livechatnatwest.com
Open in
urlscan Pro
2606:4700:3033::ac43:da9b
Malicious Activity!
Public Scan
Submitted URL: http://livechatnatwest.com/
Effective URL: https://livechatnatwest.com/
Submission: On June 26 via api from US — Scanned from US
Effective URL: https://livechatnatwest.com/
Submission: On June 26 via api from US — Scanned from US
Summary
This website contacted 3 IPs
in 1 countries
across 3 domains to perform 91 HTTP transactions.
The main IP is 2606:4700:3033::ac43:da9b, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is livechatnatwest.com.
TLS certificate: Issued by GTS CA 1P5 on June 26th 2023. Valid for: 3 months.
This is the only time livechatnatwest.com was scanned on urlscan.io!
TLS certificate: Issued by GTS CA 1P5 on June 26th 2023. Valid for: 3 months.
This is the only time livechatnatwest.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NatWest (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2606:4700:303... 2606:4700:3031::6815:4e51 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 84 | 2606:4700:303... 2606:4700:3033::ac43:da9b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 6 | 2600:141b:900... 2600:141b:9000:79c::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 208.89.12.153 208.89.12.153 | 11054 (LIVEPERSON) (LIVEPERSON) | |
| 91 | 3 |
1
208.89.12.153
(United States)
ASN11054 (LIVEPERSON, US)
PTR: lptag.liveperson.net
ASN11054 (LIVEPERSON, US)
PTR: lptag.liveperson.net
| lptag.liveperson.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 85 |
livechatnatwest.com
1 redirects
livechatnatwest.com |
3 MB |
| 6 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 398 |
20 KB |
| 1 |
liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3278 |
|
| 91 | 3 |
| Domain | Requested by | |
|---|---|---|
| 85 | livechatnatwest.com |
1 redirects
livechatnatwest.com
|
| 6 | assets.adobedtm.com |
livechatnatwest.com
|
| 1 | lptag.liveperson.net |
livechatnatwest.com
|
| 91 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| download.anydesk.com |
| supportcentre.natwest.com |
| www.nwolb.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| livechatnatwest.com GTS CA 1P5 |
2023-06-26 - 2023-09-24 |
3 months | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
| *.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2023-02-07 - 2024-02-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://livechatnatwest.com/
Frame ID: 1ED6C0E6105383C2D087EB7A2E47E9FE
Requests: 91 HTTP requests in this frame
Screenshot
Page Title
Support Centre | NatWest BusinessPage URL History Show full URLs
-
http://livechatnatwest.com/
HTTP 301
https://livechatnatwest.com/ Page URL
Detected technologies
OneTrust
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- otSDKStub\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://download.anydesk.com/anydesk.dmg
Title: For Mac Os
Title: For Mac Os
Search URL Search Domain Scan URL
URL: https://download.anydesk.com/AnyDesk.exe
Title: For Windows
Title: For Windows
Search URL Search Domain Scan URL
URL: https://supportcentre.natwest.com/Searchable/913215512/How-do-I-change-my-business-name.htm
Title: How can I change my business name?
Title: How can I change my business name?
