davivienda.enlineaoperaciones.cc.apexcosmetics.cc
Open in
urlscan Pro
131.153.18.108
Malicious Activity!
Public Scan
URL:
https://davivienda.enlineaoperaciones.cc.apexcosmetics.cc/
Submission: On October 13 via api from JP — Scanned from NL
Submission: On October 13 via api from JP — Scanned from NL
Summary
This website contacted 12 IPs
in 4 countries
across 11 domains to perform 71 HTTP transactions.
The main IP is 131.153.18.108, located in
Amsterdam, Netherlands and
belongs to SECUREDSERVERS-EU, US.
The main domain is davivienda.enlineaoperaciones.cc.apexcosmetics.cc.
TLS certificate: Issued by R3 on October 10th 2022. Valid for: 3 months.
This is the only time davivienda.enlineaoperaciones.cc.apexcosmetics.cc was scanned on urlscan.io!
TLS certificate: Issued by R3 on October 10th 2022. Valid for: 3 months.
This is the only time davivienda.enlineaoperaciones.cc.apexcosmetics.cc was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Davivienda (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 47 | 131.153.18.108 131.153.18.108 | 60558 (SECUREDSE...) (SECUREDSERVERS-EU) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 3.216.147.123 3.216.147.123 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 184.24.6.87 184.24.6.87 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 1 | 96.16.149.96 96.16.149.96 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 2 | 104.76.200.221 104.76.200.221 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 2 | 2a00:1450:400... 2a00:1450:400c:c08::9c | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 2 2 | 142.0.165.150 142.0.165.150 | 7160 (NETDYNAMICS) (NETDYNAMICS) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82a::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 6 | 18.66.97.55 18.66.97.55 | 16509 (AMAZON-02) (AMAZON-02) | |
| 71 | 12 |
47
131.153.18.108
(Amsterdam, Netherlands)
ASN60558 (SECUREDSERVERS-EU, US)
ASN60558 (SECUREDSERVERS-EU, US)
| davivienda.enlineaoperaciones.cc.apexcosmetics.cc |
3
2a00:1450:4001:827::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
3.216.147.123
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-147-123.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-147-123.compute-1.amazonaws.com
| idata.easysol.net |
2
2a00:1450:4001:82a::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
184.24.6.87
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-6-87.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-6-87.deploy.static.akamaitechnologies.com
| tags.bkrtx.com |
1
96.16.149.96
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-149-96.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-149-96.deploy.static.akamaitechnologies.com
| img03.en25.com |
2
104.76.200.221
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
| stags.bluekai.com | |
| tags.bluekai.com |
6
18.66.97.55
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-55.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-55.fra56.r.cloudfront.net
| dsbdownload.easysol.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 47 |
apexcosmetics.cc
davivienda.enlineaoperaciones.cc.apexcosmetics.cc |
568 KB |
| 8 |
easysol.net
idata.easysol.net — Cisco Umbrella Rank: 193442 dsbdownload.easysol.net |
232 KB |
| 3 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5017 www.google.com — Cisco Umbrella Rank: 2 |
878 B |
| 3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61 |
181 KB |
| 2 |
eloqua.com
2 redirects
s1585023691.t.eloqua.com — Cisco Umbrella Rank: 220602 |
2 KB |
| 2 |
google.de
www.google.de — Cisco Umbrella Rank: 6045 |
608 B |
| 2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
520 B |
| 2 |
bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504 tags.bluekai.com — Cisco Umbrella Rank: 539 |
1 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32 |
20 KB |
| 1 |
en25.com
img03.en25.com — Cisco Umbrella Rank: 16081 |
3 KB |
| 1 |
bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 3499 |
16 KB |
| 71 | 11 |
| Domain | Requested by | |
|---|---|---|
| 47 | davivienda.enlineaoperaciones.cc.apexcosmetics.cc |
davivienda.enlineaoperaciones.cc.apexcosmetics.cc
|
| 6 | dsbdownload.easysol.net |
idata.easysol.net
|
| 3 | www.googletagmanager.com |
davivienda.enlineaoperaciones.cc.apexcosmetics.cc
www.googletagmanager.com |
| 2 | s1585023691.t.eloqua.com | 2 redirects |
| 2 | www.google.de | |
| 2 | region1.analytics.google.com |
www.googletagmanager.com
|
| 2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
|
| 2 | idata.easysol.net |
davivienda.enlineaoperaciones.cc.apexcosmetics.cc
|
| 1 | www.google.com | |
| 1 | tags.bluekai.com | |
| 1 | stags.bluekai.com |
tags.bkrtx.com
|
| 1 | img03.en25.com |
