travel.hsbc.ca
Open in
urlscan Pro
208.103.171.96
Public Scan
Effective URL: https://travel.hsbc.ca/
Submission: On February 17 via automatic, source certstream-suspicious — Scanned from CA
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on April 14th 2022. Valid for: a year.
This is the only time travel.hsbc.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
travel-img-assets.s3.us-west-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
redtag-ca.s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
itravel2000.s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
travel-img.s3.amazonaws.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-31-66.compute-1.amazonaws.com
dpm.demdex.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-116-233.compute-1.amazonaws.com
redtagvacations.demdex.net |
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-120.data.adobedc.net
redtagvacations.d2.sc.omtrdc.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-87-171.compute-1.amazonaws.com
cm.everesttech.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 20.103.120.34.bc.googleusercontent.com
cdn.auryc.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-251-113.compute-1.amazonaws.com
redtag.tt.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: server-65-8-191-139.bos50.r.cloudfront.net
dnn506yrbagrg.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.250.67.34.bc.googleusercontent.com
client-api.auryc.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 577 |
125 KB |
10 |
hsbc.ca
2 redirects
rev.travel.hsbc.ca travel.hsbc.ca |
2 MB |
9 |
amazonaws.com
travel-img-assets.s3.us-west-2.amazonaws.com redtag-ca.s3.amazonaws.com itravel2000.s3.amazonaws.com — Cisco Umbrella Rank: 898560 travel-img.s3.amazonaws.com — Cisco Umbrella Rank: 864711 s3.amazonaws.com s3-us-west-2.amazonaws.com |
813 KB |
6 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 341 |
11 KB |
6 |
auryc.com
cdn.auryc.com — Cisco Umbrella Rank: 27776 client-api.auryc.com — Cisco Umbrella Rank: 18793 |
193 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
20 KB |
4 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 475 |
91 KB |
3 |
omtrdc.net
redtagvacations.d2.sc.omtrdc.net — Cisco Umbrella Rank: 919610 redtag.tt.omtrdc.net — Cisco Umbrella Rank: 820890 |
862 B |
3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 199 redtagvacations.demdex.net — Cisco Umbrella Rank: 906613 |
5 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 106 |
239 B |
2 |
google.ca
www.google.ca — Cisco Umbrella Rank: 8356 |
562 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
562 B |
2 |
hellobar.com
my.hellobar.com — Cisco Umbrella Rank: 16430 |
75 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149 |
136 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50 |
142 KB |
2 |
redtag.ca
www.redtag.ca — Cisco Umbrella Rank: 928083 |
11 KB |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 222 |
518 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
2 KB |
1 |
cloudfront.net
dnn506yrbagrg.cloudfront.net |
|
1 |
ywxi.net
cdn.ywxi.net — Cisco Umbrella Rank: 10393 |
5 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1029 |
517 B |
77 | 22 |
Domain | Requested by | |
---|---|---|
9 | use.typekit.net |
travel.hsbc.ca
use.typekit.net |
9 | travel.hsbc.ca |
1 redirects
travel.hsbc.ca
|
6 | js-agent.newrelic.com |
travel.hsbc.ca
|
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
4 | client-api.auryc.com |
cdn.auryc.com
|
4 | assets.adobedtm.com |
travel.hsbc.ca
assets.adobedtm.com |
2 | www.facebook.com |
travel.hsbc.ca
|
2 | s3-us-west-2.amazonaws.com |
cdn.ywxi.net
|
2 | www.google.ca |
travel.hsbc.ca
|
2 | www.google.com |
travel.hsbc.ca
|
2 | cdn.auryc.com |
travel.hsbc.ca
cdn.auryc.com |
2 | my.hellobar.com |
www.googletagmanager.com
my.hellobar.com |
2 | connect.facebook.net |
travel.hsbc.ca
connect.facebook.net |
2 | redtagvacations.d2.sc.omtrdc.net |
assets.adobedtm.com
travel.hsbc.ca |
2 | dpm.demdex.net |
assets.adobedtm.com
travel.hsbc.ca |
2 | www.googletagmanager.com |
travel.hsbc.ca
www.googletagmanager.com |
2 | p.typekit.net |
use.typekit.net
|
2 | travel-img.s3.amazonaws.com |
travel.hsbc.ca
|
2 | www.redtag.ca |
travel.hsbc.ca
|
2 | travel-img-assets.s3.us-west-2.amazonaws.com |
travel.hsbc.ca
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | fonts.googleapis.com |
travel.hsbc.ca
|
1 | s3.amazonaws.com |