Search URL Search Domain Scan URL
URL: https://www.nwolb.com/
Title: Log in to Online Banking
Title: Log in to Online Banking
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://livechatnatwest.com/
HTTP 301
https://livechatnatwest.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
91 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
livechatnatwest.com/ Redirect Chain
|
211 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scripttemplates-otSDKStub.js
livechatnatwest.com/js/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-clientlib_base_nw_business-_d5318e8400ed5f9919f9ea77655a0a6b.min.css
livechatnatwest.com/css/ |
155 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-EN36e7398f32914ad28e21b622457f151b.min.js
livechatnatwest.com/js/ |
695 KB 154 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-clientlib_base-_5a57cdace3dc8ffb9eb8c1184e271072.min.css
livechatnatwest.com/css/ |
60 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
granite-jquery.min.js
livechatnatwest.com/js/ |
98 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
granite-utils.min.js
livechatnatwest.com/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-granite.min.js
livechatnatwest.com/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-jquery.min.js
livechatnatwest.com/js/ |
16 B 310 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-shared.min.js
livechatnatwest.com/js/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-clientlib_base-_35e07300742cb766264ed0b93113d9b0.min.js
livechatnatwest.com/js/ |
170 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-clientlib_base_two-_f8a01f3dd0520ac98928546d99b4f6ef.min.js
livechatnatwest.com/js/ |
71 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-clientlib_base_three-_f8a01f3dd0520ac98928546d99b4f6ef.min.js
livechatnatwest.com/js/ |
347 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
granite-csrf.min.js
livechatnatwest.com/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlib_smartbanner-clientlib_smartbanner_nw_business-_dec67d64379931612d80e13c7b85b1fe.min.css
livechatnatwest.com/css/ |
2 KB 942 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-clientlib_ia_headernavigation_natwest_business-_d5318e8400ed5f9919f9ea77655a0a6b.min.css
livechatnatwest.com/css/ |
55 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-clientlib_ia_global_login_natwest_business-_7ad603327c300d88c7efdd686a27d4b6.min.css
livechatnatwest.com/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlibs-clientlib_ia_global_logo_natwest_business-_f7feaf3eb631d35f6a4e787199a86d02.min.css
livechatnatwest.com/css/ |
1 KB 728 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
header-natwest-logo.png
livechatnatwest.com/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
header-natwest-logo-mobile.svg
livechatnatwest.com/images/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_ia_global_search_natwest_business-_f8a01f3dd0520ac98928546d99b4f6ef.min.css
livechatnatwest.com/css/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-search_icon.svg
livechatnatwest.com/images/ |
591 B 801 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-searchicon.svg
livechatnatwest.com/images/ |
591 B 808 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_ia_global_search_base-_3b792edde9052e55ed1be7e177fb1b85.min.js
livechatnatwest.com/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-Login-white.svg
livechatnatwest.com/images/ |
975 B 1011 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-search_white.svg
livechatnatwest.com/images/ |
591 B 806 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_ia_headernavigation_base-_f8a01f3dd0520ac98928546d99b4f6ef.min.js
livechatnatwest.com/js/ |
27 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_notification_nw_business-_7edf6b5990f5e83ef64641a9ae4d5028.min.css
livechatnatwest.com/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_notification_base-_7ad603327c300d88c7efdd686a27d4b6.min.js
