urlscan.io logo urlscan.io
SecurityTrails logo

enfant.com.ph Open in urlscan Pro
2606:4700:3034::6812:30da  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enfant.com.ph/jnre/dver
Effective URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Submission: On May 21 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 11 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3034::6812:30da, located in United States and belongs to CLOUDFLARENET, US. The main domain is enfant.com.ph.
This is the only time enfant.com.ph was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lloyds (Banking)

Domain & IP information

IP Address AS Autonomous System
2 20 2606:4700:303... 13335 (CLOUDFLAR...)
6 152.199.23.241 15133 (EDGECAST)
1 2600:9000:204... 16509 (AMAZON-02)
1 63.32.201.208 16509 (AMAZON-02)
1 2 18.197.180.19 16509 (AMAZON-02)
2 2 172.217.18.166 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 15.188.31.119 16509 (AMAZON-02)
1 2 23.45.237.36 20940 (AKAMAI-ASN1)
1 178.249.101.23 11054 (LIVEPERSON)
36 10
20    2606:4700:3034::6812:30da (United States)

ASN13335 (CLOUDFLARENET, US)
enfant.com.ph
6    152.199.23.241 (United States)

ASN15133 (EDGECAST, US)
tags.tiqcdn.com
1    2600:9000:2047:bc00:e:a6e2:4f80:93a1 (United States)

ASN16509 (AMAZON-02, US)
bcdn-16c9d93d.lloydsbank.co.uk
1    63.32.201.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-208.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    18.197.180.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-180-19.eu-central-1.compute.amazonaws.com
statse.webtrendslive.com
2    172.217.18.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net
ad-emea.doubleclick.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    15.188.31.119 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
lloydsbankinggroup.d3.sc.omtrdc.net
2    23.45.237.36 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
Domain Requested by
20 enfant.com.ph 2 redirects enfant.com.ph
6 tags.tiqcdn.com enfant.com.ph
tags.tiqcdn.com
2 tags.bluekai.com 1 redirects tags.tiqcdn.com
2 lloydsbankinggroup.d3.sc.omtrdc.net enfant.com.ph
2 ad-emea.doubleclick.net 2 redirects
2 statse.webtrendslive.com 1 redirects enfant.com.ph
1 lptag.liveperson.net tags.tiqcdn.com
1 adservice.google.de enfant.com.ph
1 adservice.google.com 1 redirects
1 dpm.demdex.net enfant.com.ph
1 bcdn-16c9d93d.lloydsbank.co.uk enfant.com.ph
0 cfr-16c9d93d.lloydsbank.co.uk Failed enfant.com.ph
36 12

This site contains links to these domains. Also see Links.

Domain
online.lloydsbank.co.uk
Subject Issuer Validity Valid
bcdn-16c9d93d.lloydsbank.co.uk
QuoVadis EV SSL ICA G1		 2020-01-08 -
2021-01-08		 a year crt.sh
statse.webtrendslive.com
Entrust Certification Authority - L1K		 2018-10-09 -
2020-10-09		 2 years crt.sh
*.google.de
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-04-14 -
2021-04-10		 a year crt.sh
*.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2017-12-17 -
2020-12-16		 3 years crt.sh

This page contains 2 frames:

Primary Page: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Frame ID: 10A91A072FB1052FCD7E52AE45ADAE1B
Requests: 35 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/36828?ret=html&phint=lbg_url%3Denfant.com.ph%2Fjnre%2Fdver%2Flogin.php&phint=lbg_journeyname%3DLogon&phint=lbg_eventid%3D4318B9B&phint=lbg_productgroup%3DMobile%20Banking&phint=lbg_productsubgroup%3Dloginwithreglink&phint=lbg_authstate%3DUnauth&phint=lbg_platform%3Dmobile&phint=lbg_applicationstate%3DApplication&phint=__bk_t%3DLloyds%20Bank%20-%20Mobile%20Banking%20-%20Login&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fenfant.com.ph%2Fjnre%2Fdver%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx%26session%3DOTY3MTY5MDMxOTY3MTY5MDMx&limit=4&bknms=ver=2.0,ua=d4fc40c56fa4c4dcdc51807806109dc6,t=1590063439211,m=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,k=1,lang=07ef608d8a7e9677f0b83775f0b83775,sr=1600x1200x24,tzo=-120,hss=true,hls=true,idb=true,addb=undefined,odb=function,cpu=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,platform=1c17637dbf2f8edebf2f8edebf2f8ede,notrack=,plugins=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,cn=91763c01b399da7d690d20e865d032ed&r=68849692
Frame ID: 69C491E7C3E56B027EBC4810D005E3E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://enfant.com.ph/jnre/dver HTTP 301
    http://enfant.com.ph/jnre/dver/ HTTP 302
    http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

