travel.hsbc.ca
Open in
urlscan Pro
208.103.171.96
Public Scan
Submission: On February 17 via automatic, source certstream-suspicious — Scanned from CA
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on April 14th 2022. Valid for: a year.
This is the only time travel.hsbc.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
travel-img-assets.s3.us-west-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
redtag-ca.s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
itravel2000.s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
travel-img.s3.amazonaws.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-31-66.compute-1.amazonaws.com
dpm.demdex.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-190-236.compute-1.amazonaws.com
redtagvacations.demdex.net |
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-15.data.adobedc.net
redtagvacations.d2.sc.omtrdc.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-73-135.compute-1.amazonaws.com
cm.everesttech.net |
ASN16509 (AMAZON-02, US)
PTR: server-65-8-191-30.bos50.r.cloudfront.net
dnn506yrbagrg.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-116-94.compute-1.amazonaws.com
redtag.tt.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 20.103.120.34.bc.googleusercontent.com
cdn.auryc.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.250.67.34.bc.googleusercontent.com
client-api.auryc.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 577 |
125 KB |
9 |
amazonaws.com
travel-img-assets.s3.us-west-2.amazonaws.com redtag-ca.s3.amazonaws.com itravel2000.s3.amazonaws.com — Cisco Umbrella Rank: 898560 travel-img.s3.amazonaws.com — Cisco Umbrella Rank: 864711 s3.amazonaws.com s3-us-west-2.amazonaws.com |
813 KB |
8 |
hsbc.ca
travel.hsbc.ca |
2 MB |
6 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 341 |
11 KB |
6 |
auryc.com
cdn.auryc.com — Cisco Umbrella Rank: 27776 client-api.auryc.com — Cisco Umbrella Rank: 18793 |
193 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
20 KB |
4 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 475 |
91 KB |
3 |
omtrdc.net
redtagvacations.d2.sc.omtrdc.net — Cisco Umbrella Rank: 919610 redtag.tt.omtrdc.net — Cisco Umbrella Rank: 820890 |
862 B |
3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 199 redtagvacations.demdex.net — Cisco Umbrella Rank: 906613 |
5 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 106 |
239 B |
2 |
google.ca
www.google.ca — Cisco Umbrella Rank: 8356 |
562 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
562 B |
2 |
hellobar.com
my.hellobar.com — Cisco Umbrella Rank: 16430 |
75 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149 |
136 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50 |
142 KB |
2 |
redtag.ca
www.redtag.ca — Cisco Umbrella Rank: 928083 |
11 KB |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 222 |
527 B |
1 |
ywxi.net
cdn.ywxi.net — Cisco Umbrella Rank: 10393 |
5 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
2 KB |
1 |
cloudfront.net
dnn506yrbagrg.cloudfront.net |
|
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1029 |
517 B |
77 | 22 |
Domain | Requested by | |
---|---|---|
9 | use.typekit.net |
travel.hsbc.ca
use.typekit.net |
8 | travel.hsbc.ca |
travel.hsbc.ca
|
6 | js-agent.newrelic.com |
travel.hsbc.ca
|
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
4 | client-api.auryc.com |
cdn.auryc.com
|
4 | assets.adobedtm.com |
travel.hsbc.ca
assets.adobedtm.com |
2 | www.facebook.com |
travel.hsbc.ca
|
2 | s3-us-west-2.amazonaws.com |
cdn.ywxi.net
|
2 | www.google.ca |
travel.hsbc.ca
|
2 | www.google.com |
travel.hsbc.ca
|
2 | cdn.auryc.com |
travel.hsbc.ca
cdn.auryc.com |
2 | my.hellobar.com |
www.googletagmanager.com
my.hellobar.com |
2 | connect.facebook.net |
travel.hsbc.ca
connect.facebook.net |
2 | redtagvacations.d2.sc.omtrdc.net |
assets.adobedtm.com
travel.hsbc.ca |
2 | dpm.demdex.net |
assets.adobedtm.com
travel.hsbc.ca |
2 | www.googletagmanager.com |
travel.hsbc.ca
www.googletagmanager.com |
2 | p.typekit.net |
use.typekit.net
|
2 | travel-img.s3.amazonaws.com |
travel.hsbc.ca
|
2 | www.redtag.ca |
travel.hsbc.ca
|
2 | travel-img-assets.s3.us-west-2.amazonaws.com |
travel.hsbc.ca
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | cdn.ywxi.net |