livechatnatwest.com/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_breadcrumb_nw_business-_d45022b46072a080708e79f108570aa4.min.css
livechatnatwest.com/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_breadcrumb_dtm-_52116cc441fb90cd2ca76a1f6ec77915.min.js
livechatnatwest.com/js/ |
302 B 616 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_breadcrumb-_b4dd5c39e9d543a9c2629fe2220e34a1.min.js
livechatnatwest.com/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_heroshelf_nw_business-_a22cfb9639177a08514f3d6bc2e875b7.min.css
livechatnatwest.com/css/ |
51 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_global_image_base-_7ad603327c300d88c7efdd686a27d4b6.min.js
livechatnatwest.com/js/ |
823 B 816 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlib_image_base-clientlibs-_7ad603327c300d88c7efdd686a27d4b6.min.js
livechatnatwest.com/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_title_base-_7ad603327c300d88c7efdd686a27d4b6.min.js
livechatnatwest.com/js/ |
658 B 749 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_heroshelf_base-_014361c0ae757f33248bf169625be1de.min.js
livechatnatwest.com/js/ |
360 B 605 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_inpagenavigation_nw_business-_35e07300742cb766264ed0b93113d9b0.min.css
livechatnatwest.com/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_cta_nw_business-_b57b034984e406ff10a1d4fe6c826a47.min.css
livechatnatwest.com/css/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_subscription_shelf_nw_business-_a22cfb9639177a08514f3d6bc2e875b7.min.css
livechatnatwest.com/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_featured_block_shelf_nw_business-_d5318e8400ed5f9919f9ea77655a0a6b.min.css
livechatnatwest.com/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_download_report_shelf_nw_business-_ded422fcb981156268e9688196e5f5bb.min.css
livechatnatwest.com/css/ |
2 KB 944 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_cta_base_dtm-_52116cc441fb90cd2ca76a1f6ec77915.min.js
livechatnatwest.com/js/ |
976 B 882 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_cta_base-_9c0a0f0a76061e2ba98574ca8a0ce1bc.min.js
livechatnatwest.com/js/ |
1 KB 953 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_inpagenavigation_base-_3b73a47223bfa2f11fd6e9a654cdfbc4.min.js
livechatnatwest.com/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_singlearticle_nw_business-_f8a01f3dd0520ac98928546d99b4f6ef.min.css
livechatnatwest.com/css/ |
152 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_rte_nw_business-_3540a16837e3cda68c7f239acb8b7a89.min.css
livechatnatwest.com/css/ |
204 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_rte_base_dtm-_52116cc441fb90cd2ca76a1f6ec77915.min.js
livechatnatwest.com/js/ |
700 B 772 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_rte_base-_b57b034984e406ff10a1d4fe6c826a47.min.js
livechatnatwest.com/js/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_singlearticle_base-_3540a16837e3cda68c7f239acb8b7a89.min.js
livechatnatwest.com/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_productlisting_multiple_shelf_nw_business-_b57b034984e406ff10a1d4fe6c826a47.min.css
livechatnatwest.com/css/ |
71 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_product_nw_business-_f6d4cf985b8db8757eb7d88baf7d3b60.min.css
livechatnatwest.com/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_productlisting_multiple_shelf_base-_687a480f7b98cb90d0d4bb405e4a461f.min.js
livechatnatwest.com/js/ |
229 B 606 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_linkcard_nw_business-_3b792edde9052e55ed1be7e177fb1b85.min.css
livechatnatwest.com/css/ |
23 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_accordioncta_nw_business-_7ad603327c300d88c7efdd686a27d4b6.min.css
livechatnatwest.com/css/ |
0 443 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_ia_footer_natwest_business-_f8a01f3dd0520ac98928546d99b4f6ef.min.css
livechatnatwest.com/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
footer-Help.svg
livechatnatwest.com/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
