![](/screenshots/ac1cd394-95e5-43a6-834e-1716820cd9a4.png)
hnl.ca
Open in
urlscan Pro
198.54.116.196
Public Scan
Effective URL: https://hnl.ca/
Submission Tags: phishing
Submission: On April 27 via api from US — Scanned from CA
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 11th 2022. Valid for: a year.
This is the only time hnl.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN10242 (USINTERNET, US)
PTR: 216.17.94.185.ip.usinternet.com
members.hnl.ca |
ASN22612 (NAMECHEAP-NET, US)
PTR: host42.registrar-servers.com
hnl.ca |
ASN15169 (GOOGLE, US)
fonts.googleapis.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net |
ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-11-45.compute-1.amazonaws.com
pixel.advertising.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-53-186.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-19-229.compute-1.amazonaws.com
bs.serving-sys.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
51 |
hnl.ca
1 redirects
members.hnl.ca — Cisco Umbrella Rank: 753166 hnl.ca — Cisco Umbrella Rank: 591013 |
2 MB |
5 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 102 |
1 KB |
5 |
gstatic.com
fonts.gstatic.com |
115 KB |
3 |
serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1690 bs.serving-sys.com — Cisco Umbrella Rank: 1048 |
22 KB |
3 |
tapad.com
3 redirects
pixel.tapad.com — Cisco Umbrella Rank: 405 |
583 B |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
20 KB |
3 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 137 |
199 KB |
2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283 |
599 B |
2 |
advertising.com
2 redirects
pixel.advertising.com — Cisco Umbrella Rank: 400 |
666 B |
2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 326 |
1 KB |
2 |
bidswitch.net
2 redirects
x.bidswitch.net — Cisco Umbrella Rank: 274 |
1 KB |
2 |
acuityplatform.com
acuityplatform.com — Cisco Umbrella Rank: 1026 ums.acuityplatform.com — Cisco Umbrella Rank: 1172 |
2 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39 |
1 KB |
1 |
taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1274 |
99 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80 |
432 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58 |
48 KB |
78 | 16 |
Domain | Requested by | |
---|---|---|
48 | hnl.ca |
hnl.ca
|
5 | www.facebook.com |
hnl.ca
connect.facebook.net |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | pixel.tapad.com | 3 redirects |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | connect.facebook.net |
hnl.ca
connect.facebook.net |
3 | members.hnl.ca |
1 redirects
hnl.ca
members.hnl.ca |
2 | secure-ds.serving-sys.com |
hnl.ca
secure-ds.serving-sys.com |
2 | ups.analytics.yahoo.com |
1 redirects
hnl.ca
|
2 | pixel.advertising.com | 2 redirects |
2 | match.adsrvr.org | 2 redirects |
2 | x.bidswitch.net | 2 redirects |
2 | fonts.googleapis.com |
hnl.ca
|
1 | bs.serving-sys.com |
secure-ds.serving-sys.com
|
1 | ums.acuityplatform.com |
hnl.ca
|
1 | sync-t1.taboola.com |
hnl.ca
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | acuityplatform.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
hnl.ca
|
78 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
members.hnl.ca |
www.facebook.com |
twitter.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hnl.ca Sectigo RSA Domain Validation Secure Server CA |
2022-02-11 - 2023-03-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-02-04 - 2022-05-05 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.acuityplatform.com Go Daddy Secure Certificate Authority - G2 |
2022-04-11 - 2023-05-13 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-05 - 2023-03-08 |
a year | crt.sh |
members.hnl.ca R3 |
2022-03-10 - 2022-06-08 |
3 months | crt.sh |
bs.serving-sys.com Amazon |
2022-04-20 - 2023-05-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hnl.ca/
Frame ID: 8DCB2D5F91921C93C3B08F78A5F38CEA
Requests: 78 HTTP requests in this frame
Screenshot
![](/screenshots/ac1cd394-95e5-43a6-834e-1716820cd9a4.png)
Page Title
HNL | Hospitality Newfoundland and Labrador – Hospitality Newfoundland and LabradorPage URL History Show full URLs
-
http://members.hnl.ca/communication/link?l=738f3925a23c1bb00de0c20285cc36d9&i=354742
HTTP 302
https://hnl.ca/ Page URL
Detected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
- wp-embed\.min\.js\?ver=([\d.]+)
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- googleapis\.com/.+webfont
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
