neebak.ixelon.com
Open in
urlscan Pro
198.71.228.1
Malicious Activity!
Public Scan
URL:
http://neebak.ixelon.com/
Submission: On September 12 via manual from NZ
Submission: On September 12 via manual from NZ
Summary
This website contacted 22 IPs
in 6 countries
across 17 domains to perform 89 HTTP transactions.
The main IP is 198.71.228.1, located in
Scottsdale, United States and
belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US.
The main domain is neebak.ixelon.com.
This is the only time neebak.ixelon.com was scanned on urlscan.io!
This is the only time neebak.ixelon.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 33 | 198.71.228.1 198.71.228.1 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
| 3 | 2400:cb00:204... 2400:cb00:2048:1::6813:c497 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 6 | 2a00:1450:400... 2a00:1450:4001:818::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 104.108.68.65 104.108.68.65 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 4 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
| 10 | 111.223.226.74 111.223.226.74 | 38880 (M21-AS-AP...) (M21-AS-AP Micron21 Datacentre Pty Ltd) | |
| 5 | 159.45.2.156 159.45.2.156 | 10837 (WELLSFARG...) (WELLSFARGO-10837 - Wells Fargo & Company) | |
| 7 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2400:cb00:204... 2400:cb00:2048:1::6813:c797 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 2 | 148.251.235.172 148.251.235.172 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 2 | 185.172.148.128 185.172.148.128 | 44239 (PROINITY ...) (PROINITY PROINITY) | |
| 1 3 | 185.172.148.132 185.172.148.132 | 44239 (PROINITY ...) (PROINITY PROINITY) | |
| 3 | 54.85.167.32 54.85.167.32 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 159.45.2.178 159.45.2.178 | 10837 (WELLSFARG...) (WELLSFARGO-10837 - Wells Fargo & Company) | |
| 1 | 2.18.233.89 2.18.233.89 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 216.239.34.21 216.239.34.21 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 52.210.34.59 52.210.34.59 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 2 | 172.217.21.198 172.217.21.198 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 2 | 2a00:1450:400... 2a00:1450:4001:81a::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a03:2880:f11... 2a03:2880:f11c:8186:face:b00c:0:50fb | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 1 1 | 2a00:1450:400... 2a00:1450:4001:81f::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 46.51.193.164 46.51.193.164 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 52.208.135.160 52.208.135.160 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 216.239.32.21 216.239.32.21 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 89 | 22 |
33
198.71.228.1
(Scottsdale, United States)
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: a2plcpnl0175.prod.iad2.secureserver.net
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: a2plcpnl0175.prod.iad2.secureserver.net
| neebak.ixelon.com |
3
2400:cb00:2048:1::6813:c497
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| cdnjs.cloudflare.com |
2
104.108.68.65
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-68-65.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-68-65.deploy.static.akamaitechnologies.com
| www01.wellsfargomedia.com |
4
209.197.3.15
(Phoenix, United States)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
| maxcdn.bootstrapcdn.com |
10
111.223.226.74
(Melbourne, Australia)
ASN38880 (M21-AS-AP Micron21 Datacentre Pty Ltd, AU)
PTR: insurancewatch.com.au
ASN38880 (M21-AS-AP Micron21 Datacentre Pty Ltd, AU)
PTR: insurancewatch.com.au
| www.insurancewatch.com.au |
5
159.45.2.156
(United States)
ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
| connect.secure.wellsfargo.com |
7
2a00:1450:4001:819::2003
(Ireland)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com | |
| www.google.de |
1
2400:cb00:2048:1::6813:c797
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| cdnjs.cloudflare.com |
2
148.251.235.172
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.172.235.251.148.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.172.235.251.148.clients.your-server.de
| static.whatshelp.io | |
| whatshelp.io |
3
54.85.167.32
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-85-167-32.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-85-167-32.compute-1.amazonaws.com
| www.vcita.com |
1
159.45.2.178
(United States)
ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
| static.wellsfargo.com |
1
2.18.233.89
(European Union)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-89.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-89.deploy.static.akamaitechnologies.com
| c15117557.ssl.cf2.rackcdn.com |
1
216.239.34.21
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: any-in-2215.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: any-in-2215.1e100.net
| impress.vcita.com |
1
52.210.34.59
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-34-59.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-34-59.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
172.217.21.198
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f198.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f198.1e100.net