36
Requests

14 %
HTTPS

36 %
IPv6

11
Domains

12
Subdomains

10
IPs

5
Countries

651 kB
Transfer

2345 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enfant.com.ph/jnre/dver HTTP 301
    http://enfant.com.ph/jnre/dver/ HTTP 302
    http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • http://statse.webtrendslive.com/dcsxby8tz00000w8oh3utaci2_8p2n/dcs.gif?&dcsdat=1590063434746&dcssip=enfant.com.ph&dcsuri=/jnre/dver/login.php&dcsqry=%3Fcmd=login_submit%26id=OTY3MTY5MDMxOTY3MTY5MDMx%26session=OTY3MTY5MDMxOTY3MTY5MDMx&WT.ti=Lloyds%20Bank%20-%20Mobile%20Banking%20-%20Login&WT.sp=IB;mobilebanking&WT.cg_n=Mobile%20Banking&WT.cg_s=loginwithreglink&WT.si_x=1&WT.si_n=Logon&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=enfant.com.ph/jnre/dver/login.php&WT.vt_f_a=2&WT.vt_f=2&hasTealium=1 HTTP 301
  • https://statse.webtrendslive.com/dcsxby8tz00000w8oh3utaci2_8p2n/dcs.gif?&dcsdat=1590063434746&dcssip=enfant.com.ph&dcsuri=/jnre/dver/login.php&dcsqry=%3Fcmd=login_submit%26id=OTY3MTY5MDMxOTY3MTY5MDMx%26session=OTY3MTY5MDMxOTY3MTY5MDMx&WT.ti=Lloyds%20Bank%20-%20Mobile%20Banking%20-%20Login&WT.sp=IB;mobilebanking&WT.cg_n=Mobile%20Banking&WT.cg_s=loginwithreglink&WT.si_x=1&WT.si_n=Logon&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=enfant.com.ph/jnre/dver/login.php&WT.vt_f_a=2&WT.vt_f=2&hasTealium=1
Request Chain 24
  • http://ad-emea.doubleclick.net/activity;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73 HTTP 302
  • http://ad-emea.doubleclick.net/activity;dc_pre=CJnTzvH3xOkCFQKZsgodvO8DKg;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73 HTTP 302
  • https://adservice.google.com/ddm/fls/p/dc_pre=CJnTzvH3xOkCFQKZsgodvO8DKg;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73;~oref=http://enfant.com.ph/jnre/dver/login.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx HTTP 302
  • https://adservice.google.de/ddm/fls/p/dc_pre=CJnTzvH3xOkCFQKZsgodvO8DKg;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73;~oref=http://enfant.com.ph/jnre/dver/login.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx
Request Chain 33
  • http://tags.bluekai.com/site/36828?ret=html&phint=lbg_url%3Denfant.com.ph%2Fjnre%2Fdver%2Flogin.php&phint=lbg_journeyname%3DLogon&phint=lbg_eventid%3D4318B9B&phint=lbg_productgroup%3DMobile%20Banking&phint=lbg_productsubgroup%3Dloginwithreglink&phint=lbg_authstate%3DUnauth&phint=lbg_platform%3Dmobile&phint=lbg_applicationstate%3DApplication&phint=__bk_t%3DLloyds%20Bank%20-%20Mobile%20Banking%20-%20Login&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fenfant.com.ph%2Fjnre%2Fdver%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx%26session%3DOTY3MTY5MDMxOTY3MTY5MDMx&limit=4&bknms=ver=2.0,ua=d4fc40c56fa4c4dcdc51807806109dc6,t=1590063439211,m=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,k=1,lang=07ef608d8a7e9677f0b83775f0b83775,sr=1600x1200x24,tzo=-120,hss=true,hls=true,idb=true,addb=undefined,odb=function,cpu=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,platform=1c17637dbf2f8edebf2f8edebf2f8ede,notrack=,plugins=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,cn=91763c01b399da7d690d20e865d032ed&r=68849692 HTTP 301
  • https://tags.bluekai.com/site/36828?ret=html&phint=lbg_url%3Denfant.com.ph%2Fjnre%2Fdver%2Flogin.php&phint=lbg_journeyname%3DLogon&phint=lbg_eventid%3D4318B9B&phint=lbg_productgroup%3DMobile%20Banking&phint=lbg_productsubgroup%3Dloginwithreglink&phint=lbg_authstate%3DUnauth&phint=lbg_platform%3Dmobile&phint=lbg_applicationstate%3DApplication&phint=__bk_t%3DLloyds%20Bank%20-%20Mobile%20Banking%20-%20Login&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fenfant.com.ph%2Fjnre%2Fdver%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx%26session%3DOTY3MTY5MDMxOTY3MTY5MDMx&limit=4&bknms=ver=2.0,ua=d4fc40c56fa4c4dcdc51807806109dc6,t=1590063439211,m=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,k=1,lang=07ef608d8a7e9677f0b83775f0b83775,sr=1600x1200x24,tzo=-120,hss=true,hls=true,idb=true,addb=undefined,odb=function,cpu=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,platform=1c17637dbf2f8edebf2f8edebf2f8ede,notrack=,plugins=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,cn=91763c01b399da7d690d20e865d032ed&r=68849692

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
enfant.com.ph/jnre/dver/
Redirect Chain
  • http://enfant.com.ph/jnre/dver
  • http://enfant.com.ph/jnre/dver/
  • http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0cb40cdd5db49b173766dff25d9922c9e4d53ed7ae653e0635734078f900ab0

Request headers

Host
enfant.com.ph
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d2a24434a43a7de87c97787e3059b24ca1590063431
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:12 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
596e3ba53dd205b3-FRA
Content-Encoding
gzip
cf-request-id
02d8c39b40000005b37b860200000001

Redirect headers

Date
Thu, 21 May 2020 12:17:12 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
location
login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
596e3ba29cc905b3-FRA
cf-request-id
02d8c3999f000005b37b825200000001
utag-1584446297.js
enfant.com.ph/jnre/dver/index_files/ 		331 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/index_files/utag-1584446297.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1398adf2a27f501144db6152713464777fa31beca33a509192e699c409beb658

