![](/screenshots/4abd697a-c7b1-4a79-95ad-7b3b89f35429.png)
www.tdrewards.com
Open in
urlscan Pro
69.90.55.203
Public Scan
Effective URL: https://www.tdrewards.com/expedia-for-td/?&uurl=https%3A%2F%2Fwww.expediafortd.com%2Fg%2Fu%2Flas-vegas%3Flangid%3D4105%26m...
Submission: On May 21 via manual from US
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 20th 2017. Valid for: a year.
This is the only time www.tdrewards.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.195.234.127 34.195.234.127 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 104.108.64.217 104.108.64.217 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
28 | 69.90.55.203 69.90.55.203 | 13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1) | |
5 | 52.58.161.203 52.58.161.203 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 172.227.123.233 172.227.123.233 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 3 | 52.25.146.43 52.25.146.43 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 104.109.87.116 104.109.87.116 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 54.77.33.20 54.77.33.20 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 66.117.29.6 66.117.29.6 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 52.191.131.157 52.191.131.157 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
2 | 172.227.113.72 172.227.113.72 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 172.217.22.110 172.217.22.110 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 74.125.206.155 74.125.206.155 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 204.79.197.200 204.79.197.200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 172.217.22.102 172.217.22.102 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
19 | 172.217.22.104 172.217.22.104 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 151.101.14.110 151.101.14.110 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 34.215.4.145 34.215.4.145 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 162.247.242.19 162.247.242.19 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic) | |
1 | 34.210.141.236 34.210.141.236 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
74 | 18 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-195-234-127.compute-1.amazonaws.com
link.expediamail.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-64-217.deploy.static.akamaitechnologies.com
www.expediafortd.com |
ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)
www.tdrewards.com | |
assets.tdrewards.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-161-203.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-123-233.deploy.static.akamaitechnologies.com
chat.td.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-25-146-43.us-west-2.compute.amazonaws.com
dpm.demdex.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-87-116.deploy.static.akamaitechnologies.com
cdn.tt.omtrdc.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-33-20.eu-west-1.compute.amazonaws.com
analytics.analytics-egain.com |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
tdbankfinancialgroup.tt.omtrdc.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: tdidev-lb01.westus2.cloudapp.azure.com
dev.chat.td.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-113-72.deploy.static.akamaitechnologies.com
smetrics.td.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f110.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: wk-in-f155.1e100.net
stats.g.doubleclick.net |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
bat.bing.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f102.1e100.net
ad.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f104.1e100.net
www.googletagmanager.com |
ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-215-4-145.us-west-2.compute.amazonaws.com
td.demdex.net |
ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-210-141-236.us-west-2.compute.amazonaws.com
td.demdex.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
tdrewards.com
www.tdrewards.com assets.tdrewards.com |
