hkshacorp.com
Open in
urlscan Pro
198.12.92.242
Malicious Activity!
Public Scan
URL:
https://hkshacorp.com/dash/
Submission: On August 30 via manual from NL — Scanned from NL
Submission: On August 30 via manual from NL — Scanned from NL
Summary
This website contacted 9 IPs
in 3 countries
across 7 domains to perform 85 HTTP transactions.
The main IP is 198.12.92.242, located in
Buffalo, United States and
belongs to AS-COLOCROSSING, US.
The main domain is hkshacorp.com.
TLS certificate: Issued by R11 on August 28th 2024. Valid for: 3 months.
This is the only time hkshacorp.com was scanned on urlscan.io!
TLS certificate: Issued by R11 on August 28th 2024. Valid for: 3 months.
This is the only time hkshacorp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: HSBC (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 31 | 198.12.92.242 198.12.92.242 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
| 5 | 2600:9000:20a... 2600:9000:20ae:4200:7:2bfb:7c00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 23.45.104.216 23.45.104.216 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 29 | 172.67.15.14 172.67.15.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 7 | 94.229.164.132 94.229.164.132 | 61323 (UKFAST) (UKFAST) | |
| 1 | 3.160.150.128 3.160.150.128 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 54.68.11.182 54.68.11.182 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2a04:4e42:600... 2a04:4e42:600::485 | 54113 (FASTLY) (FASTLY) | |
| 85 | 9 |
31
198.12.92.242
(Buffalo, United States)
ASN36352 (AS-COLOCROSSING, US)
PTR: usm1.bestdns247.org
ASN36352 (AS-COLOCROSSING, US)
PTR: usm1.bestdns247.org
| hkshacorp.com |
2
23.45.104.216
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-104-216.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-104-216.deploy.static.akamaitechnologies.com
| akamai.tiqcdn.com |
7
94.229.164.132
(United Kingdom)
ASN61323 (UKFAST, GB)
PTR: 94.229.164.132.srvlist.ukfast.net
ASN61323 (UKFAST, GB)
PTR: 94.229.164.132.srvlist.ukfast.net
| www.askus.hsbc.co.uk |
1
3.160.150.128
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-128.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-128.fra60.r.cloudfront.net
| cdn.appdynamics.com |
1
54.68.11.182
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-11-182.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-11-182.us-west-2.compute.amazonaws.com
| col.eum-appdynamics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 31 |
hkshacorp.com
hkshacorp.com |
1 MB |
| 29 |
tawk.to
embed.tawk.to — Cisco Umbrella Rank: 12323 va.tawk.to — Cisco Umbrella Rank: 12027 |
280 KB |
| 7 |
hsbc.co.uk
www.askus.hsbc.co.uk — Cisco Umbrella Rank: 574928 |
175 KB |
| 7 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1751 akamai.tiqcdn.com — Cisco Umbrella Rank: 27980 |
154 KB |
| 2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410 |
42 KB |
| 1 |
eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 4609 |
795 B |
| 1 |
appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 6959 |
15 KB |
| 85 | 7 |
| Domain | Requested by | |
|---|---|---|
| 31 | hkshacorp.com |
hkshacorp.com
|
| 24 | embed.tawk.to |
hkshacorp.com
embed.tawk.to |
| 7 | www.askus.hsbc.co.uk |
hkshacorp.com
www.askus.hsbc.co.uk |
| 5 | va.tawk.to |
embed.tawk.to
|
| 5 | tags.tiqcdn.com |
hkshacorp.com
|
| 2 | cdn.jsdelivr.net |
embed.tawk.to
|
| 2 | akamai.tiqcdn.com |
hkshacorp.com
|
| 1 | col.eum-appdynamics.com |
hkshacorp.com
|
| 1 | cdn.appdynamics.com |
hkshacorp.com
|
| 85 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| www.hsbc.co.uk |
| www.about.hsbc.co.uk |
| www.hsbc.com |
| www.business.hsbc.uk |
| www.psr.org.uk |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| hkshacorp.com R11 |
2024-08-28 - 2024-11-26 |
3 months | crt.sh |
| tags.tiqcdn.com Amazon RSA 2048 M02 |
2024-03-19 - 2025-04-17 |
a year | crt.sh |
| *.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-16 - 2024-11-16 |
a year | crt.sh |
| tawk.to WE1 |
2024-07-24 - 2024-10-22 |
3 months | crt.sh |
| www.askus.hsbc.co.uk DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-11 - 2024-10-11 |
a year | crt.sh |
| *.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-06-20 - 2025-07-21 |
a year | crt.sh |