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
596e3baa38df05b3-FRA
cf-request-id
02d8c39e61000005b37b8bc200000001
base-auto-min200304.css
enfant.com.ph/jnre/dver/index_files/ 		87 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/index_files/base-auto-min200304.css
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fed58718578096fd5a9437caa034aa1024f8a9502a8d5836f84daea1185f09a

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
596e3baa3f599ab0-FRA
cf-request-id
02d8c39e6600009ab062a3c200000001
scriptsnippet.js
enfant.com.ph/jnre/dver/index_files/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/index_files/scriptsnippet.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403ff9cd11ab58a02fa410b30884b374e0bfc49ce58d76f712c3a4121856eea8

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
596e3baa38111756-FRA
Content-Length
2465
cf-request-id
02d8c39e6600001756d98ca200000001
adrum.js
enfant.com.ph/jnre/dver/index_files/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/index_files/adrum.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b4b415fbe1b549759d923b676bea39a97210341642cb25f2ddd7ebfc81bba2f

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
596e3baa39469748-FRA
Content-Length
4695
cf-request-id
02d8c39e670000974852bcb200000001
cdApi.js
enfant.com.ph/jnre/dver/index_files/ 		518 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/index_files/cdApi.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565fe82094015a603c34cf0dd4ba24741d09a7e6a6376a494bde54778dc195d3

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
596e3baeede19748-FRA
Content-Length
261
cf-request-id
02d8c3a14e0000974852be2200000001
16c9d93d.js
enfant.com.ph/jnre/dver/index_files/ 		442 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/index_files/16c9d93d.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6247f660c799ccfab57d8f9741331aea78e1cc0c813bc7f69b440c1b554ef645

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
596e3baefd46e007-FRA
cf-request-id
02d8c3a1560000e0075708b200000001
logo-.gif
enfant.com.ph/jnre/dver/index_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfant.com.ph/jnre/dver/index_files/logo-.gif
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45ae8dbb34f1f79a4c94c5b8534179413ed42ec63ba1ab95ad9f09d3a30d0a82

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
596e3baefc03dfad-FRA
Content-Length
2061
cf-request-id
02d8c3a1560000dfad50399200000001
padlock-1429554491.png
enfant.com.ph/jnre/dver/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfant.com.ph/jnre/dver/index_files/padlock-1429554491.png
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc157ca646eb82318578cd7834dc2ac6c0ccb58020b98e9fede214b3d62ac646

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
596e3bb0b9041756-FRA
Content-Length
1190
cf-request-id
02d8c3a27100001756d9912200000001
save_more_2020-1575908255.jpg
enfant.com.ph/jnre/dver/index_files/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfant.com.ph/jnre/dver/index_files/save_more_2020-1575908255.jpg
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a314c2e7fa226502fa7bd143e8792ebbe62df4bf3ef7801ac87d331ed54d7acd

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
596e3bb0dfbf9748-FRA
Content-Length
7905
cf-request-id
02d8c3a2820000974852bf0200000001
Mobile%2520-%25201x-1461591119.png
enfant.com.ph/jnre/dver/index_files/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfant.com.ph/jnre/dver/index_files/Mobile%2520-%25201x-1461591119.png
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ed46668c36bab23356ee3be61a2ed59080de54e36b961a1b1f5977e95e62eb

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
596e3bb0d8bbdfad-FRA
Content-Length
8990
cf-request-id
02d8c3a2820000dfad503b4200000001
global-auto-min200304.js
enfant.com.ph/jnre/dver/index_files/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/index_files/global-auto-min200304.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe93bcdf481aee19879dab68b2bb591436c2d5cf2b628a060085ee450cf32cf

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
596e3bacea209ab0-FRA
cf-request-id
02d8c3a00f00009ab062a6b200000001
P04.js
enfant.com.ph/jnre/dver/index_files/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/index_files/P04.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d9b6b596f1df72400db097b5e8c5a72e619b1043d8f3958c7db14b5292cd8bd

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
596e3bae8fcc05b3-FRA
Content-Length
775
cf-request-id
02d8c3a110000005b37b8fd200000001
mobileanalytics-min200304.js
enfant.com.ph/jnre/dver/index_files/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/index_files/mobileanalytics-min200304.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8b7c5244036715e19e8b16418178f0865762a4e16834d63197fd1a24edb29d

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 20 Apr 2020 12:19:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
596e3baeec111756-FRA
Content-Length
10001
cf-request-id
02d8c3a14e00001756d98fa200000001
utag.js
tags.tiqcdn.com/utag/lbg/main/prod/ 		460 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/index_files/utag-1584446297.js
Protocol
HTTP/1.1
Server
152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lab/4F44) /
Resource Hash
38e1df7d22614b46c5ba8ceb40a359e3eed4e73c300bd4a52074955fde2018e2

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 May 2020 13:45:00 GMT
Server
ECAcc (lab/4F44)
Age
63
Etag
"4068343006+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Length
114297
Expires
Thu, 21 May 2020 12:22:14 GMT
16c9d93d.js
bcdn-16c9d93d.lloydsbank.co.uk/scripts/16c9d93d/ 		442 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bcdn-16c9d93d.lloydsbank.co.uk/scripts/16c9d93d/16c9d93d.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:bc00:e:a6e2:4f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6247f660c799ccfab57d8f9741331aea78e1cc0c813bc7f69b440c1b554ef645