icons-icon-nw-plant-pot-40px-white.png
livechatnatwest.com/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
footer-Info.svg
livechatnatwest.com/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_footer_base-_7ad603327c300d88c7efdd686a27d4b6.min.js
livechatnatwest.com/js/ |
661 B 760 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
clientlibs-clientlib_ia_footer_base-_7ad603327c300d88c7efdd686a27d4b6.min.js
livechatnatwest.com/js/ |
921 B 892 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
4eaf8a94-474d-41a2-b0dd-49ee47eb4150.json
livechatnatwest.com/js/scripttemplates-otSDKStub.js/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/ |
315 B 678 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
token.json
livechatnatwest.com/libs/granite/csrf/ |
315 B 639 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-Login-white.svg
livechatnatwest.com/fonts/ |
975 B 1015 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fonts-RNHouseSansW01Regular.woff2
livechatnatwest.com/fonts/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fonts-RNHouseSansW01Bold.woff2
livechatnatwest.com/fonts/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fonts-nw-icons.woff2
livechatnatwest.com/fonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-FaceBookIcon.png
livechatnatwest.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-Twitter-Icon.png
livechatnatwest.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-RSS-Icon.png
livechatnatwest.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-Linkedin-Icon.png
livechatnatwest.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-fscs-footer-new.png
livechatnatwest.com/images/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC65fe8d7e97784034827074199093dc89-source.min.js
assets.adobedtm.com/90decdbe34ba/0ec9031489bb/d138db70f952/ |
419 B 522 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
hero-image.dim.320.nw-bus-photo-man-and-woman-relaxed-talking-together-hero.jpg
livechatnatwest.com/images/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
article-image.dim.180.nw-bus-photo-content-woman-looking-through-office-glass-wall-article.jpg
livechatnatwest.com/images/ |
602 KB 603 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
article-image.dim.180.nw-bus-photo-group-meeting-on-sofa-in-office-environment-article.jpg
livechatnatwest.com/images/ |
65 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
hero-image.dim.180.nw-bus-photo-man-and-woman-renovating-old-shop-hero.jpg
livechatnatwest.com/images/ |
596 KB 596 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
illustrations-image.dim.180.nw-bus-ill-speech-rectangle-transparent.png
livechatnatwest.com/images/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
dec-logo-image.dim.180.dec-turkey-syria-appeal.png
livechatnatwest.com/images/ |
226 KB 226 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
article-image.dim.180.nw-bus-photo-group-of-people-standing-in-upstairs-office-having-meeting-article.jpg
livechatnatwest.com/images/ |
602 KB 602 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
article-image.dim.180.nw-bus-photo-business-woman-in-shop-creating-checklist-article2.jpg
livechatnatwest.com/images/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
icons-image.dim.180.online-banking-centre.png
livechatnatwest.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
icons-image.dim.180.messaging-centre.png
livechatnatwest.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
icons-image.dim.180.twitter-centre.png
livechatnatwest.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
images-image.dim.180.nw-ill-whatsapp-white.png
livechatnatwest.com/images/ |
101 KB 102 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCe341fca97a43436a8c0c01f2546fdc93-source.min.js
assets.adobedtm.com/90decdbe34ba/0ec9031489bb/d138db70f952/ |
505 B 583 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC0600f59d230c40d28cf2d97523415748-source.min.js