| ad.doubleclick.net |
2
2a00:1450:4001:81a::2002
(Ireland)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| adservice.google.com | |
| googleads.g.doubleclick.net |
1
2a03:2880:f11c:8186:face:b00c:0:50fb
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| www.facebook.com |
1
46.51.193.164
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-193-164.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-193-164.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
52.208.135.160
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-135-160.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-135-160.eu-west-1.compute.amazonaws.com
| wellsfargobankna.demdex.net |
1
216.239.32.21
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: any-in-2015.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: any-in-2015.1e100.net
| impress.vcita.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 33 |
ixelon.com
neebak.ixelon.com |
6 MB |
| 10 |
insurancewatch.com.au
www.insurancewatch.com.au |
31 KB |
| 6 |
gstatic.com
fonts.gstatic.com |
53 KB |
| 6 |
wellsfargo.com
connect.secure.wellsfargo.com static.wellsfargo.com |
117 KB |
| 6 |
googleapis.com
fonts.googleapis.com |
18 KB |
| 5 |
vcita.com
www.vcita.com impress.vcita.com |
3 KB |
| 5 |
vcdnita.com
1 redirects
widgets.vcdnita.com |
145 KB |
| 4 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
117 KB |
| 4 |
cloudflare.com
cdnjs.cloudflare.com |
142 KB |
| 3 |
doubleclick.net
3 redirects
ad.doubleclick.net googleads.g.doubleclick.net |
2 KB |
| 3 |
demdex.net
dpm.demdex.net wellsfargobankna.demdex.net |
3 KB |
| 2 |
google.com
1 redirects
adservice.google.com www.google.com |
704 B |
| 2 |
whatshelp.io
static.whatshelp.io whatshelp.io |
7 KB |
| 2 |
wellsfargomedia.com
www01.wellsfargomedia.com |
16 KB |
| 1 |
google.de
www.google.de |
472 B |
| 1 |
facebook.com
www.facebook.com |
292 B |
| 1 |
rackcdn.com
c15117557.ssl.cf2.rackcdn.com |
21 KB |
| 89 | 17 |
| Domain | Requested by | |
|---|---|---|
| 33 | neebak.ixelon.com |
neebak.ixelon.com
|
| 10 | www.insurancewatch.com.au |
neebak.ixelon.com
|
| 6 | fonts.gstatic.com |
neebak.ixelon.com
|
| 6 | fonts.googleapis.com |
neebak.ixelon.com
|
| 5 | widgets.vcdnita.com |
1 redirects
neebak.ixelon.com
widgets.vcdnita.com |
| 5 | connect.secure.wellsfargo.com |
neebak.ixelon.com
connect.secure.wellsfargo.com |
| 4 | maxcdn.bootstrapcdn.com |
neebak.ixelon.com
|
| 4 | cdnjs.cloudflare.com |
neebak.ixelon.com
|
| 3 | www.vcita.com |
widgets.vcdnita.com
neebak.ixelon.com |
| 2 | ad.doubleclick.net | 2 redirects |
| 2 | dpm.demdex.net |
neebak.ixelon.com
|
| 2 | impress.vcita.com |
neebak.ixelon.com
|
| 2 | www01.wellsfargomedia.com |
neebak.ixelon.com
|
| 1 | wellsfargobankna.demdex.net |
neebak.ixelon.com
|
| 1 | www.google.de | |
| 1 | www.google.com | 1 redirects |
| 1 | googleads.g.doubleclick.net | 1 redirects |
| 1 | www.facebook.com | |
| 1 | adservice.google.com | |
| 1 | c15117557.ssl.cf2.rackcdn.com |
neebak.ixelon.com
|
| 1 | static.wellsfargo.com |
neebak.ixelon.com
|
| 1 | whatshelp.io |
static.whatshelp.io
|
| 1 | static.whatshelp.io |
neebak.ixelon.com
|
| 89 | 23 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-04-14 - 2018-10-21 |
6 months | crt.sh |
| *.googleapis.com Google Internet Authority G3 |
2018-08-21 - 2018-11-13 |
3 months | crt.sh |
| www01.wellsfargomedia.com GeoTrust RSA CA 2018 |
2018-04-20 - 2019-04-20 |
a year | crt.sh |
| *.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2017-10-03 - 2018-10-13 |
a year | crt.sh |
| *.insurancewatch.com.au COMODO RSA Domain Validation Secure Server CA |
2018-07-07 - 2020-07-06 |
2 years | crt.sh |
| connect.secure.wellsfargo.com Wells Fargo Public Trust Certification Authority 01 G2 |
2018-08-22 - 2020-06-28 |
2 years | crt.sh |
| *.google.com Google Internet Authority G3 |
2018-08-21 - 2018-11-13 |
3 months | crt.sh |
| *.vcdnita.com Go Daddy Secure Certificate Authority - G2 |
2017-04-25 - 2020-04-25 |
3 years | crt.sh |
| static.wellsfargo.com Wells Fargo Public Trust Certification Authority 01 G2 |
2018-06-28 - 2020-06-28 |
2 years | crt.sh |
| *.ssl.cf2.rackcdn.com DigiCert SHA2 Secure Server CA |
2018-03-19 - 2019-03-19 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
| *.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://neebak.ixelon.com/
Frame ID: 62E5411CFA1610A7222EBF5AF1A700BD
Requests: 88 HTTP requests in this frame
Frame:
http://whatshelp.io/widget/wSendButton?whatsapp=%2B61448145425&viber=%2B61448145425&email=customerservice%406scg.com.au&sms=%2B61448145425&call=%2B61448145425&company_logo_url=%2F%2Fstatic.whatshelp.io%2Fimg%2Fflag.png&greeting_message=Hello%2C%20how%20may%20we%20help%20you%3F%20Just%20send%20us%20a%20message%20now%20to%20get%20assistance.&button_color=%23129BF4&position=right&order=whatsapp%2Cviber%2Csms%2Ccall%2Cemail&ga=false&branding=true&mobile=true&desktop=true&shift_vertical=0&shift_horizontal=0&domain=null&key=null&parentWrapperId=wh-widget-send-button&clientHostname=neebak.ixelon.com&showHelloPopup=1&isMobile=0
Frame ID: F95A062894E5294C3E034E20EDE8DD09
Requests: 1 HTTP requests in this frame
56 Outgoing links
These are links going to different origins than the main page.