4 MB |
19 |
googletagmanager.com
www.googletagmanager.com |
426 KB |
5 |
demdex.net
1 redirects
dpm.demdex.net td.demdex.net |
5 KB |
5 |
ensighten.com
nexus.ensighten.com |
120 KB |
4 |
google-analytics.com
www.google-analytics.com |
15 KB |
4 |
td.com
chat.td.com dev.chat.td.com smetrics.td.com |
6 KB |
2 |
bing.com
bat.bing.com |
7 KB |
2 |
doubleclick.net
stats.g.doubleclick.net ad.doubleclick.net |
338 B |
2 |
analytics-egain.com
analytics.analytics-egain.com |
5 KB |
2 |
omtrdc.net
cdn.tt.omtrdc.net tdbankfinancialgroup.tt.omtrdc.net |
15 KB |
1 |
nr-data.net
bam.nr-data.net |
261 B |
1 |
newrelic.com
js-agent.newrelic.com |
9 KB |
1 |
expediafortd.com
1 redirects
www.expediafortd.com |
1 KB |
1 |
expediamail.com
1 redirects
link.expediamail.com |
266 B |
74 | 14 |
Domain | Requested by | |
---|---|---|
27 | www.tdrewards.com |
www.tdrewards.com
|
19 | www.googletagmanager.com |
nexus.ensighten.com
|
5 | nexus.ensighten.com |
www.tdrewards.com
nexus.ensighten.com |
4 | www.google-analytics.com |
www.tdrewards.com
www.google-analytics.com |
3 | dpm.demdex.net |
1 redirects
www.tdrewards.com
|
2 | td.demdex.net |
nexus.ensighten.com
www.tdrewards.com |
2 | bat.bing.com |
nexus.ensighten.com
www.tdrewards.com |
2 | smetrics.td.com |
www.tdrewards.com
|
2 | analytics.analytics-egain.com |
nexus.ensighten.com
analytics.analytics-egain.com |
1 | assets.tdrewards.com | |
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | js-agent.newrelic.com |
www.tdrewards.com
|
1 | ad.doubleclick.net |
nexus.ensighten.com
|
1 | stats.g.doubleclick.net |
www.tdrewards.com
|
1 | dev.chat.td.com |
analytics.analytics-egain.com
|
1 | tdbankfinancialgroup.tt.omtrdc.net |
nexus.ensighten.com
|
1 | cdn.tt.omtrdc.net |
nexus.ensighten.com
|
1 | chat.td.com |
nexus.ensighten.com
|
1 | www.expediafortd.com | 1 redirects |
1 | link.expediamail.com | 1 redirects |
74 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.td.com |
www.tdcanadatrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tdrewards.com COMODO RSA Domain Validation Secure Server CA |
2017-10-20 - 2018-12-19 |
a year | crt.sh |
*.analytics-egain.com Go Daddy Secure Certificate Authority - G2 |
2017-09-07 - 2020-09-07 |
3 years | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.tdrewards.com/expedia-for-td/?&uurl=https%3A%2F%2Fwww.expediafortd.com%2Fg%2Fu%2Flas-vegas%3Flangid%3D4105%26mdpcid%3Dca.opmloyalty.tdcanadatrust.NWemail.041818.EN
Frame ID: 2835E6C88AD4295E3F76030C4C86C5CB
Requests: 72 HTTP requests in this frame
Frame:
https://analytics.analytics-egain.com/iframe/EG58765197
Frame ID: 5AC7121D36C946F8FFD2DB6A27182672
Requests: 1 HTTP requests in this frame
Frame:
https://td.demdex.net/dest5.html?d_nsid=0
Frame ID: 7295E4A1D173DF0A4872238F464E4249
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/4abd697a-c7b1-4a79-95ad-7b3b89f35429.png)
Page URL History Show full URLs
-
http://link.expediamail.com/c/4/?T=Mjg2MDA4OTk%3AMDItYjE4MTA4LTFmODdjOThlNGMyYjRiYTlhOTA3MDQwNjMwY2ZhNTY...
HTTP 302
https://www.expediafortd.com/g/u/las-vegas?langid=4105&mdpcid=ca.opmloyalty.tdcanadatrust.NWemail.041818.EN HTTP 302
https://www.tdrewards.com/expedia-for-td/?&uurl=https%3A%2F%2Fwww.expediafortd.com%2Fg%2Fu%2Flas-vegas... Page URL
Detected technologies
Detected patterns
- env /^angular$/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- env /^google_tag_manager$/i
![](/vendor/wappa/icons/New Relic.png)
Detected patterns
- env /^NREUM/i
![](/vendor/wappa/icons/SiteCatalyst.png)
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
Detected patterns
- env /^webpackJsonp$/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: About Us
Search URL Search Domain Scan URL
Title: Privacy & Security
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: TD Canada Trust