travel.hsbc.ca
|
1 | dnn506yrbagrg.cloudfront.net |
travel.hsbc.ca
|
1 | redtag.tt.omtrdc.net |
assets.adobedtm.com
|
1 | cdn.ywxi.net |
www.googletagmanager.com
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | cm.everesttech.net | 1 redirects |
1 | redtagvacations.demdex.net |
assets.adobedtm.com
|
1 | itravel2000.s3.amazonaws.com |
travel.hsbc.ca
|
1 | redtag-ca.s3.amazonaws.com |
travel.hsbc.ca
|
1 | rev.travel.hsbc.ca | 1 redirects |
77 | 33 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
travel.hsbc.ca Entrust Certification Authority - L1K |
2022-04-14 - 2023-04-14 |
a year | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon |
2022-09-21 - 2023-08-24 |
a year | crt.sh |
*.s3.amazonaws.com Amazon |
2022-09-21 - 2023-08-26 |
a year | crt.sh |
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-06 - 2023-06-04 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
*.d2.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-17 - 2023-03-07 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-11-26 - 2023-02-24 |
3 months | crt.sh |
*.ywxi.net Amazon |
2022-07-05 - 2023-08-03 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-09-24 - 2023-09-24 |
a year | crt.sh |
cdn.auryc.com GTS CA 1D4 |
2023-01-30 - 2023-04-30 |
3 months | crt.sh |
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-01 - 2023-09-01 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
s3.amazonaws.com Amazon RSA 2048 M01 |
2022-12-06 - 2023-12-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.auryc.com R3 |
2023-01-27 - 2023-04-27 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2 |
2022-07-10 - 2023-08-11 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-18 - 2023-12-19 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://travel.hsbc.ca/
Frame ID: 1C32CCABF80058943A68D9D9958E1F6A
Requests: 74 HTTP requests in this frame
Frame:
https://redtagvacations.demdex.net/dest5.html?d_nsid=0
Frame ID: 0FA0722DA331F75B763975F918EF0B74
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Vacation Packages | Cruises & Last Minute Deals | AIR MILES - Red Tag VacationsPage URL History Show full URLs
-
https://rev.travel.hsbc.ca/
HTTP 302
http://travel.hsbc.ca/ HTTP 301
https://travel.hsbc.ca/ Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://rev.travel.hsbc.ca/
HTTP 302
http://travel.hsbc.ca/ HTTP 301
https://travel.hsbc.ca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://cm.everesttech.net/cm/dd?d_uuid=44982967246823265493642455959284156040 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f4gAAABwtuQNw
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
travel.hsbc.ca/ Redirect Chain
|
101 KB 102 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rbc7oki.css
use.typekit.net/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
travel.hsbc.ca/build/public/css/ |
549 KB 550 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
resources.js
travel.hsbc.ca/build/public/js/ |
810 KB 810 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/ |
146 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-hsbc-red.png
travel-img-assets.s3.us-west-2.amazonaws.com/logos/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-redtag-2021.svg
redtag-ca.s3.amazonaws.com/img/branding/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fountain-loader.gif
www.redtag.ca/public/img/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2022-06-03-10-54-23-Home-Desktop-Banner_%281%29.jpg
itravel2000.s3.amazonaws.com/img/banners/ |
669 KB 670 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2018-07-13--15314994650013Icon-CallBonusFeb8-102x32.jpg
travel-img.s3.amazonaws.com/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2019-04-02--15542319259133recent_AmazingVacations-550x155.jpg
travel-img.s3.amazonaws.com/ |
105 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-consumer-protection-bc-grey.png
travel-img-assets.s3.us-west-2.amazonaws.com/logos/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
engine.js
travel.hsbc.ca/build/public/js/ |
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
travel.hsbc.ca/build/public/js/ |
369 KB 370 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-tag.png
www.redtag.ca/public/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
173 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
374 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/ |