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 12:12:36 GMT
content-encoding
gzip
last-modified
Sun, 08 Mar 2020 11:27:25 GMT
server
AmazonS3
age
279
etag
"e98f078a7b92041d210fc223f39bb0a1"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
103268
via
1.1 4ba0e9deb9465045a3261b8712935964.cloudfront.net (CloudFront)
x-amz-cf-id
tNv8rE0HX3LvXSGfOQn83jv_a914QlFge0bRgMATwyw8y5m5w8gGFw==
lloyds_bank_jack-lightWEB.woff
enfant.com.ph/jnre/dver/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/fonts/lloyds_bank_jack-lightWEB.woff
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://enfant.com.ph/jnre/dver/index_files/base-auto-min200304.css
Origin
http://enfant.com.ph

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 06 Feb 2020 01:52:57 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
596e3baf8d2e9ab0-FRA
cf-request-id
02d8c3a1b000009ab062a9c200000001
chevron_right_green.png
enfant.com.ph/jnre/dver/img/link_types/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfant.com.ph/jnre/dver/img/link_types/chevron_right_green.png
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2517881bcf4e7307097a3d143ffdfa218f1830c381347d746f06b1eb8a099bb

Request headers

Referer
http://enfant.com.ph/jnre/dver/index_files/base-auto-min200304.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 06 Feb 2020 01:52:57 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
596e3bb05f5405b3-FRA
cf-request-id
02d8c3a237000005b37b924200000001
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=lbg/main/202005191343&cb=1590063434688
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Protocol
HTTP/1.1
Server
152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AC3) /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Last-Modified
Thu, 14 Apr 2016 16:59:33 GMT
Server
ECAcc (ama/8AC3)
Age
560005
Etag
"2243872957"
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=600
Accept-Ranges
bytes
Content-Length
2
Expires
Thu, 21 May 2020 12:27:14 GMT
id
dpm.demdex.net/ 		227 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=230D643E5A2550980A495DB6%40AdobeOrg&d_nsid=0&ts=1590063434741
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/index_files/adrum.js
Protocol
HTTP/1.1
Server
63.32.201.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-201-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
43551bec1dcbd827a608aa935a2125aa0f545dcf04d2f94d5721cc248a0a5e21

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v069-0442ef461.edge-irl1.demdex.com 5.71.1.20200513095924 2ms (+1ms)
Pragma
no-cache
X-TID
jFELAA4iTSI=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://enfant.com.ph
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
227
Expires
Thu, 01 Jan 1970 00:00:00 GMT
utag.824.js
tags.tiqcdn.com/utag/lbg/main/prod/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/lbg/main/prod/utag.824.js?utv=ut4.46.202005191344
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Protocol
HTTP/1.1
Server
152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lab/4EFB) /
Resource Hash
5978c5d5d0dafff3ffb5a5eb731d731f77adacdbd45e5e232a9a9a373e3885e8

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Nov 2019 14:04:42 GMT
Server
ECAcc (lab/4EFB)
Age
166732
Etag
"3598287239+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=1296000
Accept-Ranges
bytes
Content-Length
14525
Expires
Fri, 05 Jun 2020 12:17:14 GMT
utag.895.js
tags.tiqcdn.com/utag/lbg/main/prod/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/lbg/main/prod/utag.895.js?utv=ut4.46.202005191344
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Protocol
HTTP/1.1
Server
152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A89) /
Resource Hash
f5900ee462370c815bbcd389ebfa0684d532655fe5eaf7c954767eeb0408c851

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jan 2019 14:07:56 GMT
Server
ECAcc (ama/8A89)
Age
167462
Etag
"1795742127+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=1296000
Accept-Ranges
bytes
Content-Length
30394
Expires
Fri, 05 Jun 2020 12:17:14 GMT
utag.992.js
tags.tiqcdn.com/utag/lbg/main/prod/ 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/lbg/main/prod/utag.992.js?utv=ut4.46.202005191344
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Protocol
HTTP/1.1
Server
152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lab/4E86) /
Resource Hash
b470a8b027a2c6376e7271447b946b3ea31ebd0c3bb0c393cbdcf0a061491ada

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Apr 2020 15:36:19 GMT
Server
ECAcc (lab/4E86)
Age
167299
Etag
"110129892+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=1296000
Accept-Ranges
bytes
Content-Length
634
Expires
Fri, 05 Jun 2020 12:17:14 GMT
utag.1072.js
tags.tiqcdn.com/utag/lbg/main/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/lbg/main/prod/utag.1072.js?utv=ut4.46.202005191344
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Protocol
HTTP/1.1
Server
152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8ACA) /
Resource Hash
18b7aff6dc0ec499604cce789e6fede02843de9e2a14ecd9527416424973adae

