www.hsbc.ca
Open in
urlscan Pro
161.113.4.9
Malicious Activity!
Public Scan
Effective URL: https://www.hsbc.ca/fr-ca/
Submission: On September 10 via api from CA
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 27th 2018. Valid for: a year.
This is the only time www.hsbc.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Interac (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 192.157.231.218 192.157.231.218 | 18978 (ENZUINC-US) (ENZUINC-US - Enzu Inc) | |
3 3 | 216.58.207.34 216.58.207.34 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 4 | 2a00:1450:400... 2a00:1450:4001:80b::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 4 | 2a00:1450:400... 2a00:1450:4001:81f::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 2a00:1450:400... 2a00:1450:4001:81e::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
5 | 2a00:1450:400... 2a00:1450:4001:825::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:400c:c06::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 30 | 161.113.4.9 161.113.4.9 | 26415 (VERISIGN-INC) (VERISIGN-INC - VeriSign Global Registry Services) | |
6 | 152.199.23.241 152.199.23.241 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 3 | 34.253.43.81 34.253.43.81 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 52.208.212.211 52.208.212.211 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 66.117.29.227 66.117.29.227 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 1 | 66.117.28.86 66.117.28.86 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 66.117.29.11 66.117.29.11 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
6 | 161.113.9.186 161.113.9.186 | 26415 (VERISIGN-INC) (VERISIGN-INC - VeriSign Global Registry Services) | |
2 | 178.249.101.23 178.249.101.23 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
4 | 2a03:6400:10:... 2a03:6400:10:0:178:249:97:98 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
3 | 2a03:6400:10:... 2a03:6400:10:0:178:249:97:99 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
3 | 208.89.12.87 208.89.12.87 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
1 | 143.204.214.50 143.204.214.50 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 52.208.155.23 52.208.155.23 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
88 | 17 |
ASN18978 (ENZUINC-US - Enzu Inc, US)
PTR: 218.231-157-192.rdns.scalabledns.com
crimeireland.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US)
www.hsbc.ca |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
tags.tiqcdn.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-43-81.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-212-211.eu-west-1.compute.amazonaws.com
hsbcbankglobal.demdex.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
hsbcbankglobal.sc.omtrdc.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
hsbcbankglobal.tt.omtrdc.net |
ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US)
mcm-prod.hsbc.ca |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
lpcdn.lpsnmedia.net |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
accdn.lpsnmedia.net |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
PTR: va.v.liveperson.net
va.v.liveperson.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-50.fra53.r.cloudfront.net
cdn.appdynamics.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-155-23.eu-west-1.compute.amazonaws.com
col.eum-appdynamics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
hsbc.ca
2 redirects
www.hsbc.ca mcm-prod.hsbc.ca |
1 MB |
16 |
crimeireland.com
crimeireland.com |
338 KB |
7 |
lpsnmedia.net
lpcdn.lpsnmedia.net accdn.lpsnmedia.net |
21 KB |
6 |
tiqcdn.com
tags.tiqcdn.com |
166 KB |
6 |
doubleclick.net
4 redirects
googleads.g.doubleclick.net stats.g.doubleclick.net |
2 KB |
5 |
liveperson.net
lptag.liveperson.net va.v.liveperson.net |
95 KB |
5 |
google-analytics.com
www.google-analytics.com |
19 KB |
4 |
omtrdc.net
hsbcbankglobal.sc.omtrdc.net hsbcbankglobal.tt.omtrdc.net |
9 KB |
4 |
demdex.net
1 redirects
dpm.demdex.net hsbcbankglobal.demdex.net |
3 KB |
4 |
google.de
www.google.de |
641 B |
4 |
google.com
4 redirects
www.google.com |
2 KB |
3 |
googleadservices.com
3 redirects
www.googleadservices.com |
2 KB |
1 |
eum-appdynamics.com
col.eum-appdynamics.com |
297 B |
1 |
appdynamics.com
cdn.appdynamics.com |
18 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
527 B |
88 | 15 |
Domain | Requested by | |
---|---|---|
30 | www.hsbc.ca |
2 redirects