| *.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-06-13 - 2025-07-14 |
a year | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3 |
2024-07-30 - 2025-08-31 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://hkshacorp.com/dash/
Frame ID: FFCBC9092D67E794663A3DBEA601317F
Requests: 74 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/66cbd978a7b/css/bubble-widget.css
Frame ID: A567D4D59D063FAC09DF146920515BA5
Requests: 3 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/66cbd978a7b/css/min-widget.css
Frame ID: E26E7A68C73903BAB8529FE1299D6462
Requests: 1 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/66cbd978a7b/css/message-preview.css
Frame ID: 071EF562E5A451DF349D5D02A261FD91
Requests: 4 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/66cbd978a7b/css/max-widget.css
Frame ID: 3A2DD318AA0E7428F3850D4149873893
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
HSBC UK - Personal & Online BankingDetected technologies
Tawk.to
(Live Chat)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //embed\.tawk\.to
AppDynamics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adrum
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
URL: https://www.microsoft.com/en-gb/download/internet-explorer.aspx
Title: Our website doesn't support your browser so please upgrade
Title: Our website doesn't support your browser so please upgrade
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/wealth/planning/
Title: Improve your knowledge
Title: Improve your knowledge
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/investments/financial-action-plan
Title: Your financial action plan
Title: Your financial action plan
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/wealth/insights/
Title: Wealth Insights
Title: Wealth Insights
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/investments/existing-customers/
Title: Manage your investments
Title: Manage your investments
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/investments/existing-customers/global-investment-centre/
Title: How to buy and sell funds
Title: How to buy and sell funds
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/investments/existing-customers/invest-direct/
Title: How to buy and sell shares
Title: How to buy and sell shares
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/investments/products/onshore-investment-bond/
Title: Onshore Investment Bond
Title: Onshore Investment Bond
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/investments/products/child-trust-fund/
Title: Child Trust Fund
Title: Child Trust Fund
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/help/money-worries/
Title: Money worries
Title: Money worries
Search URL Search Domain Scan URL
URL: http://www.about.hsbc.co.uk/
Title: Careers, media, investor and corporate information
Title: Careers, media, investor and corporate information
Search URL Search Domain Scan URL
URL: https://www.hsbc.com/who-we-are/esg-and-responsible-business/modern-slavery-act
Title: Stopping modern slavery
Title: Stopping modern slavery
Search URL Search Domain Scan URL
URL: http://www.business.hsbc.uk/corporate
Title: Corporate
Title: Corporate
Search URL Search Domain Scan URL
URL: http://www.psr.org.uk/app-fraud-data
Title: www.psr.org.uk/app-fraud-data
Title: www.psr.org.uk/app-fraud-data
Search URL Search Domain Scan URL
URL: http://www.hsbc.com/
Title: HSBC Group
Title: HSBC Group
Search URL Search Domain Scan URL
URL: https://www.hsbc.co.uk/cookie-notice/
Title: Cookie notice
Title: Cookie notice
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://hkshacorp.com/configuration/modals/leaving-hsbc-for-adobe-live-sign-forms.modal/ HTTP 301
- https://hkshacorp.com/configuration/modals/leaving-hsbc-for-adobe-live-sign-forms.modal
- https://hkshacorp.com/configuration/modals/you-are-leaving-hsbc.modal/ HTTP 301
- https://hkshacorp.com/configuration/modals/you-are-leaving-hsbc.modal
- https://hkshacorp.com/configuration/modals/you-are-leaving-hsbc-make-claim.modal/ HTTP 301
- https://hkshacorp.com/configuration/modals/you-are-leaving-hsbc-make-claim.modal
- https://hkshacorp.com/configuration/modals/you-are-leaving-hsbc-wwf.modal/ HTTP 301
- https://hkshacorp.com/configuration/modals/you-are-leaving-hsbc-wwf.modal
