bantexfunds.com Open in urlscan Pro
2606:4700:3032::6815:36d2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bantexfunds.com/app/register.php
Effective URL:
https://bantexfunds.com/app/register.php
Submission: On August 02 via api (August 2nd 2024, 9:15:32 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3032::6815:36d2, located in United States and belongs to CLOUDFLARENET, US. The main domain is bantexfunds.com.
TLS certificate: Issued by WE1 on July 18th 2024. Valid for: 3 months.

This is the only time bantexfunds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 27	2606:4700:303... 2606:4700:3032::6815:36d2		13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003		15169 (GOOGLE) (GOOGLE)
30	3

27 2606:4700:3032::6815:36d2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bantexfunds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	bantexfunds.com 1 redirects bantexfunds.com	1 MB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	gstatic.com fonts.gstatic.com	39 KB
30	3

	Domain	Requested by
27	bantexfunds.com	1 redirects bantexfunds.com
3	fonts.googleapis.com	bantexfunds.com
1	fonts.gstatic.com	fonts.googleapis.com
30	3

This site contains no links.

Subject Issuer	Validity	Valid
bantexfunds.com WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bantexfunds.com/app/register.php
Frame ID: A9BCC38A6F02274A85DFAD8504ACF8AD
Requests: 28 HTTP requests in this frame

Frame: https://bantexfunds.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: 9EFC830649FFE8F8E4305CCA5D8B74C5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bantexfunds.com/app/register.php HTTP 307
https://bantexfunds.com/app/register.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

97 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1248 kB
Transfer

3003 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bantexfunds.com/app/register.php HTTP 307
https://bantexfunds.com/app/register.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://bantexfunds.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://bantexfunds.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request register.php Show response
bantexfunds.com/app/
Redirect Chain

http://bantexfunds.com/app/register.php
https://bantexfunds.com/app/register.php

23 KB
6 KB

472ms
419ms

Document
text/html

2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: beb42e27434fbf65b613df8a1a01210e761b933901ad26e45f6c83f6c308d8ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ad115511b989bf5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 02 Aug 2024 21:15:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yi6YczDuAhCgMhE6ktQiTcmA%2BkUsLcyGy7rWQ9D9qUYMvfOxU35byfjQmqHOCpLUBgb5Fp9fraN1ArCOUjDhdotKN1GK1QnIY7a004sJ697orm5NkdY1t1gmjkX%2F%2BCXrpeGXfKGT%2BDTsrzFG2Vs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed

Redirect headers

Location: https://bantexfunds.com/app/register.php
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 datatables.min.css
bantexfunds.com/connections/template/plugins/dataTables/ 24 KB
5 KB 160ms
159ms Stylesheet
text/css 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/plugins/dataTables/datatables.min.css
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfaa3d3c65ffafe1f23c73533b43163338c172ff93a11452c2071329b961f0cb

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 13:36:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTNwM3QurCfCNOI5ulwDTI9Ow4nPHUw3DHLSM%2B1isG%2BOPpU6Z%2Fe5F0d5Iz8rgDYsLnLA9lxHCk%2Ba4ODGgbTld5wKjQ5z1eMiPFvQs5gOG3OsEYZvNoDaxwoIILsiY8DUqYY31H3m0hgFM27yaUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115540f569bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 main.css
bantexfunds.com/connections/template/assets-user/css/ 351 KB
49 KB 161ms
160ms Stylesheet
text/css 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets-user/css/main.css
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6cfe4729ea655c4dc791ed31e784f56a60bd39bf02f3b61d3a920fc482e10e1

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Mar 2020 03:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1787WXEcwVjoRpVWG1E7KfzfAMqAoD6olH8A5D2o6BmKvhKtS5cDPrnv5kIkCet%2FJljgZ%2FZvYxmnyahiHi3JJYgWKYlb%2BXrFJ2GJ1GLdbiqJYbUcqspzpcIADzRuc%2F06ZYVx4FpHYJZSOFevcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115540f579bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 widgets.css
bantexfunds.com/connections/template/assets-user/css/ 21 KB
4 KB 151ms
150ms Stylesheet
text/css 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets-user/css/widgets.css
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e771267009dd28eab2e7a00a828f0f214b8833e5c39074ead4576ca1ff70ae