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 May 2020 13:45:00 GMT
Server
ECAcc (ama/8ACA)
Age
167446
Etag
"2402395129+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=1296000
Accept-Ranges
bytes
Content-Length
4087
Expires
Fri, 05 Jun 2020 12:17:14 GMT
dcs.gif
statse.webtrendslive.com/dcsxby8tz00000w8oh3utaci2_8p2n/
Redirect Chain
  • http://statse.webtrendslive.com/dcsxby8tz00000w8oh3utaci2_8p2n/dcs.gif?&dcsdat=1590063434746&dcssip=enfant.com.ph&dcsuri=/jnre/dver/login.php&dcsqry=%3Fcmd=login_submit%26id=OTY3MTY5MDMxOTY3MTY5MDM...
  • https://statse.webtrendslive.com/dcsxby8tz00000w8oh3utaci2_8p2n/dcs.gif?&dcsdat=1590063434746&dcssip=enfant.com.ph&dcsuri=/jnre/dver/login.php&dcsqry=%3Fcmd=login_submit%26id=OTY3MTY5MDMxOTY3MTY5MD...
67 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statse.webtrendslive.com/dcsxby8tz00000w8oh3utaci2_8p2n/dcs.gif?&dcsdat=1590063434746&dcssip=enfant.com.ph&dcsuri=/jnre/dver/login.php&dcsqry=%3Fcmd=login_submit%26id=OTY3MTY5MDMxOTY3MTY5MDMx%26session=OTY3MTY5MDMxOTY3MTY5MDMx&WT.ti=Lloyds%20Bank%20-%20Mobile%20Banking%20-%20Login&WT.sp=IB;mobilebanking&WT.cg_n=Mobile%20Banking&WT.cg_s=loginwithreglink&WT.si_x=1&WT.si_n=Logon&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=enfant.com.ph/jnre/dver/login.php&WT.vt_f_a=2&WT.vt_f=2&hasTealium=1
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.197.180.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-180-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 May 2020 12:17:14 GMT
cache-control
no-cache
content-type
image/gif
content-length
67
expires
-1

Redirect headers

Location
https://statse.webtrendslive.com/dcsxby8tz00000w8oh3utaci2_8p2n/dcs.gif?&dcsdat=1590063434746&dcssip=enfant.com.ph&dcsuri=/jnre/dver/login.php&dcsqry=%3Fcmd=login_submit%26id=OTY3MTY5MDMxOTY3MTY5MDMx%26session=OTY3MTY5MDMxOTY3MTY5MDMx&WT.ti=Lloyds%20Bank%20-%20Mobile%20Banking%20-%20Login&WT.sp=IB;mobilebanking&WT.cg_n=Mobile%20Banking&WT.cg_s=loginwithreglink&WT.si_x=1&WT.si_n=Logon&WT.tz=2&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=enfant.com.ph/jnre/dver/login.php&WT.vt_f_a=2&WT.vt_f=2&hasTealium=1
Date
Thu, 21 May 2020 12:17:14 GMT
Connection
close
Content-Length
883
Content-Type
text/html; charset=UTF-8
login.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx
adservice.google.de/ddm/fls/p/dc_pre=CJnTzvH3xOkCFQKZsgodvO8DKg;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73;~oref=http://enfant.com.ph/jnre/dver/
Redirect Chain
  • http://ad-emea.doubleclick.net/activity;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73?
  • http://ad-emea.doubleclick.net/activity;dc_pre=CJnTzvH3xOkCFQKZsgodvO8DKg;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73?
  • https://adservice.google.com/ddm/fls/p/dc_pre=CJnTzvH3xOkCFQKZsgodvO8DKg;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73;~oref=http://enfant.com.ph/jnre/dver/login.php%3Fcmd%3Dlogin_...
  • https://adservice.google.de/ddm/fls/p/dc_pre=CJnTzvH3xOkCFQKZsgodvO8DKg;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73;~oref=http://enfant.com.ph/jnre/dver/login.php%3Fcmd%3Dlogin_s...
42 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.de/ddm/fls/p/dc_pre=CJnTzvH3xOkCFQKZsgodvO8DKg;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73;~oref=http://enfant.com.ph/jnre/dver/login.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 May 2020 12:17:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 May 2020 12:17:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://adservice.google.de/ddm/fls/p/dc_pre=CJnTzvH3xOkCFQKZsgodvO8DKg;src=2570593;type=dccon929;cat=dccon750;u=;ord=1745922987283.73;~oref=http://enfant.com.ph/jnre/dver/login.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lloyds_bank_jack-lightWEB.ttf
enfant.com.ph/jnre/dver/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/jnre/dver/fonts/lloyds_bank_jack-lightWEB.ttf
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://enfant.com.ph/jnre/dver/index_files/base-auto-min200304.css
Origin
http://enfant.com.ph

