www.jazzcafefm.com
Open in
urlscan Pro
149.56.7.141
Malicious Activity!
Public Scan
Effective URL: http://www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login.php?.portal
Submission: On April 04 via automatic, source phishtank
Summary
This is the only time www.jazzcafefm.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Regions Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
34 | 149.56.7.141 149.56.7.141 | 16276 (OVH) (OVH) | |
1 | 209.18.104.20 209.18.104.20 | 14492 (DATAPIPE) (DATAPIPE - DataPipe) | |
8 | 2a00:1450:400... 2a00:1450:400f:803::2003 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
6 | 216.250.63.1 216.250.63.1 | 22758 (SAPIENT-DCO) (SAPIENT-DCO - Sapient Corporation) | |
2 | 34.194.85.81 34.194.85.81 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
11 | 205.255.32.10 205.255.32.10 | 10801 (REGIONS-A...) (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION) | |
1 | 193.0.160.185 193.0.160.185 | 54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.) | |
1 | 104.111.245.98 104.111.245.98 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 72.246.168.16 72.246.168.16 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 31.186.231.25 31.186.231.25 | 15570 (Internap ...) (Internap European Autonomous System) | |
71 | 11 |
ASN14492 (DATAPIPE - DataPipe, Inc., US)
PTR: grandsport.cwihosting.com
regionsbank.mpeasylink.com |
ASN22758 (SAPIENT-DCO - Sapient Corporation, US)
PTR: ads.bridgetrack.com
ads.bridgetrack.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-85-81.compute-1.amazonaws.com
nexus.ensighten.com |
ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US)
PTR: www.regions24.com
www.regions.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-245-98.deploy.static.akamaitechnologies.com
secure.insightexpressai.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a72-246-168-16.deploy.akamaitechnologies.com
sec-ads.bridgetrack.com |
ASN15570 (Internap European Autonomous System, GB)
PTR: statse.webtrendslive.com
statse.webtrendslive.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
jazzcafefm.com
www.jazzcafefm.com |
1 MB |
11 |
regions.com
www.regions.com |
597 KB |
8 |
gstatic.com
fonts.gstatic.com |
118 KB |
7 |
bridgetrack.com
ads.bridgetrack.com sec-ads.bridgetrack.com ads-uat.bridgetrack.com Failed |
3 KB |
2 |
webtrendslive.com
statse.webtrendslive.com |
268 B |
2 |
ensighten.com
nexus.ensighten.com |
2 KB |
1 |
insightexpressai.com
secure.insightexpressai.com |
11 B |
1 |
ru4.com
s.xp1.ru4.com |
266 B |
1 |
mpeasylink.com
regionsbank.mpeasylink.com |
1 KB |
71 | 9 |
Domain | Requested by | |
---|---|---|
34 | www.jazzcafefm.com |
www.jazzcafefm.com
|
11 | www.regions.com |
www.jazzcafefm.com
|
8 | fonts.gstatic.com |
www.jazzcafefm.com
|
6 | ads.bridgetrack.com |
www.jazzcafefm.com
|
2 | statse.webtrendslive.com |
www.jazzcafefm.com
|
2 | nexus.ensighten.com |
www.jazzcafefm.com
|
1 | sec-ads.bridgetrack.com |
www.jazzcafefm.com
|
1 | secure.insightexpressai.com |
www.jazzcafefm.com
|
1 | s.xp1.ru4.com |
www.jazzcafefm.com
|
1 | regionsbank.mpeasylink.com |
www.jazzcafefm.com
regionsbank.mpeasylink.com |
0 | ads-uat.bridgetrack.com Failed |
www.jazzcafefm.com
sec-ads.bridgetrack.com |
71 | 11 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mpeasylink.com RapidSSL SHA256 CA - G3 |
2015-09-22 - 2017-09-24 |
2 years | crt.sh |
*.google.com Google Internet Authority G2 |
2017-03-22 - 2017-06-14 |
3 months | crt.sh |
www.regions.com Symantec Class 3 EV SSL CA - G3 |
2017-01-09 - 2018-03-11 |
a year | crt.sh |
s.xp1.ru4.com DigiCert SHA2 Secure Server CA |
2015-10-19 - 2018-10-23 |
3 years | crt.sh |
*.bridgetrack.com Symantec Class 3 Secure Server CA - G4 |
2016-10-25 - 2017-12-24 |
a year | crt.sh |
ads.bridgetrack.com thawte DV SSL CA - G2 |
2016-09-13 - 2017-10-09 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