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Sep 2022 21:00:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycxPSidgpsREDo%2ByOjjdb0r5pLB9p6h3lonDadR%2BM%2BOJAWDFrvypORiKEPx1Pgdjef7npeVvTr4h5TOw0xy%2B3dz0%2Fcw6sEcLeWv8KVtDNIiY2UF6UW7MMNx%2BwjzSljM8IaRdAlGCxJ58EOTXvpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115540f589bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 defaults.css
bantexfunds.com/connections/template/ 820 B
899 B 145ms
144ms Stylesheet
text/css 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/defaults.css
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca2162d5e6a25544dea335ee3503ef9ce28a1d3e46e8579f34f1c2fcdbecf5d

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 08:15:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FmT4xAQMkxjrMLw5CiN1E3NE8Y50Of79YJbnv1QM8gdFDA5ZO1pBMJuJ7dGxrxWR6sxSfJuZBBWSZ5qGjWs9Yi%2F6fHWuh%2FCuuUeKACLdeJBoeIoNUk%2Baa1k9RkuwWUYsFu95qDEdbWg4C310tdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115540f599bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 style.css
bantexfunds.com/connections/template/assets-user/css/ 312 B
727 B 152ms
151ms Stylesheet
text/css 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets-user/css/style.css
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc839676e7cc7115a5a1db1126e4bbe359cedb5a2a7287cefb55dfae8284137e

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 04:47:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lnOihtYhyJzJan4V20DigRBk62GR6oeU9wBkLmhZxsjymnYF7hNQM2ce03SrFLgW7LPi2xGPCxCWTWYrNzg8vhnXAXT%2Ba95No2uB2SK%2F8wIGU%2Bm8n2Fn79sdNrZVxpzVGgLRqG3XEDMcEwnHA4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115540f5b9bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 all.css
bantexfunds.com/connections/template/plugins/font-awesome-5.8.2/css/ 67 KB
13 KB 146ms
145ms Stylesheet
text/css 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/plugins/font-awesome-5.8.2/css/all.css
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 May 2019 20:33:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JoPTsCr4atjn3YcX1N9Yac%2B6ecwN3qt800L5CwABCpw3%2FHdth69YWjRdTqCtdeIZaTBUa5FAa3zawqi4U%2Frypx%2BQ24tVxEfbiwSPZ6Fo%2Fv6wcI8JLI73AoK8j4RDurDDjM69gSkkoJbMqcMBu4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115540f5c9bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 gsdk-bootstrap-wizard.css
bantexfunds.com/connections/template/reg/css/ 23 KB
5 KB 452ms
451ms Stylesheet
text/css 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/reg/css/gsdk-bootstrap-wizard.css
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b743b5a728597bcf6f241a258fa48e70f97a45328b1181c5e16a35ae2c8d8c5d

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 May 2021 22:14:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0t6yPhNbzV2dWMOp1%2FQ3m9CRv4fA7%2BkvuZ6tqAzOSgTif9bIHRS84mxNNhCflla05BvloSklBR5DSVjUJ6y3Tl8Vz6cUZRLzRy3hDSYLCT8I7prtvzcPFnPXRreGdViU%2B%2FF%2BAbS4%2Bk9rNjnARbg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115540f5f9bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:53:01 GMT

GET
H3 200 demo.css
bantexfunds.com/connections/template/reg/css/ 395 B
682 B 449ms
448ms Stylesheet
text/css 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/reg/css/demo.css
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc86a239664b4ec370af4aa91e74a773b4cf54d6cdcc768fbca758a8f4f6e87c

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 May 2021 22:14:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZOLYJjfumFpaS2l%2FJKX4NVL34HA8nrmtk%2BlUlJGTI%2BF0pWPQZkLzyiLruAw2tm5nDENesn21sJv%2B9HLWv%2Bqovv6Li8vDfAZROGM18pAb9ajC2bvFeiWZQBnzy08FzktdAhzL3F%2FCWtm8AZhiOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115540f639bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:53:01 GMT

GET
H3 200 default-avatar.png
bantexfunds.com/connections/template/reg/img/ 3 KB
3 KB 145ms
144ms Image
image/png 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bantexfunds.com/connections/template/reg/img/default-avatar.png
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3301294767c727736499b08ba1666a76b73816c949df755e16eaa36f4b14f06