www.hsbc.ca
|
16 | crimeireland.com |
crimeireland.com
|
6 | mcm-prod.hsbc.ca |
tags.tiqcdn.com
www.hsbc.ca |
6 | tags.tiqcdn.com |
www.hsbc.ca
tags.tiqcdn.com |
5 | www.google-analytics.com |
crimeireland.com
|
4 | lpcdn.lpsnmedia.net |
lptag.liveperson.net
www.hsbc.ca |
4 | www.google.de |
crimeireland.com
www.hsbc.ca |
4 | www.google.com | 4 redirects |
4 | googleads.g.doubleclick.net | 4 redirects |
3 | va.v.liveperson.net |
lptag.liveperson.net
|
3 | accdn.lpsnmedia.net |
lptag.liveperson.net
|
3 | hsbcbankglobal.sc.omtrdc.net |
www.hsbc.ca
tags.tiqcdn.com |
3 | dpm.demdex.net |
1 redirects
www.hsbc.ca
|
3 | www.googleadservices.com | 3 redirects |
2 | lptag.liveperson.net |
tags.tiqcdn.com
|
2 | stats.g.doubleclick.net |
crimeireland.com
|
1 | col.eum-appdynamics.com |
www.hsbc.ca
|
1 | cdn.appdynamics.com |
www.hsbc.ca
|
1 | hsbcbankglobal.tt.omtrdc.net |
www.hsbc.ca
|
1 | cm.everesttech.net | 1 redirects |
1 | hsbcbankglobal.demdex.net |
tags.tiqcdn.com
|
88 | 21 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
www.google.de GTS CA 1O1 |
2019-08-23 - 2019-11-21 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-08-23 - 2019-11-21 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-08-23 - 2019-11-21 |
3 months | crt.sh |
www.hsbc.ca DigiCert SHA2 Extended Validation Server CA |
2018-08-27 - 2019-10-26 |
a year | crt.sh |
*.tiqcdn.com DigiCert SHA2 Secure Server CA |
2017-10-25 - 2020-05-13 |
3 years | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2019-04-23 - 2020-04-14 |
a year | crt.sh |
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2017-10-19 - 2020-11-25 |
3 years | crt.sh |
mcm-prod.hsbc.ca DigiCert SHA2 Extended Validation Server CA |
2019-08-16 - 2020-08-17 |
a year | crt.sh |
*.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2017-12-17 - 2020-12-16 |
3 years | crt.sh |
*.lpsnmedia.net COMODO RSA Organization Validation Secure Server CA |
2018-02-26 - 2021-02-25 |
3 years | crt.sh |
*.v.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2018-05-08 - 2020-05-07 |
2 years | crt.sh |
*.appdynamics.com DigiCert SHA2 Secure Server CA |
2019-04-15 - 2020-06-17 |
a year | crt.sh |
*.eum-appdynamics.com DigiCert SHA2 Secure Server CA |
2019-04-15 - 2020-06-10 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.hsbc.ca/fr-ca/
Frame ID: A77C3370354F3237B99A9298FB9AEF6D
Requests: 78 HTTP requests in this frame
Frame:
http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/activityi.html
Frame ID: 194AB2E88B8262D8EF4D6DC2F7C0A894
Requests: 8 HTTP requests in this frame
Frame:
https://hsbcbankglobal.demdex.net/dest5.html?d_nsid=0
Frame ID: 5CE26F5CB9EF494BE0692DF1388CD49A
Requests: 1 HTTP requests in this frame
Frame:
https://lpcdn.lpsnmedia.net/le_secure_storage/3.7.0.1-release_442/storage.secure.min.html?loc=https%3A%2F%2Fwww.hsbc.ca&site=58784955&env=prod&isCrossDomain=true
Frame ID: 7737438E5754D4238E06FA1EBA5A06EC
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/ Page URL
-
https://www.hsbc.ca/1/2/fr/personal
HTTP 301
https://www.hsbc.ca/1/2/fr/personal/ HTTP 302
https://www.hsbc.ca/fr-ca/ Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- script /\/etc\/designs\//i
Java (Programming Languages) Expand
Detected patterns
- script /\/etc\/designs\//i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
LivePerson (Live Chat) Expand
Detected patterns
- script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i
Tealium (Advertising Networks) Expand
Detected patterns
- script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Entreprises
Search URL Search Domain Scan URL
Title: InscriptionÂ
Search URL Search Domain Scan URL
Title: Accédez à vos comptesÂ
Search URL Search Domain Scan URL
Title: Déconnexion
Search URL Search Domain Scan URL
Title: Mastercard de la HSBC
Search URL Search Domain Scan URL
Title: Services de gestion privée de patrimoine HSBC
Search URL Search Domain Scan URL
Title: HSBCnet
Search URL Search Domain Scan URL
Title: HSBC Horizon Patrimoine
Search URL Search Domain Scan URL
Title: HSBC Horizon Patrimoine
Search URL Search Domain Scan URL
Title: Faites croître votre patrimoine
Search URL Search Domain Scan URL
Title: Auprès d’expatriés
Search URL Search Domain Scan URL
Title: Carrières, médias, renseignements de l'investisseur et de l’entrepriseÂ
Search URL Search Domain Scan URL
Title: Entreprises
Search URL Search Domain Scan URL
Title: Nouvelle fenêtre
Search URL Search Domain Scan URL