davivienda.enlineaoperaciones.cc.apexcosmetics.cc
|
| 1 | tags.bkrtx.com |
www.googletagmanager.com
|
| 71 | 14 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| davivienda.enlineaoperaciones.cc.apexcosmetics.cc R3 |
2022-10-10 - 2023-01-08 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| *.easysol.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-17 - 2023-09-10 |
a year | crt.sh |
| *.bkrtx.com DigiCert SHA2 Secure Server CA |
2022-02-07 - 2023-02-06 |
a year | crt.sh |
| *.en25.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-17 - 2023-07-18 |
a year | crt.sh |
| odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA |
2022-02-26 - 2023-03-01 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://davivienda.enlineaoperaciones.cc.apexcosmetics.cc/
Frame ID: 56BD65DFDCE391BEEE503A05569908C6
Requests: 70 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/42488?ret=html&phint=day_of_week%3D4&phint=month_of_year%3DOctober&phint=utm_source%3Dundefined&phint=utm_medium%3Dundefined&phint=utm_campaign%3Dundefined&phint=utm_content%3Dundefined&phint=utm_term%3Dundefined&phint=__bk_t%3DInicio&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fdavivienda.enlineaoperaciones.cc.apexcosmetics.cc%2F&phint=__bk_v%3D3.1.10&limit=1&r=6033322
Frame ID: F33E33293F203932E5549B44E7ADB926
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
InicioCORTE POP UP DAVIVIENDA DSBDetected technologies
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
URL: https://daviplata.com/
Title: Conocer DaviPlata
Title: Conocer DaviPlata
Search URL Search Domain Scan URL
URL: https://www.teclacasitaroja.com/
Title: Conozca aquà cómo funciona
Title: Conozca aquà cómo funciona
Search URL Search Domain Scan URL
URL: http://www.beneficiosdavivienda.com/demos-digitales/
Title: Quiero conocer más
Title: Quiero conocer más
Search URL Search Domain Scan URL
URL: http://davivienda.custhelp.com/app/home
Title: Preguntas Frecuentes
Title: Preguntas Frecuentes
Search URL Search Domain Scan URL
URL: http://davivienda.custhelp.com/app/chat/chat_launch
Title: Chat
Title: Chat
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.todo1.davivienda.mobileapp
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/co/app/davivienda-movil/id909149607?l=en&mt=8
Search URL Search Domain Scan URL
URL: https://seguridad.davivienda.com/
Title: Conozca más aquÃ
Title: Conozca más aquÃ
Search URL Search Domain Scan URL
URL: https://comunicaciones.davivienda.com/Feria_vivienda
Title: Conozca aquà cómo funciona
Title: Conozca aquà cómo funciona
Search URL Search Domain Scan URL
URL: https://www.grupobolivar.com.co/buzonvirtual/faces/login.jspx?_afrLoop=284733356685949&_afrWindowMode=0&_adf.ctrl-state=nbphu5xk3_9
Title: Buzón Virtual
Title: Buzón Virtual
Search URL Search Domain Scan URL
URL: http://www.portafoliofamiliadavivienda.com/
Title: Portafolio Familia
Title: Portafolio Familia
Search URL Search Domain Scan URL
URL: http://www.catalogodavipuntos.com/
Title: Catálogo Davipuntos
Title: Catálogo Davipuntos
Search URL Search Domain Scan URL
URL: https://www.mundodinersclub.com/
Title: Mundo Diners Club
Title: Mundo Diners Club
Search URL Search Domain Scan URL
URL: https://www.facebook.com/BancoDavivienda
Search URL Search Domain Scan URL
URL: http://www.youtube.com/user/bancodavivienda
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 59- https://s1585023691.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1585023691&ref2=elqNone&tzo=0&ms=530&optin=disabled HTTP 302
- https://s1585023691.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1585023691&ref2=elqNone&tzo=0&ms=530&optin=disabled&elqCookie=1 HTTP 302
- https://tags.bluekai.com/site/41240?vid=199c553348e9443bb29a6a2f302a2bad
71 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/ |
87 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.fullPage.css
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
normalize.css
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
skeleton.min.css
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/css/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
estilos.min.css
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/css/ |
115 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
responsive_menu.css
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/css/ |
2 KB 705 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.11.1.min.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
232 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
easyXDM.min.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
openIframe.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
2 KB 592 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads.min.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