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
cf-cache-status: HIT
last-modified: Tue, 25 May 2021 22:14:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsUhurI8u7CmNSKDJMiJ1MnXqfUevjAaB%2BljldaAQNdMLgplVQ10A2izrw5335QxI4Ax51ZDan%2F6KWXAWTYIpwn8%2BCz0otgBITCosfXRoPdV105hddx9ticeI%2B8Mn5wgJ%2Bduuus%2BUv4GLNYW5GI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ad115540f649bf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2864
expires: Fri, 09 Aug 2024 10:53:01 GMT

GET
H3 200 jquery-3.3.1.min.js Show response
bantexfunds.com/connections/template/assets-user/js/ 85 KB
31 KB 154ms
153ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets-user/js/jquery-3.3.1.min.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Mar 2020 03:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dn3K08s2z0xyhKKlV%2BARHJCM%2B6OGWQM6l486XhFKdcUuSjls3kusrgvpajhsihrFpAcxk0xbBmcDa7C0enIBffrAqMlK2PHvHeG5JDGMG2IyOHIU%2FSW3YlIjD8WSxEyD0F%2FmmHJjZnXxZbRSoIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115540f669bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 popper.min.js Show response
bantexfunds.com/connections/template/assets-user/js/ 20 KB
8 KB 138ms
137ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets-user/js/popper.min.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549cf842cba3739e48efdb4fb6c06405d0e14a02e274538dcd9eed23f49b9e98

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Mar 2020 03:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bvDuF91PzCz05M5QPUcAwg0pYl8iXvQpssYxt6Mk6MUm4DN97txgT5PF%2F70Z9i%2F%2B8UzOL4Z%2BdkESIO3VhYHp64a%2Fdy3M3Q4SkUBBLxtE92tm3AB4jGkh%2FFEzDPx46OtqgS6dBdOrlhdPrxykdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fb49bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 bootstrap.min.js Show response
bantexfunds.com/connections/template/assets-user/js/ 57 KB
16 KB 154ms
152ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets-user/js/bootstrap.min.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Mar 2020 03:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q87UtWbZkKm12hs7rvJLRxuqwD1SDX%2F08iEszfwJdTKbb12sWhn4F42Haf4ukWOW%2Fh1W7UJcczBIGzh64ZBcwto3J1ZqeF7NT54dywZZifvF3Up4t3GgohRPU1UyGph4kga%2FEBSr6lgXMx6TRSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fb89bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 datatables.min.js Show response
bantexfunds.com/connections/template/plugins/dataTables/ 2 MB
858 KB 649ms
647ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/plugins/dataTables/datatables.min.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745b6096f6b71961baf822de7cbe14034df66d17c3611403f2bd3e617e867ea9

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 13:36:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0lnokpCrevYGRx445FFAHVnbnSeNAdpGHCmW013aPtqEUuc%2BJnDOZihJtN%2FrV8SKEHXtyWe%2F%2FJwgbEjj4sgU1Pb8NzkB4C0j5M0gwbkxtcu6ClUxLP0nWaUT0OI4mXBZeZtC289ohCupY6MxU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fbb9bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 main.js Show response
bantexfunds.com/connections/template/assets-user/js/ 719 B
818 B 134ms
133ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets-user/js/main.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26e0392f990effda79f5a08c078c37b662265958ee431dc140e50a2c8235cda9

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Mar 2020 03:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FCvO%2Bh%2BYzhjungf0WTC08W%2BgV2vijJXjMREoZeJYxXBPtJmGsUg4Dj8D26CQfXymCwbPxgFc73Wr%2Bq7fYzHHQfVbyIR6bzQEtDav678HwclCLmMY9TmWGomFip1P%2FsHs77ft36YfxTHSyvpkQec%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fbd9bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 pace.min.js Show response
bantexfunds.com/connections/template/assets-user/js/plugins/ 12 KB
5 KB 140ms
139ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets-user/js/plugins/pace.min.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0d8568fe6f9d837f664000f1973f22009d776aabb49bd6daf692912825f6e28

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Mar 2020 03:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xWLa%2FHlcunPPBOh3hg1MOmwgXC%2BOr5ZAw7g07v2IrMm0c0QDhthtZ8NZEp4nvLYOuxuWcBu2C%2FsBROamaX68MRDtuzn75%2BkJ5%2ByeJDSQKvmKZThi0HgbJv%2FT01ZDJ5kFkVibC9RpIfLyrjchyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fbf9bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 loader.js Show response
bantexfunds.com/connections/template/assets/js/ 2 KB
1 KB 141ms
140ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets/js/loader.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62fcdab001c80d4d56a3a69f685d4b0e8ecb14dd8165c8d3ecd43d6ab23e5a20