Title: Nouvelle fenêtre
Search URL Search Domain Scan URL
Title: visitez HSBC Canada Facebook Nouvelle fenêtre
Search URL Search Domain Scan URL
Title: visitez HSBC Canada Twitter Nouvelle fenêtre
Search URL Search Domain Scan URL
Title: visitez HSBC Canada YouTube Nouvelle fenêtre
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/ Page URL
-
https://www.hsbc.ca/1/2/fr/personal
HTTP 301
https://www.hsbc.ca/1/2/fr/personal/ HTTP 302
https://www.hsbc.ca/fr-ca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://www.googleadservices.com/pagead/conversion/981124174/?random=1568140366572&cv=8&fst=1568140366572&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F&ref=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=2004191539&cv=8&fst=*&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ref=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Tux3XaOGJZD13wOt0YPwDw&sscte=1&crd=>d= HTTP 302
- https://www.google.com/pagead/1p-conversion/981124174/?random=2004191539&cv=8&fst=*&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ref=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=Tux3XaOGJZD13wOt0YPwDw&random=243889183 HTTP 302
- https://www.google.de/pagead/1p-conversion/981124174/?random=2004191539&cv=8&fst=*&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ref=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=Tux3XaOGJZD13wOt0YPwDw&random=243889183&ipr=y
- https://www.googleadservices.com/pagead/conversion/954740125/?random=1568140366582&cv=8&fst=1568140366572&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F&ref=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=2027777758&cv=8&fst=*&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ref=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Tux3Xf-KJdTq3wPH37pQ&sscte=1&crd=>d= HTTP 302
- https://www.google.com/pagead/1p-conversion/954740125/?random=2027777758&cv=8&fst=*&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ref=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=Tux3Xf-KJdTq3wPH37pQ&random=2011053177 HTTP 302
- https://www.google.de/pagead/1p-conversion/954740125/?random=2027777758&cv=8&fst=*&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ref=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=Tux3Xf-KJdTq3wPH37pQ&random=2011053177&ipr=y
- https://www.googleadservices.com/pagead/conversion/979606057/?random=1568140366588&cv=8&fst=1568140366572&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F&ref=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=1889266514&cv=8&fst=*&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ref=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Tux3XbKJJdXf3wP_0YeIBA&sscte=1&crd=>d= HTTP 302
- https://www.google.com/pagead/1p-conversion/979606057/?random=1889266514&cv=8&fst=*&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ref=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=Tux3XbKJJdXf3wP_0YeIBA&random=810984671 HTTP 302
- https://www.google.de/pagead/1p-conversion/979606057/?random=1889266514&cv=8&fst=*&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ref=http://crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=Tux3XbKJJdXf3wP_0YeIBA&random=810984671&ipr=y
- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
- http://www.google-analytics.com/plugins/ua/linkid.js HTTP 307
- https://www.google-analytics.com/plugins/ua/linkid.js
- http://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=2117115783&t=pageview&_s=1&dl=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=26662498&gjid=1156064118&cid=2063705303.1568140367&tid=UA-53324311-2&_gid=1092624196.1568140367>m=GTM-5SR238&z=2085689291 HTTP 307
- https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=2117115783&t=pageview&_s=1&dl=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=26662498&gjid=1156064118&cid=2063705303.1568140367&tid=UA-53324311-2&_gid=1092624196.1568140367>m=GTM-5SR238&z=2085689291
- http://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=2117115783&t=pageview&_s=1&dl=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAAj~&jid=1297090935&gjid=336849110&cid=2063705303.1568140367&tid=UA-53324311-1&_gid=1092624196.1568140367>m=GTM-5SR238&z=414101049 HTTP 307
- https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=2117115783&t=pageview&_s=1&dl=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAAj~&jid=1297090935&gjid=336849110&cid=2063705303.1568140367&tid=UA-53324311-1&_gid=1092624196.1568140367>m=GTM-5SR238&z=414101049