http://www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login.php?.portal
Frame ID: 30998.1
Requests: 66 HTTP requests in this frame
Frame:
http://www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/mpel_storage.htm
Frame ID: 30998.2
Requests: 1 HTTP requests in this frame
Frame:
https://www.jazzcafefm.com/mpel/mpel_storage.html?cmd=getpref&href=http%3A%2F%2Fwww.jazzcafefm.com%2Fmodules%2Fcommenting%2Fregqu%2Fab290a346c088d88ccd4e111b03b96a4%2Fregions%2Flogin.php%3F.portal
Frame ID: 30998.4
Requests: 1 HTTP requests in this frame
Frame:
https://regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=http%3A%2F%2Fwww.jazzcafefm.com%2Fmodules%2Fcommenting%2Fregqu%2Fab290a346c088d88ccd4e111b03b96a4%2Fregions%2Flogin.php%3F.portal&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false
Frame ID: 30998.6
Requests: 1 HTTP requests in this frame
Frame:
http://ads-uat.bridgetrack.com/site/rtgt.asp?BU=167&ref=http%3A//www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/%3F7777772e6a617a7a63616665666d2e636f6d&p=http%3A//www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login.php&qs=.portal&r=0.5478610608750403
Frame ID: 30998.7
Requests: 1 HTTP requests in this frame
Frame:
http://ads-uat.bridgetrack.com/site/rtgt.asp?BU=167&ref=http%3A//www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/%3F7777772e6a617a7a63616665666d2e636f6d&p=http%3A//www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login.php&qs=.portal&r=0.14901538225046473
Frame ID: 30998.8
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/?7777772e6... Page URL
- http://www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login.php?... Page URL
Page Statistics
95 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Personal (Current section)
Search URL Search Domain Scan URL
Title: Small Business
Search URL Search Domain Scan URL
Title: Commercial
Search URL Search Domain Scan URL
Title: Wealth
Search URL Search Domain Scan URL
Title: Insights
Search URL Search Domain Scan URL
Title: Open an Account
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: En Español
Search URL Search Domain Scan URL
Title: 1PlanPlus- Participant
Search URL Search Domain Scan URL
Title: Collections
Search URL Search Domain Scan URL
Title: My Mortgage
Search URL Search Domain Scan URL
Title: My Student Loan
Search URL Search Domain Scan URL
Title: Regions Online Banking
Search URL Search Domain Scan URL
Title: Trust Online
Search URL Search Domain Scan URL
Title: iTreasury
Search URL Search Domain Scan URL
Title: Quick Deposit
Search URL Search Domain Scan URL
Title: Regions Liquidity Manager
Search URL Search Domain Scan URL
Title: ACH Alert
Search URL Search Domain Scan URL
Title: Express Trade
Search URL Search Domain Scan URL
Title: Integrated Payables
Search URL Search Domain Scan URL
Title: Image Lockbox
Search URL Search Domain Scan URL
Title: RegionsFX Online
Search URL Search Domain Scan URL
Title: Integrated Receivables
Search URL Search Domain Scan URL
Title: Commercial Check Image
Search URL Search Domain Scan URL
Title: 1PlanPlus - Sponsor
Search URL Search Domain Scan URL
Title: Payroll & HR Services
Search URL Search Domain Scan URL
Title: Business Card Account Manager
Search URL Search Domain Scan URL
Title: Commercial Card
Search URL Search Domain Scan URL
Title: Regions Intersect
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: En Español
Search URL Search Domain Scan URL
Title: Collections
Search URL Search Domain Scan URL
Title: Enroll in Online Banking
Search URL Search Domain Scan URL
Title: Report fraud and email scams
Search URL Search Domain Scan URL
Title: Learn more about DDoS
Search URL Search Domain Scan URL
Title: Find out how we protect you
Search URL Search Domain Scan URL
Title: Learn more about online fraud
Search URL Search Domain Scan URL
Title: Forgot Online ID or Password?
