healthinsureusa.com Open in urlscan Pro
2606:4700:30::6818:60e9  Malicious Activity! Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set login.php Show response healthinsureusa.com/wp-admin/network/abusalita/	360 KB 87 KB	259ms 245ms	Document text/html	2606:4700:30::6818:60e9 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Server 2606:4700:30::6818:60e9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/7.0.33 Resource Hash 0761bca2ca4655681613e221b9042a0d2c222d328589e94bace43f28444e59b0 Request headers Host healthinsureusa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:30:31 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d445d4e51e093e8c0203018098349cdf31565832631; expires=Fri, 14-Aug-20 01:30:31 GMT; path=/; domain=.healthinsureusa.com; HttpOnly X-Powered-By PHP/7.0.33 Cache-Control max-age=600 Expires Thu, 15 Aug 2019 01:40:30 GMT Vary Accept-Encoding,User-Agent Server cloudflare CF-RAY 50676758dee527ae-FRA Content-Encoding gzip
GET H/1.1	200 OK	absa.css ib.absa.co.za/absa-online/static/style/	125 KB 20 KB	8607ms 402ms	Stylesheet text/css	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash cf413eadb145d61e5ff5bcdc011bdb3955623cf4b1df69b5b25a1eeece7cf307 Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:18 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type text/css Keep-Alive timeout=10, max=20 Expires Sun, 15 Sep 2019 01:08:18 GMT
GET H/1.1	200 OK	login.css ib.absa.co.za/absa-online/static/style/	3 KB 1 KB	8803ms 196ms	Stylesheet text/css	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/style/login.css?v=0.1.0-2019-08-08-13-08-34 Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 50a67bf5b7e45c9779dd68140dff2c87c9877e8984bc64d845e99d4e6b58786d Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:18 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type text/css Keep-Alive timeout=10, max=19 Expires Sun, 15 Sep 2019 01:08:18 GMT
GET H/1.1	200 OK	jcaptcha.css ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/jcaptcha/	1 KB 907 B	9002ms 196ms	Stylesheet text/css	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/jcaptcha/jcaptcha.css?v=0.1.0-2019-08-08-13-08-34 Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash c66a747ea5c78d9a59e00f76f285ea5367ad6e9b5285f1aad18ec87572bf8ceb Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:18 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type text/css Keep-Alive timeout=10, max=18 Expires Sun, 15 Sep 2019 01:08:18 GMT
GET H/1.1	200 OK	backbase.js Show response ib.absa.co.za/absa-online/static/lib/bcf/4_4_9_1/engine/	256 KB 74 KB	9246ms 243ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/lib/bcf/4_4_9_1/engine/backbase.js Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 42073c1b1763c111523ed6f46b0eb0461c9fed9989f524437a6e099c9bf92267 Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:18 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=17 Expires Sun, 15 Sep 2019 01:08:18 GMT
GET H/1.1	200 OK	absa-all-base.js Show response ib.absa.co.za/absa-online/static/script/	477 KB 102 KB	9893ms 254ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa-all-base.js?v=0.1.0-2019-08-08-13-08-34 Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 4ed5e3f5778ea887c6d75f48268f985fb8175f3e18332f0db2f229ea420d5ae5 Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:19 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=16 Expires Sun, 15 Sep 2019 01:08:19 GMT
GET H/1.1	200 OK	login.js Show response ib.absa.co.za/absa-online/static/script/	50 KB 10 KB	10294ms 200ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/login.js?v=0.1.0-2019-08-08-13-08-34 Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 1902ca3cd681fe9cc30cef9b126e6230a184ae6109169ec846b094b330ab3f98 Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:20 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=15 Expires Sun, 15 Sep 2019 01:08:20 GMT
GET H/1.1	200 OK	absa.form.wizardBridge.js Show response ib.absa.co.za/absa-online/static/script/absa/	11 KB 3 KB	10497ms 201ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa/absa.form.wizardBridge.js?v=0.1.0-2019-08-08-13-08-34 Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash cb668e7be80b21d8f1e889ad405f838c19c5f875c3f348e4a307c3af94511307 Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:20 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=14 Expires Sun, 15 Sep 2019 01:08:20 GMT
GET H/1.1	200 OK	absa.n2fa.js Show response ib.absa.co.za/absa-online/static/script/absa/	27 KB 6 KB	10695ms 198ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa/absa.n2fa.js?v=0.1.0-2019-08-08-13-08-34 Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 344c3f945b265d03b175fc02ef8d974be208824ea75e95002b30460bee7bcdc7 Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:20 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=13 Expires Sun, 15 Sep 2019 01:08:20 GMT
