urlscan.io logo urlscan.io
SecurityTrails logo

progenerationenergy.com Open in urlscan Pro
68.65.122.246  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Submission: On January 07 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 5 domains to perform 35 HTTP transactions. The main IP is 68.65.122.246, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is progenerationenergy.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on January 4th 2019. Valid for: a year.
This is the only time progenerationenergy.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

IP Address AS Autonomous System
1 68.65.122.246 22612 (NAMECHEAP...)
13 193.127.210.129 2134 (GSVNET-AS...)
5 2.18.232.23 16625 (AKAMAI-AS)
2 54.228.207.117 16509 (AMAZON-02)
1 54.195.251.195 16509 (AMAZON-02)
1 79.125.113.207 16509 (AMAZON-02)
1 54.217.208.47 16509 (AMAZON-02)
1 46.51.173.176 16509 (AMAZON-02)
1 3 52.49.41.66 16509 (AMAZON-02)
1 54.217.211.214 16509 (AMAZON-02)
2 185.34.188.187 15224 (OMNITURE)
35 12
1    68.65.122.246 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server137-2.web-hosting.com
progenerationenergy.com
13    193.127.210.129 (Milton Keynes, United Kingdom)

ASN2134 (GSVNET-AS GS Virtual Network Produban, ES)
retail.santander.co.uk
5    2.18.232.23 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
assets.adobedtm.com
2    54.228.207.117 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-207-117.eu-west-1.compute.amazonaws.com
events.santander.co.uk
1    54.195.251.195 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-195-251-195.eu-west-1.compute.amazonaws.com
analytics.santander.co.uk
1    79.125.113.207 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-79-125-113-207.eu-west-1.compute.amazonaws.com
assets.santander.co.uk
1    54.217.208.47 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-217-208-47.eu-west-1.compute.amazonaws.com
fc1.retail.santander.co.uk
1    46.51.173.176 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-173-176.eu-west-1.compute.amazonaws.com
press.retail.santander.co.uk
3    52.49.41.66 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-41-66.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.217.211.214 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-217-211-214.eu-west-1.compute.amazonaws.com
mc3.retail.santander.co.uk
2    185.34.188.187 (Netherlands)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: santander.co.uk.ssl.d3.sc.omtrdc.net
smetrics.santander.co.uk
Domain Requested by
13 retail.santander.co.uk progenerationenergy.com
5 assets.adobedtm.com progenerationenergy.com
assets.adobedtm.com
3 dpm.demdex.net 1 redirects progenerationenergy.com
2 smetrics.santander.co.uk assets.adobedtm.com
progenerationenergy.com
2 events.santander.co.uk retail.santander.co.uk
1 mc3.retail.santander.co.uk progenerationenergy.com
1 press.retail.santander.co.uk progenerationenergy.com
1 fc1.retail.santander.co.uk progenerationenergy.com
1 assets.santander.co.uk retail.santander.co.uk
1 analytics.santander.co.uk retail.santander.co.uk
1 progenerationenergy.com
0 resources.mtb.com Failed progenerationenergy.com
35 12

This site contains links to these domains. Also see Links.

Domain
www.santander.co.uk
Subject Issuer Validity Valid
progenerationenergy.com
COMODO RSA Domain Validation Secure Server CA		 2019-01-04 -
2020-01-04		 a year crt.sh
retail.santander.co.uk
Entrust Certification Authority - L1M		 2018-03-20 -
2019-04-04		 a year crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2018-04-06 -
2019-04-11		 a year crt.sh
events.santander.co.uk
Entrust Certification Authority - L1K		 2018-08-08 -
2019-05-10		 9 months crt.sh
analytics.santander.co.uk
Entrust Certification Authority - L1K		 2018-08-08 -
2019-05-10		 9 months crt.sh
assets.santander.co.uk
Entrust Certification Authority - L1K		 2018-08-08 -
2019-05-10		 9 months crt.sh
fc1.retail.santander.co.uk
Entrust Certification Authority - L1K		 2018-09-05 -
2019-10-23		 a year crt.sh
press.retail.santander.co.uk
Entrust Certification Authority - L1K		 2018-09-05 -
2019-10-23		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
mc3.retail.santander.co.uk
Entrust Certification Authority - L1K		 2018-08-16 -
2019-09-02		 a year crt.sh
smetrics.santander.co.uk
DigiCert SHA2 High Assurance Server CA		 2018-10-21 -
2020-01-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://progenerationenergy.com/.well-known/0104/questions.htm
Frame ID: C8573F48C8E2DA5D281C62258989FEBE
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