- https://hkshacorp.com/configuration/modals/leaving-hsbc-to-zen.modal/ HTTP 301
- https://hkshacorp.com/configuration/modals/leaving-hsbc-to-zen.modal
85 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
hkshacorp.com/dash/ |
150 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlib-default.min.0777349df03cc3a12553e2fe73131aa6.css
hkshacorp.com/dash/css/ |
932 KB 96 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
hkshacorp.com/dash/js/ |
431 KB 81 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.sync.js
hkshacorp.com/dash/js/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
appd.min.28729b81913621076cb1004898cb22c7.js
hkshacorp.com/dash/js/ |
35 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hsbc-uk.svg
hkshacorp.com/dash/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
24214-hero-mass-adult-baby-desk-home-930x400.jpg
hkshacorp.com/dash/images/ |
248 KB 249 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cq5dam.web.590.1000_1.jpeg
hkshacorp.com/dash/images/ |
54 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cq5dam.web.590.1000.jpeg
hkshacorp.com/dash/images/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cq5dam.web.590.1000_2.jpeg
hkshacorp.com/dash/images/ |
70 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cq5dam.web.590.1000_3.jpeg
hkshacorp.com/dash/images/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cq5dam.web.590.1000_4.jpeg
hkshacorp.com/dash/images/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
14723-cycle2-jul24-hsbc-chart1-550x350.jpg
hkshacorp.com/dash/images/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
14723-cycle2-jul24-hsbc-chart2-550x350.jpg
hkshacorp.com/dash/images/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
14723-cycle2-jul24-hsbc-chart3-550x350.jpg
hkshacorp.com/dash/images/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
14723-cycle2-jul24-hsbc-chart4-550x350.jpg
hkshacorp.com/dash/images/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
14941-fscs-logo-square-1280x720.jpg
hkshacorp.com/dash/images/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlib-all.min.a1f5888860c8dc3012826596b70b6890.js
hkshacorp.com/dash/js/ |
956 KB 209 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
va.js
hkshacorp.com/dash/js/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/ |
431 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hsbc-uk.svg
hkshacorp.com/dash/images/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
facebook.svg
hkshacorp.com/dash/images/ |
950 B 550 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twitter.svg
hkshacorp.com/dash/images/ |
1 KB 723 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
youtube.svg
hkshacorp.com/dash/images/ |
1 KB 603 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
UniversNextforHSBCW02-Rg.woff
hkshacorp.com/dash/fonts/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
UniversNextforHSBCW02-Bd.woff
hkshacorp.com/dash/fonts/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HSBCIcon-Font-Extension.woff
hkshacorp.com/dash/fonts/ |
37 KB 38 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
UniversNextforHSBCW02-Lt.woff
hkshacorp.com/dash/fonts/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
UniversNextforHSBCW02-Th.woff
hkshacorp.com/dash/fonts/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
UniversNextforHSBCW02-LtIt.woff
hkshacorp.com/dash/fonts/ |
24 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
location.js
akamai.tiqcdn.com/location/ |
18 B 561 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
location.js
akamai.tiqcdn.com/location/ |
18 B 0 |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HSBCIcon-Font.woff
hkshacorp.com/dash/fonts/ |
22 KB 22 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
leaving-hsbc-for-adobe-live-sign-forms.modal
hkshacorp.com/configuration/modals/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
you-are-leaving-hsbc.modal
hkshacorp.com/configuration/modals/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
you-are-leaving-hsbc-make-claim.modal
hkshacorp.com/configuration/modals/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
you-are-leaving-hsbc-wwf.modal
hkshacorp.com/configuration/modals/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
leaving-hsbc-to-zen.modal