www.googletagmanager.com
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
travel.hsbc.ca
|
1 | s3.amazonaws.com |
travel.hsbc.ca
|
1 | redtag.tt.omtrdc.net |
assets.adobedtm.com
|
1 | dnn506yrbagrg.cloudfront.net |
travel.hsbc.ca
|
1 | cm.everesttech.net | 1 redirects |
1 | redtagvacations.demdex.net |
assets.adobedtm.com
|
1 | itravel2000.s3.amazonaws.com |
travel.hsbc.ca
|
1 | redtag-ca.s3.amazonaws.com |
travel.hsbc.ca
|
77 | 32 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
travel.hsbc.ca Entrust Certification Authority - L1K |
2022-04-14 - 2023-04-14 |
a year | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon |
2022-09-21 - 2023-08-24 |
a year | crt.sh |
*.s3.amazonaws.com Amazon |
2022-09-21 - 2023-08-26 |
a year | crt.sh |
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-06 - 2023-06-04 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
*.d2.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-17 - 2023-03-07 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-01 - 2023-09-01 |
a year | crt.sh |
s3.amazonaws.com Amazon RSA 2048 M01 |
2022-12-06 - 2023-12-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-11-26 - 2023-02-24 |
3 months | crt.sh |
*.ywxi.net Amazon |
2022-07-05 - 2023-08-03 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-09-24 - 2023-09-24 |
a year | crt.sh |
cdn.auryc.com GTS CA 1D4 |
2023-01-30 - 2023-04-30 |
3 months | crt.sh |
*.auryc.com R3 |
2023-01-27 - 2023-04-27 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2 |
2022-07-10 - 2023-08-11 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-18 - 2023-12-19 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://travel.hsbc.ca/
Frame ID: BB5811E3A934E5F6ACEC21DDABEDCC66
Requests: 74 HTTP requests in this frame
Frame:
https://redtagvacations.demdex.net/dest5.html?d_nsid=0
Frame ID: 19CD661F682DD6CB3F29DD03E24A3DB1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Vacation Packages | Cruises & Last Minute Deals | AIR MILES - Red Tag VacationsDetected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://cm.everesttech.net/cm/dd?d_uuid=78167555125947437161204985405732350320 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
travel.hsbc.ca/ |
101 KB 102 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rbc7oki.css
use.typekit.net/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
travel.hsbc.ca/build/public/css/ |
549 KB 550 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
resources.js
travel.hsbc.ca/build/public/js/ |
810 KB 810 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/ |
146 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-hsbc-red.png
travel-img-assets.s3.us-west-2.amazonaws.com/logos/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-redtag-2021.svg
redtag-ca.s3.amazonaws.com/img/branding/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fountain-loader.gif
www.redtag.ca/public/img/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2022-06-03-10-54-23-Home-Desktop-Banner_%281%29.jpg
itravel2000.s3.amazonaws.com/img/banners/ |
669 KB 670 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2018-07-13--15314994650013Icon-CallBonusFeb8-102x32.jpg
travel-img.s3.amazonaws.com/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2019-04-02--15542319259133recent_AmazingVacations-550x155.jpg
travel-img.s3.amazonaws.com/ |
105 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-consumer-protection-bc-grey.png
travel-img-assets.s3.us-west-2.amazonaws.com/logos/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
engine.js
travel.hsbc.ca/build/public/js/ |
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
travel.hsbc.ca/build/public/js/ |
369 KB 370 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-tag.png
www.redtag.ca/public/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
173 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
374 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/ |
106 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-defs.svg
travel.hsbc.ca/public/img/icons/ |
130 KB 130 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
redtagvacations.demdex.net/ Frame 19CD |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
redtagvacations.d2.sc.omtrdc.net/ |
