www.healthinsureusa.com Open in urlscan Pro
2606:4700:30::6818:60e9  Malicious Activity! Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.healthinsureusa.com/wp-admin/network/abusalita/	44 KB 10 KB	270ms 245ms	Document text/html	2606:4700:30::6818:60e9 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Server 2606:4700:30::6818:60e9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash bee9a749ec2b6448bac7c203d01f22b6b9755eeadc66b1c848d404d3abb61470 Request headers Host www.healthinsureusa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:33:28 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=df31b9cebf76b38f5b4bb181f5c483db31565890407; expires=Fri, 14-Aug-20 17:33:27 GMT; path=/; domain=.healthinsureusa.com; HttpOnly Last-Modified Tue, 13 Aug 2019 13:26:33 GMT Cache-Control max-age=600 Expires Thu, 15 Aug 2019 17:43:27 GMT Vary Accept-Encoding,User-Agent Server cloudflare CF-RAY 506ce9e95cb9dfd3-FRA Content-Encoding gzip
GET H/1.1	200 OK	absa.css ib.absa.co.za/absa-online/static/style/	125 KB 20 KB	7401ms 436ms	Stylesheet text/css	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-07-18-06-35-18 Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash cf413eadb145d61e5ff5bcdc011bdb3955623cf4b1df69b5b25a1eeece7cf307 Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:37 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type text/css Keep-Alive timeout=10, max=20 Expires Sun, 15 Sep 2019 17:32:37 GMT
GET H/1.1	200 OK	login.css ib.absa.co.za/absa-online/static/style/	3 KB 1 KB	7782ms 379ms	Stylesheet text/css	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/style/login.css?v=0.1.0-2019-07-18-06-35-18 Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 50a67bf5b7e45c9779dd68140dff2c87c9877e8984bc64d845e99d4e6b58786d Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:38 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type text/css Keep-Alive timeout=10, max=19 Expires Sun, 15 Sep 2019 17:32:38 GMT
GET H/1.1	200 OK	jcaptcha.css ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/jcaptcha/	1 KB 907 B	7994ms 212ms	Stylesheet text/css	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/jcaptcha/jcaptcha.css?v=0.1.0-2019-07-18-06-35-18 Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash c66a747ea5c78d9a59e00f76f285ea5367ad6e9b5285f1aad18ec87572bf8ceb Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:38 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type text/css Keep-Alive timeout=10, max=18 Expires Sun, 15 Sep 2019 17:32:38 GMT
GET H/1.1	200 OK	backbase.js Show response ib.absa.co.za/absa-online/static/lib/bcf/4_4_9_1/engine/	256 KB 74 KB	8228ms 233ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/lib/bcf/4_4_9_1/engine/backbase.js Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 42073c1b1763c111523ed6f46b0eb0461c9fed9989f524437a6e099c9bf92267 Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:38 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=17 Expires Sun, 15 Sep 2019 17:32:38 GMT
GET H/1.1	200 OK	absa-all-base.js Show response ib.absa.co.za/absa-online/static/script/	477 KB 102 KB	8881ms 243ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa-all-base.js?v=0.1.0-2019-07-18-06-35-18 Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 4ed5e3f5778ea887c6d75f48268f985fb8175f3e18332f0db2f229ea420d5ae5 Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:39 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=16 Expires Sun, 15 Sep 2019 17:32:39 GMT
GET H/1.1	200 OK	login.js Show response ib.absa.co.za/absa-online/static/script/	50 KB 10 KB	9302ms 212ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/login.js?v=0.1.0-2019-07-18-06-35-18 Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 1902ca3cd681fe9cc30cef9b126e6230a184ae6109169ec846b094b330ab3f98 Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:40 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=15 Expires Sun, 15 Sep 2019 17:32:40 GMT