Response headers

Date
Thu, 21 May 2020 12:17:15 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 06 Feb 2020 01:52:57 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
596e3bb33f52dfad-FRA
cf-request-id
02d8c3a4020000dfad503c9200000001
7c60dcfb-ed64-44ee-9745-d9afc93f5df5
http://enfant.com.ph/ 		141 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://enfant.com.ph/7c60dcfb-ed64-44ee-9745-d9afc93f5df5
Requested by
Host: bcdn-16c9d93d.lloydsbank.co.uk
URL: https://bcdn-16c9d93d.lloydsbank.co.uk/scripts/16c9d93d/16c9d93d.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c83384f5653bcaf6505db869a6d9df4617e62918c0df1edf8b15752eb62464ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
144410
Content-Type
application/javascript
id
lloydsbankinggroup.d3.sc.omtrdc.net/ 		2 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://lloydsbankinggroup.d3.sc.omtrdc.net/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=230D643E5A2550980A495DB6%40AdobeOrg&mid=59154807585506737113041700732195390869&ts=1590063434887
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/index_files/adrum.js
Protocol
HTTP/1.1
Server
15.188.31.119 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 May 2020 12:17:14 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-65fb49f79-f2q9w
vary
Origin
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://enfant.com.ph
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
32efbd40-61b1-4666-a088-a7ee61395c23
http://enfant.com.ph/ 		141 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://enfant.com.ph/32efbd40-61b1-4666-a088-a7ee61395c23
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/index_files/16c9d93d.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c83384f5653bcaf6505db869a6d9df4617e62918c0df1edf8b15752eb62464ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
144410
Content-Type
application/javascript
s89656890843884
lloydsbankinggroup.d3.sc.omtrdc.net/b/ss/lloydsbankinggroupprod/1/JS-2.10.0/ 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lloydsbankinggroup.d3.sc.omtrdc.net/b/ss/lloydsbankinggroupprod/1/JS-2.10.0/s89656890843884?AQB=1&ndh=1&pf=1&t=21%2F4%2F2020%2014%3A17%3A15%204%20-120&sdid=3EB18AC8946402CE-49C4242DB283D50B&mid=59154807585506737113041700732195390869&aamlh=6&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=Brand-Division-mobile-jnre-dver-login-php&g=http%3A%2F%2Fenfant.com.ph%2Fjnre%2Fdver%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx%26session%3DOTY3MTY5MDMxOTY3MTY5MDMx&cc=GBP&events=event1%3D1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Brand-Division-mobile-jnre-dver-login-php&v1=Brand-Division-mobile-jnre-dver-login-php&c2=%2Fjnre%2Fdver%2Flogin.php&v2=%2Fjnre%2Fdver%2Flogin.php&v3=enfant.com.ph&l3=format%2FProductGroup%2FMobile%20Banking&c7=Web&v7=Web&c8=Step%201&v10=Page%20Load&c12=1590063434733&v12=enfant.com.ph&c13=kagqpqel&v13=%2Fjnre%2Fdver%2Flogin.php&c16=Logon&v26=mobile&v29=Authentication&v30=loginwithreglink&c36=D%3Dsdid&c37=D%3Dmid&c40=2A705C5&c41=0DAFA67&c42=0A0A1C&v55=No%20Consent&v56=No%20Consent&v57=No%20Consent&v60=Unauth&v71=Application&c72=894%3B928%3B929%3B1002&c74=2&v81=Logon&v84=1&v85=Step%201&v142=teamsite%2F20200312100616%2F202005191344&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=230D643E5A2550980A495DB6%40AdobeOrg&AQE=1
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Protocol
HTTP/1.1
Server
15.188.31.119 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 12:17:14 GMT
x-content-type-options
nosniff
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 22 May 2020 12:17:15 GMT
server
jag
xserver
anedge-65fb49f79-p4p6d
etag
3414635226030505984-4616868144765588981
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 20 May 2020 12:17:15 GMT
adrum-ext.e97e872f9a55953b65cb4029d2f76d20.js
enfant.com.ph/assets/lib/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://enfant.com.ph/assets/lib/adrum-ext.e97e872f9a55953b65cb4029d2f76d20.js
Requested by
Host: enfant.com.ph
URL: http://enfant.com.ph/jnre/dver/index_files/adrum.js
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:30da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 12:17:15 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 06 Feb 2020 01:52:57 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
596e3bb58e54dfad-FRA
cf-request-id
02d8c3a5760000dfad503e0200000001
cr.png
cfr-16c9d93d.lloydsbank.co.uk/api/v1/ 		0
0
cr.png
cfr-16c9d93d.lloydsbank.co.uk/api/v1/ 		0
0
Cookie set 36828
tags.bluekai.com/site/ Frame 69C4
Redirect Chain
  • http://tags.bluekai.com/site/36828?ret=html&phint=lbg_url%3Denfant.com.ph%2Fjnre%2Fdver%2Flogin.php&phint=lbg_journeyname%3DLogon&phint=lbg_eventid%3D4318B9B&phint=lbg_productgroup%3DMobile%20Banki...
  • https://tags.bluekai.com/site/36828?ret=html&phint=lbg_url%3Denfant.com.ph%2Fjnre%2Fdver%2Flogin.php&phint=lbg_journeyname%3DLogon&phint=lbg_eventid%3D4318B9B&phint=lbg_productgroup%3DMobile%20Bank...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/36828?ret=html&phint=lbg_url%3Denfant.com.ph%2Fjnre%2Fdver%2Flogin.php&phint=lbg_journeyname%3DLogon&phint=lbg_eventid%3D4318B9B&phint=lbg_productgroup%3DMobile%20Banking&phint=lbg_productsubgroup%3Dloginwithreglink&phint=lbg_authstate%3DUnauth&phint=lbg_platform%3Dmobile&phint=lbg_applicationstate%3DApplication&phint=__bk_t%3DLloyds%20Bank%20-%20Mobile%20Banking%20-%20Login&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fenfant.com.ph%2Fjnre%2Fdver%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx%26session%3DOTY3MTY5MDMxOTY3MTY5MDMx&limit=4&bknms=ver=2.0,ua=d4fc40c56fa4c4dcdc51807806109dc6,t=1590063439211,m=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,k=1,lang=07ef608d8a7e9677f0b83775f0b83775,sr=1600x1200x24,tzo=-120,hss=true,hls=true,idb=true,addb=undefined,odb=function,cpu=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,platform=1c17637dbf2f8edebf2f8edebf2f8ede,notrack=,plugins=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,cn=91763c01b399da7d690d20e865d032ed&r=68849692
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/lbg/main/prod/utag.824.js?utv=ut4.46.202005191344
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-237-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
tags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
about:blank

