bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
Open in
urlscan Pro
2602:fea2:2::1
Public Scan
Submitted URL: http://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Effective URL: https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Submission: On May 03 via api from GB — Scanned from GB
Effective URL: https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Submission: On May 03 via api from GB — Scanned from GB
Summary
This website contacted 17 IPs
in 4 countries
across 13 domains to perform 70 HTTP transactions.
The main IP is 2602:fea2:2::1, located in
United States and
belongs to PROTOCOL, US.
The main domain is bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
15
2602:fea2:2::1
(United States)
ASN40680 (PROTOCOL, US)
ASN40680 (PROTOCOL, US)
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
1
2a00:1450:4001:827::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
2a02:26f0:480:f::213:7ece
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| websdk.appsflyer.com |
4
2a02:26f0:3500:587::1e80
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| assets.adobedtm.com |
2
108.138.24.127
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-127.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-127.fra56.r.cloudfront.net
| d3rnm236tp90vs.cloudfront.net |
1
143.204.214.149
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-149.fra53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-149.fra53.r.cloudfront.net
| d21ctq9anmk97c.cloudfront.net |
14
13.224.194.198
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-198.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-198.fra2.r.cloudfront.net
| d140zf541n5jhi.cloudfront.net |
6
2a00:1450:4001:801::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
143.204.215.121
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-121.fra53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-121.fra53.r.cloudfront.net
| awa-euwest1-1.advanced-web-analytics.com |
2
34.249.39.203
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-39-203.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-39-203.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
4
54.154.5.12
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-5-12.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-5-12.eu-west-1.compute.amazonaws.com
| wa.onelink.me |
1
52.212.210.65
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-210-65.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-210-65.eu-west-1.compute.amazonaws.com
| nedbank.demdex.net |
2
63.140.62.160
(United States)
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-160.data.adobedc.net
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-160.data.adobedc.net
| nedbank.d3.sc.omtrdc.net |
2
52.212.202.233
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-202-233.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-202-233.eu-west-1.compute.amazonaws.com
| wa.appsflyer.com |
2
142.250.181.226
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
| cm.g.doubleclick.net |
1
2001:4860:4802:36::36
(United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net |
| Domain | Requested by | |
|---|---|---|
| 15 | bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 14 | d140zf541n5jhi.cloudfront.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
d140zf541n5jhi.cloudfront.net |
| 9 | secured.nedbank.co.za |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
secured.nedbank.co.za |
| 6 | www.googletagmanager.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 4 | wa.onelink.me |
websdk.appsflyer.com
|
| 4 | assets.adobedtm.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | wa.appsflyer.com |
websdk.appsflyer.com
|
| 2 | nedbank.d3.sc.omtrdc.net |
assets.adobedtm.com
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
| 2 | dpm.demdex.net |
assets.adobedtm.com
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
| 2 | d3rnm236tp90vs.cloudfront.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
d3rnm236tp90vs.cloudfront.net |
| 1 | europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | nedbank.demdex.net |
assets.adobedtm.com
|
| 1 | awa-euwest1-1.advanced-web-analytics.com |
d140zf541n5jhi.cloudfront.net
|
| 1 | d21ctq9anmk97c.cloudfront.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | websdk.appsflyer.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | www.google-analytics.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 70 | 17 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.i.ipfs.io R3 |
2023-03-27 - 2023-06-25 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
| *.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-22 - 2023-09-24 |
a year | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
| secured.nedbank.co.za Entrust Certification Authority - L1M |
2022-09-05 - 2023-10-04 |
a year | crt.sh |
| *.advanced-web-analytics.com GeoTrust TLS RSA CA G1 |
2023-04-13 - 2024-05-10 |
a year | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| *.onelink.me Amazon RSA 2048 M02 |
2023-02-04 - 2024-03-04 |
a year | crt.sh |
| *.d3.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-10 - 2024-03-08 |