GET H/1.1	200 OK	absa.form.wizardBridge.js Show response ib.absa.co.za/absa-online/static/script/absa/	11 KB 3 KB	9513ms 208ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa/absa.form.wizardBridge.js?v=0.1.0-2019-07-18-06-35-18 Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash cb668e7be80b21d8f1e889ad405f838c19c5f875c3f348e4a307c3af94511307 Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:40 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=14 Expires Sun, 15 Sep 2019 17:32:40 GMT
GET H/1.1	200 OK	absa.n2fa.js Show response ib.absa.co.za/absa-online/static/script/absa/	27 KB 6 KB	9723ms 209ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa/absa.n2fa.js?v=0.1.0-2019-07-18-06-35-18 Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 344c3f945b265d03b175fc02ef8d974be208824ea75e95002b30460bee7bcdc7 Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:40 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=13 Expires Sun, 15 Sep 2019 17:32:40 GMT
GET H/1.1	200 OK	absa.jcaptcha.js Show response ib.absa.co.za/absa-online/static/script/absa/	2 KB 849 B	9932ms 208ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa/absa.jcaptcha.js?v=0.1.0-2019-07-18-06-35-18 Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash ff8cd11b8e42727e514757ffc2167b1e67d59643c764aa58126e17d9112b39c0 Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:40 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=12 Expires Sun, 15 Sep 2019 17:32:40 GMT
GET H/1.1	200 OK	absa.resetPin.js Show response ib.absa.co.za/absa-online/static/script/absa/	7 KB 2 KB	10141ms 209ms	Script application/x-javascript	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Full URL https://ib.absa.co.za/absa-online/static/script/absa/absa.resetPin.js?v=0.1.0-2019-07-18-06-35-18 Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 6610d4a4b477c3ebbc2165520139b7ca04415f6a434fc9001fe16efb58d6c910 Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:40 GMT Content-Encoding gzip Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Vary Accept-Encoding,User-Agent Content-Language en-US Cache-Control max-age=2678400 Transfer-Encoding chunked Connection Keep-Alive Content-Type application/x-javascript Keep-Alive timeout=10, max=11 Expires Sun, 15 Sep 2019 17:32:40 GMT
GET H/1.1	200 OK	absa-logo-2018.png ib.absa.co.za/absa-online/static/style/resources/	2 KB 2 KB	1265ms 210ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/absa-logo-2018.png Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash b90e9d891c1b60bbb442d0c18a93bef607f0c49854a151e204bb66ca409ca1e4 Request headers Sec-Fetch-Mode no-cors Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:41 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=10 Content-Length 2195 Expires Sun, 15 Sep 2019 17:32:41 GMT
GET		ao-logo2.png ib.absa.co.za/absa-online/static/style/resources/	0 0
GET H/1.1	404 Not Found	dot.gif www.healthinsureusa.com/absa-online/static/style/resources/	359 B 359 B	1476ms 11ms	Image text/html	2606:4700:30::6818:60e9 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.healthinsureusa.com/absa-online/static/style/resources/dot.gif Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::6818:60e9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 7d582bfcf985c12d6527db6f6cb17e127e2b9634bc34f1d442469a6709b90b14 Request headers Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:33:39 GMT Content-Encoding gzip CF-Cache-Status HIT Server cloudflare Age 0 Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1 Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 506cea338ccdd6bd-FRA Expires Thu, 15 Aug 2019 21:33:39 GMT
GET		locale_en.gif ib.absa.co.za/absa-online/static/style/resources/	0 0
