a09a&gdpr=0&gdpr_consent= HTTP 302
- https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2dfa462f-82da-4720-98df-f15f12c3f146&ttd_puid=5e3db38c-82e2-4055-ba64-3c78c829a09a%2Chttps%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D5e3db38c-82e2-4055-ba64-3c78c829a09a HTTP 302
- https://ums.acuityplatform.com/sum?umid=64&uid=5e3db38c-82e2-4055-ba64-3c78c829a09a
- https://x.bidswitch.net/sync?dsp_id=236&user_id=666074811867&expires=30&user_group=1 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=666074811867&expires=30&user_group=1 HTTP 302
- https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=945aff89-75f2-4bba-a9a1-a456dc3d5e06
- https://pixel.advertising.com/ups/55950/sync?uid=666074811867&_origin=1 HTTP 302
- https://pixel.advertising.com/ups/55950/sync?uid=666074811867&_origin=1&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/55950/sync?uid=666074811867&_origin=1&apid=UPc87596d4-c6e6-11ec-be78-0e4c13160ddf HTTP 302
- https://ups.analytics.yahoo.com/ups/55950/sync?uid=666074811867&_origin=1&apid=UPc87596d4-c6e6-11ec-be78-0e4c13160ddf&verify=true
59 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
hnl.ca/training/ Redirect Chain
|
45 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
hnl.ca/wp-includes/css/dist/block-library/ |
79 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
simple-banner.css
hnl.ca/wp-content/plugins/simple-banner/ |
487 B 461 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main_35776a9a.css
hnl.ca/wp-content/themes/hnl/dist/styles/ |
288 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
hnl.ca/wp-includes/js/jquery/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
hnl.ca/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
simple-banner.js
hnl.ca/wp-content/plugins/simple-banner/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
head_35776a9a.js
hnl.ca/wp-content/themes/hnl/dist/scripts/ |
1 KB 874 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HNLlogo.png
hnl.ca/wp-content/uploads/2017/11/ |
359 KB 360 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
formreset.min.css
hnl.ca/wp-content/plugins/gravityforms/legacy/css/ |
4 KB 583 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
formsmain.min.css
hnl.ca/wp-content/plugins/gravityforms/legacy/css/ |
79 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
readyclass.min.css
hnl.ca/wp-content/plugins/gravityforms/legacy/css/ |
30 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
browsers.min.css
hnl.ca/wp-content/plugins/gravityforms/legacy/css/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main_35776a9a.js
hnl.ca/wp-content/themes/hnl/dist/scripts/ |
183 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-embed.min.js
hnl.ca/wp-includes/js/ |
1 KB 960 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
regenerator-runtime.min.js
hnl.ca/wp-includes/js/dist/vendor/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-polyfill.min.js
hnl.ca/wp-includes/js/dist/vendor/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dom-ready.min.js
hnl.ca/wp-includes/js/dist/ |
1 KB 799 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hooks.min.js
hnl.ca/wp-includes/js/dist/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
i18n.min.js
hnl.ca/wp-includes/js/dist/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a11y.min.js
hnl.ca/wp-includes/js/dist/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.json.min.js
hnl.ca/wp-content/plugins/gravityforms/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gravityforms.min.js
hnl.ca/wp-content/plugins/gravityforms/js/ |
43 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
hnl.ca/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
987 B 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
448 B 302 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMQg.ttf
fonts.gstatic.com/s/opensanscondensed/v23/ |
32 KB 21 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont_af7ae505.woff2
hnl.ca/wp-content/themes/hnl/dist/vendor/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v28/ |
31 KB 31 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v28/ |
31 KB 21 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clean-it-right-banner-image-7.png
hnl.ca/wp-content/uploads/2020/06/ |
39 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Atlantic-Canada-Travel-Trade-Readiness-Program-Toolkit_Page_01.png
hnl.ca/wp-content/uploads/2020/04/ |
68 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
emerit.jpg
hnl.ca/wp-content/uploads/2017/12/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Apr%C3%A8s-skiing-Corner-Brook-Western-1024x683.jpg
hnl.ca/wp-content/uploads/2017/12/ |