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://link.expediamail.com/c/4/?T=Mjg2MDA4OTk%3AMDItYjE4MTA4LTFmODdjOThlNGMyYjRiYTlhOTA3MDQwNjMwY2ZhNTYw%3Ac25pa3JhcEB0ZWx1cy5uZXQ%3ATVItWFgtWC10ZWlkWC5YLWlzc3VYWFhYLXRlc3RYLWxhbmdFTi12ZXJzWC1tY2lkTS1zZWdhWC1zZWdiWC1zZWdtWC1TSUQta2V5NzAwMDYyMjQ4ODgxMC1wYWlkNzAzMTU4NTgtbG9jZW5fQ0E%3AZmFsc2U%3A%3A%3AaHR0cHM6Ly93d3cuZXhwZWRpYWZvcnRkLmNvbS9nL3UvbGFzLXZlZ2FzP2xhbmdpZD00MTA1Jm1kcGNpZD1jYS5vcG1sb3lhbHR5LnRkY2FuYWRhdHJ1c3QuTldlbWFpbC4wNDE4MTguRU4&K=YX7QcIEvJ_5AtKCQcJgEzQ
HTTP 302
https://www.expediafortd.com/g/u/las-vegas?langid=4105&mdpcid=ca.opmloyalty.tdcanadatrust.NWemail.041818.EN HTTP 302
https://www.tdrewards.com/expedia-for-td/?&uurl=https%3A%2F%2Fwww.expediafortd.com%2Fg%2Fu%2Flas-vegas%3Flangid%3D4105%26mdpcid%3Dca.opmloyalty.tdcanadatrust.NWemail.041818.EN Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://dpm.demdex.net/id?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1526862613138 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=1.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1526862613138
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.tdrewards.com/expedia-for-td/ Redirect Chain
|
17 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/tdb/public-ca/ |
390 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.tdrewards.com/templates/active/static/ |
203 KB 203 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors.js
www.tdrewards.com/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js
www.tdrewards.com/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
templateCacheHtml.js
www.tdrewards.com/templates/active/static/ |
336 B 789 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eg_resource_tdct.js
chat.td.com/system/web/custom/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
target.js
cdn.tt.omtrdc.net/cdn/ |
43 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EG58765197
analytics.analytics-egain.com/onetag/ |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/tdb/public-ca/ |
482 B 601 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ajax
tdbankfinancialgroup.tt.omtrdc.net/m2/tdbankfinancialgroup/mbox/ |
758 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
weblysleekuisl-webfont.woff2
www.tdrewards.com/templates/active/static/fonts/ |
21 KB 21 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EG58765197
analytics.analytics-egain.com/iframe/ Frame 5AC7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Offers.egain
dev.chat.td.com/system/ |
21 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
smetrics.td.com/ |
49 B 442 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
login
www.tdrewards.com/api/userManagement/guestUser/ |
472 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1daccc3299d53cfc2be6b2b65edec414.js
nexus.ensighten.com/tdb/public-ca/code/ |
703 B 996 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
542585241dfe89f02966c16380bb84bb.js
nexus.ensighten.com/tdb/public-ca/code/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 919 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/ |
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
stats.g.doubleclick.net/r/ |
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
bat.js
bat.bing.com/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
B10862916.145035458;sz=1x2;ord=106463562806
ad.doubleclick.net/ddm/adj/N307601.197812NSO.CODESRV/ |
11 B 236 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
nr-1026.min.js
js-agent.newrelic.com/ |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() td.demdex.net/ Frame 7295 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c099ced574
bam.nr-data.net/1/ |
57 B 261 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
td.demdex.net/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s63197662866407
smetrics.td.com/b/ss/tdtdct,tdglobal/1/JS-1.6/ |
43 B 526 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular-locale_en-ca.js
www.tdrewards.com/templates/active/static/i18n/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
product
www.tdrewards.com/api/productManagement/ |
12 KB 13 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
carousel
www.tdrewards.com/api/ |
87 KB 88 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