- http://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=2117115783&t=event&ni=1&_s=1&dl=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=aGDAAAAj~&jid=1910472255&gjid=1148443616&cid=2063705303.1568140367&tid=UA-53324311-1&_gid=1092624196.1568140367&_r=1>m=GTM-5SR238&z=1039543203 HTTP 307
- https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=2117115783&t=event&ni=1&_s=1&dl=http%3A%2F%2Fcrimeireland.com%2Fcrarefundtaxes%2FCRAetransfer%2Fbanks%2FHSBC%2F&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=aGDAAAAj~&jid=1910472255&gjid=1148443616&cid=2063705303.1568140367&tid=UA-53324311-1&_gid=1092624196.1568140367&_r=1>m=GTM-5SR238&z=1039543203
- https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1568140373332 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1568140373332
- https://cm.everesttech.net/cm/dd?d_uuid=76663930004309461480224381237138789573 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XXfsVQAAFA9c8xKk
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008932642/?guid=ON&script=0 HTTP 302
- https://www.google.com/pagead/1p-user-list/1008932642/?guid=ON&script=0&is_vtc=1&random=4135537281 HTTP 302
- https://www.google.de/pagead/1p-user-list/1008932642/?guid=ON&script=0&is_vtc=1&random=4135537281&ipr=y
88 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/ |
14 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js.download
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ |
57 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
generalCSS.css
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ |
17 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GTIe8CSS.css
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ |
31 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendorJS.js.download
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ |
155 KB 155 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav-logo.svg
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ |
7 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
question-mark.svg
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc.svg
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-logo-en.svg
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ |
33 KB 33 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navJS.js.download
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ |
826 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
activityi.html
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ Frame 194A |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversion.js.download
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ Frame 194A |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ Frame 194A |
42 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1)
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ Frame 194A |
63 B 63 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(2)
crimeireland.com/crarefundtaxes/CRAetransfer/banks/HSBC/error_files/ Frame 194A |
42 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-conversion/981124174/ Frame 194A Redirect Chain
|
42 B 421 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-conversion/954740125/ Frame 194A Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-conversion/979606057/ Frame 194A Redirect Chain
|
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Redirect Chain
|
43 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm5445.html
crimeireland.com/crarefundtaxes/CRAetransfer/www.googletagmanager.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ Redirect Chain
|
2 KB 1010 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ Redirect Chain
|
35 B 123 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ |
35 B 303 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ Redirect Chain
|
35 B 93 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ |
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ Redirect Chain
|
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
www.hsbc.ca/fr-ca/ Redirect Chain
|
162 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-default.min.2a259fcdea5543181d65b64bcd59b695.css
www.hsbc.ca/etc/designs/dpws/ |
557 KB 68 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/hsbc/ca-rbwm/prod/ |
127 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
www.hsbc.ca/etc/designs/hsbc/appd/ |
37 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HSBC_MASTERBRAND_LOGO_RGB.svg