106 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-defs.svg
travel.hsbc.ca/public/img/icons/ |
130 KB 130 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
redtagvacations.demdex.net/ Frame 0FA0 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
redtagvacations.d2.sc.omtrdc.net/ |
2 B 266 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=Y__f4gAAABwtuQNw
dpm.demdex.net/ Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10852696127/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
106 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
cdn.ywxi.net/js/ |
19 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f1272b2c2ff80bfbe881fe1adf6d076d71ae8043.js
my.hellobar.com/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.js
cdn.auryc.com/862-redtagca/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
226 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5c2e349564746d181a0175a4-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/scripts/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-901c153b93f7b5b196931adc396ee82dc2946ca5-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/ |
34 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
redtag.tt.omtrdc.net/m2/redtag/mbox/ |
96 B 395 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
listing
travel.hsbc.ca/engine/vacations/ |
85 KB 30 KB |
XHR
text/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2921.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0017/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yyz,ytz
travel.hsbc.ca/engine/vacations/destinations/ |
34 KB 9 KB |
XHR
text/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-chevron-down.svg
s3.amazonaws.com/redtag-ca/img/icons/ |
449 B 809 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/ |
13 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/403911/00000000000000003b9b3880/27/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/ |
17 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
19 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ywd8yvm.css
use.typekit.net/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s56615625725485
redtagvacations.d2.sc.omtrdc.net/b/ss/rtvrtvairmilesdev/1/JS-2.10.0-D7QN/ |
43 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
releasesettings
client-api.auryc.com/ |
2 B 154 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/10852696127/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.ca/pagead/1p-user-list/10852696127/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
releasesettings
client-api.auryc.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1622896811338454
connect.facebook.net/signals/config/ |
377 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/299bdc/00000000000000003b9b0ba5/27/ |
19 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/795dd6/00000000000000003b9b0ba8/27/ |
19 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/1d6761/00000000000000003b9b0ba9/27/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/ |
243 B 819 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/ |
243 B 819 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.js
my.hellobar.com/ |
254 KB 73 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 348 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auryc.lib.js
cdn.auryc.com/libs/latest/ |
676 KB 180 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteconfig
client-api.auryc.com/ |
14 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
siteconfig
client-api.auryc.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
async-api.6bb277af-1225.min.js
js-agent.newrelic.com/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazy-loader.48127245-1225.min.js
js-agent.newrelic.com/ |
2 KB 723 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
118.d37755e4-1225.min.js
js-agent.newrelic.com/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_view_event-aggregate.29613e65-1225.min.js
js-agent.newrelic.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_view_timing-aggregate.e791ce32-1225.min.js
js-agent.newrelic.com/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrics-aggregate.b4a54ed9-1225.min.js
js-agent.newrelic.com/ |
1 KB 932 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8e0eabc4-a5ce-4d4b-bc9b-c2308be115b1
https://travel.hsbc.ca/ |
67 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b99fa40c2c
bam.nr-data.net/1/ |
