bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
Open in
urlscan Pro
2602:fea2:2::1
Public Scan
Submitted URL: http://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Effective URL: https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Submission: On April 28 via automatic, source phishtank — Scanned from DE
Effective URL: https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Submission: On April 28 via automatic, source phishtank — Scanned from DE
Summary
This website contacted 17 IPs
in 4 countries
across 13 domains to perform 64 HTTP transactions.
The main IP is 2602:fea2:2::1, located in
United States and
belongs to PROTOCOL, US.
The main domain is bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
15
2602:fea2:2::1
(United States)
ASN40680 (PROTOCOL, US)
ASN40680 (PROTOCOL, US)
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
1
2a02:26f0:3500:11::215:14d5
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| websdk.appsflyer.com |
4
2a02:26f0:3500:591::1e80
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| assets.adobedtm.com |
2
52.222.232.19
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-19.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-19.fra56.r.cloudfront.net
| d3rnm236tp90vs.cloudfront.net |
1
143.204.214.7
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-7.fra53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-7.fra53.r.cloudfront.net
| d21ctq9anmk97c.cloudfront.net |
13
13.225.84.53
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-53.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-53.fra2.r.cloudfront.net
| d140zf541n5jhi.cloudfront.net |
1
2a00:1450:4001:812::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
143.204.215.121
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-121.fra53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-121.fra53.r.cloudfront.net
| awa-euwest1-1.advanced-web-analytics.com |
2
52.210.27.198
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-27-198.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-27-198.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
4
54.76.54.26
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-54-26.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-54-26.eu-west-1.compute.amazonaws.com
| wa.onelink.me |
2
52.19.6.228
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-6-228.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-6-228.eu-west-1.compute.amazonaws.com
| wa.appsflyer.com |
1
52.31.11.204
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
| nedbank.demdex.net |
2
63.140.62.135
(United States)
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-135.data.adobedc.net
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-135.data.adobedc.net
| nedbank.d3.sc.omtrdc.net |
2
172.217.18.98
(United States)
ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
| cm.g.doubleclick.net |
1
2001:4860:4802:36::36
(United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net |
| Domain | Requested by | |
|---|---|---|
| 15 | bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 13 | d140zf541n5jhi.cloudfront.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
d140zf541n5jhi.cloudfront.net |
| 9 | secured.nedbank.co.za |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
secured.nedbank.co.za |
| 4 | wa.onelink.me |
websdk.appsflyer.com
|
| 4 | assets.adobedtm.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | nedbank.d3.sc.omtrdc.net |
assets.adobedtm.com
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
| 2 | wa.appsflyer.com |
websdk.appsflyer.com
|
| 2 | dpm.demdex.net |
assets.adobedtm.com
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
| 2 | d3rnm236tp90vs.cloudfront.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
d3rnm236tp90vs.cloudfront.net |
| 1 | europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | nedbank.demdex.net |
assets.adobedtm.com
|
| 1 | awa-euwest1-1.advanced-web-analytics.com |
d140zf541n5jhi.cloudfront.net
|
| 1 | www.googletagmanager.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | d21ctq9anmk97c.cloudfront.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | websdk.appsflyer.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | www.google-analytics.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 64 | 17 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.i.ipfs.io R3 |
2023-03-27 - 2023-06-25 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
| *.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-22 - 2023-09-24 |
a year | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
| secured.nedbank.co.za Entrust Certification Authority - L1M |
2022-09-05 - 2023-10-04 |
a year | crt.sh |
| *.advanced-web-analytics.com GeoTrust TLS RSA CA G1 |
2023-04-13 - 2024-05-10 |
a year | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| *.onelink.me Amazon RSA 2048 M02 |
2023-02-04 - 2024-03-04 |
a year | crt.sh |
| *.sdk.af-sdk.io Amazon RSA 2048 M01 |
2022-10-26 - 2023-11-24 |
a year | crt.sh |