35
Requests

86 %
HTTPS

0 %
IPv6

5
Domains

12
Subdomains

12
IPs

5
Countries

336 kB
Transfer

978 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://dpm.demdex.net/id?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9C3940D7546235980A4C98A2%40AdobeOrg&d_nsid=0&ts=1546874892870 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9C3940D7546235980A4C98A2%40AdobeOrg&d_nsid=0&ts=1546874892870

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request questions.htm
progenerationenergy.com/.well-known/0104/ 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.65.122.246 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
server137-2.web-hosting.com
Software
Apache /
Resource Hash
6ba4e053613a5ea7c0acdc885e9b9d77417f897f7ee08e3faea4ee12ddead81d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
progenerationenergy.com
:scheme
https
:path
/.well-known/0104/questions.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 07 Jan 2019 15:28:12 GMT
server
Apache
last-modified
Mon, 07 Jan 2019 06:20:51 GMT
accept-language
bytes
vary
Accept-Encoding
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-length
3793
content-type
text/html
santander.css
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/ 		125 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/santander.css
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
5a9e7f44e131f01c65def713103f03484a15b14197ae65aaed19ad02585645f5

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
20334
Expires
Mon, 07 Jan 2019 16:28:12 GMT
jquery-1.11.1.min.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/jquery-1.11.1.min.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
33169
Expires
Mon, 07 Jan 2019 16:28:12 GMT
jquery-ui-1.10.4.custom.min.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/jquery-ui-1.10.4.custom.min.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
3badf0fb46bb456236adfeaac33dbd962b32af48bbcd1eb401e71442f48ca8c9

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
23720
Expires
Mon, 07 Jan 2019 16:28:12 GMT
validator.min.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/validator.min.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
64b8a29aa514e6e38855321f283db18a29e58a18e84f8ae76a4afdb1bbab4c7e

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
1904
Expires
Mon, 07 Jan 2019 16:28:12 GMT
behaviour2.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/behaviour2.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
6b8a10db8d7954901296d17ee180b655defd253f37a173ea0986a14ce86a7d10

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
13869
Expires
Mon, 07 Jan 2019 16:28:12 GMT
calendarConfig.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/calendarConfig.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
5992556029c3ce7016181948f9da80cdfcbadf4dd0852204f72c9bc2cca57264

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
695
Expires
Mon, 07 Jan 2019 16:28:12 GMT
strings.en.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ 		499 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/strings.en.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
e34c5fd4310b41b430716aee70dae0f04fff064e19372e966c1b962afea7c6e2

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
311
Expires
Mon, 07 Jan 2019 16:28:12 GMT
calendar2.2.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/calendar2.2.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
52d4647cb8a5a8fbbe614399c647213caa3ffe4c0d6abba9680bef5522a3c998

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
3542
Expires
Mon, 07 Jan 2019 16:28:12 GMT
iframekiller.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ 		91 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/iframekiller.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
8a3a0f86de552f128835d402261fe57e7fd1a37e0790c84e49e167a676ab96c0

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
102
Expires
Mon, 07 Jan 2019 16:28:12 GMT
logon.js
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/ 		79 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/logon.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
b9cfaf1f69a9844329ac55360cdf3eea146ce1179547aa22131a7695597feecf

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
8918
Expires
Mon, 07 Jan 2019 16:28:12 GMT
satelliteLib-f614afad3dd348a170a03c92881f3682b50a87e8.js
assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/satelliteLib-f614afad3dd348a170a03c92881f3682b50a87e8.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14bfa8f6486a63f41a493645b6dc50d5684c0adbe7f490adb78df69ee69408ea