113 KB 113 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Guide-Trinity-Visitor-Centre-1024x683.jpg
hnl.ca/wp-content/uploads/2017/12/ |
77 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Tech-Training-Feature-Image.png
hnl.ca/wp-content/uploads/2017/12/ |
160 KB 160 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FnB-Featured-IMage-1024x682.jpg
hnl.ca/wp-content/uploads/2017/06/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Top-Lottery-Playing-Provinces-Named-by-ALC-640x289.jpg
hnl.ca/wp-content/uploads/2017/01/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ |
303 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
639800933051999
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 398 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
127 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/plugins/customer_chat/SDK/ |
0 24 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/plugins/customer_chat/facade/ |
1 KB 778 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 432 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8214444792676204751
acuityplatform.com/Adserver/pxlj/ |
602 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/plugins/customer_chat/SDK/ |
0 21 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sum
ums.acuityplatform.com/ Redirect Chain
|
0 778 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
us.gif
sync.go.sonobi.com/ Redirect Chain
|
49 B 533 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
ups.analytics.yahoo.com/ups/55950/ Redirect Chain
|
0 122 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
s.ad.smaato.net/c/ |
0 239 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ |
69 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1073746830
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ |
122 B 475 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Serving
bs.serving-sys.com/ |
390 B 809 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
%22%2C%22addressLocality%22%3A%22St.%20John%E2%80%99s%22%2C%22addressRegion%22%3A%22NL%22%2C%22addressCountry%22%3Anull%2C%22postalCode%22%3A%22A1B%205C3%22%7D%2C%22contactPoint%22%3A%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B1-800-563-0700%22%2C%22contactType%22%3A%22customer%20service%22%2C%22contactOption%22%3A%22TollFree%22%7D%2C%22faxNumber%22%3A%22%2B1-709-722-8104%22%7D%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651145504394.700296529&it=1651145504322&coo=false&es=automatic&tm=3&exp=p1&rqm=GET){kind=link}
%22%2C%22addressLocality%22%3A%22St.%20John%E2%80%99s%22%2C%22addressRegion%22%3A%22NL%22%2C%22addressCountry%22%3Anull%2C%22postalCode%22%3A%22A1B%205C3%22%7D%2C%22contactPoint%22%3A%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B1-800-563-0700%22%2C%22contactType%22%3A%22customer%20service%22%2C%22contactOption%22%3A%22TollFree%22%7D%2C%22faxNumber%22%3A%22%2B1-709-722-8104%22%7D%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651145504394.700296529&it=1651145504322&coo=false&es=automatic&tm=3&exp=p1&rqm=GET){kind=link}
Verdicts & Comments Add Verdict or Comment
129 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| gform object| _wpemojiSettings undefined| $ function| jQuery object| simpleBannerScriptParams string| gtmID function| fbq function| _fbq string| SAGE_DIST_PATH string| growthzone_url object| FB object| dataLayer object| twemoji object| wp function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gtm string| cookieName string| cookieValue string| cookiePath object| d string| expires object| gaplugins object| gaGlobal object| gaData object| Foundation object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| gform_i18n object| gf_global object| gf_legacy_multi function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar function| HandleUnsavedChanges function| renderRecaptcha function| gformIsRecaptchaPending object| gfMultiFileUploader object| p object| versaTagObj object| $jscomp function| $jscomp$lookupPolyfilledValue object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData undefined| oneTagObj function| ebDecode object| bsResponseObj21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .members.hnl.ca/ | Name: DotNetARRAffinity Value: 12617337ff73ba402f2d73acb642d86bca31af47e6c494f6e7d370dcdeff2f68 |
|
| .hnl.ca/ | Name: _fbp Value: fb.1.1651145504394.700296529 |
|
| hnl.ca/ | Name: ValidWebsiteVisitor Value: true |
|
| .hnl.ca/ | Name: _ga Value: GA1.2.1562744715.1651145505 |
|
| .hnl.ca/ | Name: _gid Value: GA1.2.822986797.1651145505 |
|
| .hnl.ca/ | Name: _gat_UA-63195517-1 Value: 1 |
|
| .hnl.ca/ | Name: _gat_UA-61095856-1 Value: 1 |
|