2 B 266 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2
dpm.demdex.net/ Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5c2e349564746d181a0175a4-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/scripts/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-901c153b93f7b5b196931adc396ee82dc2946ca5-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/ |
34 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
listing
travel.hsbc.ca/engine/vacations/ |
85 KB 30 KB |
XHR
text/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2921.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0017/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
redtag.tt.omtrdc.net/m2/redtag/mbox/ |
96 B 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yyz,ytz
travel.hsbc.ca/engine/vacations/destinations/ |
34 KB 9 KB |
XHR
text/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-chevron-down.svg
s3.amazonaws.com/redtag-ca/img/icons/ |
449 B 809 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/ |
13 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/403911/00000000000000003b9b3880/27/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/ |
17 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
19 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ywd8yvm.css
use.typekit.net/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10852696127/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
106 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
cdn.ywxi.net/js/ |
19 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f1272b2c2ff80bfbe881fe1adf6d076d71ae8043.js
my.hellobar.com/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.js
cdn.auryc.com/862-redtagca/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
226 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s56166747374391
redtagvacations.d2.sc.omtrdc.net/b/ss/rtvrtvairmilesdev/1/JS-2.10.0-D7QN/ |
43 B 200 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
releasesettings
client-api.auryc.com/ |
2 B 154 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
releasesettings
client-api.auryc.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/299bdc/00000000000000003b9b0ba5/27/ |
19 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/795dd6/00000000000000003b9b0ba8/27/ |
19 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/1d6761/00000000000000003b9b0ba9/27/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/10852696127/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.ca/pagead/1p-user-list/10852696127/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1622896811338454
connect.facebook.net/signals/config/ |
377 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 348 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auryc.lib.js
cdn.auryc.com/libs/latest/ |
676 KB 180 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/ |
243 B 819 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/ |
243 B 819 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.js
my.hellobar.com/ |
254 KB 73 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteconfig
client-api.auryc.com/ |
14 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
siteconfig
client-api.auryc.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
async-api.6bb277af-1225.min.js
js-agent.newrelic.com/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazy-loader.48127245-1225.min.js
js-agent.newrelic.com/ |
2 KB 723 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a29d4b5a-e12c-48f9-9c9b-4374313552c5
https://travel.hsbc.ca/ |
67 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
118.d37755e4-1225.min.js
js-agent.newrelic.com/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_view_event-aggregate.29613e65-1225.min.js
js-agent.newrelic.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_view_timing-aggregate.e791ce32-1225.min.js
js-agent.newrelic.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrics-aggregate.b4a54ed9-1225.min.js
js-agent.newrelic.com/ |
1 KB 932 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b99fa40c2c
bam.nr-data.net/1/ |
49 B 527 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
342e1320-306e-4636-8310-12a28744b8f8
https://travel.hsbc.ca/ |