Search URL Search Domain Scan URL
Title: Full Site Login
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Checking
Search URL Search Domain Scan URL
Title: Mortgages
Search URL Search Domain Scan URL
Title: Savings
Search URL Search Domain Scan URL
Title: Personal Loans
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Auto Loans / Car Buying
Search URL Search Domain Scan URL
Title: Debit & Prepaid Cards
Search URL Search Domain Scan URL
Title: Rewards
Search URL Search Domain Scan URL
Title: Now Banking & Cash Solutions
Search URL Search Domain Scan URL
Title: Priority Banking
Search URL Search Domain Scan URL
Title: More Bank Products ...
Search URL Search Domain Scan URL
Title: Last-Minute Ways to Save Money on Your Federal Tax Return Checklist
Search URL Search Domain Scan URL
Title: Money Market
Search URL Search Domain Scan URL
Title: CDs
Search URL Search Domain Scan URL
Title: IRA Solutions
Search URL Search Domain Scan URL
Title: Investment Services
Search URL Search Domain Scan URL
Title: Setup a Savings Goal
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Understanding Your Income Tax Filing Options Article
Search URL Search Domain Scan URL
Title: Home Equity
Search URL Search Domain Scan URL
Title: Unsecured Loans & Lines of Credit
Search URL Search Domain Scan URL
Title: Secured Loans & Lines of Credit
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Student Loans
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: How to Prepare for the Loan Application Process Article
Search URL Search Domain Scan URL
Title: Individual Insurance
Search URL Search Domain Scan URL
Title: Property Insurance
Search URL Search Domain Scan URL
Title: Vehicle Insurance
Search URL Search Domain Scan URL
Title: Life Insurance
Search URL Search Domain Scan URL
Title: Overdraft Protection
Search URL Search Domain Scan URL
Title: Safe Deposit Box
Search URL Search Domain Scan URL
Title: More Insurance Products ...
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Car Insurance: Protecting Yourself from the Unexpected Article
Search URL Search Domain Scan URL
Title: Open an Account
Search URL Search Domain Scan URL
Title: Life Stages
Search URL Search Domain Scan URL
Title: Personal Finances
Search URL Search Domain Scan URL
Title: Retirement
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Auto
Search URL Search Domain Scan URL
Title: Financial Hardship
Search URL Search Domain Scan URL
Title: Personal Calculators
Search URL Search Domain Scan URL
Title: About Regions
Search URL Search Domain Scan URL
Title: Investor Relations
Search URL Search Domain Scan URL
Title: Privacy & Security
Search URL Search Domain Scan URL
Title: Website Terms of Use
Search URL Search Domain Scan URL
Title: Economic Reports
Search URL Search Domain Scan URL
Title: Property for Sale
Search URL Search Domain Scan URL
Title: Online Tracking and Advertising
Search URL Search Domain Scan URL
Title: + Feedback opens in a new window.
Search URL Search Domain Scan URL
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Title: Make an Appointment
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/?7777772e6a617a7a63616665666d2e636f6d Page URL
- http://www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login.php?.portal Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request 0- http://www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/
- http://www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/?7777772e6a617a7a63616665666d2e636f6d
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=sapient&ttd_puid=Cn.Un.Dc.tdid.27878&ttd_tpi=1
- https://ads.bridgetrack.com/cpb/?tdid=1fab89d5-337a-412c-8f4f-5f8d713ab2cc&pid=Cn.Un.Dc.tdid.27878
- http://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?&dcsdat=1491340744049&dcssip=www.jazzcafefm.com&dcsuri=/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/logi...
- http://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1491340744049&dcssip=www.jazzcafefm.com&dcsuri=/modules/commenting/regqu/ab290a346c08...