49 B 518 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f90b648c-66a1-40cf-a574-c037fb5dd051
https://travel.hsbc.ca/ |
67 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 54 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
82 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA string| Locale string| pageId function| webpackJsonp object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| dataLayer function| e function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| adobe object| _AT function| mboxCreate function| mboxDefine function| mboxUpdate function| MM_jumpMenu object| google_tag_manager object| google_tag_data object| gateways string| activeEngine string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| getSelectionText function| fbq function| _fbq object| aurycReadyCb object| auryc object| digitalData function| loadDeferredStyles function| raf object| picturefillCFG function| picturefill object| lazyLoad object| carousels object| tabbedCarousels object| __consolidated_events_handlers__ function| log function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s_i_rtvrtvairmilesdev boolean| aurycInit number| aurycLoadedTime object| aurycJsLibConfig object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| TrustedSite number| TrustedSite_done object| TrustedSiteInline function| bootstrap object| hellobarSiteSettings object| script function| hellobar function| launchAurycEventMarker object| aurycBehaviorAPI object| aurycRecordAPI string| FEEDBACKCONTENT string| FEEDBACKCONTENT_DESKTOP string| FEEDBACKINVITE string| FEEDBACKINVITE_DESKTOP string| FBTHANKYOU object| aurycFeedbackAPI function| launchAurycFeedback24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
travel.hsbc.ca/engine/vacations/destinations | Name: lang Value: en |
|
travel.hsbc.ca/engine/vacations | Name: lang Value: en |
|
rev.travel.hsbc.ca/ | Name: hsbctravel Value: 572612618.47873.0000 |
|
travel.hsbc.ca/ | Name: lang Value: en |
|
travel.hsbc.ca/ | Name: PHPSESSID Value: 1m70mqt2fl89gejtdlhlr6khb1 |
|
travel.hsbc.ca/ | Name: hsbctravel Value: 572612618.47873.0000 |
|
.hsbc.ca/ | Name: check Value: true |
|
.demdex.net/ | Name: demdex Value: 44982967246823265493642455959284156040 |
|
.hsbc.ca/ | Name: AMCVS_52BC0C3A53DB25230A490D4D%40AdobeOrg Value: 1 |
|
.hsbc.ca/ | Name: _gcl_au Value: 1.1.1790129518.1676648418 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Y__f4gAAABwtuQNw |
|
.dpm.demdex.net/ | Name: dpm Value: 44982967246823265493642455959284156040 |
|
.hsbc.ca/ | Name: mbox Value: session#8ac2a9b08f274a85a51dacfa86ccb03b#1676650279|PC#8ac2a9b08f274a85a51dacfa86ccb03b.34_0#1739893219 |
|
.hsbc.ca/ | Name: s_cc Value: true |
|
.hsbc.ca/ | Name: _gid Value: GA1.2.1151851475.1676648419 |
|
.hsbc.ca/ | Name: _gat_UA-227765-19 Value: 1 |
|
.hsbc.ca/ | Name: _gat_UA-76333024-27 Value: 1 |
|
.hsbc.ca/ | Name: _ga Value: GA1.1.301603561.1676648419 |
|
.hsbc.ca/ | Name: AMCV_52BC0C3A53DB25230A490D4D%40AdobeOrg Value: -1303530583%7CMCIDTS%7C19406%7CMCMID%7C44965768788059889583640808130027877059%7CMCAAMLH-1677253218%7C7%7CMCAAMB-1677253218%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1676655618s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19413%7CvVersion%7C3.3.0 |
|
.hsbc.ca/ | Name: _ga_TPHELVR18L Value: GS1.1.1676648418.1.0.1676648418.0.0.0 |
|
.hsbc.ca/ | Name: _fbp Value: fb.1.1676648418930.781632588 |
|
.hsbc.ca/ | Name: userty.core.p.be721e Value: __2VySWQiOiI2ZDg3MDljMzE4ZWE3MTAyMzk3ZWFiNDI0ZDgxMDRiYSJ9eyJ1c |
|
.hsbc.ca/ | Name: userty.core.s.be721e Value: __SI6MTY3NjY1MDIxOTE3MCwic2lkIjoiNDMwZTE1NzUzMGViMGE0ZTVlZjY0MzZjNjZmZDg4YzAiLCJzdCI6MTY3NjY0ODQxOTE3MCwicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9Iiwic21wbC53diI6ImYiLCJhdXJ5Yy5hZG9iZV9hbmFseXRpY3MiOiJmIiwic21wbC5hamF4IjoiZiJ9eyJzZ |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
bam.nr-data.net
cdn.auryc.com
cdn.ywxi.net
client-api.auryc.com
cm.everesttech.net
connect.facebook.net
dnn506yrbagrg.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
itravel2000.s3.amazonaws.com
js-agent.newrelic.com
my.hellobar.com
p.typekit.net
redtag-ca.s3.amazonaws.com
redtag.tt.omtrdc.net
redtagvacations.d2.sc.omtrdc.net
redtagvacations.demdex.net
rev.travel.hsbc.ca
s3-us-west-2.amazonaws.com
s3.amazonaws.com
stats.g.doubleclick.net
travel-img-assets.s3.us-west-2.amazonaws.com
travel-img.s3.amazonaws.com
travel.hsbc.ca