GET H/1.1	200 OK	absa.jcaptcha.js Show response ib.absa.co.za/absa-online/static/script/absa/	2 KB 849 B	10895ms 196ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa/absa.jcaptcha.js?v=0.1.0-2019-08-08-13-08-34 Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash ff8cd11b8e42727e514757ffc2167b1e67d59643c764aa58126e17d9112b39c0 Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:20 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=12 Expires Sun, 15 Sep 2019 01:08:20 GMT
GET H/1.1	200 OK	absa.resetPin.js Show response ib.absa.co.za/absa-online/static/script/absa/	7 KB 2 KB	11095ms 199ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa/absa.resetPin.js?v=0.1.0-2019-08-08-13-08-34 Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 6610d4a4b477c3ebbc2165520139b7ca04415f6a434fc9001fe16efb58d6c910 Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:20 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=11 Expires Sun, 15 Sep 2019 01:08:20 GMT
GET H/1.1	200 OK	absa-logo-2018.png ib.absa.co.za/absa-online/static/style/resources/	2 KB 2 KB	1197ms 196ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/absa-logo-2018.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash b90e9d891c1b60bbb442d0c18a93bef607f0c49854a151e204bb66ca409ca1e4 Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:21 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=10 Content-Length 2195 Expires Sun, 15 Sep 2019 01:08:21 GMT
GET H/1.1	200 OK	ao-logo2.png ib.absa.co.za/absa-online/static/style/resources/	10 KB 10 KB	6255ms 392ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/ao-logo2.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 3f596c191ddbe25572cfb3ace361b84724d6dd5ac3a486ed5cbbfde21865163f Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:26 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=20 Content-Length 10395 Expires Sun, 15 Sep 2019 01:08:26 GMT
GET H/1.1	404 Not Found	campaigne_3_pre_golive_EN.jpg healthinsureusa.com/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/	412 B 412 B	244ms 238ms	Image text/html	2606:4700:30::6818:60e9 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://healthinsureusa.com/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3_pre_golive_EN.jpg Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security , , Server 2606:4700:30::6818:60e9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e5814f36bb379381c6cd1643e10b0769016d215ccbb71bdb243e73b2083beebf Request headers Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:30:42 GMT Content-Encoding gzip CF-Cache-Status EXPIRED Server cloudflare Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1 Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5067679fdb13649d-FRA Expires Thu, 15 Aug 2019 05:30:42 GMT
GET H/1.1	200 OK	campaigne_1_ENG.png ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/Images/	45 KB 46 KB	5644ms 201ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/Images/campaigne_1_ENG.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash cb45d428c00e88ea0e73eca797ebb0222173c4bb22a86935a4d94137695a42ef Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 15 Aug 2019 01:08:26 GMT X-Frame-Options SAMEORIGIN Content-Language en-US Cache-Control no-cache, no-store Transfer-Encoding chunked Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=19 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	campaigne_3_pre_golive_EN.jpg ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/	39 KB 40 KB	6245ms 209ms	Image image/jpeg	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3_pre_golive_EN.jpg Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 920b0e3cc67ecdf192da918b8b432120d31f6a777c0bd9a030a1bd00b1076fb9 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer http://healthinsureusa.com/wp-admin/network/abusalita/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 15 Aug 2019 01:08:27 GMT X-Frame-Options SAMEORIGIN Content-Language en-US Cache-Control no-cache, no-store Transfer-Encoding chunked Connection Keep-Alive Content-Type image/jpeg Keep-Alive timeout=10, max=18 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	main-navigation-rounded-2018.gif ib.absa.co.za/absa-online/static/style/resources/	100 B 401 B	6633ms 195ms	Image image/gif	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/main-navigation-rounded-2018.gif Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 9f8e9f22e07c69671b529f27fbd307da8409f499fc844e686a1efe81aa74de45 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:27 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/gif Keep-Alive timeout=10, max=17 Content-Length 100 Expires Sun, 15 Sep 2019 01:08:27 GMT