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Nov 2018 10:15:20 GMT
Server
Apache
ETag
"b1d856e40f97293208a4dbdfd5f5f9b7:1543400120"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Content-Length
39080
Expires
Mon, 07 Jan 2019 16:28:12 GMT
img_trans.gif
resources.mtb.com/images/ 		0
0
print.css
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/ 		197 B
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/print.css
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
c826d7e33f60f141a3dca602aed70f7d1b49f306954549d1f82ee02884cbccf6

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
163
Expires
Mon, 07 Jan 2019 16:28:12 GMT
sanns.js
events.santander.co.uk/96366421/ 		71 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.santander.co.uk/96366421/sanns.js?_a=s&_t=&_r=/.well-known/0104/questions.htm&_n=0.14672067293141855
Requested by
Host: retail.santander.co.uk
URL: https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/behaviour2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.207.117 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-228-207-117.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
ef8866b74047f9c315b5c6b9de7f48cb8de574312ed32dae2deb4ba6aaaac942

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
Origin
https://progenerationenergy.com

Response headers

Pragma
no-cache
Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Server
haile
transfer-encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
https://progenerationenergy.com
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
ukfs.js
analytics.santander.co.uk/96366421/ 		39 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.santander.co.uk/96366421/ukfs.js?_a=s&_t=&_r=/.well-known/0104/questions.htm&_n=0.9569923770904705
Requested by
Host: retail.santander.co.uk
URL: https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/behaviour2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.251.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-195-251-195.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
cdce6eacc0180541e177d1767d3391f4ca0a2f55374b0736579f66601a63700b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
Origin
https://progenerationenergy.com

Response headers

Pragma
no-cache
Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Server
haile
transfer-encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
https://progenerationenergy.com
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
iN3X.js
assets.santander.co.uk/query/1/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.santander.co.uk/query/1/iN3X.js
Requested by
Host: retail.santander.co.uk
URL: https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/behaviour2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.113.207 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-79-125-113-207.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
1c99efdd3de82995172cd902bfe1ed4a556009c4bc1e2c64d1e0940f3f623f56

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Server
haile
transfer-encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Expires
0
xee.js
events.santander.co.uk/96366421/ 		37 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.santander.co.uk/96366421/xee.js?_a=s&_t=&_r=/.well-known/0104/questions.htm&_n=0.59491959644721
Requested by
Host: retail.santander.co.uk
URL: https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Scripts/fl/behaviour2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.207.117 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-228-207-117.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
1428c6ed14b9b68177385101f034e80d2c5a0402447944e7fb545e2f2a7d11d1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
Origin
https://progenerationenergy.com

Response headers

Pragma
no-cache
Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Server
haile
transfer-encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
https://progenerationenergy.com
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
fieldsTester.js
fc1.retail.santander.co.uk/query/7/ 		0
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fc1.retail.santander.co.uk/query/7/fieldsTester.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.208.47 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-217-208-47.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jan 2019 15:28:13 GMT
Content-Encoding
gzip
Server
haile
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
25
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Expires
0
char_conv.js
press.retail.santander.co.uk/906077/ 		0
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://press.retail.santander.co.uk/906077/char_conv.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.173.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-46-51-173-176.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jan 2019 15:28:13 GMT
Content-Encoding
gzip
Server
haile
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
25
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Expires
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9C3940D7546235980A4C98A2%40AdobeOrg&d_nsid=0&ts=1546874892870
  • https://dpm.demdex.net/id/rd?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9C3940D7546235980A4C98A2%40AdobeOrg&d_nsid=0&ts=1546874892870
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9C3940D7546235980A4C98A2%40AdobeOrg&d_nsid=0&ts=1546874892870
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.41.66 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-41-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Location
https://dpm.demdex.net/id/rd?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9C3940D7546235980A4C98A2%40AdobeOrg&d_nsid=0&ts=1546874892870
X-TID
ETy4Y7VnQBc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://progenerationenergy.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
https://progenerationenergy.com
X-TID
ETy4Y7VnQBc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9C3940D7546235980A4C98A2%40AdobeOrg&d_nsid=0&ts=1546874892870
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
jqDateElem.js
mc3.retail.santander.co.uk/906077/ 		0
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mc3.retail.santander.co.uk/906077/jqDateElem.js
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.211.214 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-217-211-214.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jan 2019 15:28:13 GMT
Content-Encoding
gzip
Server
haile
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
25
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Expires
0
sprite.svg
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/Images/ 		99 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/Images/sprite.svg
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
6c92c4be1574ca465a46465b1990c9bbfccefaccb244f881c8d42cc8dd42508e