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.redtag.ca
107.23.31.66
151.101.2.137
162.247.241.14
208.103.171.96
2600:141b:13::17d7:82a2
2600:141b:9000::1725:7ba0
2600:141b:f000:f082::1e80
2600:9000:2105:c000:14:6bfc:5740:93a1
2606:4700:10::6816:e17
2607:f8b0:4004:c08::9d
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2008
2607:f8b0:4006:81e::2004
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2003
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
34.120.103.20
34.199.251.113
34.67.250.180
45.60.73.47
52.204.87.171
52.216.212.9
52.216.49.112
52.216.63.25
52.218.178.113
52.218.244.8
52.87.116.233
54.231.162.209
63.140.38.120
65.8.191.139
1197f27634861fd5146f7f8537bef47953f75073eb131ed99d1b18bd59f1d354
196ed0634b5c19548eb9ef2432ba6cc9f1f1d8446953de13e57f6bc6eceda098
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
226d10bc0a9dd614f06602b193b1eb3e0711e19143ce8da4df60920764033a7c
277084211ed5c51773120b873fa30b1b15cc876ac374000d774c50104b849b9a
2f1d8035f37b4ef1db4aec5701fe20a79fcf64ba0dfb8a867d7521c166f463b9
39424cca994e50a3950e7b19fa5dc76b9fb9479e5751282b934107621b509ed3
3c12605496639c19fb5cccbd48c96a79f961d6af808d7df2596d14c58b017677
43ce30d4ecf65e26c9c6d47c32ead3afd708f1d02a54b65f20af6fea08726b92
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
469feeaeda3e210275c9e540fb1b1a07c9f85c7c063eea3614925201dc8b4ae7
4c111edfd7ea6e75fb389fc96d1220e33c00fa5e83f5fbf474ba0948542adc7e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
52b9f67e15fce228520212b58f6ee6dca6db7415e379cc6688de16211f14a309
56a63ed636ce945f07c8b1dc57e24e66be48624c656ccee2e9be8b688b881dba
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d3ee87908bf2bfb28feb36b7317e182a8072fb87f95f9749e475cfc89eaa321
5e6627275085c3be9366d03dc8fe5de1aa97c57743bcd3f600468d395db1ad96
62e4e4969341df632b979444f69b7870c94c55a718ee20d7602151c28b9e9ad1
64c543376491eca75c0ac110106adc67ebaad0514d97b4f0617a623951945f47
68588db4f09f1982d74887644c54e581cc6ed7e267f836a480c29ef1a3c0a7a0
686057fe1583f7969752a0a9eebfa70b30dcd71537af74b7cb85c9e4960f1971
6ad58a9cb9d4a055600b17ae8df141e831fcf36549d928d6531706a9c43938e3
6e6576ec344d943fcc8ba510d7195ff1bf00c4d80288e74f79f58b6e93b0404c
6ec78eb21f808a126a02f0d57a6a943e337cec8105855fbab269324968bcb66d
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e7b6f4520d5c295328f73fff4930885f14aacf943eecca8ef0e44004c3b6ac2
8344e33505b758ec68b3f6e49a6d1b638124f923041bad00812ffcb32e8bd880
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
889bc05c94a0077997391bbc1d814b7961cf8c879e79b2d9838ee44ac715754f
8b916b53e9979c04f53722a3d7ef1ce3c3eeeefdc3b0e119b84bedb66f39919e
8d1d9867a70057d6b65c916dc6f9a7b274b893c3ffb9f3db4257aafe70311614
96ba9040b7f99f6da5ed548588a6c21eabff50d8b4decb29f2dae4bcc1250cd9
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5f325e9abb3bd19967b171dd79b75ccd9589aab30570e31ca0cbeb36a92eac2
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
a96c504e2886c1b2ac281f6ded38d0fdda8f8be3c828e8cdec430d3ebdf5845c
ac0e9e28f989a2aa6b186915dfe474e09c089de378f79079586dd2bb51822c39
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354
b39eb3c9e7d245ed4b4dfcbb43fb18fcec6c5b2af860d41c665354ad5e4e71e7
b7e8d669eb5e9d4a8f546f5906e9111947a5b69e72ae2da599c1ecd7f6d35763
bb30b739a21db6baf1f33faec29d2ceda15e30e116ba1fd5e6d42e7850183d95
bb4c291f819c37ffc007a33cbb82be00e5a3395d723b8425cf8c9a5fe615e8ab
c66bacb9316edb96218cba80d3e69f1bfa76de907cc5cf16d4720ac61badb123
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
c99bdf95cc00b57de1b30c671482850772ded30a8cbc149179ead3d7a43bad13
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
d2234afe4bfbf7812692e2cd2c7178aff73cfd38971752cfee535e2629a79519
dc03755deb3fcd629eeeeaf949c9f157d1c27e4e4c028062062e82c4364a7d73
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
e386fdf29820ba95b36e908ad47f615ee875489035bfc0dfc6b32dcbf7bef70e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90e02d29074efb04094d678eab9b1cadb5d01b4979f847c3e2f69803e46b92c
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
eeb37ef58da0a216e36e4b3a4dfa8c9e99d754dc698d67362e456191e94710fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dc90c9b1a8fcfaa6de6277d2ff58543a75888c08722abfe5a9a25f6ec0f647
f342e5900fa5e4bca5c8e7386c02a225de91c66989a0f2755324a228b7fe119d
f34a9abc6754f0cf1923e2f58dff4a3ed92840b81325e1ef6fe07ea0a8987278
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321