| .acuityplatform.com/ | Name: auid Value: 666074811867 |
|
| .tapad.com/ | Name: TapAd_TS Value: 1651145504947 |
|
| .tapad.com/ | Name: TapAd_DID Value: 5e3db38c-82e2-4055-ba64-3c78c829a09a |
|
| .advertising.com/ | Name: APID Value: UPc87596d4-c6e6-11ec-be78-0e4c13160ddf |
|
| .bidswitch.net/ | Name: tuuid Value: 945aff89-75f2-4bba-a9a1-a456dc3d5e06 |
|
| .bidswitch.net/ | Name: c Value: 1651145504 |
|
| .bidswitch.net/ | Name: tuuid_lu Value: 1651145505 |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBCF7amICELAHLkfWL1rr_gxj_r9dcbUFEgEBAQHMa2J0YgAAAAAA_eMAAA&S=AQAAArXOc6uoeYCoSQVXVFq6FEM |
|
| .adsrvr.org/ | Name: TDID Value: 2dfa462f-82da-4720-98df-f15f12c3f146 |
|
| .analytics.yahoo.com/ | Name: IDSYNC Value: 1766~24kz |
|
| .adsrvr.org/ | Name: TDCPM Value: CAESFAoFdGFwYWQSCwimmczRlsXUOhAFGAUgASgCMgsIxpu3_azF1DoQBTgB |
|
| .go.sonobi.com/ | Name: HAPLB8S Value: s8518|Ymp7G |
|
| .tapad.com/ | Name: TapAd_3WAY_SYNCS Value: 1!2843 |
|
| .acuityplatform.com/ | Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBNjT6jXVzZXJNYXRjaGluZ0lkJAKAkWxhc3REcm9wVGltZU1pbGxpcyUBQBt+D068mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUAbfg9OvI90aGlyZFBhcnR5VXNlcklkYzVlM2RiMzhjLTgyZTItNDA1NS1iYTY0LTNjNzhjODI5YTA5YfuCMTI5+kIkBIJDJQFAG34PQ6REIUUh+4ExN/pCJKJDJQFAG34PQ6REIUUh+4EyMfpCJKpDJQFAG34PQ6REIUUh+4IxMzX6QiQEjkMlAUAbfg9DpEQhRSH7+4Z2ZXJzaW9uwvs=" |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acuityplatform.com
bs.serving-sys.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hnl.ca
match.adsrvr.org
members.hnl.ca
pixel.advertising.com
pixel.tapad.com
s.ad.smaato.net
secure-ds.serving-sys.com
stats.g.doubleclick.net
sync.go.sonobi.com
ums.acuityplatform.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
107.178.246.49
18.234.11.64
198.54.116.196
216.17.94.185
23.204.152.44
2600:9000:2140:b600:1b:5138:8a40:93a1
2607:f8b0:4004:c08::9d
2607:f8b0:4006:809::200e
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
34.194.180.137
35.211.178.172
52.223.40.198
52.45.33.138
69.166.1.10
69.90.254.73
69.90.254.78
028a54659d239b766d56fcd0aa033d49ce7832c4f27ac39182217051583a3a37
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
093953e495ab26e2440dd12661d9c353c25a8d336d7fd859b72680502cafcfc5
0b780e0966165f9e208d16526573ec6fad9d7f3fa2f1aa160ade1d4f9dae8149
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d4ef6993f67781729793f88e75b74864b1592ec411364ac93298d625bf72953
1d86cc67053d538e6aabe027a358f1c075bd241c70b9383c9edcf51ea9481b9a
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3136238ea70111f6926dad0884316cfa4aa10d047df719a4767676397187f37c
33825b409ac3b0cef30cd87188b7505e8532a1ef626494a7aa5e16553a13664e
38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a
3a13db7e8aa0f9e6b51c4818b3ecda5ef7723e78a8920cf416038ce3b5af685d
54cb48dc9311e1c0f1c980300a06391d28db4627369a231034865a48aa7ea2fb
56a12c63c837ca61abe0c3cd533ab2ca454274f978c15387e5eaaa4125e6f7a5
56ba16a5096e2fcbbe51cf9403a1b22233fedbb6f387a395532350d29abefafb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
65c1851b497b44b7d5fad96a2da598a45c343b89eede727a435623060a411f36
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71c9e058f724fca2b1a86d10f96aa5c8837c592bbf4adb14d45256be49d82491
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba
772dd4363c4443d22304e845dac43841a639c8e6ac8eb54297155c679298f6fc
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
8c91b917a741f53dcc3e70ffcd8f8d02912b653c9f571fd9929548550645ce25
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
95bee0967b87a5d86296c85274ef245b7fcd18a078f4fa351d2727fabddf5ec8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aea7c546a1a1df5350f45bc7f97adc49858562e57445bce0a83e57b8087b926c
b9cf255b95d2af84c19c690daa0594473ce1ea7afe3c4a8bf5f274d8c59f0a10
ba334145a891a796935f95fdf168c67f35b6621762eb6c068387de3a1d16bf98
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
cc118cfa77e4bae862540ba75369ddaf04713ef5dcb1b599008b74638f77a7e1
ce90ec2ab36b8193b9b0ac128c4d2d224533d1f53caa89aa2e25e7a7831fe828
cfc8039ef8b151390daabba7d5c9f43c0cb1b793c5788f06f62c898f5410d480
d05cd2d3cae7a5569263751584ffd052e97a487c68eb971a9b6be64a9cbb28ad
d64b4c3ddd9a4324a0a4acb9e219f0c8e64304415e9e182db893bce83fc3aeff
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
dd0566f33bdc8b3014411e430d753160d6f6d342e3a827b6617af66e4a4bf357
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df676435742df6a4dd34f4a698474415365c79dbc7b1d55196bc2fa401d61424
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
f39fd7e2969a489c7b5edb72dd57a3119562d436ef076ab36120dbebdbbf572c
f766d1411855040303f004b172c39fcbcd728ce2a2b804ca6479de8fcbbce2fa
fed373b769f47ad86f8369d84c82150f633c823e61682493530e256aec2c28a7