71 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/ Redirect Chain
|
304 B 241 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login.php
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/ |
121 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.jazzcafefm.com/ |
277 B 277 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mpel_ssd.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mpel
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
641 B 345 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wtid.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
201 B 167 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_bt.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oo_engine.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
63 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mp_linkcode.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adServerESI.aspx
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a0c89dda772866188273c68095d3322c.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3ad2f924086cc5fd52695d72eaed20a9.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
30 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sdk.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
196 KB 196 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
495 B 300 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
com-regions-dotcom.css
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
412 KB 412 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
com-regions-dotcom-libs.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
331 KB 331 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
57 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
regions-logo.png
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
P-BA-NextStep-Beltrans-Pano.jpg
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
97 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exit-notice-image.jpg
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
com-regions-dotcom-application.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
105 KB 105 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
platform.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
39 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.gif
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mpel.js
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mpel_ssd.js
regionsbank.mpeasylink.com/mpel/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
com-regions-dotcom-print.css
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mpel_storage.htm
www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login_files/ Frame 3099 |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ODelI1aHBYDBqgeIAH2zlNV_2ngZ8dMf8fLgjYEouxg.woff2
fonts.gstatic.com/s/sourcesanspro/v9/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toadOcfmlt9b38dHJxOBGEo0As1BFRXtCDhS66znb_k.woff2
fonts.gstatic.com/s/sourcesanspro/v9/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
regions-logo.png
www.jazzcafefm.com/-/media/Images/WebSiteImages/ |
311 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
M2Jd71oPJhLKp0zdtTvoMxgy2Fsj5sj3EzlXpqVXRKo.woff2
fonts.gstatic.com/s/sourcesanspro/v9/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
regions-icons-cfdc07a0645a1f57255d8c28d7d0f77d.woff
www.jazzcafefm.com/rdcresources/content/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toadOcfmlt9b38dHJxOBGCOFnW3Jk0f09zW_Yln67Ac.woff2
fonts.gstatic.com/s/sourcesanspro/v9/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
ads.bridgetrack.com/ads_v2/json/ |
2 KB 910 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/regions/regions-prod/ |
346 B 257 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mpel_storage.html
www.jazzcafefm.com/mpel/ Frame 3099 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpTVHK8qsXbIeTHTrnQH6Nnl6YROR5rHLkdLoHwoOWA.woff2
fonts.gstatic.com/s/sourcesanspro/v9/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
P-BA-NextStep-Beltrans-Pano.jpg
www.regions.com/-/media/Images/DotCom/Ads/Panos/ |
97 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toadOcfmlt9b38dHJxOBGOode0-EuMkY--TSyExeINg.woff2
fonts.gstatic.com/s/sourcesanspro/v9/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watercolor-gray.jpg
www.jazzcafefm.com/-/media/Images/WebSiteImages/ |
314 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watercolor-insights.jpg
www.jazzcafefm.com/-/media/Images/WebSiteImages/ |