21 B 74 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
loadingScreenIcon.gif
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ico-indicador.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
410 B 452 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
atencion-en-linea.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/Documents/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
iconos.css
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/wps/wcm/connect/WCM_INTERNET_PERSONAS/Inicio/Banners/css/ |
2 KB 735 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
logo_punto_daviplata.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/wps/wcm/connect/0bac2c15-14e8-496a-9262-87756ab03fcb/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bvc.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/Documents/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sgs.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/Documents/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fogafin.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/Documents/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
facebook.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/Documents/ |
237 B 257 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
youtube.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/Documents/ |
254 B 274 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ico-arriba-footer.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
526 B 569 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
vigilado.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/logos/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
PopUpSeguridadPersonasV2.jpg
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/wps/wcm/connect/eb38a16c-c8b9-414f-9f11-2ae9e0223495/ |
69 KB 69 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.fullPage.min.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.slimscroll.min.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.bpopup.min.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jssor.slider.mini.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
41 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.browser.min.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
3 KB 945 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
hashchange.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
1 KB 787 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
funciones.min.js
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/js/ |
22 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
logo-davivienda.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/logos/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
personas.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
449 B 492 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
empresas.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
297 B 340 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bullet.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
253 B 296 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
login.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
415 B 435 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
btn_aqui_puedo_Inactivo.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HelveticaNeueLTStdCn.woff2
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/css/fonts/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HelveticaNeueLTStdBdCn.woff2
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/css/fonts/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ico-boton.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
392 B 435 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ico-blanco-arriba.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/iconos/ |
430 B 450 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
logo-davivienda-footer.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/img/logos/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HelveticaNeueLTStdThCn.woff2
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/css/fonts/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HelveticaNeueLTStdMdCn.woff2
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/PersonasDaviviendaNewTheme/resources/css/fonts/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ico-menu.png
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/wps/wcm/connect/d2857064-8646-476b-8361-26f38dac2231/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Banner-Davivienda-v2-1500x779-Px.jpg
davivienda.enlineaoperaciones.cc.apexcosmetics.cc/wps/wcm/connect/1d6f7814-8422-44d5-a68f-3a83049e48c6/ |