Request headers

Referer
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/santander.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=197
Expires
Mon, 07 Jan 2019 16:28:12 GMT
selectarrow.png
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/Images/ 		261 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/Images/selectarrow.png
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.127.210.129 Milton Keynes, United Kingdom, ASN2134 (GSVNET-AS GS Virtual Network Produban, ES),
Reverse DNS
Software
/
Resource Hash
8fa79e7023ddc016a761727f6890731435e803be8df9c5b6c747e3c9d1396c22

Request headers

Referer
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/santander.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Last-Modified
Mon, 03 Dec 2018 10:32:51 GMT
ETag
"57c1babbffac0"
Content-Type
image/png
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
261
Expires
Mon, 07 Jan 2019 16:28:12 GMT
FrutigerLTStd45Light.woff
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/ 		0
0
FrutigerBold.woff
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/ 		0
0
satellite-58f9dc3064746d2d7e00916d.js
assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/scripts/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/scripts/satellite-58f9dc3064746d2d7e00916d.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/satelliteLib-f614afad3dd348a170a03c92881f3682b50a87e8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
58a87dfbb97e40c5874b69ab869543262fc746a42e542bc8199c53cdc04d2e9f

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Nov 2018 10:15:19 GMT
Server
Apache
ETag
"5a3f155cbd200145033abf3f279ac296:1543400119"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Content-Length
16751
Expires
Mon, 07 Jan 2019 16:28:12 GMT
s-code-contents-3ca5b8d0e453d2b1653a80ee4c15239e5d6c1bf1.js
assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/s-code-contents-3ca5b8d0e453d2b1653a80ee4c15239e5d6c1bf1.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/satelliteLib-f614afad3dd348a170a03c92881f3682b50a87e8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
583f97bfcc42ec8c10c2cffc4a0579de5e8ebcaaa73dad9a428e1410fc5f6970

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Nov 2018 10:15:19 GMT
Server
Apache
ETag
"78c421afb77928161986e7929fdac09f:1543400119"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Content-Length
13006
Expires
Mon, 07 Jan 2019 16:28:12 GMT
satellite-5a3bdd8264746d22120023e5.js
assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/scripts/ 		550 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/scripts/satellite-5a3bdd8264746d22120023e5.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/satelliteLib-f614afad3dd348a170a03c92881f3682b50a87e8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bad506f8e1dd2fef341edd7f43b9277ec913b560f12a83211d0f514f0a75eb98

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Nov 2018 10:15:20 GMT
Server
Apache
ETag
"1104f7125e168286146ae7c0ad13821f:1543400120"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *, *
Content-Length
362
Expires
Mon, 07 Jan 2019 16:28:12 GMT
satellite-5a3bede364746d18f9003dde.js
assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/scripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/scripts/satellite-5a3bede364746d18f9003dde.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/satelliteLib-f614afad3dd348a170a03c92881f3682b50a87e8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf1b17ee9ab7b44bb96c848ffc37164087819692fe7c5a0bbbb8fd3d56031982

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Nov 2018 10:15:20 GMT
Server
Apache
ETag
"1f039406b911b57883fc6c45381653ef:1543400120"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *, *
Content-Length
1693
Expires
Mon, 07 Jan 2019 16:28:12 GMT
rd
dpm.demdex.net/id/ 		218 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9C3940D7546235980A4C98A2%40AdobeOrg&d_nsid=0&ts=1546874892870
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.41.66 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-41-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cf1efe1b39edc9bfd8cc74ea7683ba79f76cf797415394b376ba70362196e648