![](/vendor/wappa/icons/Sizmek.png)
Detected patterns
- serving-sys\.com/
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Member Directory
Search URL Search Domain Scan URL
Title: Events
Search URL Search Domain Scan URL
Title: Events
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://members.hnl.ca/communication/link?l=738f3925a23c1bb00de0c20285cc36d9&i=354742
HTTP 302
https://hnl.ca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 63- https://x.bidswitch.net/sync?dsp_id=236&user_id=665811370257&expires=30&user_group=1 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=665811370257&expires=30&user_group=1 HTTP 302
- https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=86afd24e-1387-45a3-8698-d5279599df6e
- https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=665811370257&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
- https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=665811370257&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b2301734-87ea-473c-843b-91cef18a8b80%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526uid%253Db2301734-87ea-473c-843b-91cef18a8b80&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b2301734-87ea-473c-843b-91cef18a8b80%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526uid%253Db2301734-87ea-473c-843b-91cef18a8b80&gdpr=0&gdpr_consent= HTTP 302
- https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=006d00b7-af7f-4995-9e95-780d1ddead0f&ttd_puid=b2301734-87ea-473c-843b-91cef18a8b80%2Chttps%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3Db2301734-87ea-473c-843b-91cef18a8b80 HTTP 302
- https://ums.acuityplatform.com/sum?umid=64&uid=b2301734-87ea-473c-843b-91cef18a8b80
- https://pixel.advertising.com/ups/55950/sync?uid=665811370257&_origin=1 HTTP 302
- https://pixel.advertising.com/ups/55950/sync?uid=665811370257&_origin=1&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/55950/sync?uid=665811370257&_origin=1&apid=UPccb9a775-c613-11ec-9e2a-0a6e9f864a6d HTTP 302
- https://ups.analytics.yahoo.com/ups/55950/sync?uid=665811370257&_origin=1&apid=UPccb9a775-c613-11ec-9e2a-0a6e9f864a6d&verify=true
78 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
hnl.ca/ Redirect Chain
|
46 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
hnl.ca/wp-includes/css/dist/block-library/ |
79 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simple-banner.css
hnl.ca/wp-content/plugins/simple-banner/ |
487 B 461 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_35776a9a.css
hnl.ca/wp-content/themes/hnl/dist/styles/ |
288 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
hnl.ca/wp-includes/js/jquery/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
hnl.ca/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simple-banner.js
hnl.ca/wp-content/plugins/simple-banner/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
head_35776a9a.js
hnl.ca/wp-content/themes/hnl/dist/scripts/ |
1 KB 874 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HNLlogo.png
hnl.ca/wp-content/uploads/2017/11/ |
359 KB 360 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
hnl.ca/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Islands-Coastline-Central-2048-e1518622376889-1920x824.jpg
hnl.ca/wp-content/uploads/2018/02/ |
415 KB 416 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Asset-4-80-768x511.jpg
hnl.ca/wp-content/uploads/2017/10/ |
47 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Asset-2-80-768x512.jpg
hnl.ca/wp-content/uploads/2017/10/ |
81 KB 81 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Asset-3-80.jpg
hnl.ca/wp-content/uploads/2017/10/ |
216 KB 216 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pal_logo_verbage.png
hnl.ca/wp-content/uploads/2017/11/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Eastern-Audio-Master-Logo-CMYK-600dpi-copy-300x71.png
hnl.ca/wp-content/uploads/2017/11/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ACOA-Logo-300x46.jpg
hnl.ca/wp-content/uploads/2017/12/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tourism_HR_Canada_Logo_Horizontal_EN_3Colour_WEB-300x147.png
hnl.ca/wp-content/uploads/2017/12/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TIAC-AITC-Full-Colour-300x105.png
hnl.ca/wp-content/uploads/2017/12/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DestinationCanada-300x75.png
hnl.ca/wp-content/uploads/2017/12/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC_LOGO_Voice_BIL_PNG_3Pantone_Colour-300x113.png