233 KB 233 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
151 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
idata.easysol.net/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bk-coretag.js
tags.bkrtx.com/js/ |
51 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
210 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gtm.js
www.googletagmanager.com/ |
151 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
elqCfg.min.js
img03.en25.com/i/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
42488
stags.bluekai.com/site/ Frame F33E |
71 B 711 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 464 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 360 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
41240
tags.bluekai.com/site/ Redirect Chain
|
62 B 463 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analitycs.js
idata.easysol.net/f0877531cc4887ce07f57f41e66bf620/256/ |
32 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
dsbdownload.easysol.net/downloads/splashScreen/f0877531cc4887ce07f57f41e66bf620/ebank/personas/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BANNER-LOGO.png
dsbdownload.easysol.net/downloads/splashScreen/f0877531cc4887ce07f57f41e66bf620/ebank/personas/images/ |
55 KB 55 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CONTENIDO.png
dsbdownload.easysol.net/downloads/splashScreen/f0877531cc4887ce07f57f41e66bf620/ebank/personas/images/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BOTON.png
dsbdownload.easysol.net/downloads/splashScreen/f0877531cc4887ce07f57f41e66bf620/ebank/personas/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BANNER-FOTO.png
dsbdownload.easysol.net/downloads/splashScreen/f0877531cc4887ce07f57f41e66bf620/ebank/personas/images/ |
93 KB 94 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CLOSE_BUTTON.png
dsbdownload.easysol.net/downloads/splashScreen/f0877531cc4887ce07f57f41e66bf620/ebank/personas/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
region1.analytics.google.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Davivienda (Banking)97 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| DP_jQuery_1665677107117 object| html5 object| Modernizr object| easyXDM object| ModalBoxAut function| openIframe boolean| canRunAds string| divAdserverId boolean| getGpt boolean| isMobile function| iframeHeight function| mostrarBtnCerrarFooter function| gtmFn function| adserverFn function| splashFn object| googletag function| abrirNotificacionCaida string| COOKIE function| existeCookie function| setCookie function| getCookie function| get_browser_info boolean| notificacion function| abrirNotificacion function| sendGAMyMenu function| abrirPopUpSeguridad function| abrirPopUp object| $JssorEasing$ object| $JssorSlideshowFormations$ function| $JssorSlideshowRunner$ function| $JssorSlider$ function| $JssorSlideo$ function| $JssorBulletNavigator$ function| $JssorArrowNavigator$ function| $JssorThumbnailNavigator$ function| $JssorCaptionSlider$ object| jQBrowser function| fnValidacion function| openLoadingScreen function| construirContactenosPer function| construirContactenosEmp function| construirSolicitarProducto function| abrirModal function| abrirSolicitarProducto function| abrirSolicitarProductoSinBPopUp function| redirigirMenuEmp object| ModalBox object| General object| Pages boolean| verifica boolean| contactenosPer boolean| contactenosEmp boolean| solProducto object| Modal function| controlarInfoAdicional object| jQuery111108222247187694665 function| orderFunction object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| dataLayer string| GoogleAnalyticsObject function| ga object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| _elqQ object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| _elq object| _dsb object| data function| isFontAvailable11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .davivienda.enlineaoperaciones.cc.apexcosmetics.cc/ | Name: _ga Value: GA1.5.226975048.1665677107 |
|
| .davivienda.enlineaoperaciones.cc.apexcosmetics.cc/ | Name: _gid Value: GA1.5.1490614025.1665677107 |
|
| .davivienda.enlineaoperaciones.cc.apexcosmetics.cc/ | Name: _dc_gtm_UA-34938732-1 Value: 1 |
|
| .apexcosmetics.cc/ | Name: _ga_955ZS6ZPLE Value: GS1.1.1665677107.1.0.1665677107.60.0.0 |
|
| .apexcosmetics.cc/ | Name: _ga Value: GA1.1.226975048.1665677107 |
|
| .bluekai.com/ | Name: bkdc Value: phx |
|
| .bluekai.com/ | Name: bku Value: IvD99e1lusmLV9Tb |
|
| davivienda.enlineaoperaciones.cc.apexcosmetics.cc/ | Name: dsblic Value: 1665677108079 |
|
| .eloqua.com/ | Name: ELOQUA Value: GUID=199C553348E9443BB29A6A2F302A2BAD |
|
| .eloqua.com/ | Name: ELQSTATUS Value: OK |
|