assets.adobedtm.com/90decdbe34ba/0ec9031489bb/d138db70f952/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCeb1f7e30931f4b3caa3ea9cdc8faf99e-source.min.js
assets.adobedtm.com/90decdbe34ba/0ec9031489bb/d138db70f952/ |
1 KB 854 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NatWest (Banking)95 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| OneTrustStub function| OptanonWrapper object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| tagging object| digitalData object| digitalDataV2 function| gtag object| dataLayer function| $ function| jQuery object| matched object| browser object| Granite object| _g function| $CQ object| CQ undefined| G_XHR_HOOK undefined| G_RELOAD_HOOK undefined| G_IS_HOOKED undefined| G_CONTENT_PATH function| Popper object| bootstrap object| globalUtil object| IDM function| generatebutton function| urlEncode function| fnPersistParams function| unique function| persistsInterstial function| filterPrefixParam function| Parser function| scrolltop object| AOS function| sendPerformanceDataToAdobe function| roundTo function| processData function| getEffectiveType function| getLegacyLoadTime function| handlePreviousPageData undefined| checkLegacyTimingData undefined| checkEffectiveType function| webchat function| _fnGlobalSearchComp object| deviceSize object| BreadCrumb function| setBreadCrumb function| picturefill function| _fnCtaDtm function| clickonCTA function| adjustCTAheight function| footerTitleHeights object| lpGlob object| defaultsSettings object| defaults number| deviceWidth object| $l2Active object| $l3Active object| $l2ActiveItem object| $l3ActiveItem object| $iambActive function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| startLivePerson function| scLe2DataReceiver function| getChatWindow function| widgetOverride function| getWidgetiFrame function| sendUrlToWidget function| addLinkClickListener function| hideWidgetOpener function| sendPreviousUrlToWidget function| mobileCheck function| unauthenticatedUser function| getlocalStorageConfig function| getAccountID function| getBrandName number| livePersonAwaitReady boolean| livePersonStarted string| psName boolean| widgetEventsBound object| lpTag function| sc_le2_dataReceiver0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
livechatnatwest.com
lptag.liveperson.net
208.89.12.153
2600:141b:9000:79c::1e80
2606:4700:3031::6815:4e51
2606:4700:3033::ac43:da9b
036a56fd0a973f9a8bd8e72e7b7ea2148ad7603d22bcdc57867454cc8f8f21da
06bff916cefa0e2d5595ee421e0e8652f349e85c0a14a6e6921f4368200a9629
0a067996304fd113185fa9f2f70a1259d7e290074b4b9dff174d423a64e44140
0be44b8963766e88bfb1034f5cf93deb8710ec30e7a54537ff463951c5976234
0c370803df6c6c76c3756e8416054a88336f3e5c531c5a6f7a10a1cf0c0d36aa
0c474187bf163f3b86f534a51a0123fe3d7859bd2e8a0c3e654f9dccf783f01b
13b0f4d57198cc38659add0131dd7c7615c049f7c9852354d0667d590baa545d
156d8bda98015a3470e88c93689214fc294ef53001536bccd8531b5eb2e48710
16c694970c73b62d2e2415e09fbaa0f34a1589c8fd4a418f6659255d5be19a24
1928f0ebbbcff59156b85b801522c7313418a55240dd3167365302dda9fd2dac
1eca4d55bf4e2c30be0da0fdd5c7122ead24658ed118b61f791c648ca2443660
2314cba91624b1dd719f1f741dd7b0ffadf5a71b911d227c09af02e96f221b0b
3541fbb7836ab4ae9091cba9a0ea7c439eef293fb8a79f22abd2f59c529194d6
367b2309f385f78851bb9d352ee89db651f6473e6e0a87feb26e007ec451d104
374f66a69f9b12625edc3f43909273e12a2b0cad3c02946d06cd5130e2bb6e24
380ba5c80bb57e35f7def46cee05b8506aacf596d88bd19ad03e057cd6fc428c
38c901fb6b3f75a588646f9c9f3529d0a2552ec65d9b20e5bdd58557a1b7302b
3b4fb3d4f8241398fb276701a8201343416de25b2ed69c3a92f07294fa15531b
3c4ae4a5b14d3efbfacf0ec8cc69243c75931c5855262be33293b9b58047734f
4125f7fb5ef940e03901ec9b35eb9a9345427aaf6348976e7b9521b6322919f8
41ed8bb776fd024b50b10f9352d8d8d167ca25d1842a4795514968c0e3689567
4306aec230fe19369796d2a02f08ad6e636f268d26730cfed4fa2240b5b8e4bf
4344c877d16f9fdbf7bb6c8ba17b5b4b0f0d8d2a3617e0e163cdcca34256c379
446c4b8e76aaef5638f602f079e696d6f780705124ae93e12b34ba868f332f11
449e8422b548bfd7ad6b48cb3381eca695e354c71bca9eb1484e12724f899306