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
Origin
https://progenerationenergy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v013-0f2e53205.edge-irl1.demdex.com 5.45.0.20181217095029 3ms
Pragma
no-cache
X-TID
P8F96xZ1RFM=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://progenerationenergy.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
218
Expires
Thu, 01 Jan 1970 00:00:00 GMT
id
smetrics.santander.co.uk/ 		49 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.santander.co.uk/id?d_visid_ver=1.8.0&d_fieldgroup=A&mcorgid=9C3940D7546235980A4C98A2%40AdobeOrg&mid=40868105239645266971740017756449225421&ts=1546874893044
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/18a2415ae6b52c3a7c0b946cdfc34cd03d7440e8/satelliteLib-f614afad3dd348a170a03c92881f3682b50a87e8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.34.188.187 , Netherlands, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
santander.co.uk.ssl.d3.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
fbdd8b5eba927bcb5820b3007f74de751b3f9d821bc53cf092e6baee6beac425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
Origin
https://progenerationenergy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 07 Jan 2019 15:28:13 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC
xserver
www286
Vary
Origin
X-C
ms-6.5.1
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://progenerationenergy.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15
Content-Length
49
X-XSS-Protection
1; mode=block
FrutigerLTStd45Light.ttf
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/ 		0
0
s95572554851415
smetrics.santander.co.uk/b/ss/santanderprod/1/JS-2.0.0-D7QN/ 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.santander.co.uk/b/ss/santanderprod/1/JS-2.0.0-D7QN/s95572554851415?AQB=1&ndh=1&pf=1&t=7%2F0%2F2019%2015%3A28%3A13%201%200&D=D%3D&mid=40868105239645266971740017756449225421&aamlh=6&ce=UTF-8&ns=santanderuk&cdp=4&pageName=olb%2Fretail%2Falp-enriuk-presentation%2Fop-singup%2Faccesssignuppersonaldetails&g=https%3A%2F%2Fprogenerationenergy.com%2F.well-known%2F0104%2Fquestions.htm&cc=GBP&ch=olb&server=progenerationenergy.com&products=%3B%3B1%3B0&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=https%3A%2F%2Fprogenerationenergy.com%2F.well-known%2F0104%2Fquestions.htm&v1=olb%2Fretail%2Falp-enriuk-presentation%2Fop-singup%2Faccesssignuppersonaldetails&c2=retail&v2=https%3A%2F%2Fprogenerationenergy.com%2F.well-known%2F0104%2Fquestions.htm&c3=alp-enriuk-presentation&c5=accesssignuppersonaldetails&c7=New&v7=New&c8=logged%20in&v8=logged%20in&c9=40868105239645266971740017756449225421&c12=3%3A28%20PM%7CMonday&c13=op-singup&v19=07%2F01%2F2019&v20=3%3A28%20PM%7CMonday&v21=40868105239645266971740017756449225421&v34=cert%5Clive&c36=1043&v75=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F67.0.3396.87%20Safari%2F537.36&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: progenerationenergy.com
URL: https://progenerationenergy.com/.well-known/0104/questions.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.34.188.187 , Netherlands, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
santander.co.uk.ssl.d3.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://progenerationenergy.com/.well-known/0104/questions.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 07 Jan 2019 15:28:13 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.5.1
P3P
CP="This is not a P3P policy"
Connection
Keep-Alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Tue, 08 Jan 2019 15:28:13 GMT
Server
Omniture DC
xserver
www291
ETag
"3321888538306347008-6197165479300175002"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Keep-Alive
timeout=15
Expires
Sun, 06 Jan 2019 15:28:13 GMT
FrutigerBold.ttf
retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
resources.mtb.com
URL
https://resources.mtb.com/images/img_trans.gif
Domain
retail.santander.co.uk
URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/FrutigerLTStd45Light.woff
Domain
retail.santander.co.uk
URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/FrutigerBold.woff
Domain
retail.santander.co.uk
URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/FrutigerLTStd45Light.ttf
Domain
retail.santander.co.uk
URL
https://retail.santander.co.uk/Estatico/ALP_EBAN_Templates/Styles/fl/fonts/FrutigerBold.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery boolean| touchDevice string| MK1G string| MK2G string| MK3G string| MK4G number| timeInterval object| options object| santanderparm object| __CALENDAR_CONFIG object| lang function| Visitor object| _satellite object| s_c_il number| s_c_in function| pageBottomLoaded function| oldPageBottom function| getFromContextOrMenuOrAttribute function| isIframe function| cssQueryThisOrParent function| normalizeName function| trackLinkVars function| getSeriealizeId object| adobeContextData function| clearAddress function| validar_formulario function| sendForm function| getRelation function| initCounter function| refreshCounter function| openPopup function| closePopup function| changeAction function| resizePopup object| jQuery1111022067228288240637 function| initUpdate object| EDRUtility object| EDRSurveyCodeProbes object| eDRXDMClient object| EDRSurvey function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq string| sourceUrl object| ___so96366421 string| PSESSIONID string| SSESSIONID object| M object| regex object| match string| LSESSIONID object| __tp number| __gt string| cloudId object| s_i_santanderprod