| *.d3.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-10 - 2024-03-08 |
a year | crt.sh |
| misc.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Frame ID: 7B2FB5B318B3B8BF094771FF05B5CCDB
Requests: 58 HTTP requests in this frame
Frame:
https://awa-euwest1-1.advanced-web-analytics.com/623923/guhuna.html?e=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link&es=eyJpIjoiR3h1WTB5RVVVOW4yanFnOHdyN1Jmdz09IiwiZSI6IjFpeU0xSUYrbUFvMWk5Vkdaak9qK3VRZHB6V3BMaWw0M09GdmFkeU16Wlo5NEtBRlB4SkdTTWpLWXdsSmVHV3NtYUQ1QUowMTVKTGljbGtQUkRFQ09QWHNUN1NLTnF2RkE5TTNwdTlSK2Vsc2ZNUnE1bnhvRzVjd0RldG1Cc3VjNG1ZOGxVbDF4ZmlmeUs0eEdDcGtrUT09In0%3D.a502239368f5ac31.Yjc5NTA0NGY4OGZkODVjZGFiNDdkNmM0MDRjMWJjYzdmYWJmYzAyZTdhZjkzYzY3NzI2MDhkODZlYjU2YWRlMQ%3D%3D&eu=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link%2F&icid=168264934812091509
Frame ID: F8A43430E0506CBAA5F0A4E58505B908
Requests: 1 HTTP requests in this frame
Frame:
https://nedbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 0AE1D4A7CB07E1577B7A69820F33BD1A
Requests: 3 HTTP requests in this frame
Frame:
https://d140zf541n5jhi.cloudfront.net/623923/feda.html?sui=751c81cfda8918ef2861263c4c9b58f27d00e451f9d0c0cc01f2e45bb9c48698
Frame ID: C7BB98ACDFB6221351FA5807B386A680
Requests: 1 HTTP requests in this frame
Frame:
https://d140zf541n5jhi.cloudfront.net/623923/ernge.html?si=0&e=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link&LSESSIONID=eyJpIjoiR3h1WTB5RVVVOW4yanFnOHdyN1Jmdz09IiwiZSI6IjFpeU0xSUYrbUFvMWk5Vkdaak9qK3VRZHB6V3BMaWw0M09GdmFkeU16Wlo5NEtBRlB4SkdTTWpLWXdsSmVHV3NtYUQ1QUowMTVKTGljbGtQUkRFQ09QWHNUN1NLTnF2RkE5TTNwdTlSK2Vsc2ZNUnE1bnhvRzVjd0RldG1Cc3VjNG1ZOGxVbDF4ZmlmeUs0eEdDcGtrUT09In0%3D.a502239368f5ac31.Yjc5NTA0NGY4OGZkODVjZGFiNDdkNmM0MDRjMWJjYzdmYWJmYzAyZTdhZjkzYzY3NzI2MDhkODZlYjU2YWRlMQ%3D%3D&t=xframe&eu=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link%2F&icid=168264935324143077&sr=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link%2Fclose-gray.255d2087c5e383f8.svg
Frame ID: EF133BBEE608BAF7E4ED742658FFEB4D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Online BankingPage URL History Show full URLs
-
http://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
HTTP 307
https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ Page URL
Detected technologies
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
HTTP 307
https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 52- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzIzMDQ2NzcxODY2NTY4NDI3MzA3NTMyMzQzNjQwNDIyMjMyNTQ= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzIzMDQ2NzcxODY2NTY4NDI3MzA3NTMyMzQzNjQwNDIyMjMyNTQ=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFN3h0vW7CZt0XME9EpE9ag&google_cver=1?gdpr=0&gdpr_consent=
64 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ Redirect Chain
|
2 MB 218 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
websdk.appsflyer.com/ |
34 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-1bbd76e19c63.min.js
assets.adobedtm.com/6422e0f550a2/567d03ce12ec/ |
221 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
34 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pqwct.js
d3rnm236tp90vs.cloudfront.net/623923/ |
70 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
load.js
d21ctq9anmk97c.cloudfront.net/623923/ |
72 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bryenou.js
d140zf541n5jhi.cloudfront.net/623923/ |
86 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lida.js
d140zf541n5jhi.cloudfront.net/623923/ |
69 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
erob.js
d140zf541n5jhi.cloudfront.net/pref/ |
87 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bleca.js
d140zf541n5jhi.cloudfront.net/623923/ |
88 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
0 583 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
0 583 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
yqn
d140zf541n5jhi.cloudfront.net/pref/ |
0 583 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCe2e740ff7ea141e09ef378aa05f76b39-source.min.js
assets.adobedtm.com/6422e0f550a2/567d03ce12ec/110d57bdb7d5/ |
1 KB 877 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
0 584 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.4b9418b516c0a164.css
secured.nedbank.co.za/ |
318 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankIcon.svg
secured.nedbank.co.za/assets/svg/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cross-Black-small.svg
secured.nedbank.co.za/assets/svg/ |
816 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
outdated-browser.svg
secured.nedbank.co.za/assets/svg/ |
49 KB 15 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Error_Orange.svg
secured.nedbank.co.za/assets/svg/ |
933 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runtime.23a3296a909c3297.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
polyfills.fbd9ff4638904619.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scripts.38d1d65f5303bd85.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.da7144912a048223.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