67 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 54 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
82 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA string| Locale string| pageId function| webpackJsonp object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| dataLayer function| e function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| adobe object| _AT function| mboxCreate function| mboxDefine function| mboxUpdate function| MM_jumpMenu object| gateways string| activeEngine object| digitalData function| loadDeferredStyles function| raf object| picturefillCFG function| picturefill object| lazyLoad object| carousels object| tabbedCarousels object| __consolidated_events_handlers__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| getSelectionText function| fbq function| _fbq object| aurycReadyCb object| auryc function| log function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s_i_rtvrtvairmilesdev boolean| aurycInit number| aurycLoadedTime object| aurycJsLibConfig object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| TrustedSite number| TrustedSite_done object| TrustedSiteInline function| bootstrap object| hellobarSiteSettings object| script function| launchAurycEventMarker function| hellobar object| aurycBehaviorAPI object| aurycRecordAPI string| FEEDBACKCONTENT string| FEEDBACKCONTENT_DESKTOP string| FEEDBACKINVITE string| FEEDBACKINVITE_DESKTOP string| FBTHANKYOU object| aurycFeedbackAPI function| launchAurycFeedback23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
travel.hsbc.ca/engine/vacations/destinations | Name: lang Value: en |
|
travel.hsbc.ca/engine/vacations | Name: lang Value: en |
|
travel.hsbc.ca/ | Name: lang Value: en |
|
travel.hsbc.ca/ | Name: PHPSESSID Value: 4dsjo37c0s1grjbidt7jtt1d50 |
|
travel.hsbc.ca/ | Name: hsbctravel Value: 572612618.47873.0000 |
|
.hsbc.ca/ | Name: check Value: true |
|
.demdex.net/ | Name: demdex Value: 78167555125947437161204985405732350320 |
|
.hsbc.ca/ | Name: AMCVS_52BC0C3A53DB25230A490D4D%40AdobeOrg Value: 1 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Y__f5AAAAL4J0gN2 |
|
.dpm.demdex.net/ | Name: dpm Value: 78167555125947437161204985405732350320 |
|
.hsbc.ca/ | Name: _gcl_au Value: 1.1.1044163032.1676648420 |
|
.hsbc.ca/ | Name: s_cc Value: true |
|
.hsbc.ca/ | Name: AMCV_52BC0C3A53DB25230A490D4D%40AdobeOrg Value: -1303530583%7CMCIDTS%7C19406%7CMCMID%7C78139085296091929431203254976671751483%7CMCAAMLH-1677253220%7C7%7CMCAAMB-1677253220%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1676655620s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19413%7CvVersion%7C3.3.0 |
|
.hsbc.ca/ | Name: mbox Value: session#6e4f7b46307141348163132c0bbab5a9#1676650281|PC#6e4f7b46307141348163132c0bbab5a9.34_0#1739893221 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.hsbc.ca/ | Name: _gid Value: GA1.2.1218148000.1676648421 |
|
.hsbc.ca/ | Name: _gat_UA-227765-19 Value: 1 |
|
.hsbc.ca/ | Name: _gat_UA-76333024-27 Value: 1 |
|
.hsbc.ca/ | Name: _ga Value: GA1.1.958933944.1676648421 |
|
.hsbc.ca/ | Name: _ga_TPHELVR18L Value: GS1.1.1676648420.1.0.1676648420.0.0.0 |
|
.hsbc.ca/ | Name: _fbp Value: fb.1.1676648420862.308616330 |
|
.hsbc.ca/ | Name: userty.core.p.be721e Value: __2VySWQiOiI1ZjQ0MjRjYTFmNTY3NjNhNzE4NWVhMjgxZGRmY2VjYyJ9eyJ1c |
|
.hsbc.ca/ | Name: userty.core.s.be721e Value: __SI6MTY3NjY1MDIyMTA1Mywic2lkIjoiMjIyNzViMWY2MjBmOWQxMTdlMjQyNzE4NTVmYWFlMGEiLCJzdCI6MTY3NjY0ODQyMTA1MywicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9Iiwic21wbC53diI6ImYiLCJhdXJ5Yy5hZG9iZV9hbmFseXRpY3MiOiJmIiwic21wbC5hamF4IjoiZiJ9eyJzZ |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
bam.nr-data.net
cdn.auryc.com
cdn.ywxi.net
client-api.auryc.com
cm.everesttech.net
connect.facebook.net
dnn506yrbagrg.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
itravel2000.s3.amazonaws.com
js-agent.newrelic.com
my.hellobar.com
p.typekit.net
redtag-ca.s3.amazonaws.com
redtag.tt.omtrdc.net
redtagvacations.d2.sc.omtrdc.net
redtagvacations.demdex.net
s3-us-west-2.amazonaws.com
s3.amazonaws.com
stats.g.doubleclick.net
travel-img-assets.s3.us-west-2.amazonaws.com
travel-img.s3.amazonaws.com
travel.hsbc.ca
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.redtag.ca
107.23.31.66
151.101.2.137