www.hsbc.ca/content/dam/hsbc/ca/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Dad%20Onesie%20940x400_02.jpg
www.hsbc.ca/content/dam/hsbc/ca/chequing-accounts/ |
414 KB 415 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hsbc_home_gic_retention.jpg
www.hsbc.ca/content/dam/hsbc/ca/index/ |
88 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hsbc_ntc_398x279.jpg
www.hsbc.ca/content/dam/hsbc/ca/index/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HSBC_Mortgage_Sushi--hero-banner-sm.jpg
www.hsbc.ca/content/dam/hsbc/ca/chequing-accounts/ |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HIFC-Summer-Campaign.jpg
www.hsbc.ca/content/dam/hsbc/ca/images/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hsbc_travel_insurance_293x206.jpg
www.hsbc.ca/content/dam/hsbc/ca/index/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wtb_hp_400x280.jpg
www.hsbc.ca/content/dam/hsbc/ca/images/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eCredit_Vendor_400x280.jpg
www.hsbc.ca/content/dam/hsbc/ca/images/ |
60 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdic__membership-badge--fr.png
www.hsbc.ca/content/dam/hsbc/ca/global/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdic__logo--fr.png
www.hsbc.ca/content/dam/hsbc/ca/global/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-all-v2.js
www.hsbc.ca/etc/designs/dpws/staticlibs/ |
109 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-all.min.075769d33f82a042ed7ccb61ae7f98fd.js
www.hsbc.ca/etc/designs/dpws/ |
382 KB 103 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/hsbc/ca-rbwm/prod/ |
351 KB 60 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.svg
www.hsbc.ca/etc/designs/dpws/common/social/ |
950 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter.svg
www.hsbc.ca/etc/designs/dpws/common/social/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
youtube.svg
www.hsbc.ca/etc/designs/dpws/common/social/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UniversNextforHSBCW02-Rg.woff
www.hsbc.ca/etc/designs/dpws/common/fonts/ |
27 KB 27 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UniversNextforHSBCW02-Bd.woff
www.hsbc.ca/etc/designs/dpws/common/fonts/ |
26 KB 26 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HSBCIcon-Font.woff
www.hsbc.ca/etc/designs/dpws/common/fonts/ |
22 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UniversNextforHSBCW02-Lt.woff
www.hsbc.ca/etc/designs/dpws/common/fonts/ |
26 KB 26 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UniversNextforHSBCW02-Th.woff
www.hsbc.ca/etc/designs/dpws/common/fonts/ |
26 KB 27 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
hsbcbankglobal.demdex.net/ Frame 5CE2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
hsbcbankglobal.sc.omtrdc.net/ |
3 B 475 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=XXfsVQAAFA9c8xKk
dpm.demdex.net/ Redirect Chain
|
42 B 776 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
hsbcbankglobal.tt.omtrdc.net/m2/hsbcbankglobal/mbox/ |
97 B 353 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.hsbc.ca/fr-ca/configuration/modals/series-d-bump.modal/ |
3 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flags_16.png
www.hsbc.ca/etc/designs/dpws/common/img/ |
59 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize.auth.json
www.hsbc.ca/ |
20 B 433 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 117 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.202.js
tags.tiqcdn.com/utag/hsbc/ca-rbwm/prod/ |
122 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.105.js
tags.tiqcdn.com/utag/hsbc/ca-rbwm/prod/ |
33 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.41.js
tags.tiqcdn.com/utag/hsbc/ca-rbwm/prod/ |
65 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1008932642/ Redirect Chain
|
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HelveticaNeueforHSBCW84-Th.woff
www.hsbc.ca/etc/designs/dpws/common/fonts/ |
37 KB 37 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
session.js
mcm-prod.hsbc.ca/5644/handler9/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JavascriptInsert.js
mcm-prod.hsbc.ca/ |
82 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s85003424645845
hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-ca/10/JS-2.10.0/ |
4 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/58784955/configuration/applications/taglets/ |
234 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.7.0.1-release_442/ Frame 7737 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zones