hnl.ca/wp-content/uploads/2018/10/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ITAC-logo-english-horizontal-small-1-300x91.png
hnl.ca/wp-content/uploads/2019/03/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TCII-CMYK-300x131.png
hnl.ca/wp-content/uploads/2017/12/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DSJ-Logo-300x180.jpg
hnl.ca/wp-content/uploads/2017/12/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Legendary-Coasts-Logo.png
hnl.ca/wp-content/uploads/2017/12/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Adventure-Central-logo-300x186.jpg
hnl.ca/wp-content/uploads/2017/12/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DL-Logo-Color-300x140.jpg
hnl.ca/wp-content/uploads/2017/12/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go-western.jpg
hnl.ca/wp-content/uploads/2018/02/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nlclogo-300x65.jpg
hnl.ca/wp-content/uploads/2017/12/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
formreset.min.css
hnl.ca/wp-content/plugins/gravityforms/legacy/css/ |
4 KB 583 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
formsmain.min.css
hnl.ca/wp-content/plugins/gravityforms/legacy/css/ |
79 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
readyclass.min.css
hnl.ca/wp-content/plugins/gravityforms/legacy/css/ |
30 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
browsers.min.css
hnl.ca/wp-content/plugins/gravityforms/legacy/css/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_35776a9a.js
hnl.ca/wp-content/themes/hnl/dist/scripts/ |
183 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
hnl.ca/wp-includes/js/ |
1 KB 960 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regenerator-runtime.min.js
hnl.ca/wp-includes/js/dist/vendor/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-polyfill.min.js
hnl.ca/wp-includes/js/dist/vendor/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dom-ready.min.js
hnl.ca/wp-includes/js/dist/ |
1 KB 799 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hooks.min.js
hnl.ca/wp-includes/js/dist/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n.min.js
hnl.ca/wp-includes/js/dist/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a11y.min.js
hnl.ca/wp-includes/js/dist/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.json.min.js
hnl.ca/wp-content/plugins/gravityforms/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gravityforms.min.js
hnl.ca/wp-content/plugins/gravityforms/js/ |
43 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
987 B 375 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
448 B 654 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMQg.ttf
fonts.gstatic.com/s/opensanscondensed/v23/ |
32 KB 21 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont_af7ae505.woff2
hnl.ca/wp-content/themes/hnl/dist/vendor/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v28/ |
31 KB 31 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Battle-Harbour-Labrador-1920x1471.jpg
hnl.ca/wp-content/uploads/2018/02/ |
236 KB 236 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexQ.ttf
fonts.gstatic.com/s/opensans/v28/ |
33 KB 22 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v28/ |
31 KB 21 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Yves.jpg
hnl.ca/wp-content/uploads/2018/01/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rick-450.jpg
hnl.ca/wp-content/uploads/2018/01/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v28/ |
31 KB 20 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ |
303 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
639800933051999
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
127 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 398 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8214444792676204751
acuityplatform.com/Adserver/pxlj/ |
623 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 432 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Redirect Chain
|
0 99 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sum
ums.acuityplatform.com/ Redirect Chain
|
0 778 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/55950/ Redirect Chain
|
0 122 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ |
68 KB 21 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/plugins/customer_chat/SDK/ |
0 24 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/plugins/customer_chat/facade/ |