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 21:28:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Py2aRJj4l4f4ktkSRlf6ZsEGYIkWcQxqSaEzsziQWM%2Ffd8q6%2BOTorVC5J1nO3w%2FLoa1%2F%2FQ1cMzd0O%2F%2F%2FP2HOr4OmGwAGRbk7A3fvWHQyk0ulWGwLhdZHkSff8u5ZaG28%2FYTXBnQmUF8VGIEIFwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fc19bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 main.js Show response
bantexfunds.com/connections/template/assets/js/ 2 KB
1 KB 440ms
439ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets/js/main.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55b19a08e711599c4a79fe36086ff67ea25d6a5ed2e2bfcf4fc21cc0b33e363b

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 21:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uneodbmBtKrVIV8pcR3joY9doyOs9jI0CTntv5%2FRzVzr1kw9NINeRzQuExd2I53z%2FLX8yRoLT1CcIhdUH61p7mZACkEULNdIljDVFTeuyzqlG2sVmbdtwVSd4OuFok7WaIa2gAl%2Fflabr2Q6qsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fc29bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:46:23 GMT

GET
H3 200 jquery.bootstrap.wizard.js Show response
bantexfunds.com/connections/template/reg/js/ 9 KB
3 KB 141ms
140ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/reg/js/jquery.bootstrap.wizard.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b96c5df2e2c8239fc77263c79a0d6372069e72e7b231ca130782c530100cb8

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Oct 2023 00:07:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FI6RRSgbXVdylyzpKUdcYxwhg248lYbOQ4AhXeP7pcMvZM2OCKIl5yzfL05y5fZQe53FajhZ8NbDVRhXa04tmnUbA8DU4xRJh%2BTOPLqRCAhjH3GNlLm8SK4ThSJkyLlz%2F0TO3nSxJmhjjj16LQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fc49bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:53:01 GMT

GET
H3 200 gsdk-bootstrap-wizard.js Show response
bantexfunds.com/connections/template/reg/js/ 6 KB
2 KB 435ms
434ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/reg/js/gsdk-bootstrap-wizard.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d1826ef62f801d1cf76cbcec7d1d6e3669d944fe9886ca208f9bd471a793e74

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Oct 2023 00:07:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SmKiyILjZI9bBqXb8W4EZp0MhflUGqbjHzqojqqsvb7rc81FTSLejtzr0%2BTkDHohIFSRkd1w1ErmyI4n%2FH08kw2%2BqC%2FcOKMUnDfVKxvaH72%2Bd1mASeQqDLCDovdF6KUYRM9gRaNqMUNmf%2BMMWFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fc59bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:53:01 GMT

GET
H3 200 jquery.validate.min.js Show response
bantexfunds.com/connections/template/reg/js/ 21 KB
7 KB 136ms
135ms Script
application/javascript 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/reg/js/jquery.validate.min.js
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/app/register.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b02b1fa63d7f46432efefa0c21444e745c51fb2b4c38881779c21a4208414c4b

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Oct 2023 00:07:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAaCFQR%2FsbhO71QLS1THx6%2Fuk55E%2FvQ7W1qAEWP2UAdADRdaqqFK0lnGbFUvLQ0vF9vX3Xllyp7ktwKHXVwrntNDL76N9rAvXJgUq6E1%2BtNgUI%2BegQm7bT1UkiVMciB7nTWc4i9Ux91Kz7XZcRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad115545fc69bf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 10:53:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 75ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,600,700,800

Requested by

Host: bantexfunds.com
URL: https://bantexfunds.com/connections/template/assets-user/css/style.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8d5ed2b1b031eed31ef72c446ed34ea925ec8ffc4605dd217090671492003c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bantexfunds.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 20:43:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Aug 2024 21:15:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
538 B 59ms
23ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,400i,700

Requested by

Host: bantexfunds.com
URL: https://bantexfunds.com/connections/template/assets-user/css/main.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60a6cc4c9b0c5ffcd703d1722e6467d41202cd6652739dc4c7277a600e0ef1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bantexfunds.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 20:57:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Aug 2024 21:15:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 737 B
448 B 56ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Niconne