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.santander.co.uk
assets.adobedtm.com
assets.santander.co.uk
dpm.demdex.net
events.santander.co.uk
fc1.retail.santander.co.uk
mc3.retail.santander.co.uk
press.retail.santander.co.uk
progenerationenergy.com
resources.mtb.com
retail.santander.co.uk
smetrics.santander.co.uk
resources.mtb.com
retail.santander.co.uk
185.34.188.187
193.127.210.129
2.18.232.23
46.51.173.176
52.49.41.66
54.195.251.195
54.217.208.47
54.217.211.214
54.228.207.117
68.65.122.246
79.125.113.207
1428c6ed14b9b68177385101f034e80d2c5a0402447944e7fb545e2f2a7d11d1
14bfa8f6486a63f41a493645b6dc50d5684c0adbe7f490adb78df69ee69408ea
1c99efdd3de82995172cd902bfe1ed4a556009c4bc1e2c64d1e0940f3f623f56
3badf0fb46bb456236adfeaac33dbd962b32af48bbcd1eb401e71442f48ca8c9
52d4647cb8a5a8fbbe614399c647213caa3ffe4c0d6abba9680bef5522a3c998
583f97bfcc42ec8c10c2cffc4a0579de5e8ebcaaa73dad9a428e1410fc5f6970
58a87dfbb97e40c5874b69ab869543262fc746a42e542bc8199c53cdc04d2e9f
5992556029c3ce7016181948f9da80cdfcbadf4dd0852204f72c9bc2cca57264
5a9e7f44e131f01c65def713103f03484a15b14197ae65aaed19ad02585645f5
64b8a29aa514e6e38855321f283db18a29e58a18e84f8ae76a4afdb1bbab4c7e
6b8a10db8d7954901296d17ee180b655defd253f37a173ea0986a14ce86a7d10
6ba4e053613a5ea7c0acdc885e9b9d77417f897f7ee08e3faea4ee12ddead81d
6c92c4be1574ca465a46465b1990c9bbfccefaccb244f881c8d42cc8dd42508e
8a3a0f86de552f128835d402261fe57e7fd1a37e0790c84e49e167a676ab96c0
8fa79e7023ddc016a761727f6890731435e803be8df9c5b6c747e3c9d1396c22
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b9cfaf1f69a9844329ac55360cdf3eea146ce1179547aa22131a7695597feecf
bad506f8e1dd2fef341edd7f43b9277ec913b560f12a83211d0f514f0a75eb98
c826d7e33f60f141a3dca602aed70f7d1b49f306954549d1f82ee02884cbccf6
cdce6eacc0180541e177d1767d3391f4ca0a2f55374b0736579f66601a63700b
cf1b17ee9ab7b44bb96c848ffc37164087819692fe7c5a0bbbb8fd3d56031982
cf1efe1b39edc9bfd8cc74ea7683ba79f76cf797415394b376ba70362196e648
e34c5fd4310b41b430716aee70dae0f04fff064e19372e966c1b962afea7c6e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef8866b74047f9c315b5c6b9de7f48cb8de574312ed32dae2deb4ba6aaaac942
fbdd8b5eba927bcb5820b3007f74de751b3f9d821bc53cf092e6baee6beac425