162.247.241.14
208.103.171.96
2600:141b:13::17d7:82b9
2600:141b:9000::1725:7b92
2600:141b:f000:f0a6::1e80
2600:9000:2105:b400:14:6bfc:5740:93a1
2606:4700:10::6816:f17
2607:f8b0:4004:c08::9b
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2008
2607:f8b0:4006:81e::2004
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::200e
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.82.73.135
34.120.103.20
34.67.250.180
45.60.73.47
52.203.190.236
52.217.103.148
52.217.171.161
52.217.78.62
52.218.185.241
52.218.244.8
54.231.162.209
54.243.116.94
63.140.38.15
65.8.191.30
1197f27634861fd5146f7f8537bef47953f75073eb131ed99d1b18bd59f1d354
196ed0634b5c19548eb9ef2432ba6cc9f1f1d8446953de13e57f6bc6eceda098
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
226d10bc0a9dd614f06602b193b1eb3e0711e19143ce8da4df60920764033a7c
277084211ed5c51773120b873fa30b1b15cc876ac374000d774c50104b849b9a
2f1d8035f37b4ef1db4aec5701fe20a79fcf64ba0dfb8a867d7521c166f463b9
346a045ad508f27667dd72f986172e352f1c4b56c399cb5df4690b48544fc8c9
3c12605496639c19fb5cccbd48c96a79f961d6af808d7df2596d14c58b017677
3c9ea11e277afc1cc289f56ce64f4e6808f463f01775bb9b9957f8de333f59f9
43ce30d4ecf65e26c9c6d47c32ead3afd708f1d02a54b65f20af6fea08726b92
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
469feeaeda3e210275c9e540fb1b1a07c9f85c7c063eea3614925201dc8b4ae7
4c111edfd7ea6e75fb389fc96d1220e33c00fa5e83f5fbf474ba0948542adc7e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
52b9f67e15fce228520212b58f6ee6dca6db7415e379cc6688de16211f14a309
56a63ed636ce945f07c8b1dc57e24e66be48624c656ccee2e9be8b688b881dba
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b2344c32f2d00f89162c7a449aa610b1491e52e6f274fed48a1c2230ae2b738
5bafd684bfb8baae485b5a73649805f13451bd42697635c1412b60046ad1173f
5d3ee87908bf2bfb28feb36b7317e182a8072fb87f95f9749e475cfc89eaa321
5e6627275085c3be9366d03dc8fe5de1aa97c57743bcd3f600468d395db1ad96
64c543376491eca75c0ac110106adc67ebaad0514d97b4f0617a623951945f47
68588db4f09f1982d74887644c54e581cc6ed7e267f836a480c29ef1a3c0a7a0
686057fe1583f7969752a0a9eebfa70b30dcd71537af74b7cb85c9e4960f1971
6ad58a9cb9d4a055600b17ae8df141e831fcf36549d928d6531706a9c43938e3
6e6576ec344d943fcc8ba510d7195ff1bf00c4d80288e74f79f58b6e93b0404c
6ec78eb21f808a126a02f0d57a6a943e337cec8105855fbab269324968bcb66d
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e7b6f4520d5c295328f73fff4930885f14aacf943eecca8ef0e44004c3b6ac2
7f9d43290409aa98aed44040287a6d0f64f7244a797fe019a071a2e0825b284c
8344e33505b758ec68b3f6e49a6d1b638124f923041bad00812ffcb32e8bd880
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8b916b53e9979c04f53722a3d7ef1ce3c3eeeefdc3b0e119b84bedb66f39919e
96ba9040b7f99f6da5ed548588a6c21eabff50d8b4decb29f2dae4bcc1250cd9
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5f325e9abb3bd19967b171dd79b75ccd9589aab30570e31ca0cbeb36a92eac2
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354
b3161d1cf084af4d940e1eb83ae36ffaec395098b0f48da7346cc0609c00f2ed
b39eb3c9e7d245ed4b4dfcbb43fb18fcec6c5b2af860d41c665354ad5e4e71e7
b7e8d669eb5e9d4a8f546f5906e9111947a5b69e72ae2da599c1ecd7f6d35763
bb30b739a21db6baf1f33faec29d2ceda15e30e116ba1fd5e6d42e7850183d95
bb4c291f819c37ffc007a33cbb82be00e5a3395d723b8425cf8c9a5fe615e8ab
c66bacb9316edb96218cba80d3e69f1bfa76de907cc5cf16d4720ac61badb123
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
d2234afe4bfbf7812692e2cd2c7178aff73cfd38971752cfee535e2629a79519
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc03755deb3fcd629eeeeaf949c9f157d1c27e4e4c028062062e82c4364a7d73
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
e386fdf29820ba95b36e908ad47f615ee875489035bfc0dfc6b32dcbf7bef70e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90e02d29074efb04094d678eab9b1cadb5d01b4979f847c3e2f69803e46b92c
e9890c27240113560698eff607ce35fdee560276af99be6e09c5e24e55f96f35
eb9ee98fd8b9366a477e3da10332133d96b8e24ceffcb0c723983b86503ab9cc
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
eeb37ef58da0a216e36e4b3a4dfa8c9e99d754dc698d67362e456191e94710fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f342e5900fa5e4bca5c8e7386c02a225de91c66989a0f2755324a228b7fe119d
f34a9abc6754f0cf1923e2f58dff4a3ed92840b81325e1ef6fe07ea0a8987278
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321