114 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utils.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/assets/js/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
guhuna.html
awa-euwest1-1.advanced-web-analytics.com/623923/ Frame F8A4 |
67 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FFMarkWebProRegular.69386de63644c744.ttf
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FFMarkWebProRegular.3594b4997f3f4009.woff
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FFMarkWebProRegular.fb38458d0fa9adfc.woff2
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.4b9418b516c0a164.css
secured.nedbank.co.za/ |
318 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
outdated-browser.svg
secured.nedbank.co.za/assets/svg/ |
49 KB 15 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
NedbankIcon.3cee39915afd52c3.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
214 B 214 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-chat-thin.aecf4aeab466cacf.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
217 B 217 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location-blank-green.15740b1c831edc89.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
223 B 223 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
contact-blank-green.36dfab02d2901e0a.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
222 B 222 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankLogin_v4.png
secured.nedbank.co.za/assets/png/ |
124 KB 125 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close-gray.255d2087c5e383f8.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
213 B 213 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
642 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
13 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
13 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
events
wa.appsflyer.com/ |
138 B 644 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
events
wa.appsflyer.com/ |
138 B 644 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
nedbank.demdex.net/ Frame 0AE1 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
nedbank.d3.sc.omtrdc.net/ |
2 B 311 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flags.f73aa829a0084837.png
secured.nedbank.co.za/ |
69 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s06985609640602
nedbank.d3.sc.omtrdc.net/b/ss/nedbankonlinebankingprd,nedbankglobal/1/JS-2.23.0-LCXS/ |
43 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
51 B 561 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
51 B 561 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEFN3h0vW7CZt0XME9EpE9ag&google_cver=1
dpm.demdex.net/ Frame 0AE1 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie-sync
europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net/ Frame 0AE1 |
0 184 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
feda.html
d140zf541n5jhi.cloudfront.net/623923/ Frame C7BB |
22 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FFMarkWebProRegular.69386de63644c744.ttf
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FFMarkWebProRegular.3594b4997f3f4009.woff
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FFMarkWebProRegular.fb38458d0fa9adfc.woff2
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
90 B 651 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dSFu
d140zf541n5jhi.cloudfront.net/623923/ |
89 B 651 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
89 B 652 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d3rnm236tp90vs.cloudfront.net/623923/ |
90 B 652 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ernge.html
d140zf541n5jhi.cloudfront.net/623923/ Frame EF13 |
76 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FFMarkWebProRegular.69386de63644c744.ttf
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FFMarkWebProRegular.3594b4997f3f4009.woff
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FFMarkWebProRegular.fb38458d0fa9adfc.woff2
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless function| _0x4d2e function| _0x5545 function| _0x3f498a function| goToNedbankHome string| AppsFlyerSdkObject function| AF object| google_tag_data function| ga object| gaplugins object| ___sc623923 object| ___so623923 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt object| global function| inIframe object| tokenValue object| ____0.21808153368881222 function| AppMeasurement_Module_ActivityMap function| target function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq string| ua number| msie boolean| isIEOldVersion object| rootElement object| outDatedBrowser object| google_tag_manager object| dataLayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| AF_SDK object| s_i_nedbankonlinebankingprd_nedbankglobal13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: LSESSIONID Value: eyJpIjoiR3h1WTB5RVVVOW4yanFnOHdyN1Jmdz09IiwiZSI6IjFpeU0xSUYrbUFvMWk5Vkdaak9qK3VRZHB6V3BMaWw0M09GdmFkeU16Wlo5NEtBRlB4SkdTTWpLWXdsSmVHV3NtYUQ1QUowMTVKTGljbGtQUkRFQ09QWHNUN1NLTnF2RkE5TTNwdTlSK2Vsc2ZNUnE1bnhvRzVjd0RldG1Cc3VjNG1ZOGxVbDF4ZmlmeUs0eEdDcGtrUT09In0%3D.a502239368f5ac31.Yjc5NTA0NGY4OGZkODVjZGFiNDdkNmM0MDRjMWJjYzdmYWJmYzAyZTdhZjkzYzY3NzI2MDhkODZlYjU2YWRlMQ%3D%3D |