450c7a14d6a2196b5eb5952ffaf7b2748465da962fcb6c71acc986e290a5846b
45e5e7810ac552b8bece7d3d8e0b098b8720c5da7dae114e1e061e86e78c0a5d
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4f9a8a6f2aa4324f55857e95c31ba5e6616c9a8615bdd154bd59ffae20a3df79
5082eea3a6e25d1c0908478d790f581167b2fcb66d9d6dd59b85b68eb9af70da
50cfc39c804ee6bf79da4d421c14be598555e1180cc763c15fcd29b305b21e93
519ff9bdc08f326fc5d5eac7a14599214658556d15f3687c95fed62e03bb86df
56cfbd97bb4829ef6f278d163a7a8920adb05a9441f0ed85bf77c59c408589e6
5b0b722f7e7ed97aa6895ff0a538ae4ec189d9da8a14eba6fb06d32670e30606
5bc2474667b0e152c13372867197a18b559e087708df6e96f48b901d7756c2be
6026b1d15eb52affd7541cad01422570c86a9d16f3ebecabfba61bf289f89e09
683c932ba422623c3d78be775d0cf81cce2315eaecf727d281ada552a2c6b855
68ffb7ee82a12aa197544cf14a76abc44fa75efb5b27778034481ddbdc43e552
70e61c65f4524bd5f5acad97bfd951fc7ffe12afcda5c8a1403f680d68fe6cb7
76ea04cf5f8a1e8290cf838d791b0a5dbe0dccb6598a6776bbd33120744b7f1a
786e429789593e3a89d19e4869805c23a417449163acb5f3388d6c3ea3901d30
7b8dba074f08a12cb74fb0570d1cf2f053d522efd17e1522771609fd099a5fa3
7e96d4e655527b6e4e7693ba9d3ecc09ba48a36af738e492004f3a8cf217d272
8020f7e4a2c439ea15e87799b144c1de075a87399eca76bd5dd55e612beccb64
84de30d24dc74485614bf566e7422c7b32fd56e87edf5d2520d70127aab34d4c
86731b4bf66662048d0c39eed6b167d2caeb6441b63d7c4b41609c66ade3a0aa
87156677be008ed4050c8bd7169e82b4306a73d1d997922f6a9b8b4ab8324ffe
87b228f13949017c2770895f8f7be25bfee1818a8e866352950622f24254fb22
89ae7b8e353da47adeed2268926dab5077ed601ed6188a0910f0822468964d25
8dbbe9ed60c87ae60f4d93e2b212246a4619ff25fb1075ddae25c56bdb187080
8ee15aeaf7c503ce3adb262e962f8f4d8cfe9527cf684385ad4b0ef03ddebff4
90a9acaa2b73d4e87bc59beb161a8e9771d517ae8577ba38f6724f40d3461073
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
938262aafe88f046bf5635cf7c7f51cb1792ac467fb1affe9cd68fd805492f8d
97cc244f963ae8151be0cebcabc6d53288a5ce14a704e587c415e70522ec396b
98745dd378ff84fe412c60d359ab43b637093d3986f0256fdc4cbd076fab9e69
a045006414375feb3867627d7cf366b2c38b2b324dd609bec9c04c49bbcee3ad
a3faa74a6558540effc22f6f941767699be686f6958d86d2ec171f73b1396e88
a449100d9ff4128d19a31e1ba4017858585475f4f1d7b7d8f63fdd3fb87c57c4
a730135ad30c848ea577dea1fd60dc42e85c9e641e359ce92c0b003807ffcc10
aa59a29a5402cfd4c2463a0a994e1ce2aeafc47fae35532474120e03b9f480b7
ac163b0d9cfc16b37010e00ed419d0d27400c41b23018fe58abd81eef9a81da7
b06b2c5f2cf896ad7a46adb8eb89c19221ed38a64553de1d2bab0c586cce367e
b16b1226be39c3be7aa94d1b4ae1d6d48a950fc3d34ca5d5c8fb51842aeb23f6
b1815ac15092bbd999e3f592d0678e52ea604e3e5882513e8523f65ff53126e2
b1c8513c580df86118c4939a57541f3129c1e3faedae720775a7d3f33a39f245
b7cbf95c068af2fad5984911f31830b1d4eca0435407663bc0883df664099ba0
bd6ea132fa298b55474b174a5f63bed87f36edb150dd0d092654b792a13c7d37
bea0b9a75b2cab90c1113b2977a25c04e7e0c3b7bed82b48115a03a0ba73fef0
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c234b738a9fdbd5e2fb6e1726b817baf7408d089758fff7fd6a9cb887e4e08ac
c927d934ba03eaf7275b1bb7bcf921acdf5a39836ac4d44f7b39609e061a9f30
ca151a7eeb6ef29eff45d2ad171d7ffa528c3ede6cf621e668e1913573937e14
cb1bb28269872f2ca5ece0009be5e855cf7cb2e5cfc07c59b8f82d1823f4c961
cd556b800ad245c29fd260f99c9cb9e28ec63a9ab8a1df6ac69a4e0cbe4dbe15
d337f906b5137b57a8ae5a761a69f9056650a00bde1b05a36cff5261ce50522d
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d8a75d918ddd574026d721058790dd07fc7424ad500e3d9f5be856e921be08f1
d9a66ef8665c5813c7522e5ffdf9f66c8362f4a4c9119560e5776811b48eb615
daf517ea896f4458382c73cc5c02563dc1c7626b7764fa4679c167becc1fb380
e11827ea2988427adfd122610a7875eaccce72c2ff9df4b9d7cd9d2ac1406b33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56b426d4a1f00717f4320830187ba84a3612daea005de7bbd811093e4dae25a
ec0037808c39e581a69f7ed758366699fde73e0ef1e067d0b0a6d70d9aca1b50
ed71d7ff31b6f1ab7f595073982724d566ea0b2df33556407eeaff55da3f1cc2
f74080325601dee4f722335e81400f3f2c3e8f04c95b7b355a0f95b2cebebb62
f84fe70c2a7dd212be81cfba86db29a3baafbf2382789320c33dcdc6c797ae2c
f852dd7a67dfa6645ed207eec3282d27528bff824a5eb9aca98d6165dd94f03a