URL: https://www.equifax.com.au/
Title: Your Free, Personal Credit Report
Title: Your Free, Personal Credit Report
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/tools-and-resources/calculators-and-apps/budget-planner
Title: Use the Budget Planner
Title: Use the Budget Planner
Search URL Search Domain Scan URL
URL: https://www.australia.gov.au/information-and-services/family-and-community/wills-and-powers-of-attorney/wills
Title: Is your will still relevant?
Title: Is your will still relevant?
Search URL Search Domain Scan URL
URL: https://my.gov.au/LoginServices/main/login?execution=e9s1
Title: Scattered super? Consolidate now! | Superannuation calculator
Title: Scattered super? Consolidate now! | Superannuation calculator
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/investing/invest-smarter/choose-your-investments/make-tax-work-for-you
Title: 5 simple techniques to reduce your tax
Title: 5 simple techniques to reduce your tax
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/investing/financial-advice/financial-advisers-register
Title: Financial planning register
Title: Financial planning register
Search URL Search Domain Scan URL
URL: https://www.afp.gov.au/what-we-do/crime-types/cyber-crime/online-fraud-and-scams
Title: Fraud Information Center
Title: Fraud Information Center
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/managing-your-money/managing-debts/problems-paying-your-mortgage/helping-someone-with-mortgage-problems
Title: Get Help with Payment Challenges
Title: Get Help with Payment Challenges
Search URL Search Domain Scan URL
URL: https://www.dsrdata.com.au/
Title: Demand Supply Ratio
Title: Demand Supply Ratio
Search URL Search Domain Scan URL
URL: https://www.freelancer.com/users/l.php?url=https:%2F%2Fwww.walkscore.com%2F&sig=49e656be5f8b1b253793798731096ee1f56aec3ab18828d3028038c2b8b44d99
Title: Walkscore
Title: Walkscore
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/borrowing-and-credit/home-loans/interest-only-mortgages
Title: How do interest-only loans work?
Title: How do interest-only loans work?
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/investing/borrowing-to-invest
Title: Building your investment by borrowing
Title: Building your investment by borrowing
Search URL Search Domain Scan URL
URL: https://www.superguide.com.au/smsfs
Title: Self-managed super 101
Title: Self-managed super 101
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/super/self-managed-super-funds/setting-up/choose-individual-trustees-or-a-corporate-trustee/
Title: SMSFs: Corporate vs Individual Trustee
Title: SMSFs: Corporate vs Individual Trustee
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/super/self-managed-super-funds/investing/restrictions-on-investments/
Title: What should you invest your SMSF in?
Title: What should you invest your SMSF in?
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/Super/Self-managed-super-funds/Thinking-about-self-managed-super/
Title: Suitability of an SMSF
Title: Suitability of an SMSF
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/super/self-managed-super-funds/in-detail/smsf-resources/smsf-technical/limited-recourse-borrowing-arrangements---questions-and-answers/?page=4
Title: Borrowing through SMSF
Title: Borrowing through SMSF
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/Super/Self-managed-super-funds/Investing/Tax-on-income/Capital-gains/
Title: Capital gain taxes in SMSF
Title: Capital gain taxes in SMSF
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/Super/Self-managed-super-funds/Administering-and-reporting/How-we-help-and-regulate-SMSFs/Approved-education-courses/
Title: SMSF courses and further education
Title: SMSF courses and further education
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/uploadedfiles/content/spr/downloads/spr46427n11032.pdf
Title: ATO SMSF information
Title: ATO SMSF information
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/superannuation-and-retirement/income-sources-in-retirement/income-from-super/transition-to-retirement
Title: Transition to Retirement Strategies
Title: Transition to Retirement Strategies
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/individuals/super/in-detail/withdrawing-and-paying-tax/withdrawing-your-super-and-paying-tax/?page=1#Preservationage
Title: Understanding Preservation age
Title: Understanding Preservation age
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/tools-and-resources/calculators-and-apps/super-and-retirement-calculators
Title: Retirement planner
Title: Retirement planner
Search URL Search Domain Scan URL
URL: https://www.humanservices.gov.au/individuals/enablers/online-estimators
Title: Age pension calculator
Title: Age pension calculator
Search URL Search Domain Scan URL
URL: https://www.humanservices.gov.au/individuals/older-australians
Title: Department of Human services Tools
Title: Department of Human services Tools
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/superannuation-and-retirement/how-super-works/super-investment-options