a year | crt.sh |
| *.sdk.af-sdk.io Amazon RSA 2048 M01 |
2022-10-26 - 2023-11-24 |
a year | crt.sh |
| misc.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Frame ID: 889CDE2C5218858659728A234AFE9C75
Requests: 64 HTTP requests in this frame
Frame:
https://awa-euwest1-1.advanced-web-analytics.com/623923/guhuna.html?e=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link&es=eyJpIjoiQjVqRmRmNDYydDR5TVBYaU51XC9adXc9PSIsImUiOiJxRm81Wk1VbG9aUVY0VzAzOWI5RllXOFJ1c3pmOFIwY0pIaENQNCtpcittK1wvd1NvaEtsUjhlNHB1dmV2bDFsWlZCSjRmeWpJRmNhM3R5dWhcL09pZGZTb0kwTE83OHpWQ1BxSXA1MWs0RkxKalNacktcLytoa0ROcVlNcUpwT2VcL0MyXC8xOFF4ajlkcTlVNXRsZDRRZUJQQT09In0%3D.07ab8abb2269015a.Yjg3ZjY2ZTAwYjYwMWFhYzMwOTUzZTU2OGU0MmFkZmJlZDIxYzQzY2ZjZTA4YTU2ZTIxOTdjMzc1NmIwN2M4Yw%3D%3D&eu=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link%2F&icid=168309547459219583
Frame ID: F28668F15AA84531F870AD2BAD31E712
Requests: 1 HTTP requests in this frame
Frame:
https://nedbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 09000F2D8A92E36911C3C31AE4B4BCD2
Requests: 3 HTTP requests in this frame
Frame:
https://d140zf541n5jhi.cloudfront.net/623923/feda.html?sui=722cdbc38712b7d03276a22c7d1467b1a123051a1b12f44f794092dee4bcf404
Frame ID: 98114675B055B5123783DBF19276CB38
Requests: 1 HTTP requests in this frame
Frame:
https://d140zf541n5jhi.cloudfront.net/623923/ernge.html?si=0&e=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link&LSESSIONID=eyJpIjoiQjVqRmRmNDYydDR5TVBYaU51XC9adXc9PSIsImUiOiJxRm81Wk1VbG9aUVY0VzAzOWI5RllXOFJ1c3pmOFIwY0pIaENQNCtpcittK1wvd1NvaEtsUjhlNHB1dmV2bDFsWlZCSjRmeWpJRmNhM3R5dWhcL09pZGZTb0kwTE83OHpWQ1BxSXA1MWs0RkxKalNacktcLytoa0ROcVlNcUpwT2VcL0MyXC8xOFF4ajlkcTlVNXRsZDRRZUJQQT09In0%3D.07ab8abb2269015a.Yjg3ZjY2ZTAwYjYwMWFhYzMwOTUzZTU2OGU0MmFkZmJlZDIxYzQzY2ZjZTA4YTU2ZTIxOTdjMzc1NmIwN2M4Yw%3D%3D&t=xframe&eu=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link%2F&icid=168309547922238728&sr=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link%2Fclose-gray.255d2087c5e383f8.svg
Frame ID: 77E4648666B8AF17ADFDA2A184CF9291
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Online BankingPage URL History Show full URLs
-
http://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
HTTP 307
https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ Page URL
Detected technologies
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
HTTP 307
https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 55- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjcxNjM0MDU4NTc0MzIwNTIwMjMyNjEyOTEwOTQxMzQyMzY2MDk= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjcxNjM0MDU4NTc0MzIwNTIwMjMyNjEyOTEwOTQxMzQyMzY2MDk=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=3?gdpr=0&gdpr_consent=
70 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ Redirect Chain
|
2 MB 218 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
websdk.appsflyer.com/ |
34 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-1bbd76e19c63.min.js
assets.adobedtm.com/6422e0f550a2/567d03ce12ec/ |
221 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
34 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pqwct.js
d3rnm236tp90vs.cloudfront.net/623923/ |
70 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
load.js
d21ctq9anmk97c.cloudfront.net/623923/ |
72 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bryenou.js
d140zf541n5jhi.cloudfront.net/623923/ |
86 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lida.js
d140zf541n5jhi.cloudfront.net/623923/ |
69 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
erob.js
d140zf541n5jhi.cloudfront.net/pref/ |
87 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bleca.js
d140zf541n5jhi.cloudfront.net/623923/ |
88 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
0 584 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
0 584 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
yqn
d140zf541n5jhi.cloudfront.net/pref/ |
0 583 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCe2e740ff7ea141e09ef378aa05f76b39-source.min.js
assets.adobedtm.com/6422e0f550a2/567d03ce12ec/110d57bdb7d5/ |
1 KB 877 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
0 584 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.4b9418b516c0a164.css
secured.nedbank.co.za/ |
318 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankIcon.svg
secured.nedbank.co.za/assets/svg/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cross-Black-small.svg
secured.nedbank.co.za/assets/svg/ |
816 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
outdated-browser.svg
secured.nedbank.co.za/assets/svg/ |
49 KB 15 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Error_Orange.svg
secured.nedbank.co.za/assets/svg/ |
933 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runtime.23a3296a909c3297.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
polyfills.fbd9ff4638904619.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scripts.38d1d65f5303bd85.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.da7144912a048223.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