GET H/1.1	404 Not Found	campaigne_3_pre_golive_EN.jpg www.healthinsureusa.com/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/	412 B 412 B	1716ms 240ms	Image text/html	2606:4700:30::6818:60e9 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.healthinsureusa.com/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3_pre_golive_EN.jpg Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::6818:60e9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e5814f36bb379381c6cd1643e10b0769016d215ccbb71bdb243e73b2083beebf Request headers Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:33:40 GMT Content-Encoding gzip CF-Cache-Status EXPIRED Server cloudflare Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1 Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 506cea339cfbd6bd-FRA Expires Thu, 15 Aug 2019 21:33:40 GMT
GET		campaigne_1_ENG.png ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/Images/	0 0
GET		campaigne_3_pre_golive_EN.jpg ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/	0 0
GET H/1.1	404 Not Found	Cookie set dot.gif Show response www.healthinsureusa.com/absa-online/static/style/resources/ Frame 0417	359 B 789 B	1458ms 274ms	Document text/html	2606:4700:30::6818:60e9 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.healthinsureusa.com/absa-online/static/style/resources/dot.gif Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Server 2606:4700:30::6818:60e9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 7d582bfcf985c12d6527db6f6cb17e127e2b9634bc34f1d442469a6709b90b14 Request headers Host www.healthinsureusa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://www.healthinsureusa.com/wp-admin/network/abusalita/ Response headers Date Thu, 15 Aug 2019 17:33:39 GMT Content-Type text/html; charset=iso-8859-1 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dff207ca6991a88780892d678dcc68fa61565890419; expires=Fri, 14-Aug-20 17:33:39 GMT; path=/; domain=.healthinsureusa.com; HttpOnly CF-Cache-Status EXPIRED Expires Thu, 15 Aug 2019 21:33:39 GMT Cache-Control public, max-age=14400 Vary Accept-Encoding Server cloudflare CF-RAY 506cea31ce53d6bd-FRA Content-Encoding gzip
GET		main-navigation-rounded-2018.gif ib.absa.co.za/absa-online/static/style/resources/	0 0
GET H/1.1	200 OK	sprite-titlebar-no-gradients-2018.png ib.absa.co.za/absa-online/static/style/resources/	621 B 921 B	801ms 207ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/sprite-titlebar-no-gradients-2018.png Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash a0bfd5bef65c754b35599a259b2aa7373857a385802d705f090ea4fef18470be Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:41 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=7 Content-Length 621 Expires Sun, 15 Sep 2019 17:32:41 GMT
GET H/1.1	200 OK	sprite-dividers.gif ib.absa.co.za/absa-online/static/style/resources/	289 B 589 B	2057ms 206ms	Image image/gif	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/sprite-dividers.gif Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash c27aee2360a4554999091c3f4acbe28c3e0badb1484d2aee914e1d8b4f7ace1f Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:42 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/gif Keep-Alive timeout=10, max=1 Content-Length 289 Expires Sun, 15 Sep 2019 17:32:42 GMT
GET H/1.1	200 OK	sprite-corners-rounded.png ib.absa.co.za/absa-online/static/style/resources/	246 B 510 B	2383ms 325ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/sprite-corners-rounded.png Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 6a1423dcdc9a531df9d5dfc5a1ea720eec868eda0a56e1580a0c71c69e79b8fe Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:43 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection close Content-Type image/png Content-Length 246 Expires Sun, 15 Sep 2019 17:32:43 GMT
GET H/1.1	200 OK	gadget-bg.png ib.absa.co.za/absa-online/static/style/resources/	23 KB 24 KB	1010ms 209ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/gadget-bg.png Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 1a26395eab756d476a44492edba11fbb4dfe44d42ed1599f04fdef5ea18ac954 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:41 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=6 Content-Length 23889 Expires Sun, 15 Sep 2019 17:32:41 GMT