GET H/1.1	200 OK	sprite-titlebar-no-gradients-2018.png ib.absa.co.za/absa-online/static/style/resources/	621 B 922 B	6833ms 199ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/sprite-titlebar-no-gradients-2018.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash a0bfd5bef65c754b35599a259b2aa7373857a385802d705f090ea4fef18470be Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:27 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=16 Content-Length 621 Expires Sun, 15 Sep 2019 01:08:27 GMT
GET H/1.1	200 OK	sprite-dividers.gif ib.absa.co.za/absa-online/static/style/resources/	289 B 589 B	1746ms 195ms	Image image/gif	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/sprite-dividers.gif Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash c27aee2360a4554999091c3f4acbe28c3e0badb1484d2aee914e1d8b4f7ace1f Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:22 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/gif Keep-Alive timeout=10, max=2 Content-Length 289 Expires Sun, 15 Sep 2019 01:08:22 GMT
GET H/1.1	200 OK	sprite-corners-rounded.png ib.absa.co.za/absa-online/static/style/resources/	246 B 546 B	1941ms 195ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/sprite-corners-rounded.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 6a1423dcdc9a531df9d5dfc5a1ea720eec868eda0a56e1580a0c71c69e79b8fe Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:22 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=1 Content-Length 246 Expires Sun, 15 Sep 2019 01:08:22 GMT
GET H/1.1	200 OK	gadget-bg.png ib.absa.co.za/absa-online/static/style/resources/	23 KB 24 KB	360ms 196ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/gadget-bg.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 1a26395eab756d476a44492edba11fbb4dfe44d42ed1599f04fdef5ea18ac954 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:21 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=9 Content-Length 23889 Expires Sun, 15 Sep 2019 01:08:21 GMT
GET H/1.1	200 OK	gadget-login-bg.png ib.absa.co.za/absa-online/static/style/resources/	13 KB 13 KB	753ms 196ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/gadget-login-bg.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 3d9062add3a3419de36dac8b09af9960e412c570e256cbe5ca6c0910b30d9aef Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/login.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:21 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=7 Content-Length 13337 Expires Sun, 15 Sep 2019 01:08:21 GMT
GET H/1.1	200 OK	button.png ib.absa.co.za/absa-online/static/style/resources/	491 B 791 B	1154ms 195ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/button.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash ada2e972abcb9493c9b709ce52c1b2122b0320a9ec37d4c5ca13a132dfda11e1 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:22 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=5 Content-Length 491 Expires Sun, 15 Sep 2019 01:08:22 GMT
GET H/1.1	200 OK	buttonArrowWhite.png ib.absa.co.za/absa-online/static/style/resources/	1 KB 1 KB	1550ms 195ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/buttonArrowWhite.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash dbdc69769919eb9de6942ac447a2b029681b71b36c0154e7bee12977063b1f42 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:22 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=3 Content-Length 1150 Expires Sun, 15 Sep 2019 01:08:22 GMT
GET H/1.1	200 OK	keyboard-bg.gif ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/keyboard/	601 B 901 B	556ms 195ms	Image image/gif	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/keyboard/keyboard-bg.gif Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash c24b7f5254d1a8a99f1995f372018b2e199709447f0d979c079648bc96627793 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:21 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/gif Keep-Alive timeout=10, max=8 Content-Length 601 Expires Sun, 15 Sep 2019 01:08:21 GMT
GET H/1.1	200 OK	key-button-long.gif ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/	2 KB 2 KB	1353ms 199ms	Image image/gif	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/key-button-long.gif Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash b2ca32f64e61217bb884ba0bf121a4ab0fba35ebc73d7831bb7eef2b3dd37452 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:22 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/gif Keep-Alive timeout=10, max=4 Content-Length 1575 Expires Sun, 15 Sep 2019 01:08:22 GMT
GET H/1.1	200 OK	keypad-backspace.png ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/	209 B 473 B	2137ms 195ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/keypad-backspace.png Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 1723fd2bd8c98417e8739ab2853cb92dfb0e50113a7a9726d2cceb69d00eea05 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:23 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection close Content-Type image/png Content-Length 209 Expires Sun, 15 Sep 2019 01:08:23 GMT