Requested by

Host: bantexfunds.com
URL: https://bantexfunds.com/connections/template/assets-user/css/main.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12180244abedae8d3eca421bf39b8d97b803f5c48f1e8eea23eaac617321608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bantexfunds.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Aug 2024 21:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 21:10:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Aug 2024 21:15:26 GMT

GET
H3 200 background.jpg
bantexfunds.com/connections/template/reg/img/ 170 KB
170 KB 181ms
180ms Image
image/jpeg 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bantexfunds.com/connections/template/reg/img/background.jpg
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/connections/template/defaults.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3df54764a85888d5291f8167990de0f53f3726790f3ff66a35d372e5de49f0a

Request headers

Referer: https://bantexfunds.com/connections/template/defaults.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:27 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 07:58:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5LD5808CrDTN3is52ID2DKMNhdCesZ2PVIs9JFvCC186e8O7tW4ygPb56PxZvpR0Qve31AZ0oC9mtMw4sVuZm0GlKmKL12YOO2tt4A9AksfI5E6L1g1SB9bZi3gSx1P2o1R%2FxRfFvsBfKRiS%2BaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ad115570b149bf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 173651
expires: Fri, 09 Aug 2024 10:46:24 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 56ms
10ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700,800

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bantexfunds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 17:15:28 GMT
x-content-type-options: nosniff
age: 273599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 17:15:28 GMT

GET
H3 404 verifyy.php Show response
bantexfunds.com/controller/server/ 1 KB
1 KB 178ms
177ms XHR
text/html 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/controller/server/verifyy.php
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/connections/template/assets-user/js/jquery-3.3.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

Accept: */*
Referer: https://bantexfunds.com/app/register.php
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Aug 2024 21:15:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WxHeLX7ZreDUFLT47RltrrUUL7pWdn05vQWdeSBNQxTaYnFk3DvwwXnCMNEnCVdkVdivmTGDJVoKAl79eJKaEhry1jpd4hZQY0i1SZ%2BAjvQDXEq70ASlwHAJB8SnFRaYIMdO7huuzGnX1%2Fi5uxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 8ad1155b78dc9bf5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
bantexfunds.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame 9EFC
Redirect Chain

https://bantexfunds.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://bantexfunds.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

8 KB
4 KB

49ms
44ms

Script
application/javascript

2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bantexfunds.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

Protocol

H3

Server

2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9d5fa9af75a3291b45619a6d6104945c50db687d27b4cc7ccce0ec48296bd77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6QdTMdMfZMYpyRXLTdnz2vlFhJUIyUraahfaUIP9OugmHHXvpZ99AZc1rJ6asUrsbo8u3GNDo%2Bxk5UwSmPlOxxD3cq6RJdDsLrumrzsjaBKIz8f1Ty3dyErNKLBbqz4iepgqg%2FJWlQHF7gHvfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ad1155bc9419bf5-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 02 Aug 2024 21:15:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncnnIkxByCCuT%2BjHWIQ8clYK9b1rHcGyg5EJmr4wW5qEOJdO6PsCN%2B3pr%2BN2GViDsM6VeHv3gI81bSYn0YYXoXsY5OLZLSQSYlGPwf8eZF%2BFfArRFgeXA32nrKjSz%2BverfogF2stECyjJBZMDqg%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ad1155b99009bf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 0a7b8575f81e6d28645879810e6f43a9.png
bantexfunds.com/connections/template/assets/logo/ 10 KB
11 KB 439ms
438ms Other
image/png 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/connections/template/assets/logo/0a7b8575f81e6d28645879810e6f43a9.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e69857e78332fc032a513db219bf47a5f69f620b102f5620c446a2b6091c46

Request headers

Referer: https://bantexfunds.com/app/register.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 21:15:28 GMT
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2024 13:24:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qm0gq%2B5mHB6RGlYT4HE2L%2BFO9SlL6o9qLx%2BPeqg%2FQ7Cg27QZ7urGndyMA1vwxrs9KpWE5lGIbNX%2BVoDpOq8d4A67017v0dT89Ylq1NlFIEdagc%2FewZe%2BzxdBDOF7vxdDwAzCx%2BdA55drqbfDd%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ad1155ba91d9bf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10417
expires: Wed, 07 Aug 2024 10:25:03 GMT