115 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utils.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/assets/js/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
guhuna.html
awa-euwest1-1.advanced-web-analytics.com/623923/ Frame F286 |
67 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FFMarkWebProRegular.69386de63644c744.ttf
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FFMarkWebProRegular.3594b4997f3f4009.woff
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FFMarkWebProRegular.fb38458d0fa9adfc.woff2
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.4b9418b516c0a164.css
secured.nedbank.co.za/ |
318 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
outdated-browser.svg
secured.nedbank.co.za/assets/svg/ |
49 KB 15 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
NedbankIcon.3cee39915afd52c3.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
214 B 214 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-chat-thin.aecf4aeab466cacf.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
217 B 217 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location-blank-green.15740b1c831edc89.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
223 B 223 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
contact-blank-green.36dfab02d2901e0a.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
222 B 222 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankLogin_v4.png
secured.nedbank.co.za/assets/png/ |
124 KB 125 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flags.f73aa829a0084837.png
secured.nedbank.co.za/ |
69 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close-gray.255d2087c5e383f8.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
213 B 213 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
642 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a
www.googletagmanager.com/ |
0 49 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
td
www.googletagmanager.com/ |
0 121 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a
www.googletagmanager.com/ |
0 57 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
13 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
13 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
nedbank.demdex.net/ Frame 0900 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
nedbank.d3.sc.omtrdc.net/ |
2 B 311 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
events
wa.appsflyer.com/ |
138 B 621 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
events
wa.appsflyer.com/ |
138 B 621 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s25466644760629
nedbank.d3.sc.omtrdc.net/b/ss/nedbankonlinebankingprd,nedbankglobal/1/JS-2.23.0-LCXS/ |
43 B 200 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
51 B 538 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
51 B 538 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=&google_error=3
dpm.demdex.net/ Frame 0900 Redirect Chain
|
42 B 960 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 11 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie-sync
europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net/ Frame 0900 |
0 184 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FFMarkWebProRegular.69386de63644c744.ttf
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
feda.html
d140zf541n5jhi.cloudfront.net/623923/ Frame 9811 |
22 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FFMarkWebProRegular.3594b4997f3f4009.woff
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FFMarkWebProRegular.fb38458d0fa9adfc.woff2
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
90 B 651 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dSFu
d140zf541n5jhi.cloudfront.net/623923/ |
89 B 651 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
89 B 651 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d3rnm236tp90vs.cloudfront.net/623923/ |
90 B 652 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ernge.html
d140zf541n5jhi.cloudfront.net/623923/ Frame 77E4 |
76 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 11 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
80 B 641 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FFMarkWebProRegular.69386de63644c744.ttf
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FFMarkWebProRegular.3594b4997f3f4009.woff
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FFMarkWebProRegular.fb38458d0fa9adfc.woff2
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless function| _0x4d2e function| _0x5545 function| _0x3f498a function| goToNedbankHome string| AppsFlyerSdkObject function| AF object| google_tag_data function| ga object| gaplugins object| ___sc623923 object| ___so623923 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt object| global function| inIframe object| tokenValue object| ____0.9595656598225586 function| target function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq string| ua number| msie boolean| isIEOldVersion object| rootElement object| outDatedBrowser object| google_tag_manager object| dataLayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| AF_SDK object| s_i_nedbankonlinebankingprd_nedbankglobal11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: LSESSIONID Value: eyJpIjoiQjVqRmRmNDYydDR5TVBYaU51XC9adXc9PSIsImUiOiJxRm81Wk1VbG9aUVY0VzAzOWI5RllXOFJ1c3pmOFIwY0pIaENQNCtpcittK1wvd1NvaEtsUjhlNHB1dmV2bDFsWlZCSjRmeWpJRmNhM3R5dWhcL09pZGZTb0kwTE83OHpWQ1BxSXA1MWs0RkxKalNacktcLytoa0ROcVlNcUpwT2VcL0MyXC8xOFF4ajlkcTlVNXRsZDRRZUJQQT09In0%3D.07ab8abb2269015a.Yjg3ZjY2ZTAwYjYwMWFhYzMwOTUzZTU2OGU0MmFkZmJlZDIxYzQzY2ZjZTA4YTU2ZTIxOTdjMzc1NmIwN2M4Yw%3D%3D |