Title: Investment Options
Title: Investment Options
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/investing/invest-smarter/risk-and-return/diversification
Title: The benefits of investment diversification
Title: The benefits of investment diversification
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/investing/invest-smarter/goals-and-risk-tolerance
Title: How perception affects investing
Title: How perception affects investing
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/life-events-and-you/women/womens-money-toolkit
Title: Women money toolkit
Title: Women money toolkit
Search URL Search Domain Scan URL
URL: https://www.asg.com.au/calculator/cost-of-education-calculator
Title: Education cost needed
Title: Education cost needed
Search URL Search Domain Scan URL
URL: https://www.mlcinsurance.com.au/bestdoctors
Title: Find out more
Title: Find out more
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/tools-and-resources/calculators-and-apps/mobile-apps/trackmyspend
Title: Managing Credit
Title: Managing Credit
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/tools-and-resources/calculators-and-apps/mortgage-calculator
Title: Home Ownership
Title: Home Ownership
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/tools-and-resources/calculators-and-apps/retirement-planner
Title: Retirement Planning
Title: Retirement Planning
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/Rates/Individual-income-tax-rates/
Title: Taxes & Income
Title: Taxes & Income
Search URL Search Domain Scan URL
URL: https://www.ato.gov.au/Individuals/Super/Super-housing-measures/First-Home-Super-Saver-Scheme/
Title: Buying Your First Home
Title: Buying Your First Home
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/borrowing-and-credit/borrowing-basics/credit-scores
Title: How to establish credit >
Title: How to establish credit >
Search URL Search Domain Scan URL
URL: https://www.moneysmart.gov.au/managing-your-money/managing-debts/consolidating-and-refinancing-debts
Title: Consolidate your debt >
Title: Consolidate your debt >
Search URL Search Domain Scan URL
URL: http://lifespanfp.com.au/financial-tools/service-brochures-newsletters/
Title: CLIENT NEWSLETTER
Title: CLIENT NEWSLETTER
Search URL Search Domain Scan URL
URL: https://www.msn.com/en-au/money/personalfinance
Title: FINANCE NEWS
Title: FINANCE NEWS
Search URL Search Domain Scan URL
URL: https://www.finnewsnetwork.com.au/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://tradingeconomics.com/australia/indicators
Title:
Title:
Search URL Search Domain Scan URL
URL: https://insurance.aia.com.au/AIAInsuranceNeedsWebService/ui/index.html
Title: Insurance Needs Calculator
Title: Insurance Needs Calculator
Search URL Search Domain Scan URL
URL: http://lifespanfp.com.au/contact/disclaimer/
Title: Disclaimer
Title: Disclaimer
Search URL Search Domain Scan URL
URL: http://lifespanfp.com.au/contact/privacy-policy/
Title: Client Information Policy
Title: Client Information Policy
Search URL Search Domain Scan URL
URL: https://besureconsultants.com.au/
Search URL Search Domain Scan URL
URL: http://ratepal.com.au/
Search URL Search Domain Scan URL
URL: https://www.tomorrowfinance.com.au/
Search URL Search Domain Scan URL
URL: http://www.lifespanfp.com.au/
Search URL Search Domain Scan URL
URL: http://www.vcita.com/viral?invite=vr_ae_pb-9qjc6xw9mw28p2et&o64=active_engage
Title: Powered by vCita
Title: Powered by vCita
Search URL Search Domain Scan URL
URL: http://www.vcita.com/v/9qjc6xw9mw28p2et
Search URL Search Domain Scan URL
URL: https://live.vcita.com/site/9qjc6xw9mw28p2et/action/mztgel3ymppl10ox?mode=embed
Title: Schedule now
Title: Schedule now
Search URL Search Domain Scan URL
URL: https://live.vcita.com/site/9qjc6xw9mw28p2et/action/atpxuexv904h3l9c?mode=embed
Title: Click-to-call +61 4481...
Title: Click-to-call +61 4481...
Search URL Search Domain Scan URL
URL: https://live.vcita.com/site/9qjc6xw9mw28p2et/action/h7tzzxmhbx2239g1?mode=embed
Title: Send us a file
Title: Send us a file
Search URL Search Domain Scan URL
URL: https://live.vcita.com/site/9qjc6xw9mw28p2et/action/lxulfxunm1bu4dui?mode=embed
Title: We'd love to hear from you
Title: We'd love to hear from you
Search URL Search Domain Scan URL
URL: https://live.vcita.com/site/9qjc6xw9mw28p2et/action/7fslt0n5wu8xoz09?mode=embed&transparent=true
Title: Get Directions
Title: Get Directions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
- http://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
- http://widgets.vcdnita.com/assets/livesite.css?1536737 HTTP 301
- https://widgets.vcdnita.com/assets/livesite.css?1536737
- http://fonts.googleapis.com/css?family=Caudex|Overlock|Patrick+Hand|Jockey+One|Sarina|Niconne|Fredericka+the+Great|Corben|Kelly+Slab|Marck+Script|Mr+De+Haviland|Lobster|Anton|Josefin+Slab|EB+Garamond|Basic|Chelsea+Market|Enriqueta|Forum|Jura|Noticia+Text|Open+Sans|Play|Signika|Spinnaker:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 HTTP 307