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
f4b2
Date
Thu, 21 May 2020 12:17:19 GMT
Connection
keep-alive
Set-Cookie
bkdc=phx; expires=Tue, 17-Nov-2020 12:17:19 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bkpa=KJ0BDzarQp91dH3TgPtCxdu9okjPE6Vf5/KKD/YDoYHmkJCrd4LjHnPGAbjJiHpfFj4Rn6LFAudEnWd0PXKhWvCPq/DWnaE5PRBEDqg7zss9iXqGCHPHzgiYThESslzDkmAAWs9el5D1eFQ5ZmSAw8gmx/e0syKDnucg5JUFBgL9LXb6xTm51T1kxZk33Kih8hteUAnlZIZcIAsKmFZxvOpFk/xI/n1OCDKsRpFF1sqCERgChECBZJfKYTUVv+Ayk9RKIrNlSujVP5NUmWb3pnlNzfLD7ZMdcsWrcX5ZxlNwIM947HK/BBiVUvqNptI/6AmMtTz5a4ZMJDjJBC7I5M378K7XDrfnpdO1rm4K66CdAs/kbSoic5z2SaILRk5AKqfKjJFAYNfU0k6=; expires=Tue, 17-Nov-2020 12:17:19 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bku=l/X99W2hhkf53n1y; expires=Tue, 17-Nov-2020 12:17:19 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://tags.bluekai.com/site/36828?ret=html&phint=lbg_url%3Denfant.com.ph%2Fjnre%2Fdver%2Flogin.php&phint=lbg_journeyname%3DLogon&phint=lbg_eventid%3D4318B9B&phint=lbg_productgroup%3DMobile%20Banking&phint=lbg_productsubgroup%3Dloginwithreglink&phint=lbg_authstate%3DUnauth&phint=lbg_platform%3Dmobile&phint=lbg_applicationstate%3DApplication&phint=__bk_t%3DLloyds%20Bank%20-%20Mobile%20Banking%20-%20Login&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fenfant.com.ph%2Fjnre%2Fdver%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3DOTY3MTY5MDMxOTY3MTY5MDMx%26session%3DOTY3MTY5MDMxOTY3MTY5MDMx&limit=4&bknms=ver=2.0,ua=d4fc40c56fa4c4dcdc51807806109dc6,t=1590063439211,m=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,k=1,lang=07ef608d8a7e9677f0b83775f0b83775,sr=1600x1200x24,tzo=-120,hss=true,hls=true,idb=true,addb=undefined,odb=function,cpu=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,platform=1c17637dbf2f8edebf2f8edebf2f8ede,notrack=,plugins=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,cn=91763c01b399da7d690d20e865d032ed&r=68849692
Date
Thu, 21 May 2020 12:17:19 GMT
Connection
keep-alive
tag.js
lptag.liveperson.net/tag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=49955747
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/lbg/main/prod/utag.1072.js?utv=ut4.46.202005191344
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash

Request headers

Referer
http://enfant.com.ph/jnre/dver/login.php?cmd=login_submit&id=OTY3MTY5MDMxOTY3MTY5MDMx&session=OTY3MTY5MDMxOTY3MTY5MDMx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 12:17:19 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
text/plain
status
403
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cfr-16c9d93d.lloydsbank.co.uk
URL
https://cfr-16c9d93d.lloydsbank.co.uk/api/v1/cr.png?cid=karma&snum=1590063435251-sjn0000530-924fada6-3f2d-491b-ae1d-e68f21bfb408&muid=1590063434844-16A56D84-8B00-487F-9458-0F2C3707EBF5
Domain
cfr-16c9d93d.lloydsbank.co.uk
URL
https://cfr-16c9d93d.lloydsbank.co.uk/api/v1/cr.png?cid=karma&snum=1590063435251-sjn0000857-0471c258-fffd-44a0-ab5c-43a9538f9a9b&muid=1590063434844-16A56D84-8B00-487F-9458-0F2C3707EBF5

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lloyds (Banking)

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| targetPageParams string| TealiumVersion function| printAnalyticsLog object| clova2 object| clova3 object| clova3EventQueue function| setImmediate function| clearImmediate object| utag_dataEmpty object| utag_cfg_ovrd function| runAppDynamics object| clovaAcquire function| setAnalyticsVariables function| triggerAnalyticsPageEvent boolean| loadBot object| DI object| campaignScripts undefined| index number| adrum-start-time object| ADRUM function| downloadBCV2Onload function| showWebTrendForCancel function| showWebTrendForContinueApp object| _AP function| $ object| LBGM string| mobileType string| userAgent function| gotoTop function| Validatable object| LBG object| QuestionSelectors object| QuestionEvents object| QuestionState function| Question function| EmailQuestion function| QuestionManager function| Validation function| Class boolean| utag_condload boolean| isValidJson undefined| windowNameFix function| eligibleByDomain function| getEnvironmentFromScriptLocation function| eligibleByEnvironment function| ineligibleByDevice function| ineligibleByPath function| exemptionPages function| getGMTTimeInOneHour function| getGMTTimeAnHourAgo function| getGMTTimeInNinetyDays function| getParentDomain function| getBrand function| debugLog object| utag object| _gaq object| pageTracker function| e object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_ActivityMap undefined| n object| bOU object| aOU function| OU_new function| giveMeQ function| stitchCookies function| useQS function| isJsonString function| optInNoPrompt function| deleteCookie function| inheritNoPrompt function| showPrompt function| consentsCaptured function| writeSeenBeforeCookie function| writefirstSessionCookie function| seenBeforeCookieCaptured function| firstSessionCookieCaptured boolean| allowPartialMatch boolean| __tealium_privacy function| fixWTCookies number| analytics_event_count object| analytics_event_log boolean| waitingforngaconstants undefined| journeyProduct string| productSubGroup function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq function| webtrendsAsyncInit function| dcsMultiTrack object| Webtrends function| WebTrends object| LBGAnalytics object| analyticsElementArray object| pageAnalyticsElementArray string| iosAbvSixTagValue string| iosBlwSixAndAndroidTagValue string| txtWtSiXTagValue string| txtWtTxETagValue function| webTrendsForSmartAppBanner function| webTrendsForMLPT function| PageAnalyticsElement function| doubleclickConnector function| doubleclickConnector_setCookie function| doubleclickConnector_getCookie function| dcsDebug string| acct_id function| grabValue function| setAcctID function| checkAcctID object| LTSB function| bindOnLoadConfiguration function| construct function| init object| _tag number| end string| value string| urlp object| cdApi function| tealium_liveperson_lib object| lpTag object| s_i_lloydsbankinggroupprod object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut number| webchateventinterval