|
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: __gdic Value: lh7bl7rz4xxhdzdaj2q |
|
| .demdex.net/ | Name: demdex Value: 27163405857432052023261291094134236609 |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: AMCVS_5B5243A15589607E7F000101%40AdobeOrg Value: 1 |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: AMCV_5B5243A15589607E7F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C19481%7CMCMID%7C27193178371982864583264259310022113513%7CMCAAMLH-1683700275%7C6%7CMCAAMB-1683700275%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1683102676s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.5.0 |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: afUserId Value: 41cae185-4196-4d54-a20d-a92ce1a1c74d-p |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: AF_SYNC Value: 1683095476199 |
|
| .demdex.net/ | Name: dextp Value: 771-1-1683095476159|1048458-1-1683095476260 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .dpm.demdex.net/ | Name: dpm Value: 27163405857432052023261291094134236609 |
|
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: ___r623923 Value: 0.4096750861915 |
30 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
awa-euwest1-1.advanced-web-analytics.com
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
cm.g.doubleclick.net
d140zf541n5jhi.cloudfront.net
d21ctq9anmk97c.cloudfront.net
d3rnm236tp90vs.cloudfront.net
dpm.demdex.net
europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net
nedbank.d3.sc.omtrdc.net
nedbank.demdex.net
secured.nedbank.co.za
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.google-analytics.com
www.googletagmanager.com
secured.nedbank.co.za
108.138.24.127
13.224.194.198
142.250.181.226
143.204.214.149
143.204.215.121
168.142.204.82
2001:4860:4802:36::36
2602:fea2:2::1
2a00:1450:4001:801::2008
2a00:1450:4001:827::200e
2a02:26f0:3500:587::1e80
2a02:26f0:480:f::213:7ece
34.249.39.203
52.212.202.233
52.212.210.65
54.154.5.12
63.140.62.160
02c71e32f2828846282b8d3c1c4cca9c287a3799ba908fd68fe274c9827d080c
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0af10fafa0cba16325a4a03e06cbfc786241de94e8b128f68939a8c39a5f2536
1201b6ed747188b1bc78a8ee702cca21259bcf29614d27b9a30c7da4f3b2e506
1e18760ed18470f264f73c2984ea3b302a190cb29d0fe64faeb018df4860355b
1e333147b90e6ce031aad30ca5bc5a57667390d9c9fc1a1f197ac819c2c80a1b
2195c52077f39f96c4e03ae44c73195695955fbc3627653ab9d0d77893f5c790
24af98f5927069908c81e519b1082493492411999b322d3297a0be59baed39ed
27fcbdcee0d08d307529638e510701724b3d38c3f146b146663a45df5cc1835d
28cd52da53590e96dc3dc2110d5f7f93590e694a7ed47d338b32c7932ef1dfc9
2f35fc9b03d7876b592c2b65e7387546b9bebc12a9a51a3d1cd207c7f714e771
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5e322cd772ea8ad0f5abe1978a60fd4655e098c66eb9ba602d389e23f13f1316
6158ef9ca80adb1a0e5374e587fdfab7b5c18c8ae3156720ba2034588c838ae4
6a6bb511cfe03b3ad99971bb9da55308aa128fa81c77f73255606f7b6ec9dd79
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
79ac9cbbca9c02b511090576ea85f0a47cc207455b6b035565a62165baaed0da
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e64e85440f96ef9c1bf0cca4d9adfa629782d8669d1a93cf9285d022a77adea
81362bc9579b9ad60cfefa0002c817e7d85c9ca7a9b7b86c6caeeaa39bc6c792
816f0bd61beda1f01183fd9b6ec0855712f154250c29299e74b5c97d4d70574a
8f09e2919336113059aa34d6971187075de0c65826ce6001a189625d83117bb5
9c74020e0b6de0f9b058e80bd43a0315ec7d6dbaf2ebe697202fcc65a28d2492
9e318d672c5a1c8ffb52a52cf62cfc4cf0a4a92a0b27d2647eaf8a0070900567
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3644635f27a5dc184985f95cdc8c42135ccf2eb305f963933aea49ce1cd8b33
af148599b64e067a659ae178e38d361b666711a4271e82cc732cdc79947cd389
b5c2c79c0685b427201fa0d18a8f04568bf8524fa84579ecab48db0f82e0d45e
b86451e703eb8d4ad4df35cdc23d1b308dfc0c57a1039c2502810c28fb7c20ee
c31f3fa10424b0d5cfff3157e5abb6f2b5477a1f4964fd4b4819621556669a6a
c9b1b81b762bd6c093a641bbf464ae00602c14272b3b39909a2b0a49268da1a4
cbc51e4d4dfd84c231cc31db97c66cb1e7b7c4eeb67c17a574a886cf95e32b3e
d2eb727f2d849d06f7c0488b720b5f57100d2578fafd17b79b1302172b9ed41d
d4c4f3bcdff08509878d55ff3e067e99aa3ee36d01a9f6dab3d5dbfb6c926c83
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d72166c9b4dd773db17f369c417b3850b0074ffcac54f2f28eb9e4f42f638b5b
e025d7cec9e10feae6342c396f1bc6032e2d5525d5c64bad1976f46eaa87d38e
e0abd1e371090da517af6413939e44659568db2b6cd42952fcfc64c3fa3d30ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb28ee69b7696a72988f8c4498b63e42397b75654abddebdd132f739ecb1024f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe5cc10b596a1cc0b9a73b9ca53a73f5670e514b7b067a1f9f68fee77128072
f7baf6fab8ed8563ffcf45e566735dc4adf36fd5243d0c2ffdf472905bc7e018