- https://fonts.googleapis.com/css?family=Caudex|Overlock|Patrick+Hand|Jockey+One|Sarina|Niconne|Fredericka+the+Great|Corben|Kelly+Slab|Marck+Script|Mr+De+Haviland|Lobster|Anton|Josefin+Slab|EB+Garamond|Basic|Chelsea+Market|Enriqueta|Forum|Jura|Noticia+Text|Open+Sans|Play|Signika|Spinnaker:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
- http://ad.doubleclick.net/ddm/activity/src=2549153;type=allv40;cat=all_a00;u1=11201804080224021747918337;ord=6949616336126.116 HTTP 302
- http://ad.doubleclick.net/ddm/activity/src=2549153;dc_pre=CJmiz9r3tN0CFZEX4AodNugDCg;type=allv40;cat=all_a00;u1=11201804080224021747918337;ord=6949616336126.116 HTTP 302
- https://adservice.google.com/ddm/fls/z/src=2549153;dc_pre=CJmiz9r3tN0CFZEX4AodNugDCg;type=allv40;cat=all_a00;u1=11201804080224021747918337;ord=6949616336126.116
- http://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]= HTTP 307
- https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=
- http://googleads.g.doubleclick.net/pagead/viewthroughconversion/974108101/?value=0&guid=ON&script=0&data.prod=&data.subprod=&data.pageid=&data.customer_status=n&data.customer_type= HTTP 302
- http://www.google.com/pagead/1p-user-list/974108101/?value=0&guid=ON&script=0&data.customer_status=n&crd=CITQGw&cdct=2&is_vtc=1&random=1052798441 HTTP 302
- http://www.google.de/pagead/1p-user-list/974108101/?value=0&guid=ON&script=0&data.customer_status=n&crd=CITQGw&cdct=2&is_vtc=1&random=1052798441&ipr=y
89 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
neebak.ixelon.com/ |
214 KB 41 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
css
fonts.googleapis.com/ |
3 KB 715 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
homepage_per.css
neebak.ixelon.com/css/ |
37 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-2.png
neebak.ixelon.com/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
homepage-caret-selector.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
336 B 737 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
css
fonts.googleapis.com/ |
788 B 451 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
css
fonts.googleapis.com/ |
2 KB 619 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ Redirect Chain
|
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tab1.png
neebak.ixelon.com/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tab2.png
neebak.ixelon.com/img/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mortgage-calculator.png
neebak.ixelon.com/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tab4.png
neebak.ixelon.com/img/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tab5.png
neebak.ixelon.com/img/ |
29 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tab6.png
neebak.ixelon.com/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tab7.png
neebak.ixelon.com/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tab8.png
neebak.ixelon.com/img/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
credit.jpeg
neebak.ixelon.com/img/ |
143 KB 143 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
finance.jpg
neebak.ixelon.com/img/ |
156 KB 156 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
retirement.jpg
neebak.ixelon.com/img/ |
255 KB 255 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
homepage-image-sprite.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
css
fonts.googleapis.com/ |
63 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ |
141 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ Redirect Chain
|
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-5.png
neebak.ixelon.com/img/ |
71 KB 71 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
css
fonts.googleapis.com/ |
0 619 B |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-amp.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-aia.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-bt.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-comminsure.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-cvw.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-asteron.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-mlc.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-onepath.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-tal.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
life-insurance-zurich.png
www.insurancewatch.com.au/wp-content/uploads/2014/02/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
image(40).png
neebak.ixelon.com/img/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rateplan.png
neebak.ixelon.com/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tomorrow.png
neebak.ixelon.com/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Picture1.png
neebak.ixelon.com/img/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-userprefs.min.js
connect.secure.wellsfargo.com/auth/static/prefs/ |
137 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.1.1.min.js
neebak.ixelon.com/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
homepage_per.js
neebak.ixelon.com/js/ |
81 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Superannuation.jpg
neebak.ixelon.com/img/ |