GET H/1.1	200 OK	gadget-login-bg.png ib.absa.co.za/absa-online/static/style/resources/	13 KB 13 KB	1222ms 212ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/gadget-login-bg.png Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 3d9062add3a3419de36dac8b09af9960e412c570e256cbe5ca6c0910b30d9aef Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/login.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:42 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=5 Content-Length 13337 Expires Sun, 15 Sep 2019 17:32:42 GMT
GET		icon-questionmark-grey.png ib.absa.co.za/absa-online/static/style/resources/	0 0
GET H/1.1	200 OK	keypad-bg.gif ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/keypad/	439 B 739 B	1431ms 207ms	Image image/gif	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/keypad/keypad-bg.gif Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 31d4c1cd3bf18363ff7643f87a54fecd70376fed89cd5805ced2e323127fa334 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:42 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/gif Keep-Alive timeout=10, max=4 Content-Length 439 Expires Sun, 15 Sep 2019 17:32:42 GMT
GET H/1.1	200 OK	key-button.gif ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/	379 B 679 B	1643ms 210ms	Image image/gif	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/key-button.gif Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash d3dbb7567bec3fa266960ee53ee72d534e1834e481ff502a0901fcb32af7ff23 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:42 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/gif Keep-Alive timeout=10, max=3 Content-Length 379 Expires Sun, 15 Sep 2019 17:32:42 GMT
GET		keypad-backspace.png ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/	0 0
GET H/1.1	200 OK	button.png ib.absa.co.za/absa-online/static/style/resources/	491 B 791 B	385ms 208ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/button.png Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash ada2e972abcb9493c9b709ce52c1b2122b0320a9ec37d4c5ca13a132dfda11e1 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:41 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=9 Content-Length 491 Expires Sun, 15 Sep 2019 17:32:41 GMT
GET H/1.1	200 OK	buttonArrowWhite.png ib.absa.co.za/absa-online/static/style/resources/	1 KB 1 KB	1851ms 207ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/buttonArrowWhite.png Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash dbdc69769919eb9de6942ac447a2b029681b71b36c0154e7bee12977063b1f42 Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:42 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=2 Content-Length 1150 Expires Sun, 15 Sep 2019 17:32:42 GMT
GET H/1.1	200 OK	sprite-icons-bar-status.png ib.absa.co.za/absa-online/static/style/resources/	553 B 853 B	593ms 207ms	Image image/png	169.202.9.74 AMALGAMATED-BSA
General Check archive.org Show headers Download Go to Show image Full URL https://ib.absa.co.za/absa-online/static/style/resources/sprite-icons-bar-status.png Requested by Host: www.healthinsureusa.com URL: http://www.healthinsureusa.com/wp-admin/network/abusalita/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 169.202.9.74 , South Africa, ASN14115 (AMALGAMATED-BSA, ZA), Reverse DNS ib.absa.co.za Software / Resource Hash 4c4a36be788a6c7da90427e5986cbfba7da49bc1296fb965e86da3e5282efb5f Request headers Sec-Fetch-Mode no-cors Referer https://ib.absa.co.za/absa-online/static/style/login.css?v=0.1.0-2019-07-18-06-35-18 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 15 Aug 2019 17:32:41 GMT Last-Modified Thu, 08 Aug 2019 11:09:40 GMT Content-Language en-US Cache-Control max-age=2678400 Connection Keep-Alive Content-Type image/png Keep-Alive timeout=10, max=8 Content-Length 553 Expires Sun, 15 Sep 2019 17:32:41 GMT
GET		config.xml ib.absa.co.za/absa-online/static/script/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ib.absa.co.za