catalog
www.tdrewards.com/api/productManagement/ |
402 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
td_shield_nowhitespace.png
www.tdrewards.com/templates/active/static/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
td-font.ttf
www.tdrewards.com/templates/active/static/fonts/ |
5 KB 5 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
weblysleekuisb-webfont.woff2
www.tdrewards.com/templates/active/static/fonts/ |
20 KB 21 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
weblysleekuil-webfont.woff2
www.tdrewards.com/templates/active/static/fonts/ |
18 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e6cf7c6ec7c2d6f670ae9d762604cb0b.woff2
www.tdrewards.com/ |
70 KB 71 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/ |
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
expedia_logo.png
www.tdrewards.com/templates/active/static/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
expedia_tablet.png
www.tdrewards.com/templates/active/static/images/ |
174 KB 174 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
emailDeals.svg
www.tdrewards.com/templates/active/static/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TD_Infinite_eng_rgb.jpg
www.tdrewards.com/templates/active/static/images/td_credit_cards/ |
63 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TD_PlatinumTravel_eng_rgb.jpg
www.tdrewards.com/templates/active/static/images/td_credit_cards/ |
108 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TD_Rewards_M_eng_RGB.jpg
www.tdrewards.com/templates/active/static/images/td_credit_cards/ |
66 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TD_Business_Travel_eng_rgb.jpg
www.tdrewards.com/templates/active/static/images/td_credit_cards/ |
68 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
812
www.tdrewards.com/api/productManagement/product/ |
68 KB 69 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
category
www.tdrewards.com/api/productManagement/ |
832 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
category
www.tdrewards.com/api/productManagement/ |
866 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
category
www.tdrewards.com/api/productManagement/ |
2 B 1006 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lady_card_001.jpg
assets.tdrewards.com/img/img/ |
76 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
176 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| NREUM object| newrelic function| __nr_require object| ensBootstraps object| Bootstrapper number| cvParamInPageName string| cvParamToInclude number| cvAutoSections string| cvURL string| cvSearchEngines string| cvDownloadExtensions function| getRSID function| customSections function| cfCheckRSID function| cfPageName function| cfUtility function| cfGetQParam function| cfLeft function| cfRight function| cfClean function| removeHTMLTags function| trackConversions function| trackCustomLink number| _delay function| _log function| isStorageSupported function| saveToSessionStorage function| retriveFromSessionStorage function| removeFromSessionStorage function| clearFromSessionStorage function| getKeyFromSessionStorage function| getLengthForSessionStorage function| isDivIdExists function| trackSavingPageVisited function| trackChequingPageVisited function| trackCreditCardPageVisited function| getNumberOfPageVisited function| trackFilterModified function| customerAbondonOSO function| trackViewMoreAccount function| isNumOfTabsCustClickApplicable function| trackNumOfTabsCustClick function| trackCustVisitsTFSA function| trackCustClickTFSA function| trackPreAuthorizedTabs function| trackNumOfErrors function| resetNumOfErrors function| trackIdleTimeOnPage function| startClock function| resetClock string| egchatServer string| egchatscript function| Visitor object| s_c_il number| s_c_in object| visitor function| targetPageParams function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxList function| mboxSignaler function| mboxLocatorDefault function| mboxLocatorNode