244 KB 245 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
slide5.jpg
neebak.ixelon.com/img/ |
344 KB 345 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
slide4.png
neebak.ixelon.com/img/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
slide6.png
neebak.ixelon.com/img/ |
770 KB 770 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
slide8.png
neebak.ixelon.com/img/ |
717 KB 718 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
slidedoc.jpg
neebak.ixelon.com/img/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
jizDREVNn1dOx-zrZ2X3pZvkTiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/ibmplexserif/v4/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
rax8HiqOu8IVPmn7f4xpLjpSmw.woff2
fonts.gstatic.com/s/bitter/v12/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
TwMN-I8CRRU2zM86HFEyZwCH_qWn1D1aD-iarMAYM6JZjg_GA1OtNH6MzgdxVjQYKOgazaM9x794.119.woff2
fonts.gstatic.com/s/dohyeon/v6/ |
5 KB 5 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
TwMN-I8CRRU2zM86HFEyZwCH_qWn1D1aD-iarMAYM6JZjg_GA1OtNH6MzgdxVjQYKOgazaM9x794.118.woff2
fonts.gstatic.com/s/dohyeon/v6/ |
6 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
init.js
static.whatshelp.io/widget-send-button/js/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
livesite.js
widgets.vcdnita.com/assets/ |
174 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wSendButton
whatshelp.io/widget/ Frame F95A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
livesite.css
widgets.vcdnita.com/assets/ Redirect Chain
|
61 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
css
fonts.googleapis.com/ Redirect Chain
|
28 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
configuration
www.vcita.com/widgets/active_engage/ |
3 KB 2 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
conutils-6.2.2.js
connect.secure.wellsfargo.com/auth/static/scripts/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
atadun.js
connect.secure.wellsfargo.com/auth/static/prefs/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utag.js
static.wellsfargo.com/tracking/toppages/ |
135 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
icomoon.woff
widgets.vcdnita.com/assets/css/icomoon/fonts/livesite-icons/ |
61 KB 61 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
normal_30kf5ge3s5oojxnel82a1ilb6xv2lqeo.png
c15117557.ssl.cf2.rackcdn.com/avatar/image/574193/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i.gif
impress.vcita.com/imp/ |
0 161 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i
www.vcita.com/tr_pics/ |
43 B 584 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
icomoon.woff
widgets.vcdnita.com/assets/css/icomoon/fonts/ |
18 KB 18 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nd
connect.secure.wellsfargo.com/jenny/ |
40 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/ |
482 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
225 B 972 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
src=2549153;dc_pre=CJmiz9r3tN0CFZEX4AodNugDCg;type=allv40;cat=all_a00;u1=11201804080224021747918337;ord=6949616336126.116
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
tr
www.facebook.com/ Redirect Chain
|
44 B 292 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
www.google.de/pagead/1p-user-list/974108101/ Redirect Chain
|
42 B 472 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s.gif
neebak.ixelon.com/assets/images/global/ |
343 B 535 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s.gif
neebak.ixelon.com/assets/images/global/ |
343 B 535 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fraud.jpeg
neebak.ixelon.com/img/ |
145 KB 145 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
home-lenf.jpeg
neebak.ixelon.com/img/ |
241 KB 242 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
insurance.jpeg
neebak.ixelon.com/img/ |
242 KB 242 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
investing.jpeg
neebak.ixelon.com/img/ |
120 KB 120 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
225 B 972 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
event
wellsfargobankna.demdex.net/ |
231 B 943 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i.gif
impress.vcita.com/imp/ |
0 161 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i
www.vcita.com/tr_pics/ |
43 B 584 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
.png%22){kind=link}
.png){kind=link}
.png){kind=link}