URL

https://ib.absa.co.za/absa-online/static/style/resources/ao-logo2.png

Domain

ib.absa.co.za

URL

https://ib.absa.co.za/absa-online/static/style/resources/locale_en.gif

Domain

ib.absa.co.za

URL

https://ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/Images/campaigne_1_ENG.png

Domain

ib.absa.co.za

URL

https://ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3_pre_golive_EN.jpg

Domain

ib.absa.co.za

URL

https://ib.absa.co.za/absa-online/static/style/resources/main-navigation-rounded-2018.gif

Domain

ib.absa.co.za

URL

https://ib.absa.co.za/absa-online/static/style/resources/icon-questionmark-grey.png

Domain

ib.absa.co.za

URL

https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/keypad-backspace.png

Domain

ib.absa.co.za

URL

https://ib.absa.co.za/absa-online/static/script/config.xml?v=0.1.0-2019-07-18-06-35-18

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ABSA (Banking)

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| SOAPEnvelope function| j1_ object| JSONRequest function| JSONRequestError object| bb object| portal object| gadgets object| absa function| triggerModal4Body function| absaGadgetTemplate undefined| onReturn string| siteEnvironment string| s_account object| s function| s_getObjectID function| s_doPlugins function| getMetaContent function| getProps function| getAllProps function| getFirstProp function| addLoadEvent function| OmnitureContactUs function| OmnitureToolUsage function| OmnitureToolUsageComplete function| CustomerAction function| OmnitureSocialClick string| s_code undefined| s_objectID function| s_gi string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in function| s_onload_0 function| forgotPin function| onFormForgotPinSubmit function| doFormForgotPinSubmit function| resetFormForgotPin function| onForm1Submit function| doSubmitForm1 function| resetForm1 function| backToDSP function| backToFeatureStore function| postToDSP function| getCookie function| setCookie function| postToFS function| postToExpress function| checkEntries2 function| onForm2Submit function| doSubmitForm2 function| onForm2SubmitForgotPassword function| doSubmitForm2ForgotPassword function| doSubmitForm2ForgotPasswordSpecial function| resetForm2 function| onForm3Submit function| doSubmitForm3 function| resetForm3 function| onForm4Submit function| doSubmitForm4 function| onForm5Submit function| doSubmitForm5 function| doLoadNewPasswordAfterUSSD function| showErrorMessage function| hideErrorMessages function| doMoveForm2Focus function| showHideHelp function| showPasswordTips function| changeLang function| getLanguage object| xhtml object| btl function| oldConvert function| oldGetStyle

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ib.absa.co.za
www.healthinsureusa.com
ib.absa.co.za
169.202.9.74
2606:4700:30::6818:60e9
1902ca3cd681fe9cc30cef9b126e6230a184ae6109169ec846b094b330ab3f98
1a26395eab756d476a44492edba11fbb4dfe44d42ed1599f04fdef5ea18ac954
31d4c1cd3bf18363ff7643f87a54fecd70376fed89cd5805ced2e323127fa334
344c3f945b265d03b175fc02ef8d974be208824ea75e95002b30460bee7bcdc7
3d9062add3a3419de36dac8b09af9960e412c570e256cbe5ca6c0910b30d9aef
42073c1b1763c111523ed6f46b0eb0461c9fed9989f524437a6e099c9bf92267
4c4a36be788a6c7da90427e5986cbfba7da49bc1296fb965e86da3e5282efb5f
4ed5e3f5778ea887c6d75f48268f985fb8175f3e18332f0db2f229ea420d5ae5
50a67bf5b7e45c9779dd68140dff2c87c9877e8984bc64d845e99d4e6b58786d
6610d4a4b477c3ebbc2165520139b7ca04415f6a434fc9001fe16efb58d6c910
6a1423dcdc9a531df9d5dfc5a1ea720eec868eda0a56e1580a0c71c69e79b8fe
7d582bfcf985c12d6527db6f6cb17e127e2b9634bc34f1d442469a6709b90b14
a0bfd5bef65c754b35599a259b2aa7373857a385802d705f090ea4fef18470be
ada2e972abcb9493c9b709ce52c1b2122b0320a9ec37d4c5ca13a132dfda11e1
b90e9d891c1b60bbb442d0c18a93bef607f0c49854a151e204bb66ca409ca1e4
bee9a749ec2b6448bac7c203d01f22b6b9755eeadc66b1c848d404d3abb61470
c27aee2360a4554999091c3f4acbe28c3e0badb1484d2aee914e1d8b4f7ace1f
c66a747ea5c78d9a59e00f76f285ea5367ad6e9b5285f1aad18ec87572bf8ceb
cb668e7be80b21d8f1e889ad405f838c19c5f875c3f348e4a307c3af94511307
cf413eadb145d61e5ff5bcdc011bdb3955623cf4b1df69b5b25a1eeece7cf307
d3dbb7567bec3fa266960ee53ee72d534e1834e481ff502a0901fcb32af7ff23
dbdc69769919eb9de6942ac447a2b029681b71b36c0154e7bee12977063b1f42
e5814f36bb379381c6cd1643e10b0769016d215ccbb71bdb243e73b2083beebf
ff8cd11b8e42727e514757ffc2167b1e67d59643c764aa58126e17d9112b39c0