hkshacorp.com/configuration/modals/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
auth-status-hint
hkshacorp.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
authorize.auth.json
hkshacorp.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1i6f6agkb
embed.tawk.to/66d07c39ea492f34bc0b6786/ |
2 KB 971 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.3520.js
tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/ |
43 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.3605.js
tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.3731.js
tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.3842.js
tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/ |
205 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
va.js
www.askus.hsbc.co.uk/counter-service/embedp2/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.11.3.min.js
www.askus.hsbc.co.uk/counter-service/embedp2/js/vendor/jquery/ |
94 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-main.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
121 B 342 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-vendor.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
81 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
212 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-common.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
223 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-runtime.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-app.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
151 B 366 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
cdn.appdynamics.com/ |
45 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
favicon.ico
hkshacorp.com/dash/ |
15 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.xdomainrequest.min.js
www.askus.hsbc.co.uk/counter-service/embedp2/js/vendor/plugins/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
widget-settings
va.tawk.to/v1/ |
3 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.hoverflow.min.js
www.askus.hsbc.co.uk/counter-service/embedp2/js/vendor/plugins/ |
999 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
start
va.tawk.to/v1/session/ |
1020 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H3 |
start
va.tawk.to/v1/session/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.js
www.askus.hsbc.co.uk/counter-service/embedp2/js/ |
16 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
www.askus.hsbc.co.uk/counter-service/embedp2/css/ |
49 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
normalize.css
www.askus.hsbc.co.uk/counter-service/embedp2/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
en.js
embed.tawk.to/_s/v4/app/66cbd978a7b/languages/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-bf24a88e.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-71978bb6.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-f1565420.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-7c2f6ba4.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-48f3b594.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
906 B 662 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
535 B 574 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-24d8db78.js
embed.tawk.to/_s/v4/app/66cbd978a7b/js/ |
117 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bubble-widget.css
embed.tawk.to/_s/v4/app/66cbd978a7b/css/ Frame A567 |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAF-XXU/ |
0 795 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
min-widget.css
embed.tawk.to/_s/v4/app/66cbd978a7b/css/ Frame E26E |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
message-preview.css
embed.tawk.to/_s/v4/app/66cbd978a7b/css/ Frame 071E |
41 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
max-widget.css
embed.tawk.to/_s/v4/app/66cbd978a7b/css/ Frame 3A2D |
78 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame A567 |
22 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ |
295 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame A567 |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
v3
va.tawk.to/log-performance/ |
5 B 280 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H3 |
v3
va.tawk.to/log-performance/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
default-profile.svg