POST
H3 200 8ad115511b989bf5 Show response
bantexfunds.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9EFC 0
691 B 37ms
33ms XHR
text/plain 2606:4700:3032::6815:36d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bantexfunds.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ad115511b989bf5
Requested by: Host: bantexfunds.com
URL: https://bantexfunds.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:36d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Aug 2024 21:15:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZtz8tQouVwgewoOnfuuQ84dc%2Bnuv7k9vHRNb6ylQc2PA3nVoMRrWystg5okNfqSvIP6J1Nz%2Bz%2FtL8qjurmNGxsCeTfWv%2B%2Fbmca5Upv0FsUI410oj884i8GccAWFhpQAX3wHAPQB7X6msE7hD6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8ad1155d1ad79bf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| Popper object| bootstrap object| $jscomp function| $jscomp$lookupPolyfilledValue function| JSZip function| setImmediate function| clearImmediate object| __core-js_shared__ object| pdfMake function| createPdf function| DataTable object| Pace function| readURL function| refreshAnimation function| debounce boolean| transparent number| $width number| $display_width string| $first_li object| $moving_div number| total_steps number| step_width object| $element string| button_text

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bantexfunds.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 38oap88okjm2lpnohitf16sgg4
			.bantexfunds.com/	1970-01-21 07:16:09	Name: cf_clearance Value: ilL4GdaztCC8tK0wD_cUwu9ZuMXLf31yVdGK7QvvqhA-1722633328-1.0.1.1-bizAm6Cxqaw6HiBgs7FyhbAesLuE1VTaaHCynzMh7BqE6li5FlllVd2B5r0UhRncvYIaHKXkl1i33bIh2TeueA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://bantexfunds.com/app/register.php Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://bantexfunds.com/controller/server/verifyy.php Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bantexfunds.com
fonts.googleapis.com
fonts.gstatic.com
2606:4700:3032::6815:36d2
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
26e0392f990effda79f5a08c078c37b662265958ee431dc140e50a2c8235cda9
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
549cf842cba3739e48efdb4fb6c06405d0e14a02e274538dcd9eed23f49b9e98
55b19a08e711599c4a79fe36086ff67ea25d6a5ed2e2bfcf4fc21cc0b33e363b
60a6cc4c9b0c5ffcd703d1722e6467d41202cd6652739dc4c7277a600e0ef1ac
62fcdab001c80d4d56a3a69f685d4b0e8ecb14dd8165c8d3ecd43d6ab23e5a20
6ca2162d5e6a25544dea335ee3503ef9ce28a1d3e46e8579f34f1c2fcdbecf5d
6d1826ef62f801d1cf76cbcec7d1d6e3669d944fe9886ca208f9bd471a793e74
745b6096f6b71961baf822de7cbe14034df66d17c3611403f2bd3e617e867ea9
a3df54764a85888d5291f8167990de0f53f3726790f3ff66a35d372e5de49f0a
a8d5ed2b1b031eed31ef72c446ed34ea925ec8ffc4605dd217090671492003c1
b02b1fa63d7f46432efefa0c21444e745c51fb2b4c38881779c21a4208414c4b
b743b5a728597bcf6f241a258fa48e70f97a45328b1181c5e16a35ae2c8d8c5d
bc839676e7cc7115a5a1db1126e4bbe359cedb5a2a7287cefb55dfae8284137e
beb42e27434fbf65b613df8a1a01210e761b933901ad26e45f6c83f6c308d8ab
c0b96c5df2e2c8239fc77263c79a0d6372069e72e7b231ca130782c530100cb8
c0d8568fe6f9d837f664000f1973f22009d776aabb49bd6daf692912825f6e28
cc86a239664b4ec370af4aa91e74a773b4cf54d6cdcc768fbca758a8f4f6e87c
d5e771267009dd28eab2e7a00a828f0f214b8833e5c39074ead4576ca1ff70ae
d6cfe4729ea655c4dc791ed31e784f56a60bd39bf02f3b61d3a920fc482e10e1
d9e69857e78332fc032a513db219bf47a5f69f620b102f5620c446a2b6091c46
dfaa3d3c65ffafe1f23c73533b43163338c172ff93a11452c2071329b961f0cb
dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d
e12180244abedae8d3eca421bf39b8d97b803f5c48f1e8eea23eaac617321608
e3301294767c727736499b08ba1666a76b73816c949df755e16eaa36f4b14f06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9d5fa9af75a3291b45619a6d6104945c50db687d27b4cc7ccce0ec48296bd77