function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mbox function| mboxFactory function| mboxScPluginFetcher object| mboxFactories function| MboxSmartList function| MboxSmartListList string| E object| mboxFactoryDefault number| mboxVersion function| mboxCreate function| mboxDefine function| mboxUpdate function| mboxVizTargetUrl function| mboxSetCookie function| mboxGetCookie function| mboxLoadSCPlugin object| _AT object| TNT string| mboxCopyright string| sName function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| today object| currentDate number| sundays number| currentDayNum function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement function| c_r function| c_rspers function| c_w number| s_objectID number| s_giq object| s function| s_sp function| s_jn function| DIL object| _enslog string| egchatserver string| EGOFR_c_name string| EGOFR_c_value number| EGOFR_expire_time_min function| openeGainAutoLoginHelp function| getSizzleForTarget object| mboxCurrent object| ttMETA function| ttMBX object| EGAINCLOUD object| EG_CALL_Q function| eGOFRPatternStore function| webpackJsonp object| angular number| ng339 object| FileAPI function| _ string| GoogleAnalyticsObject function| ga object| page_tag string| psj0 string| psj1 object| gaplugins object| gaGlobal object| gaData object| uetq string| conversionTag object| gTaglist number| x function| AppMeasurement_Module_DIL object| _tmsFl object| google_tag_manager object| dataLayer function| gtag function| UET object| cvParam_Split number| d object| eo number| y object| dc object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd string| j string| k string| S string| s_tnt object| s_i_tdtdct_tdglobal function| demdexRequestCallback_0_152686261492913 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tdrewards.com/ | Name: s_pers Value: %20s_vnum%3D1526947200919%2526vn%253D1%7C1526947200919%3B%20s_invisit%3Dtrue%7C1526864414922%3B%20s_nr%3D1526862614923-New%7C1529454614923%3B |
|
.tdrewards.com/ | Name: _uetsid Value: _uet5b28ce74 |
|
.tdrewards.com/ | Name: _gat Value: 1 |
|
.tdrewards.com/ | Name: _ga Value: GA1.2.19379614.1526862614 |
|
www.tdrewards.com/ | Name: AMCV_A783776A5245B1E50A490D44%40AdobeOrg Value: 817868104%7CMCIDTS%7C17673%7CMCMID%7C82144793403797552550018954182857284987%7CMCAAMLH-1527467414%7C9%7CMCAAMB-1527467414%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1526869814s%7CNONE%7CMCAID%7CNONE |
|
.tdrewards.com/ | Name: mbox Value: check#true#1526862674|session#c86381ead3c741f5aabb072e1cbb7e1d#1526864474|PC#c86381ead3c741f5aabb072e1cbb7e1d.26_20#1534638614 |
|
www.tdrewards.com/ | Name: EG-S-ID Value: A250ac18e5-1540-4ff9-8a8b-7298041f4622 |
|
.tdrewards.com/ | Name: _gid Value: GA1.2.1080227809.1526862614 |
|
www.tdrewards.com/ | Name: EG-U-ID Value: A96e75851f-698f-4436-a13e-d09af32ea609 |
|
.tdrewards.com/ | Name: s_sess Value: %20s_cc%3Dtrue%3B |
|
www.tdrewards.com/ | Name: AMCVS_A783776A5245B1E50A490D44%40AdobeOrg Value: 1 |
|
.tdrewards.com/ | Name: mboxPers Value: |
|
.tdrewards.com/ | Name: mboxPersSent Value: true |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains; always |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
analytics.analytics-egain.com
assets.tdrewards.com
bam.nr-data.net
bat.bing.com
cdn.tt.omtrdc.net
chat.td.com
dev.chat.td.com
dpm.demdex.net
js-agent.newrelic.com
link.expediamail.com
nexus.ensighten.com
smetrics.td.com
stats.g.doubleclick.net
td.demdex.net
tdbankfinancialgroup.tt.omtrdc.net
www.expediafortd.com
www.google-analytics.com
www.googletagmanager.com
www.tdrewards.com
104.108.64.217
104.109.87.116
151.101.14.110
162.247.242.19
172.217.22.102
172.217.22.104
172.217.22.110
172.227.113.72
172.227.123.233
204.79.197.200
34.195.234.127
34.210.141.236
34.215.4.145
52.191.131.157
52.25.146.43
52.58.161.203
54.77.33.20
66.117.29.6
69.90.55.203
74.125.206.155
0415030601723c3e8327ddb668fdeda4d662072e0c2ea5f7738718e758ec6a3b
0ae4436e541728a9a7805939e0df9c09da274e5df4458800c086a0a33cb5011f
1311d766b83574068e9b45c52e949ebe5a4e4d0a82cd6eafa1761f319d8da615