318 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0AKsP294HTD-nvJgucYTaI4P5ICox8Kq3LLUNMylGO4.woff2
fonts.gstatic.com/s/droidserif/v6/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
P-SI-MyGreenInsights-Pano.jpg
www.regions.com/-/media/Images/DotCom/Ads/Panos/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
P-BA-CC-Consumer.jpg
www.regions.com/-/media/Images/DotCom/Ads/Panos/ |
82 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
P-I-Regions_Insurance-Pano.jpg
www.regions.com/-/media/Images/DotCom/Ads/Panos/ |
97 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpTVHK8qsXbIeTHTrnQH6MAjkyiewWYrWZc50I8hK7I.woff2
fonts.gstatic.com/s/sourcesanspro/v9/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
regions-icons-cfdc07a0645a1f57255d8c28d7d0f77d.ttf
www.jazzcafefm.com/rdcresources/content/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a0c89dda772866188273c68095d3322c.js
nexus.ensighten.com/regions/regions-prod/code/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
64993232
s.xp1.ru4.com/wsb/24751/poe/ |
266 B 266 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
GetInsightsAsync
www.regions.com/api/sitecore/Base/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mpel_storage.html
regionsbank.mpeasylink.com/mpel/ Frame 3099 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
P-BA-CheckCashing-Pano.jpg
www.regions.com/-/media/Images/DotCom/Ads/Panos/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
P-SI-TaxSlayer-Pano.jpg
www.regions.com/-/media/Images/DotCom/Ads/Panos/ |
67 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
P-BA-AvantUnsecuredLoanLaunch-Pano.jpg
www.regions.com/-/media/Images/DotCom/Ads/Panos/ |
94 KB 94 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
P-I-Insurance_Auto-Pano-973x550.jpg
www.regions.com/-/media/Images/DotCom/Ads/Panos/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
P-BA-CheckCashing-Mobile.jpg
www.regions.com/-/media/Images/DotCom/Ads/Mobile/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
adServerESI.aspx
secure.insightexpressai.com/adServer/ |
11 B 11 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mp_linkcode.js
www.jazzcafefm.com/-/media/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oo_engine.js
www.jazzcafefm.com/-/media/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_bt.js
sec-ads.bridgetrack.com/regions/site/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
ads.bridgetrack.com/cpb/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
ads.bridgetrack.com/event/ |
0 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
ads.bridgetrack.com/event/ |
0 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
ads.bridgetrack.com/event/ |
0 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
ads.bridgetrack.com/event/ |
0 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rtgt.asp
ads-uat.bridgetrack.com/site/ Frame 3099 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.regions.com/~/media/Images/WebSiteImages/ |
3 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wtid.js
statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/ |
201 B 201 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dcs.gif
statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/ Redirect Chain
|
67 B 67 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rtgt.asp
ads-uat.bridgetrack.com/site/ Frame 3099 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.jazzcafefm.com
- URL
- https://www.jazzcafefm.com/mpel/mpel_storage.html?cmd=getpref&href=http%3A%2F%2Fwww.jazzcafefm.com%2Fmodules%2Fcommenting%2Fregqu%2Fab290a346c088d88ccd4e111b03b96a4%2Fregions%2Flogin.php%3F.portal
- Domain
- regionsbank.mpeasylink.com
- URL
- https://regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=http%3A%2F%2Fwww.jazzcafefm.com%2Fmodules%2Fcommenting%2Fregqu%2Fab290a346c088d88ccd4e111b03b96a4%2Fregions%2Flogin.php%3F.portal&siteurl=www.regions.com&lang=en&country=®ion=&sitelist=www.regions.com,regions.com,www.regionstest.com;espanol.regions.com¤cy=&nonMP=false
- Domain
- ads-uat.bridgetrack.com
- URL
- http://ads-uat.bridgetrack.com/site/rtgt.asp?BU=167&ref=http%3A//www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/%3F7777772e6a617a7a63616665666d2e636f6d&p=http%3A//www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login.php&qs=.portal&r=0.5478610608750403
- Domain
- ads-uat.bridgetrack.com
- URL