accdn.lpsnmedia.net/api/account/58784955/configuration/le-campaigns/ |
2 KB 645 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
58784955
va.v.liveperson.net/api/js/ |
595 B 1 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
jsEvent.json
mcm-prod.hsbc.ca/5644/550360235333497/XBW09WEA78JG/ |
50 B 729 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overlay.js
lpcdn.lpsnmedia.net/le_re/3.35.0.1-release_3356/jsv2/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UISuite.js
lpcdn.lpsnmedia.net/le_re/3.35.0.1-release_3356/jsv2/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3693
accdn.lpsnmedia.net/api/account/58784955/configuration/le-campaigns/campaigns/1528601214/engagements/1528601314/revision/ |
2 KB 971 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
58784955
va.v.liveperson.net/api/js/ |
110 B 830 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23730514
accdn.lpsnmedia.net/api/account/58784955/configuration/engagement-window/window-confs/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
live-chat.png
lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
58784955
va.v.liveperson.net/api/js/ |
42 B 769 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
jsEvent.json
mcm-prod.hsbc.ca/5644/550360235333497/XBW09WEA78JG/ |
27 B 706 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
cdn.appdynamics.com/ |
45 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s81345397374072
hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-ca/10/JS-2.10.0/ |
4 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
jsEvent.json
mcm-prod.hsbc.ca/5644/550360235333497/XBW09WEA78JG/ |
27 B 706 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
jsEvent.json
mcm-prod.hsbc.ca/5644/550360235333497/XBW09WEA78JG/ |
27 B 706 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAE-HSU/ |
0 297 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Interac (Banking)188 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| event object| TMS function| targetPageParamsAll object| visitor object| u object| targetTEAL object| HSBC object| DCSext function| dcsGetHSBCCookie function| dcsVar function| dcsMultiTrack function| dcsMapHSBC function| dcsMeta function| dcsFunc function| dcsTag object| __TEALIUM function| Visitor object| s_c_il number| s_c_in object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| target object| utag_data string| adrum-app-key number| adrum-start-time object| ADRUM object| dpwsExternalLinkConfiguration object| modalsConfiguration object| utag_err boolean| utag_condload string| utag_lh object| jwt undefined| JWTInternals object| utag function| e function| utag_condloader function| _tealium_old_error object| utag_cfg_ovrd object| Evnt string| mn object| WIZ_util function| prefixPriority function| uta_t object| TEALIUM undefined| $ function| jQuery object| respond function| moment object| Bootstrap object| GPWS object| HSBC_utils object| Mustache object| __core-js_shared__ object| core boolean| anchorsFuncionalityLoadedOnce object| s_dpid object| utag_extn function| targetPageParams string| HSBCCAPageID string| HSBCCAcompatVersion string| HSBCCApacketVersion object| HSBCCApendingManualEvents function| HSBCCAevent function| HSBCCAclick function| HSBCCAtextchange function| HSBCCAformsubmit function| HSBCCASendJsonData function| HSBCCASL boolean| HSBCCALF string| HSBCCATCP string| HSBCCASSL function| HSBCCAgPr function| HSBCCASC function| HSBCCAfindCookieVal function| HSBCCAdeleteLegacyCookies function| HSBCCAdoDeleteCookie function| HSBCCAclearStoppedState function| HSBCCAstop string| HSBCCAwindowID object| HSBCCARTEHandler function| HSBCCAgC function| HSBCCAae function| HSBCCAclient_event function| HSBCCAGP function| HSBCCAGPWID function| HSBCCALC string| HSBCCATWID function| HSBCCAoptOut function| HSBCCAoptIn function| HSBCCAanonymous function| HSBCCAresetCSA function| HSBCCAdoReInit function| HSBCCAtmoPoll boolean| HSBCCAjsInsertAlreadyLoaded function| HSBCCAgetSD number| HSBCCATm object| HSBCCAsImgArr object| s function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL function| AppMeasurement_Module_Integrate number| s_loadT object| s_i_hsbc-rbwm-ca function| tealium_liveperson_lib object| lpTag function| tacticalRequestCobrowse function| tacticalVerifyCobrowse function| enterServiceNumber function| tealiumLaunchCobrowse function| tealiumCobrowseOpen