embed.tawk.to/_s/v4/assets/images/ Frame 071E |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1f44b.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 071E |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 071E |
10 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- hkshacorp.com
- URL
- https://hkshacorp.com/configuration/modals/leaving-hsbc-for-adobe-live-sign-forms.modal
- Domain
- hkshacorp.com
- URL
- https://hkshacorp.com/configuration/modals/you-are-leaving-hsbc.modal
- Domain
- hkshacorp.com
- URL
- https://hkshacorp.com/configuration/modals/you-are-leaving-hsbc-make-claim.modal
- Domain
- hkshacorp.com
- URL
- https://hkshacorp.com/configuration/modals/you-are-leaving-hsbc-wwf.modal
- Domain
- hkshacorp.com
- URL
- https://hkshacorp.com/configuration/modals/leaving-hsbc-to-zen.modal
- Domain
- hkshacorp.com
- URL
- https://hkshacorp.com/auth-status-hint?_=1725002428487
- Domain
- hkshacorp.com
- URL
- https://hkshacorp.com/authorize.auth.json?q&_=1725002428488
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: HSBC (Banking)114 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| TMS number| maskTimeout object| cssRuleManager function| removeMask function| getCookie number| pollInterval number| totalTime function| startPoll function| stopPoll function| checkCookieSet function| runOptimizely object| HSBC object| DCSext function| dcsGetHSBCCookie function| dcsVar function| dcsMultiTrack function| dcsMapHSBC function| dcsMeta function| dcsFunc function| dcsTag object| optimizely object| utag_data string| adrum-app-key number| adrum-start-time object| ADRUM object| modalsConfiguration object| utag_err number| domainTest string| domain object| scripts string| utagScriptsSrc string| tealiumProfile string| tealiumProfileString string| cookieNameReconsent string| utag_lh object| jwt object| params object| elem boolean| loggedInScript string| targetElementsSelector object| targetElements boolean| isTargetElementPresent string| versionNode number| version object| utag object| tealiumProfileSegments function| getCookieReconsent function| utag_condloader function| getCookieReconsentName function| checkCookiePage function| _tealium_old_error object| utag_cfg_ovrd object| Evnt string| mn object| pixel_lib object| utag_extn function| isFunction function| typeStr function| escapeRegExp function| hasProperty function| primitiveHasOwnProperty function| testRegExp function| isWhitespace function| escapeHtml function| parseTemplate function| squashTokens function| nestTokens function| Scanner function| Context function| Writer object| mustache object| defaultWriter function| RadioButton function| RadioGroup function| jQuery function| moment object| Bootstrap object| browserUtils object| GPWS object| HSBC_utils object| Mustache object| cpiUtils object| Tawk_API object| Tawk_LoadStart function| cvjq string| CV_RESOURCE_ADDRESS number| va_srv boolean| vainline object| vaparam function| setAttributes function| loadVAScript function| printVAConversation string| cv_fileversion object| anchors boolean| gdpr_ccm_open object| $consentPrompt boolean| pushIdentities function| tealium_liveperson_lib object| lpTag string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| VAAC object| jQuery111309355746373520015 object| emojione7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .hkshacorp.com/ | Name: servicingTrafficManagement2 Value: SegmentNewJourney |
|
| .hkshacorp.com/ | Name: servicingTrafficManagement3 Value: SegmentNewJourney |
|
| .hkshacorp.com/ | Name: dclid Value: undefined |
|
| .hkshacorp.com/ | Name: utag_main Value: v_id:0191a2282d7b001322128a95fd1f05065001b05d00b08$_sn:1$_se:2$_ss:0$_st:1725004228255$ses_id:1725002427777%3Bexp-session$_pn:2%3Bexp-session$sskey:undefined%3Bexp-1727594427894 |
|
| hkshacorp.com/ | Name: twk_idm_key Value: EWp5FHBXpC47YZsxtj72I |
|
| hkshacorp.com/ | Name: TawkConnectionTime Value: 0 |
|
| .hkshacorp.com/ | Name: twk_uuid_66d07c39ea492f34bc0b6786 Value: %7B%22uuid%22%3A%221.1vXEhqaYWtZ37jqzBIUBYunjPUZtau2v04Aucd38nNg4y4xaNrezhPb2gJrawwgiD1LNAw2kQReClbAbDzZn4WBah46tFbKTt7DhAnUWq1TZx1f8nNR9FJj%22%2C%22version%22%3A3%2C%22domain%22%3A%22hkshacorp.com%22%2C%22ts%22%3A1725002430216%7D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
akamai.tiqcdn.com