|
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: __gdic Value: lgzxz6dy35zviftjpm7 |
|
| .demdex.net/ | Name: demdex Value: 72304677186656842730753234364042223254 |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: AMCVS_5B5243A15589607E7F000101%40AdobeOrg Value: 1 |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: AMCV_5B5243A15589607E7F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C19476%7CMCMID%7C72309122461426217210755077367285646270%7CMCAAMLH-1683254149%7C6%7CMCAAMB-1683254149%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1682656549s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.5.0 |
|
| .appsflyer.com/ | Name: af_id Value: f2f61159-4926-4aa7-b817-654710f56078-p |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: afUserId Value: f2f61159-4926-4aa7-b817-654710f56078-p |
|
| .onelink.me/ | Name: af_id Value: f2f61159-4926-4aa7-b817-654710f56078-p |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: AF_SYNC Value: 1682649349776 |
|
| .demdex.net/ | Name: dextp Value: 771-1-1682649349734|1048458-1-1682649349835 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUkNyRTaOPmaFt5aErCF-XvO5m3uCS5t9OcGWcphcZVCrrkOGnieG4_FfTVbOSQ |
|
| .dpm.demdex.net/ | Name: dpm Value: 72304677186656842730753234364042223254 |
|
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: ___r623923 Value: 0.7576310099284 |
30 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
awa-euwest1-1.advanced-web-analytics.com
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
cm.g.doubleclick.net
d140zf541n5jhi.cloudfront.net
d21ctq9anmk97c.cloudfront.net
d3rnm236tp90vs.cloudfront.net
dpm.demdex.net
europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net
nedbank.d3.sc.omtrdc.net
nedbank.demdex.net
secured.nedbank.co.za
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.google-analytics.com
www.googletagmanager.com
secured.nedbank.co.za
13.225.84.53
143.204.214.7
143.204.215.121
168.142.204.82
172.217.18.98
2001:4860:4802:36::36
2001:4860:4802:38::178
2602:fea2:2::1
2a00:1450:4001:812::2008
2a02:26f0:3500:11::215:14d5
2a02:26f0:3500:591::1e80
52.19.6.228
52.210.27.198
52.222.232.19
52.31.11.204
54.76.54.26
63.140.62.135
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
1e18760ed18470f264f73c2984ea3b302a190cb29d0fe64faeb018df4860355b
1ff1469c166e7347ae7889f3c8bd00c73a6214e0cfbbf4ddae3b70f534246b2d
24af98f5927069908c81e519b1082493492411999b322d3297a0be59baed39ed
28cd52da53590e96dc3dc2110d5f7f93590e694a7ed47d338b32c7932ef1dfc9
2a675c4072873b1cf8eed8f0a0fd55eeb8cf368d37acf427e2be545d97a36942
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
39cc413b7406c4e82599174edc6630c3715fea6231138635dba867e76775638f
3a321587e08cdd40445fef5e9572a18f17da57e9047ef04c409cd9df8454d60f
41d8a088bbe9385af5f96723052416d60aacbb1660d3c59d90542034b035132d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5115d7b4988691e74c4ccd03b7312f72692c905864a3626b032be41e89ffca8c
5e322cd772ea8ad0f5abe1978a60fd4655e098c66eb9ba602d389e23f13f1316
6158ef9ca80adb1a0e5374e587fdfab7b5c18c8ae3156720ba2034588c838ae4
622e20a70fc2f6b404f2a7c55a2459b284c8fb4866259e1098be36fe4482ac9d
65105e175104ee6a760dcb8e912234f676f41155e2f82bd039f61eb19db771de
702d5c51234b04383c5c068ab53013b851e9b0a7e0d558f102bcb806ec892758
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
79ac9cbbca9c02b511090576ea85f0a47cc207455b6b035565a62165baaed0da
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
81362bc9579b9ad60cfefa0002c817e7d85c9ca7a9b7b86c6caeeaa39bc6c792
8f09e2919336113059aa34d6971187075de0c65826ce6001a189625d83117bb5
9c74020e0b6de0f9b058e80bd43a0315ec7d6dbaf2ebe697202fcc65a28d2492
9e318d672c5a1c8ffb52a52cf62cfc4cf0a4a92a0b27d2647eaf8a0070900567
a163f41013992b9b5709b2173018bc8d35f8f358369fc2dcf867d381c4de419b
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b5c2c79c0685b427201fa0d18a8f04568bf8524fa84579ecab48db0f82e0d45e
b8ecda54e35c8f508040f9d5eb50483ed63c9bc55dc3d297f63f84c771da5690
c5ff34f26c0a9a2c0afbbda5c39030509392292f9581f18dd30298c1b190a5e3
cbc51e4d4dfd84c231cc31db97c66cb1e7b7c4eeb67c17a574a886cf95e32b3e
ce9a121f33b5b6cef4e4e7a0c40e558706e264a875c283f9b7ae1754660c5190
cf807291caeadc9b7149c29cc8dbf629d62be18acfda2a7a75a6b177061a1645
cfa4e9db428c54b34949e46c4cd375d17ef20b7b37fccae6042aadf84b245438
d2eb727f2d849d06f7c0488b720b5f57100d2578fafd17b79b1302172b9ed41d
d45b9fa0656df46c37a91f3b054ef81cd7cc5cc2568ea36e8ccd02dba3a60fe0
d4c4f3bcdff08509878d55ff3e067e99aa3ee36d01a9f6dab3d5dbfb6c926c83
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb28ee69b7696a72988f8c4498b63e42397b75654abddebdd132f739ecb1024f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efab0be8de1e5585a5536ac75aad76051c309ca1c377af9fd5631d8473e75f34
f307cc72e6efd7729813f609089c59850f36b7298e16e87f1fcc4f6a56c4c673
f7baf6fab8ed8563ffcf45e566735dc4adf36fd5243d0c2ffdf472905bc7e018