219851666ae744d6e5154f2e4cf19b7af0c137a3aea9daabd3f2bff8a3a65050
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41
34956ea9c264a7e4f81f7c1b9d4aeab68948ccea30232236e41eff3799ec618e
34c0b2efefd3423595565e97cb377cbec7c06f4047596d847fca2b7573edfaee
3fbd3e60f72cc9aa26e6f45e494afbeb9efb57769b0394aff98ab6db5f16e159
42259f75822f31f3803f571f0b831a93a001809d1deaf2ad6c1d73162e6b6a09
44e9551c8fbbb6e360b1d7c675e923a9654a0fe94a2b3b3958f2b6f8e7220bcb
46042d249f4bb6cfa2c377b84df928e19ce5b078451ff179ec32e2653a586f33
46433f76e2c804463b0f6df27dd0d970730d1aebbd6cb8dfb75b33c9d4ded361
4a36cc4a1b0cd8950e23a62bef061452ff7bb0a33fc318cc1cc9b9824d56e3b4
4e75d4724ca548760d7706d2c7dcd13383e0a4facadd0bc5b6a60e7db4b62616
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fff29929c2b60f13344dc4417db33c77d4075429d709a2937d9b790785bc3a7
53fb79a3fd19b9c65208147d4c173ff2bd41635ff02c852fc8d65de3c3fb4c1b
577437d5107a7917f89842d68e67d10356bcffc60f60d60fb63b00c0b80391db
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
67563318f781475915e443fef24576ea64e5de5a80e7ab3fd6b967de15538dcc
6773ab96c6077de14b668cdc6439a49fe412fcca91fe57248740090b41280ccd
686cb9ea7b320f35b7cff240706f2c1334994674ab5b3ec2554eb1c24d815c1d
69d6c512d02f5a473434c9b526d2ae354d09608e092da40a497ad41a1967c3a7
6aba0c155964697c29bd8f3cd18192780379014457a213c3bb6f8799590d5dde
6e08eea7f1f1b18ebf530bcc497293f71c418d98e413fda00f81eca4f6581747
6f0a56b853e7d8b6cadaee3ecb0d77e3281bc0f2d4eb61d2e2cc2806fa79f273
76d98dfa5e2cff45b50011511dee227e7117b5c0bbe6cd3ec7b6964d7599c7d2
78327cd42cf691ac426532d9e3a436c4384aa780a46ffaaeb71721279307ed04
79a16f217262df5a4408d849100f65698d3bf3b42205b1559cf6868698185150
7a4051d683a08613183701db4a59afbc2b210ff8a571ea7e6ce43645f9d60dd0
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f8f92a1913474ebb54f27bb9a908eb8006c76665ed14ed7ebea958b661b4b7a
7fe7c81e4d23d52c41eb3a6983e25cffb186bb7267345b673c031b8dc1668d4a
829eede7ca24d9688131e07021d3e52c832b81903aa1aa9d74622e7935c7c774
82c5a6efb2121fe23e85e7169d299faa44d2d351adbdd1c7f9da575776d49326
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f
9143c9feeb4921460d1b76f442389e131462ea2c6e191e3d89c7a2b2656dd029
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96aa8702918fab909676f4736631ba988c5edf154c634039d2287af50b7c6c09
96b92a71f572e69f0c9c6d862462743fbc713dbba5ebd6629b6f519a0ac987fe
983951ac2ad102ed33dba4cee5620eb76f545cca55e9b954700338ba105154ff
9e3209f0cf30cd90ef985ebd44b67c6bfaed6fb3a470be4c88b25324f4740ffe
a01050f120544b659a5b01dd168b7416224587780616e22d71c1d223e7a6d92b
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aad3a3d366cae682cfdec0e8eda10777db3d2bde30d5262452a21ee248913fb2
ac7c0779131ab90a67e43ad088f50074ab1d921c4da0af2ceb2b00f360b6f0f6
ae9cd52fc8d88dada1bc0ac8f810a61b5612268e6dcb6e160fba877d0634fdab
b16aa4872ac68c1c93b346d265c99d6a83aacac1ba43f1e8f180573a3408787c
bba44516b4127eddc7978c030cae94b1c1a94eb43ca88b698dafe5bf1c2fd0e2
bc1007d51bc1506c1ff2fbcb1fc6581bbb6437d290fd6cd4d5651b69eb0b6664
be680004bac9727939c73605a53a4ad1c21b10196f167b85d37de6c725162235
c39cd074b33a0348246ff987044c7650533c69afc4727bac852f8e02722d6d67
c94cdc1e220481af340fa8944ece534a691c39eaf28b9d3a8b890584f3741eb9
cc15861321357ce474a4883af0c615b0072b8009fa30f8aa9049efc2cb27aa3a
de37d85532bb0bc5e8137e825a9d622ead35d58e331fb25a9a21ff81355f95eb
e0138da90aa95f782d31b61f34b2bc38a8fbe07958ff5bf9139daa1eb0b3769d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54d3f4ad5c3c66a747f2a7f62e7ca28abfd2db5c57b3ba53721ee02e7e11b29
e8de5012833bdf5fb39e80501f26041f7303def0e2680e3b1206d6a2e60ff1a4
ead970bec1c49a7a2ed63bc4c924cfb5d6e0f15b940e9eb3b8e8f84a82b8cda1
ebd4bd617b42626972d80944a390e48d4748b4fd65e55cd4eedf254a32a5e989
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f334812c71d8ada0aba604ccf0c91257b2eb60208494e76d460e2b572176d5bf
f3d41cd2593e24bc99449ab1065fba3cd69a020fad12c3abba708af5a8528df3
fa190324bafe161a7d46bb6967315582118a08c2f350cbd1d946a8f53f88d3b9
fa33bdafc55d1404ff41c75d0798872676e2eac896f90652d1bf252deb032854