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)213 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| bundle function| $ function| jQuery object| bootstrap function| liveSiteAsyncInit function| domReady object| jsData object| tasInfo function| Cookie function| WidgetDetect function| WidgetDOM function| WidgetHelper function| WidgetElement function| WhWidgetSendButton function| WidgetInitializer function| WidgetSendButtonBase function| ParentWindowHelper function| WidgetSize function| Animates function| AnimationControl function| StateMashine function| WidgetSendButtonContainer object| LiveSite undefined| jQuery111106592088601490416_1536737070820 string| USERPREFS_PATH string| UPRESOURCE_PATH string| ATADUN_PATH string| loginUrlBase object| scriptParent function| disableSubmitsCollectUserPrefs function| addLoginFormFieldsAndSubmit function| jsEnabled function| addEvent object| UserPrefsHelper object| collector function| loadUserPrefs function| submitUserPrefs function| getUserPrefsOnPageLoad function| undoSaveUsername function| maskedUsernameChanged function| addScriptElement object| WF function| GSA_getSearchRootPathPrefix function| GSA_getResourceRootPathPrefix function| GSA_isEmbeddedMode string| ss_form_element string| ss_popup_element object| ss_seq string| ss_g_one_name_to_display string| ss_g_more_names_to_display number| ss_g_max_to_display number| ss_max_to_display number| ss_wait_millisec number| ss_delay_millisec object| ss_gsa_host string| SS_OUTPUT_FORMAT_LEGACY string| SS_OUTPUT_FORMAT_OPEN_SEARCH string| SS_OUTPUT_FORMAT_RICH string| ss_protocol boolean| ss_allow_non_query string| ss_non_query_empty_title boolean| ss_allow_debug object| URI_RE_ object| URI_DISALLOWED_IN_SCHEME_OR_CREDENTIALS_ object| URI_DISALLOWED_IN_PATH_ object| ss_cached object| ss_qbackup object| ss_qshown number| ss_loc number| ss_waiting boolean| ss_painting object| ss_key_handling_queue object| ss_painting_queue boolean| ss_dismissed boolean| ss_panic string| SS_ROW_CLASS string| SS_ROW_SELECTED_CLASS undefined| XH_ieProgId_ number| XML_READY_STATE_UNINITIALIZED number| XML_READY_STATE_LOADING number| XML_READY_STATE_LOADED number| XML_READY_STATE_INTERACTIVE number| XML_READY_STATE_COMPLETED function| XH_XmlHttpInit_ function| XH_XmlHttpCreate function| XH_XmlHttpGET function| XH_XmlHttpPOST function| XH_XmlHttpOpen function| XH_XmlHttpSetRequestHeader function| XH_XmlHttpSend function| XH_XmlHttpAbort object| ss_debug function| ss_composeSuggestUri function| ss_suggest function| ss_processed function| ss_handleAllKey function| ss_handleKey function| ss_isEmbeddedMode_ function| ss_handleQuery function| ss_removeNode_ function| ss_replaceNode_ function| ss_initEmbedMode_ function| ss_sf function| ss_clear function| ss_hide function| ss_show function| ss_showSuggestion function| ss_showRelatedSuggestion function| ss_handleMouseM function| ss_handleMouseC function| ss_countSuggestions function| ss_locateSuggestion function| ss_escape function| ss_escapeDbg function| ss_Debugger object| ss_use object| utag_data string| big_data_event undefined| lsParam object| root boolean| m object| q object| options object| lun3 string| ndURI boolean| isNative object| ndsapi object| nds object| js object| fjs function| ndoGetObjectKeys string| ndjsStaticVersion object| nswypht object| nsrwwm boolean| nsxzgzwcg number| nsxbecq number| nsxbec object| nsxbecqfq object| nswsqqf object| nsxbecqfqt object| nsair object| nsrwwmsjyy object| nsxzgzw boolean| nsxzgzwc string| nswyphtmjg string| nswsq number| numQueries object| returned string| version string| nsrww string| nsxbe string| nsauygpl string| nsxbecqf string| nseeirln string| nsairipjh string| nseeirlnom object| nswsqqfyj object| nseeirlno function| nsairi function| nsauyg function| nsxzgzwcga boolean| nsairip object| nsairipj function| nseei function| HashUtil function| nseeirl function| nswyph function| nswsqq function| nsairipjhr function| nsauygpli function| nsxzg function| nseeir function| nsrwwmsj function| nsauygpliv function| nsrwwms function| nswsqqfyjv function| nsauy function| nswsqqfy function| nswyphtm function| nswyphtmj function| nsxzgz function| ndwts function| nswyp function| nsrwwmsjy function| nsauygp function| nspqoip function| nsedz function| nsbnsezhhe function| nsbnse function| ndwti function| nsnkjf function| nsddjean function| nsddjeanq function| nsaegizlw function| nsbdmaihw function| nsnkjfnhia function| nsbdma function| nsedzkrv function| nsnkjfn function| nsedzkr function| nsbdmai boolean| utag_condload string| new_path object| utag_cfg_ovrd object| utag function| utag_pad function| utag_visitor_id undefined| d object| data_dmp function| Visitor function| DIL object| s_c_il number| s_c_in1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .ixelon.com/ | Name: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg Value: T |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
c15117557.ssl.cf2.rackcdn.com
cdnjs.cloudflare.com
connect.secure.wellsfargo.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
impress.vcita.com
maxcdn.bootstrapcdn.com
neebak.ixelon.com
static.wellsfargo.com
static.whatshelp.io
wellsfargobankna.demdex.net
whatshelp.io
widgets.vcdnita.com
www.facebook.com
www.google.com
www.google.de
www.insurancewatch.com.au
www.vcita.com
www01.wellsfargomedia.com
104.108.68.65
111.223.226.74
148.251.235.172
159.45.2.156
159.45.2.178
172.217.21.198
185.172.148.128
185.172.148.132
198.71.228.1
2.18.233.89
209.197.3.15
216.239.32.21
216.239.34.21
2400:cb00:2048:1::6813:c497
2400:cb00:2048:1::6813:c797
2a00:1450:4001:818::200a
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81f::2004
2a03:2880:f11c:8186:face:b00c:0:50fb