1 KB 778 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader_c5cd7f53.gif
hnl.ca/wp-content/themes/hnl/dist/vendor/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Widgets.js
members.hnl.ca/Content/Script/ |
33 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1073746830
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ |
122 B 475 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/plugins/customer_chat/SDK/ |
0 21 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Serving
bs.serving-sys.com/ |
390 B 808 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events_upcoming
members.hnl.ca/ |
77 B 329 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.facebook.com/plugins/customer_chat/SDK/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=wordpress&attribution_version=2.3&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3aea0136593274%26domain%3Dhnl.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhnl.ca%252Ff2898424e3b4708%26relation%3Dparent.parent&container_width=1600¤t_url=https%3A%2F%2Fhnl.ca%2F&event_name=chat_plugin_sdk_dialog_iframe_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=29f52e5f-9daf-4018-a4d9-15abebf445bd&page_id=109981226424&request_time=1651054894917&sdk=joey&suppress_http_code=1
Verdicts & Comments Add Verdict or Comment
132 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| gform object| _wpemojiSettings undefined| $ function| jQuery object| simpleBannerScriptParams string| gtmID function| fbq function| _fbq string| SAGE_DIST_PATH string| growthzone_url object| dataLayer object| FB function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gtm string| cookieName string| cookieValue string| cookiePath object| d string| expires object| Foundation object| wp object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| gform_i18n object| gf_global object| gf_legacy_multi object| gaplugins object| gaGlobal object| gaData object| twemoji object| p object| versaTagObj function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar function| HandleUnsavedChanges function| renderRecaptcha function| gformIsRecaptchaPending object| gfMultiFileUploader boolean| CMS object| _mniwq object| $jscomp function| $jscomp$lookupPolyfilledValue object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData undefined| oneTagObj function| ebDecode object| bsResponseObj string| value20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.members.hnl.ca/ | Name: DotNetARRAffinity Value: e7cf34e54650448e021cd10f362a34634c912b69880ac8a3ad8cec5a0ac04c9f |
|
.hnl.ca/ | Name: _fbp Value: fb.1.1651054887959.1884097617 |
|
hnl.ca/ | Name: ValidWebsiteVisitor Value: true |
|
.hnl.ca/ | Name: _ga Value: GA1.2.805398026.1651054888 |
|
.hnl.ca/ | Name: _gid Value: GA1.2.8545427.1651054888 |
|
.hnl.ca/ | Name: _gat_UA-63195517-1 Value: 1 |
|
.hnl.ca/ | Name: _gat_UA-61095856-1 Value: 1 |
|
.acuityplatform.com/ | Name: auid Value: 665811370257 |
|
.tapad.com/ | Name: TapAd_TS Value: 1651054888289 |
|
.tapad.com/ | Name: TapAd_DID Value: b2301734-87ea-473c-843b-91cef18a8b80 |
|
.advertising.com/ | Name: APID Value: UPccb9a775-c613-11ec-9e2a-0a6e9f864a6d |
|
.bidswitch.net/ | Name: tuuid Value: 86afd24e-1387-45a3-8698-d5279599df6e |
|
.bidswitch.net/ | Name: c Value: 1651054888 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1651054888 |
|
.adsrvr.org/ | Name: TDID Value: 006d00b7-af7f-4995-9e95-780d1ddead0f |
|
.yahoo.com/ | Name: A3 Value: d=AQABBCgZaWICEHxekcCOKh8ghGb6tBoqNB8FEgEBAQFqamJyYgAAAAAA_eMAAA&S=AQAAAvXn3-snCVFb4BGON2Y8NUI |
|
.adsrvr.org/ | Name: TDCPM Value: CAESFAoFdGFwYWQSCwis6-WVt5DUOhAFGAUgASgCMgsIjLC-ws2Q1DoQBTgB |
|
.analytics.yahoo.com/ | Name: IDSYNC Value: 1766~24ka |
|
.tapad.com/ | Name: TapAd_3WAY_SYNCS Value: 1!2818 |
|
.acuityplatform.com/ | Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBNjT6jXVzZXJNYXRjaGluZ0lkJAKAkWxhc3REcm9wVGltZU1pbGxpcyUBQBpRJEiSmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUAaUSRIko90aGlyZFBhcnR5VXNlcklkY2IyMzAxNzM0LTg3ZWEtNDczYy04NDNiLTkxY2VmMThhOGI4MPuBMTf6QiSiQyUBQBpRJCmARCFFIfuCMTE3+kIkA6pDJQFAGlEkKYBEIUUh+4IxMzX6QiQEjkMlAUAaUSQpgEQhRSH7gTI5+kIkukMlAUAaUSQpgEQhRSH7+4Z2ZXJzaW9uwvs=" |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acuityplatform.com
bs.serving-sys.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hnl.ca
match.adsrvr.org
members.hnl.ca
pixel.advertising.com
pixel.tapad.com
secure-ds.serving-sys.com