- http://ads-uat.bridgetrack.com/site/rtgt.asp?BU=167&ref=http%3A//www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/%3F7777772e6a617a7a63616665666d2e636f6d&p=http%3A//www.jazzcafefm.com/modules/commenting/regqu/ab290a346c088d88ccd4e111b03b96a4/regions/login.php&qs=.portal&r=0.14901538225046473
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Regions Bank (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.jazzcafefm.com/ | Name: REGIONS_dmp_data Value: |
|
www.jazzcafefm.com/ | Name: Regions_SessionId Value: eacc8ce8-03b9-4d0e-8ee7-0e3d1c9c5c84 |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads-uat.bridgetrack.com
ads.bridgetrack.com
fonts.gstatic.com
nexus.ensighten.com
regionsbank.mpeasylink.com
s.xp1.ru4.com
sec-ads.bridgetrack.com
secure.insightexpressai.com
statse.webtrendslive.com
www.jazzcafefm.com
www.regions.com
ads-uat.bridgetrack.com
regionsbank.mpeasylink.com
www.jazzcafefm.com
104.111.245.98
149.56.7.141
193.0.160.185
205.255.32.10
209.18.104.20
216.250.63.1
2a00:1450:400f:803::2003
31.186.231.25
34.194.85.81
72.246.168.16
042c74f249e1a4d36c9eebe70730d0ec8c32d3a5e65d01146c49a05caf9ed1b5
0643f7d70efae7a4ea0c51ffe076746040c43e006f343b22f4e9fc01dd9a859f
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b1dd42ccd2f5da83fa717b15fdd9f91879436b84a15d95340fc7ed5c2bc0269
0c1e461d035c66453e1dbf3d82444f597cb717c8dc48fb93574ec5c46988bd6d
0fb49e68a8d6df54be4527f5c0f5f4a42469cde88c98aa2066b30e320ce5646b
12bf0189596f319803b25af289d05739cd8eb803c1222569d4c238c96e11c6d6
17009e546336a9f87923bcafb58d2d74738511c57f4cfc4de63a0842273bf358
1a95badc08844af1a5d383f47734d6966d1333bcaad50176a2c67e6a5ea8a9f9
2286bce1622994bddf5c61ec0ed2c847f9aa54114fa5432e898bb8142628a78c
241978a83ef720fd79c461ac9cba49bab169647be0a620e0ca9d8a3fa0a1f89f
2ecdc3f449a16b2c53fdda27f502057204a0238d78caa9d763352ce6f9d6e3de
30a25e268b8f2837d7cf52f73a8a7f7aaa8d0fb618d89d00e6f685a83d1e9595
326ea2d1c5987f9f2c7ee75349b1dbca921ee1d4041a9c9d8e5c37d0c951d3c6
334edfbf00ad918aebbf33d4ea9365ce1f41afc3346c9f2ba7edd127d6b30f6c
3ff06704cc97693ee1240ea2e418793d5b6323cbe7aa8dc0f5ec91b898a4b6de
419edc28725c04d4a362c8aa7a5fb9717725936325d696ec033d86d599c34c89
488b142355979d198684d92240fbdc7c060229939934a5f7a4a112b6aef8587e
493069acc8ab11f745c3d0508e6ebc4317b674f1b131b1a85e7c65ca0c2a1161
4e4da3ae24f5934f0037269ccd634d547d7543cfcd318963ef970e6bbf1d823a
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa
62d136331dd966599b86ab88a1dcd63bd01c2f8d0108847af3a050a26bc34f93
63b98a0c8568c08fd01a6946a147bca65eff26c8085f1ccb5330aafe0f0dcd15
688d75a5872299899e7bb3fd8ad20cb78dff9808c3afb14745aa9f385d16389c
6a68dc1e48d62f2f8a6835cd71c4bd54abaae763a6dd6b86cb73dbcbf10941d5
724d6c75b4b7b300f6a6eb62313bcfa89f5aa8429a44d06ac69c6a0d8f0bc8a4
745896c11b2084f525ac7bff25ea122745dc5792449312c02d1e9650db6f8a98
764078c36cc2c3ff568fe3a118cd41602f3c98685bc27abab7708f0698718c63
82dcc597449587a5e213f69cd7f089210242c391941173dbd2b2341076296ca8
895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0
8c79ce2c2cf7ecd323fe0b08bd21ea9a612a5a3ced0ef41645c21f10aa7530b1
94347a19bcc022cf2b08749e78ffd1708ca23fbeeda72bf102363ca24eaf94a7
9a313f5a12d8d7dbc2bc21defbde9121d8fa8825a3608391ee11c6c24d7c334c
9ae563ce3f0f4d235841bb48dcde832548f3aecc7891855b62038f3dbb1deda8
9b040fb263b4a0ec3d3e11700f59c27dd44afb9c96a5e56bfd014a78e8b88638
a4fac6d6f6782da9cfe8d8c756d89953e2e1ca6a5340724385b948e083bbf569
a531de76daaf768460649dcdd84cfba027eddd8ba77ea0dd3d555de57c995c91
a65c6970a0dc04c60bf0103429ab3fd31f57706f43148496e8d240a1e703a026
baf5529d71ecbefe3894b83af9d8e281106e729cd988fe1a08056d71f8336f15
bcb101f1a6b99f98aa8cb6bffc697f3ab426bb3983366ccdda5e5fa157b56d57
be56d2e87832bf65a3a9721922283c963ed97389973ed3210c73e8d069af0782
c28bdadd62efc25e709a60d664e8d102a761095eb3523bcef76f51d60be3686c
c80bd409082fa004379bffb0424d54b48fcda7ab7cb714db162f258fcaceb383
c87f0bd6e28fad326ce4525ea1d05210d3fb528f7f49bc39c9bac15107681c71
ce8eb1e06da6c9ad054594fbfe9df2bd4339f6b8fe9d4b69b144f11c116bc7b5
dafa769a6ba3f7eae752fb21c1cf3c726150e9be2ebcd26dfe7f47e0fcf48164
dc3bc9cc0d7e03dd322d0b6e44970594f7a173444a55d128c7d2f170f5bbe95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e980251bfbf9366011de290960b1bb54b665a60bace2aa1bc80c344b157303da
ef9ba31d511766efc2f207e993c8a1286ccddcf236fe5910ebbd70b38d324ecd
f51d5e6454326b4c4af313f023c469e69e86078b027538b3413326aa77e7a1af
f9edb58827cc53fdbdac6c8d37c1df6db79551dd4fe066b3ccff1491a7b4766f
fa349c0311e9143beb054780e9b16ab9c0a59d9ab17de618bf96c15f52576864
fef4124b114417b7036cae2e9211c663b31f08bcf906a2f351c46402f2ff7fbf