GET H/1.1	200 OK	key-button.gif ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/	379 B 679 B	959ms 206ms	Image image/gif	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/key-button.gif Requested by Host: healthinsureusa.com URL: http://healthinsureusa.com/wp-admin/network/abusalita/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash d3dbb7567bec3fa266960ee53ee72d534e1834e481ff502a0901fcb32af7ff23 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-08-08-13-08-34 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 01:08:21 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/gif Keep-Alive timeout=10, max=6 Content-Length 379 Expires Sun, 15 Sep 2019 01:08:21 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ABSA (Banking)

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| SOAPEnvelope function| j1_ object| JSONRequest function| JSONRequestError object| bb object| portal object| gadgets object| absa function| triggerModal4Body function| absaGadgetTemplate undefined| onReturn string| siteEnvironment string| s_account object| s function| s_getObjectID function| s_doPlugins function| getMetaContent function| getProps function| getAllProps function| getFirstProp function| addLoadEvent function| OmnitureContactUs function| OmnitureToolUsage function| OmnitureToolUsageComplete function| CustomerAction function| OmnitureSocialClick string| s_code undefined| s_objectID function| s_gi string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in function| s_onload_0 function| forgotPin function| onFormForgotPinSubmit function| doFormForgotPinSubmit function| resetFormForgotPin function| onForm1Submit function| doSubmitForm1 function| resetForm1 function| backToDSP function| backToFeatureStore function| postToDSP function| getCookie function| setCookie function| postToFS function| postToExpress function| checkEntries2 function| onForm2Submit function| doSubmitForm2 function| onForm2SubmitForgotPassword function| doSubmitForm2ForgotPassword function| doSubmitForm2ForgotPasswordSpecial function| resetForm2 function| onForm3Submit function| doSubmitForm3 function| resetForm3 function| onForm4Submit function| doSubmitForm4 function| onForm5Submit function| doSubmitForm5 function| doLoadNewPasswordAfterUSSD function| showErrorMessage function| hideErrorMessages function| doMoveForm2Focus function| showHideHelp function| showPasswordTips function| changeLang function| getLanguage object| xhtml object| btl function| oldConvert function| oldGetStyle object| phe function| Raphael undefined| mask undefined| borderFrame undefined| oGlobalSlider

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

healthinsureusa.com
ib.absa.co.za
169.202.9.74
2606:4700:30::6818:60e9
0761bca2ca4655681613e221b9042a0d2c222d328589e94bace43f28444e59b0
1723fd2bd8c98417e8739ab2853cb92dfb0e50113a7a9726d2cceb69d00eea05
1902ca3cd681fe9cc30cef9b126e6230a184ae6109169ec846b094b330ab3f98
1a26395eab756d476a44492edba11fbb4dfe44d42ed1599f04fdef5ea18ac954
344c3f945b265d03b175fc02ef8d974be208824ea75e95002b30460bee7bcdc7
3d9062add3a3419de36dac8b09af9960e412c570e256cbe5ca6c0910b30d9aef
3f596c191ddbe25572cfb3ace361b84724d6dd5ac3a486ed5cbbfde21865163f
42073c1b1763c111523ed6f46b0eb0461c9fed9989f524437a6e099c9bf92267
4ed5e3f5778ea887c6d75f48268f985fb8175f3e18332f0db2f229ea420d5ae5
50a67bf5b7e45c9779dd68140dff2c87c9877e8984bc64d845e99d4e6b58786d
6610d4a4b477c3ebbc2165520139b7ca04415f6a434fc9001fe16efb58d6c910
6a1423dcdc9a531df9d5dfc5a1ea720eec868eda0a56e1580a0c71c69e79b8fe
920b0e3cc67ecdf192da918b8b432120d31f6a777c0bd9a030a1bd00b1076fb9
9f8e9f22e07c69671b529f27fbd307da8409f499fc844e686a1efe81aa74de45
a0bfd5bef65c754b35599a259b2aa7373857a385802d705f090ea4fef18470be
ada2e972abcb9493c9b709ce52c1b2122b0320a9ec37d4c5ca13a132dfda11e1
b2ca32f64e61217bb884ba0bf121a4ab0fba35ebc73d7831bb7eef2b3dd37452
b90e9d891c1b60bbb442d0c18a93bef607f0c49854a151e204bb66ca409ca1e4
c24b7f5254d1a8a99f1995f372018b2e199709447f0d979c079648bc96627793
c27aee2360a4554999091c3f4acbe28c3e0badb1484d2aee914e1d8b4f7ace1f
c66a747ea5c78d9a59e00f76f285ea5367ad6e9b5285f1aad18ec87572bf8ceb
cb45d428c00e88ea0e73eca797ebb0222173c4bb22a86935a4d94137695a42ef
cb668e7be80b21d8f1e889ad405f838c19c5f875c3f348e4a307c3af94511307
cf413eadb145d61e5ff5bcdc011bdb3955623cf4b1df69b5b25a1eeece7cf307
d3dbb7567bec3fa266960ee53ee72d534e1834e481ff502a0901fcb32af7ff23
dbdc69769919eb9de6942ac447a2b029681b71b36c0154e7bee12977063b1f42
e5814f36bb379381c6cd1643e10b0769016d215ccbb71bdb243e73b2083beebf
ff8cd11b8e42727e514757ffc2167b1e67d59643c764aa58126e17d9112b39c0