stats.g.doubleclick.net
sync-t1.taboola.com
ums.acuityplatform.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
www.facebook.com
107.178.246.49
141.226.224.48
15.197.193.217
198.54.116.196
216.17.94.185
23.50.53.186
2607:f8b0:4004:c0b::9d
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81c::200e
2607:f8b0:4006:822::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.218.90.66
34.205.11.45
35.211.178.172
50.16.19.229
69.90.254.73
69.90.254.78
00ff17078d48f6852937ead960bf47205ffcf98de4e40ef73726ec71598cf6e7
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
0582bf8111717e6ef348a7981c5e4ea362c888c02cf3bac16f21339d419e5693
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
093953e495ab26e2440dd12661d9c353c25a8d336d7fd859b72680502cafcfc5
0b780e0966165f9e208d16526573ec6fad9d7f3fa2f1aa160ade1d4f9dae8149
0c19e3e9ba497a5325fd56779a43272607d3d3d8a1fdbb7e2782e18e278c4886
0c37ae1c28140107a015f2757cb6fd7466af429c3bcc1f3e762efa8b6c70697b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d4ef6993f67781729793f88e75b74864b1592ec411364ac93298d625bf72953
1d86cc67053d538e6aabe027a358f1c075bd241c70b9383c9edcf51ea9481b9a
28f839555d4989a6a449a0fd755a1e3bca755cef0bac594e9233ca52c15e3784
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
307fe6d7d8a91aa7b2b0ea10da50820ab8db995ca6070c85c1e6e341dffd5fc4
3136238ea70111f6926dad0884316cfa4aa10d047df719a4767676397187f37c
38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a
3a13db7e8aa0f9e6b51c4818b3ecda5ef7723e78a8920cf416038ce3b5af685d
44ca9a896b20b1b947624b2f82f2bdd0630b5c8acb0df35601e8e036336cb678
5372c29f188c99b1be3fbe2cb56e66823f08246d3aa1924d539759fc0d1e95a4
56a12c63c837ca61abe0c3cd533ab2ca454274f978c15387e5eaaa4125e6f7a5
5b685ab252c9726981a5eff9de507d115d1a6b72054dd8cf900f4db95b29acba
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d18f1cc5daea2008f209ec014e38943236a1d195e7b8fa38b5511e85bdee633
663e452bfa02673a90c6dc4ed5fd054dedeef762e2fe5931a6cc8a5de4c6bc98
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba1fa8e58492d086ec448ae1d7eaea4c4abd29dca28ba16df5260b7b513bd44
6dd3857363d2e2b016984bc8b4ed7a826e286fbbcbe2606fc6a6bad2013e342d
71c9e058f724fca2b1a86d10f96aa5c8837c592bbf4adb14d45256be49d82491
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba
7a74813eaab59a21f879546f3139d5e554247e13b93cb5e6bd0adb2b1f3f8e2f
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
940b01cc52b6e51807d7f01a2eff9b710ab173f97575613ea9c26043a44bb04a
9ff947f7243f6fa2f97f6cf9f3e7396811a1f186ef89ed0b11f2765beb2319ed
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a49ec3e3ce2c85b8b065dc2483e5334c21cee82463f980484c8cdc3065738911
a8d64f1db4a760050fca2c31059d0a6cc7f347da9bb14fd265c5dd8c19b66b4d
ab1bda6f532e6cf51b79a83b1a5447e6a33812be259537f608a0facb01d63b42
b9cf255b95d2af84c19c690daa0594473ce1ea7afe3c4a8bf5f274d8c59f0a10
ba334145a891a796935f95fdf168c67f35b6621762eb6c068387de3a1d16bf98
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfc262e4798507b62bcd79d723b601bfb4fc3c7f106b38d0600398ada6d186bd
ce90ec2ab36b8193b9b0ac128c4d2d224533d1f53caa89aa2e25e7a7831fe828
ced04ac881864cf75d487c8e4b20d97999bd8fb8fd3cfb5b1d46362e15ea4fe0
cfc8039ef8b151390daabba7d5c9f43c0cb1b793c5788f06f62c898f5410d480
d05cd2d3cae7a5569263751584ffd052e97a487c68eb971a9b6be64a9cbb28ad
d4de6ff601c632b75c01911611ebb11d77299b2fc486a7f140aa641e43a7c720
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
dacc7fc83bf1ee1c92faa6c968a1b55586c2b016558670c6256c58bfb13f83bf
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df676435742df6a4dd34f4a698474415365c79dbc7b1d55196bc2fa401d61424
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4775d23aaee5a8c04a4587fb72e6fd7bc6f54d4e311ad69c3878f3eb156d3d6
e4cfebf140db407c5e0b6975a6a97cca3f448276553653c95c38991f9b3c121c
e8265770b82afb2a08519383f047f923de99983b39eb867d7f9d3c03fd91adf0
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ec4b1f521c704649c28d46f47abf4e2d8ce1fa159e755fb96c8f875611efa5d8
ecc0bc4dd21fd277c48fabd88500d4f17e6f473388f8d71ba03597d082c5fd05
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
ef2409c8e65e8ef6dc2247a45b12e2fbfb18f414b0e3c1e3e538e86517f6860d
f307b32051e28f35c1d8cdc485ced5feaf35299901b43c3a0d9c416a8a75fa82
f45a11176e27b98f9c84b876ca0f24af132aae1b2c2acc56569020e58f176bbc
f553c6799c5950ee82fe391930c22ff23d7706efb6a5d1858db266b78da80718
f564e1f85249dd94347caef64f6778abb371631a57dfabb5bf86cc7d31349449
f766d1411855040303f004b172c39fcbcd728ce2a2b804ca6479de8fcbbce2fa