| .eloqua.com/ | Name: BKUT Value: 1665677109 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
davivienda.enlineaoperaciones.cc.apexcosmetics.cc
dsbdownload.easysol.net
idata.easysol.net
img03.en25.com
region1.analytics.google.com
s1585023691.t.eloqua.com
stags.bluekai.com
stats.g.doubleclick.net
tags.bkrtx.com
tags.bluekai.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.76.200.221
131.153.18.108
142.0.165.150
18.66.97.55
184.24.6.87
2001:4860:4802:32::36
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:400c:c08::9c
3.216.147.123
96.16.149.96
055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b
067874fa86720a67e26592d4ba422420a177195f0248faf5c715055addd0c44a
077aae3de951ef8777d2a2b2f9f661c4db5622da4e684968916dfb49555cf36a
07f3a08e12d71aa441f8adf03525aaa0a5f68dd08b45650a05b1769add39732c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
146ada54b92dd24787b04cfc9c1b9d25601c87ab37d698e0c6cf958346668585
15c89565373e37fc767406e0b14356b04061f5f6be57eb1c7719a69b6d7e4599
1bce03e05ad8ff15956965919eee7de2f4794e794ad2554f29ad37be75983411
1f1680f1ef774b8ba4b1e73a5f7c8c2cdd276dc3480d83b53612d729d8834eed
21e69da95b06eb530f722d185f590cee26a8fa3c408004b920092056651742e4
2777180a0af90c53b24671d6e29150a64e03b92205ae6feb2ea4c1a8dc028c26
3332d6a2a2a991f3c307985bbff992eab8eeafec810100e5fb21dda146aec88e
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
34734c83864a12b5c376cdfe460d428881a467b2d983278d49a7d4b89a1df164
3509ee3e0d29e32a44081da7663ef9f4e24ab14b489a4450b5518b5575d84f23
371fc6b4fae58d0dd372516ab2ca41b9d156470fd07c377f44283d2158a41b8f
51578c04df55d1b7aa462bffe896e75dd40b6c2e4b8850e0f1f46d5f7398e8c7
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53f0e2f6d92cacffca04fb525bba120205f6d060231c289a7ceee252102517e4
555dc0f2d5090df1bb7c3be6599163e152f026e517dd22bbde981f0cfba78d5a
639c2acc34e59d0342e13dcaf06887485ae454c37774aea31d7540eef701a138
6596c9aaaf7ce0dde93c1627ea62f954fb6a93b3f5e3f3fe12cbe93570688b24
67550e05f94037dadbc105e54b9f29fc3d3a06eb83f6445fa9fb16fe4ace9271
679a33033ed81d45dd8f5a011bc5eeba18e550b8eb864f57583a60dabaeea710
68d011ee69428b9d245c7a21d321c7d8f1291002475ca119aceb295267944046
69f68c3f2b4f2c12a03e97042734fb41a65d4ef01d2a53f75e54ca02b685f725
6a1e602c052059c633097167ab4f3e93c755a8376ac3b80e5fced434307cace9
6b6e24ea6570373f8e14de6a136bd2117ebf3681620734ff7def83bce8934ab0
7cae84fa2e6803d98d67236f23db0e8fa507d06dde15200f5656d5e61937df65
7ce8101d441c54ff1240162a0d39561d6668fd03e10f7fd1e6b8b7b4a6faaef4
827a3d1976419f8e340bf0a717f7be7e045b72b0e05156a611c3e96c57a2928b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857f0fa685d1c83a87639d92414bd8c1718f0fea922da1d8260444c6f689446c
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
88d213bec9dfe332434c99c53b68feacd1ed21a246f2807f92c8c687946ab681
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9a064f3c12237ffaf1b58c8feb01831c14230df555bb33e9c3bede638549c97f
9b2034d67e4f078651d1bc58b3825c7bab3774f32099baa914ffbbde99db3d48
9bcf0ef46b4eaa94bc5cbb872ab2d1894dd2cb87336155ce91df23cb0839111d
a90748af4f7975bd00154536d9b62cf24c4e4a6727da8e8ee26a9aa411b66c29
aae8242bffca83469e59b7050cf5426e2869cfae01ee6de65dd2a56ed8d3cc56
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ad5a6c099ca74e5ad62368e2e5211b6cc662fa634a7cb39d618cffc900c9a7a8
ad769e5f41e831e8433c7aea6d18aec35ea5ec06855963c654b8f01a1e159130
ae65f851b51e964a273e73c09071cc542dfdf6348106932d9af0dff0764427c4
af2b3096c1e928fd9817834df785a8e719fce0db0f18cb9503fb2203825097ea
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba7482c60670d6dd0524299ac1e89150a1fa3e4e09b19b6eaafaf1ce14779a4e
bb9dc753f478e61fd61f1ac573ca792e42688a2483339c2df1c371fafd2c4f37
bc1e34e4342c134714e2eb45d65add695ce42343a45cb8032b6dee638e54b91b
c9f105a80981cd07a44a3759bd012173a99782855a7552a649312aeb1090800e
ca48a5c9091c7e1d395a301cf786b27ed5707a8a943d89c405b82336fca0273c
cb871b324c8313af3cec4a3aef57093bde216176cde4420e8a5458bfdccfb639
cf7e5ff97cda795bdf33a540102254f6cd67dbceef63ee58c793c2e169f1bc54
daa34374ce40a336fa23a2ee3612bc05f525b6ee5296f2b1bd4d27e53fd67e78
defd0d87ad4e5e9d90bd76e5efa945e8af0ebd1fe207f4707ac79229585d67ea
e106b8adf12f335ce72d292e26acb6c691b1bc66d6bff3d484f68c21a80efa6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f52861a1753786f8bc4e1c9e75f789bce5d158062e1e0afaa88190dd429101
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ec1996cbe6b93712d9bf4b035d0a3e5eecf97875fc5ee21cc49d41ff0552bd
f420376ad92606fc2995a4ea4ef52183b05c5f7de5353adb80c0e16d0b3a3f34
f7cae542a28560e3d152af1cf2838a5c9405c61a1880e091ef83a80e432a4154
fa0355018d78f27842a749c671ffa538e79019d88ab046cbaa4980887b11f31e
fb565b08b77733eb3af7174ecc1386afc4cf5b22d5301025825598621dddf546
fbe8ef344efb7478e8f583c73fa9b590098f6364a292a291a1970058395cb0ad