cdn.appdynamics.com
cdn.jsdelivr.net
col.eum-appdynamics.com
embed.tawk.to
hkshacorp.com
tags.tiqcdn.com
va.tawk.to
www.askus.hsbc.co.uk
hkshacorp.com
172.67.15.14
198.12.92.242
23.45.104.216
2600:9000:20ae:4200:7:2bfb:7c00:93a1
2a04:4e42:600::485
3.160.150.128
54.68.11.182
94.229.164.132
06382e7a6d652d0aae30f51ec17405358877cc903bc63766e25786fa270f7b53
0ad4aa230146f2a63d5774cfe32450991f9ce56b89c8c7cdb8f510a40f520a0d
0e103f60b6c8b197d6ce386577bd97769414ded510da6f338624c4142ca52884
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
2197a82dc7935d27e8d9a7b258a90427f5d7123e946a68cbab5a8e6585c9f1af
233c4b5d6167c56c27ff02f27553c0bceb4a3298e538c6c31ff90abaed40bf45
2af455cb168a2d2d7ef3534a140e481d4161bb01a340cf72d95ac6a758ea3dc9
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
312d84f60b2aa8e11e42352721f7724083a936af4f8323ada7dd1a42f92f3dc7
328ac7df42ebac1503232561f91aa1205a691ba0a7ee36bb0fdc9bd92f977765
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
42136cbd91f2a29bb206b47286b6a83a4e5b74cd1a7e25cb943b8b23944f2e08
473ea83c21e5e700de61ebe34c214a762ba7d91a89efa4cc765b1683f08847e5
4c5071025a3f6db323aaa2267b3c71da8777bffc9f2ab58176052296ee9ebdcb
4d0abfba4322983df5aa4a6f24eac4cb4289bed8739f7ea55e61c20bbf6d7cda
4d6563fc3df7474434e8dad720e202d153319f46e410a755e6a12ad5433a3f7f
4f35d29b9fd0f2a700e7e51c8d80813f39f2cbe04da2de93cf808695adeae31c
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
54bed0f25737097eb803ba544efd276fe8cfae912c64f6eb36117a13b2852695
570942092c0e1e6ed53b6e5295e3bfbdc3fa809423ce60e398bb4878bac70a25
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df
589c637bb7a658de26723d9dfedcb3a517d9b34d696c9335028986acec6f4b0b
6792c4c37672b1a8d6c2842f403c70c85f3b66f3ebaa434b816b5cd25203113b
6a74e4deb1779d184febfd8928a08419349330126c8c2ef38e17a969b4b045a2
6d0901d6e3121f2c016241900927f7cc66fa64310af3b2daab4619dfbaf96532
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
73c59f7c45c30d83f54886e757e5a13df934a667aa0ce6f120ba3f5190566449
76e6fcb163f76c23e3595acdb5c37457b8529ae4612bdfd266a9ef3d83550586
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60
7dd3d6a49494ae56a6679cf41f5953e4f6d68970fbae6646ef72169cdab54920
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
8573f3af3cecdb775b6c3bdd8fa527c130bd0319829db52fec5def8557e26025
871bb7d86e282ae5a277504f51b981aa1164807228acbb345ceb534b4e0b4a6c
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9a7a1fa9c84e2b9ce118226eda0bfd1c946a5fabe20a3c730e1fe7a36567fbbf
9a97294a4166e17566a402b0256a0bc4b578aef0f5ddb9790c04fad6e158cc22
9adc9cc3b1e33892bcdb9321a249ecfc6a2ba39e4cdda127cb3d97f982f7e4b6
9c614243614ce27ded198280e78ddefc16caeb7b61bcbbe04d3aac11be4036d0
a1015e42fd314e87a0d1244e014ba7686deacb45623ba003ed09901a45b00928
a2a06b4aee9e13f45d9361626e5a810a95144ebb85747d46f8721dd94f545c69
b41e2177cc2e155b7dd67eebd42d89f4896b6f7def38835dcd8057a375f932a3
b73caafe07e92a96b5b2c822556d843550d04d1b0ec4086e26219e7ea527402f
b9b048a94a13087fea28ca2dfe0ac3125b59bee2ce84829943918114045c707d
bfd6f123cb201d9c89f4663ccb3ad1bc1c1e4e80a2dc67e5c2edcde015eff914
c3df343f67f3f20631925c2cfb2a10ffcc0600a839c994edb6cd1b1fa6d2cebf
c736d15fc8104340a0fcbdad3dea714abc1a358ec4e108952c223a24460006e3
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
d30ef5a13391aefdea0738a1e15d88c19e986f865409f9457e5c7d8468e15817
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
d84e890fa93c018d8b78e3bff3f6252036aa7ead6e48b292c0b92b1cb5127371
d99afd5389c0313ffc07ae8bb24624c04937e64fd755ca2325bd673d0942009e
ded24298d71973d351aa7e914d58fda421b53300fead667eb690d081c4a564dd
e3087f4e32bff9ad75e0dcbbf1bac48ab84a8db6f8c7c517ba4b3ff1afbf70f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e480fe9246b81f3a617613ec90601437577affd09b055197d6b015990a14df8e
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
e5e73c42abadc10662addf17088138583b4640adec45a8ed0a8af4f72020e02b
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef71eb00865c9cd5069be5203aecf93f22df8c5c31310ba5a42ab82fb09d4122
f0686ed8c21a065ce3e26cde14ff7822969106ebf9e98ee1d4570fcfa6a55775
f3c3f100e8e3648ef98aaa63903a6faed07cb8de02d2ef9416bd0390557f5ec4
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f964e41c7d4871205662cc7cfee8b24342d009ee548b60816545848f1852f5fd
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84