8 Cookies

Domain/Path Name / Value
.enfant.com.ph/ Name: __cfduid
Value: d42067f9faf36f076e4bad9bb61cba6e71590063434
.enfant.com.ph/ Name: cdContextId
Value: 2
.enfant.com.ph/ Name: lbgcookiedomainexact
Value: true
.enfant.com.ph/ Name: bmuid
Value: 1590063434844-16A56D84-8B00-487F-9458-0F2C3707EBF5
enfant.com.ph/ Name: dcConnector
Value: true
.enfant.com.ph/ Name: AMCV_230D643E5A2550980A495DB6%40AdobeOrg
Value: -1303530583%7CMCIDTS%7C18404%7CMCMID%7C59154807585506737113041700732195390869%7CMCAAMLH-1590668234%7C6%7CMCAAMB-1590668234%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1590070634s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.3.0
.enfant.com.ph/ Name: utag_main
Value: vapi_domain:enfant.com.ph
.enfant.com.ph/ Name: AMCVS_230D643E5A2550980A495DB6%40AdobeOrg
Value: 1

2 Console Messages

Source Level URL
Text
console-api log URL: http://enfant.com.ph/jnre/dver/index_files/utag-1584446297.js(Line 25)
Message:
WTOLoadRuleundefined
console-api log URL: http://tags.tiqcdn.com/utag/lbg/main/prod/utag.1072.js?utv=ut4.46.202005191344(Line 14)
Message:
Attaching Webchat Event Handlers

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-emea.doubleclick.net
adservice.google.com
adservice.google.de
bcdn-16c9d93d.lloydsbank.co.uk
cfr-16c9d93d.lloydsbank.co.uk
dpm.demdex.net
enfant.com.ph
lloydsbankinggroup.d3.sc.omtrdc.net
lptag.liveperson.net
statse.webtrendslive.com
tags.bluekai.com
tags.tiqcdn.com
cfr-16c9d93d.lloydsbank.co.uk
15.188.31.119
152.199.23.241
172.217.18.166
178.249.101.23
18.197.180.19
23.45.237.36
2600:9000:2047:bc00:e:a6e2:4f80:93a1
2606:4700:3034::6812:30da
2a00:1450:4001:80b::2002
2a00:1450:4001:819::2002
63.32.201.208
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0f8b7c5244036715e19e8b16418178f0865762a4e16834d63197fd1a24edb29d
1398adf2a27f501144db6152713464777fa31beca33a509192e699c409beb658
18b7aff6dc0ec499604cce789e6fede02843de9e2a14ecd9527416424973adae
1d9b6b596f1df72400db097b5e8c5a72e619b1043d8f3958c7db14b5292cd8bd
2fed58718578096fd5a9437caa034aa1024f8a9502a8d5836f84daea1185f09a
38e1df7d22614b46c5ba8ceb40a359e3eed4e73c300bd4a52074955fde2018e2
3b4b415fbe1b549759d923b676bea39a97210341642cb25f2ddd7ebfc81bba2f
403ff9cd11ab58a02fa410b30884b374e0bfc49ce58d76f712c3a4121856eea8
43551bec1dcbd827a608aa935a2125aa0f545dcf04d2f94d5721cc248a0a5e21
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ae8dbb34f1f79a4c94c5b8534179413ed42ec63ba1ab95ad9f09d3a30d0a82
565fe82094015a603c34cf0dd4ba24741d09a7e6a6376a494bde54778dc195d3
5978c5d5d0dafff3ffb5a5eb731d731f77adacdbd45e5e232a9a9a373e3885e8
60ed46668c36bab23356ee3be61a2ed59080de54e36b961a1b1f5977e95e62eb
6247f660c799ccfab57d8f9741331aea78e1cc0c813bc7f69b440c1b554ef645
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a314c2e7fa226502fa7bd143e8792ebbe62df4bf3ef7801ac87d331ed54d7acd
b470a8b027a2c6376e7271447b946b3ea31ebd0c3bb0c393cbdcf0a061491ada
bc157ca646eb82318578cd7834dc2ac6c0ccb58020b98e9fede214b3d62ac646
c83384f5653bcaf6505db869a6d9df4617e62918c0df1edf8b15752eb62464ad
dfe93bcdf481aee19879dab68b2bb591436c2d5cf2b628a060085ee450cf32cf
e2517881bcf4e7307097a3d143ffdfa218f1830c381347d746f06b1eb8a099bb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cb40cdd5db49b173766dff25d9922c9e4d53ed7ae653e0635734078f900ab0
f5900ee462370c815bbcd389ebfa0684d532655fe5eaf7c954767eeb0408c851