function| tealiumCobrowseClose function| tealiumVerifyCobrowse function| tealiumCobrowseAcceptTC object| h function| _typeof object| proxyless object| lpMTagConfig number| HSBCCAwid number| HSBCCAsn number| HSBCCAcfg number| HSBCCAln string| HSBCCAgetInputs string| HSBCCAmultiAttribJsRules string| HSBCCAjsRules string| HSBCCAmetaTagRules string| HSBCCAcontentRules string| HSBCCAregExRules string| HSBCCAfbRules string| HSBCCAgpRules string| HSBCCAtwRules string| HSBCCAsvId string| HSBCCAexceptionRules string| HSBCCAdbId boolean| HSBCCAlookups string| HSBCCAcontentKey number| HSBCCAidl number| HSBCCAsST number| HSBCCAmST boolean| HSBCCAdoCapture boolean| HSBCCAuSC string| HSBCCAaCI boolean| HSBCCAuseCors boolean| HSBCCAuseJsonFormatRequest function| HSBCCAHSBCCAsessionset function| HSBCCApersisted boolean| HSBCCAqNI function| HSBCCAiBd function| HSBCCABd boolean| HSBCCAoTP object| HSBCCAoWA number| HSBCCAwI boolean| HSBCCAsWO boolean| HSBCCAisReinit function| HSBCCAdoCelebrusInsertInvocation number| HSBCCAlstActv boolean| HSBCCAnavSent function| HSBCCAgetConfig function| HSBCCAdeleteSessionCookie function| HSBCCAvariableStateChange object| HSBCCAiAy function| HSBCCAeQI function| HSBCCAdCB function| HSBCCAflushEvents function| HSBCCApollForReset function| HSBCCAdoResetCSA function| HSBCCAstopEvents function| HSBCCAmediaEvent function| HSBCCAtrackYouTubeIframePlayer function| HSBCCAtwitterAnywhereTweet function| HSBCCAgplusAuthResponse function| HSBCCAplusOne function| HSBCCAlinkedInShare function| HSBCCAcOP function| HSBCCAqueueUserEvent function| HSBCCAflashEvent function| HSBCCAreportContentAction function| HSBCCAgHW boolean| HSBCCAcfgAlreadyDirectedHandlerUse object| HSBCCAsACW number| HSBCCAisReady13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lpcdn.lpsnmedia.net/ | Name: lpStrMap Value: %257B%252258784955lpsmt%2522%253A1%257D |
|
.demdex.net/ | Name: demdex Value: 87153990097782245184180152133272038780 |
|
lpcdn.lpsnmedia.net/ | Name: monitoringSDK%5C%40%40SessionCookieWrapperstorage_expiration%5C%40%40SessionCookieWrapper58784955 Value: 1568226774227 |
|
lpcdn.lpsnmedia.net/ | Name: 58784955lpsmt Value: %257B%2522lp_monitoringSDK%2522%253A%257B%2522b66606b4-a8a7-424f-a8a2-c74fa969a15b7-18234%2522%253A%257B%2522value%2522%253A%257B%2522vid%2522%253A%2522UwZGRkYTRiYjYzMTllY2U1%2522%252C%2522sid%2522%253A%252207gjAxeWQCGQNAzLrvAOtw%2522%257D%252C%2522locations%2522%253A%257B%2522hsbc.ca%2522%253A%257B%2522ts%2522%253A1568140374909%257D%257D%252C%2522ttl%2522%253A86400000%252C%2522ts%2522%253A1568140374909%257D%257D%252C%2522meta%2522%253A%257B%2522v%2522%253A%25221.0%2522%257D%257D |
|
.demdex.net/ | Name: dextp Value: 358-1-1568140373897|771-1-1568140373997|903-1-1568140374102|1957-1-1568140374208|30064-1-1568140374311|144230-1-1568140374412|144231-1-1568140374513|144232-1-1568140374615|144233-1-1568140374717|144234-1-1568140374817|144235-1-1568140374919 |
|
lpcdn.lpsnmedia.net/ | Name: lpUnifiedWindow%5C%40%40SessionCookieWrapperstorage_expiration%5C%40%40SessionCookieWrapper58784955 Value: 1568226774231 |
|
.hsbc.ca/ | Name: LPVID Value: UwZGRkYTRiYjYzMTllY2U1 |
|
.hsbc.ca/ | Name: HSBCCApersisted Value: null_1_dbb3edf7157a4cdb9192434ecd84fc5e_1568140374451_55036023533705_1568140374451_1 |
|
.hsbc.ca/ | Name: LPSID-58784955 Value: 07gjAxeWQCGQNAzLrvAOtw |
|
.hsbc.ca/ | Name: HSBCCAsession Value: 55036023533705_1568140373811_1568140374451_5644_794c124623e64c878d1663be67a3d50c |
|
.hsbc.ca/ | Name: aam_uuid Value: 76663930004309461480224381237138789573 |
|
.hsbc.ca/ | Name: s_cc Value: true |
|
.hsbc.ca/ | Name: utag_main Value: vapi_domain:hsbc.ca$_prevpage:pws%3Ahomepage%3Bexp-session |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accdn.lpsnmedia.net
cdn.appdynamics.com
cm.everesttech.net
col.eum-appdynamics.com
crimeireland.com
dpm.demdex.net
googleads.g.doubleclick.net
hsbcbankglobal.demdex.net
hsbcbankglobal.sc.omtrdc.net
hsbcbankglobal.tt.omtrdc.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
mcm-prod.hsbc.ca
stats.g.doubleclick.net
tags.tiqcdn.com
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.hsbc.ca
143.204.214.50
152.199.23.241
161.113.4.9
161.113.9.186
178.249.101.23
192.157.231.218
208.89.12.87
216.58.207.34
2a00:1450:4001:80b::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:825::200e
2a00:1450:400c:c06::9a
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
34.253.43.81
52.208.155.23
52.208.212.211
66.117.28.86