46.51.193.164
52.208.135.160
52.210.34.59
54.85.167.32
048cd174f6b449a087f9caecf37f1b749525b600efedf1bf6c1ecdcf87c55a70
05cb6228d21aa96fa150bd2db86d57db8eb69b54607cb56251304c9844be30e8
07ec8eba411492715af80fc65e5c6e1ad4b0e9a828c8cb0e56d98950d7179e09
0e1b94395a1a4325b65aa0217a130b1756a0419ef5f04dc73a5558f56d07da71
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13ca9f99258852517883e34086d10faa1c21c66a4881b2fcb4d2578a647b1365
198506f95f9c0cf3a670f82ea63f9a560bd6ff9a17c153ad4ac5d8777e0fda21
1a7a91e7a7636eb2e60540c8760df2ecae98845634e0c00b2a92b1ca96dc1610
1e5cf83bd06caae82cc12acf1cd1e4c2a4a3f59f3467ba4ab2fc91750897bee7
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
228c0db2a0dbec71b4d9bc6b52cb3994ab4d602e04af212c8e914d10daf74962
2a9a9b68322e11b25a9aae48f33c5ec3d4b511574dab3a041747031fba7e1bc5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0c05254cf234e64df9ff4362d18f47b4c9851c3541a5f0c4087d3ecd28970f
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
328de1a2841d0ef4987db9a46fc474b4b57ad6850ad066fad542792000fa72fa
36bb7064a37b31ce67e7ac3ed4fe0e5a40af9d329fc17c166d8a5806fcd02c61
39b9f26eb49062de180370bf945a4c0856ba5dad4c1625e87c30de2af2eefdb8
3f90fe7f6c1838b7eed9bce5ddc95c945539e2d33ca5df284a71e1f4106feb39
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4415d58612f547bacb4eca490b7745657f1482b3b79a17497268f751683fd450
4afd94df23f8fc32e5bd79dc3e64002104cdb75ea890548d57725f65f14741e4
4de3675a48b05bd700d6cac584e61b52d088dda9787c8b428f465107e8ba9b49
4e316fa99ec540654e4a0b22d2656cb204343cca080b1235d004dcce3a6894b8
524334591f0a303f83bca01c7c38da4147eb139c098aeff6fe0e393cca06630c
57d72ecb9685a84962d70e1d81259a177ec250dcf6be36e41ba2704519c923a7
643d59c8b3e6d803bb81c08cbcb0fc250f5043bf403497c2f1148c54a2663430
657a20c3b4b84a33defae428d4a9e78c5476c5abe391e7280c42bf0bbea91342
6647365e140bec304c5fcc037551992589d53dd21d38ac3ac327a3af89d6d54f
6d34c255494eab1557ad735f61ca6736caf5f2a834f5f489314eb354edb6691f
713f23ac56e15dc1ca614e077b30c63cc42a8c61b114c8fab2bec8f0df85ed12
714b557860a84da25a6124f36281f71fb4f41c6e9e6a2310a90f32f99d8d8237
75a884dba5391a79ca2464eab6886c24d171fb89b1ce30f3fe22c5635db3e2d4
76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634
77b78fafae4ce9885e30460ca70432474cd03525341eb068ebd7e206ca02cb13
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b48c3acda1e1b485adfc999591689c1105fa6f5d55560ad512b2ed9c9b268df
7df80cb20f586db5d3f441cd0bd766e88d198dd111f3ff6882c4f8a63b3d8c3b
837a2e6e98c10fad54c592d8580e800c263b49093501aacebfc1bbfa446bcdb7
853ae242cc64b3a2aab8a8eedfefce5d594b3019673d2d8ee9a5e3403d8643a7
853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
88c1a7e14601e51975b9b4ccaf2e6fc987f3b2956bb7e9cf221cc8f98e3ddb0e
8c286bc428320b10f5140dc7f5d4ce4d04f2069cc610519b12fae9cb842debd9
90c4ce49105adfc40bd14c59a6f88997adcdf4914789ac0a54d92a0f218f16ba
947147c6df0e9d299e40115835f37601e04970e39d61ca6b3c0204121786717f
96c95402d9ad3ba74c4b5a2c4df6ba5539a749c528666e0687bbc15f4cbc3bda
98930b12942896587a20790659b7bc1854f41e78f24dd036544bd9cecd3d7cce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15ee8e0c960a64fa0f213fa9d0734a088be5ee8fceea5029c16dafaf22da6d9
a37e751f9ebcdc874933572d65df013a2f74e72bc02c453789df273379d96a86
ac1cc86b7bd6a6824d7d648f48f749a7e82dc6e10a4711c279a662f7a67d95e4
acc9251051bf5daa19038539840d8d98855a46f6cb17bda23f69af6773cae927
c3c2e3038c08b527b940fa5e7d77cb3ae175e5993fe19111d5d6debf5c9750ce
c80c62b92edee70fbf6ac083c84076c9db9386d07a383b2a6824c7147f92d9fe
cead5ed2b7c8f607869d2f901b8a8adf3e6819e94be11e7672910045457be52a
d03564102466a5fe9722d405c76cb005554a78133d9437a5bef051b43e359792
d1d18721af3306f8cc762b084a58146da32e56d70e4e25494458f87fbb4fd749
d3224036433256dedd4125b1e808d2caad8e81616a92c2d31ceeadffe413ee5d
d3b68c41984f99faf6036f686037aa7e474f3a394c03a8959c51b62fd52db54f
da0b02880b8f71907a02a45460445b7b377d7c4a3afe0f863cc06abd982bc941
dbc52b9d0f12b08b78f18f799a49d713414911056e5e731a3cc128354348011c
dc32efa730966a52c7716f3e704cc245cbe2a6958ed839c4b9a5dd68300902f8
dcf746da750ea93ebe2e0ea6efbde72081d861ee5c792d1c83afd9eb56e83063
dfd2ecd12c5576aa486d2e5edc94db9e3c44259b70a139bf79b807bb6638901b
e1a57a5714db28c850235a15cb96f10ffca0e21903eb89899d260fcfa3721522
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e484807d06b80f02e8f1de3cc7c29ed19175c555d7a06a9e62c96268d11dcab5
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eac5302fe939d7b28b4078248b70da4898eafb7ea7024160ae4e4e3169b41412
ed0765dbff371196a86519e6d154c69b71fa1b7bf4ef983aaf04c5df54efd942
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6809d5847c80008fe2d6d2e56d674c17b169c4fb89672f2f16eddf882fbf74
f3a9b996545b24a76ec276ac6fa1c4072b5bcf0a0d63442cb0581c1e9013d594
f6b2434d85109843f44811f80231911ed7e66f094f0fb7c4ece02271b8ef7db0
f88bb730efa4d2f93ec319b1085c6351e4f0cb7b742b3137981155be46a74ffc
fa29b8276210e92c5078f4070c07ab2c9b376a68dc4b43ec934e8d1b9bcba24b
fd07521a73dd3ec9c2c75c791ebae67c1679ed2a7b836002893b91a4dc0c3c83
fd21f1c9c9719a0c912d9947bb31f62fb380ad765e2787f8ea22d615b9aaa552
ffcaeaf575a85845a62968d71d82b89166718b92b4e11dc24e6ecdbe919c2f0f