66.117.29.11
66.117.29.227
022ff6e848dc7ba9ca22b7103d11f228f96e34a512aa83a26ab8366573374ffa
035d4ec7cebfc7d9b6044c11bf7c1efd83e95fffbec2c153a5257826682d078f
1012b6f8946d3b38f5f52bddc5d339b08be998d546d55df0671ad69353ba256c
132b95cbb051324da0efabf195fbc0697554e16100b8c1b4da28571c0d95de81
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695
169ab263f661ef50eab404e6be618a16523d35822615ebb6d9d29228945ea7d5
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c
1bccd0b25390d9eb59bac81ae429bf226bce4c10be217d4ff8effeebc56a713d
1c93852bc585df081443f9dcbb6e2dbaebbe563d96c62131790bb29ad0028e2e
1cec5ccf4056221a024d4ad5d1b170b7d09a3d61abca58dcc94f78904c8d0373
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
2737af4bcbd928e226389631cc5858527e57ff3e964700781c11b67691ee2edb
2cbcb1b5e5eb482b1f91ef4344851c8a8cb8756a4d9b5a4a0f478f0679b7b5d2
2cbe75f6135387cbfcf593049b5e4c5f8eb9f9fee0c1caa509bc219c7c3313e1
2ce693c688cf188c89f4b5b81d69678b10edc552bbf06f9c744cce04c1ad2e6c
336ea46c540dc59556ccfe7c96b47bc43b3feeac564470ed44d1cd0fc2e7dfeb
34d125c238a18c6c0cd843978774ca56c2c0f7b3067144f42a8b4ec4b0a7e1a7
3953341840c2c899e533d0ace57e223fb5cdaf0c44c1e88a4a197f9a41cbdd77
3faf4f8a3a1c739bbfbf4cbf963d8c87bd3e3348d18fe5380ade2360b6522ad2
4d0abfba4322983df5aa4a6f24eac4cb4289bed8739f7ea55e61c20bbf6d7cda
4daf95de5594e01b033d033b0fac695ed2c0b958ba5363402fd373fc10e2197b
537adf497d47378107269f4e60b841165951a2c5e17966851446adf6dd6a1329
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df
5988dde3c4371f87e723912b971f70dbcaa0594408e5192f63fb0f5dd901d6c7
5be554a89f37da54d582a5355a28673a7783b1dc8c01b0262376a05df6981747
63c9089a9fa3de7ff56dc73ef9dc07798df15dcb3c85061b57ec2a3c020c9acf
6752391d2ef31c42d6595b8bd97c02289564ab70e3ceb6fa380f9bc97045cc10
69c2b8e06630556f0356093d2679ff3a26a9ce177a8c784ce85a52760a2db3b6
6a74e4deb1779d184febfd8928a08419349330126c8c2ef38e17a969b4b045a2
6c6b82786ae36c0b4512b321ec50774da0fefce90f0780626626dacd02c2adc2
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ab8403dd5642b96dfd2150110161320ceadd05b409cdde26d4e7fd88cf7a64
8a1eb80f5f98695c0fc997affe786485ca9f001a5f9876cf1b0eb571fdeee26e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94e83bff6be088b567e7addbd6687fae79deba157b1502621b79a22a4b50359c
9d293b66557e42d0aac3288eff3a439ea2b8f92e2e8c5153e05aaa74dcc68217
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3ee664b3de72360fba0c99ad23ab06aa48a477a4735f01c48ba1ff62d0f77f0
a5856c9c316e7eea93dae9809a73c6b6de1a77287f07796e9cc1d3e93031f3e9
a66de9eba4c7751ce415a7542b98cd090a27ba894401b41fdd658b0b635d5981
a797ffe27cf3004afa2e1948fac7becff3b6b090509ed2663c5cb96798dfadfd
aecf03897aa76697c48460efd228a17fc6e2b27b27d52a1289f86caefdd615c2
b73caafe07e92a96b5b2c822556d843550d04d1b0ec4086e26219e7ea527402f
b9c1cf860c4b410fc7b7d45b0bcf53b438ae52c672be3c31506c4651aa3fd9bc
bd37129cd007f3c64258952877e23cb5b3c32f3148a7382ab506d67226c6ea11
c0f8898066da2af9f03e8b74316ede9abeac68b9e08ae155ad1137dfe0ec061c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
d0f0d6681ca67007421854a1297242b9c292537568ccaef5ba6fcf4ff7c02abb
d314b9e72473b1139045cbce9c910af4ef7ac5556556938b1088bda4cef930f1
d567df76cf761277bc6bd5e1491efd5eba4a65545ac6daa2e86dcf88c36eaf38
d7727934fec9b8f51f7351fac6daa9267e5fc6f96586f1d68a91a748d87b2e06
d83cb267cf4ea9f7265d778821629dc1fe1b32b16e31b89d1a468b563dc8d98e
d9c88f79a073d20b95c45373e616360392969c85df8915c8c00431d9b344dd8b
db5970c0447aff2d3c86bc453676c5e64e03bcf6f8f28a37519c7d75505ae2d2
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e04c11a91b3ec170e878127a19cfca7b49ec58a669959b8feb8854ed17f8c2af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b491c55bd3e4dd029d13d439558680c0317378b80b957c7067ef31146a18d3
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
ebb991b4937d6015d8937e8d23f6fa5b315e898a018d1f0972efe59765b754b4
edcb7c9c998fbe2e1eb86a4b15df253cff75dd15691da28aa0c03fb18ef26eed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11e04e7d0e3d09d844033529d61b4edc466df498e5ddbaac005a1cb6e421c5c
f31370dc18a5bde5c672f23d3a2a7f7338305b3b95f1afbcd4b977cda3536865
f4e81fcf84304198e9ff52e47a32250a3db87007dbec4ec4f38f92a47f455f47
f783ef5fbe43e84461dfd206eb85279ea2cda16da6757087d8a54182a5eb5ed2
f91bfad52b9dcf4c4a37e401b0c9a7113a0913d91ccbe6b0085da293a85a3cd7
f989ce2262365b7cb0c5b8362f12827f39698003ae4fa27c53d0e6b76133dce8
fc306ad03e79f14ca1a1a484d4e790b839ac0661246015e05c9ae575ec1b09f7
fe096c790499d932405717a02846b718753c74941bfa16004f3ded58d2b0912e