urlscan.io logo urlscan.io
SecurityTrails logo

ewcm.sz.creditcard.citicbank.citic Open in urlscan Pro
2409:8754:3020:40::26  Public Scan

Go To Rescan Add Verdict Report
URL: https://ewcm.sz.creditcard.citicbank.citic/
Submission: On September 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 4 domains to perform 24 HTTP transactions. The main IP is 2409:8754:3020:40::26, located in China and belongs to CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN. The main domain is ewcm.sz.creditcard.citicbank.citic.
TLS certificate: Issued by Secure Site Pro Extended Validation C... on March 25th 2022. Valid for: a year.
This is the only time ewcm.sz.creditcard.citicbank.citic was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2409:8754:302... 9808 (CHINAMOBI...)
1 43.152.29.19 139341 (ACE-AS-AP...)
1 43.154.240.235 132203 (TENCENT-N...)
1 203.205.136.81 132203 (TENCENT-N...)
3 163.181.56.172 24429 (TAOBAO Zh...)
3 2409:8754:302... 9808 (CHINAMOBI...)
1 240e:604:208:... 4134 (CHINANET-...)
24 8
13    2409:8754:3020:40::26 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
ewcm.sz.creditcard.citicbank.citic
1    43.152.29.19 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
res.wx.qq.com
1    43.154.240.235 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
open.work.weixin.qq.com
1    203.205.136.81 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
wwcdn.weixin.qq.com
3    163.181.56.172 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
main.citiccardcdn.citicbank.com
ss.citiccardcdn.citicbank.com
3    2409:8754:3020:40::19 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
wtkinnet.sz.creditcard.ecitic.com
1    240e:604:208:702::10b (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
ebank.creditcard.ecitic.com
Apex Domain
Subdomains		 Transfer
13 citicbank.citic
ewcm.sz.creditcard.citicbank.citic
224 KB
4 ecitic.com
wtkinnet.sz.creditcard.ecitic.com
ebank.creditcard.ecitic.com — Cisco Umbrella Rank: 896026
ss.creditcard.ecitic.com Failed
186 KB
3 citicbank.com
main.citiccardcdn.citicbank.com
ss.citiccardcdn.citicbank.com
140 KB
3 qq.com
res.wx.qq.com — Cisco Umbrella Rank: 11983
open.work.weixin.qq.com — Cisco Umbrella Rank: 83333
wwcdn.weixin.qq.com — Cisco Umbrella Rank: 70027
13 KB
24 4
Domain Requested by
13 ewcm.sz.creditcard.citicbank.citic ewcm.sz.creditcard.citicbank.citic
3 wtkinnet.sz.creditcard.ecitic.com ewcm.sz.creditcard.citicbank.citic
wtkinnet.sz.creditcard.ecitic.com
2 main.citiccardcdn.citicbank.com ewcm.sz.creditcard.citicbank.citic
main.citiccardcdn.citicbank.com
1 ebank.creditcard.ecitic.com ewcm.sz.creditcard.citicbank.citic
1 ss.citiccardcdn.citicbank.com main.citiccardcdn.citicbank.com
1 wwcdn.weixin.qq.com ewcm.sz.creditcard.citicbank.citic
1 open.work.weixin.qq.com ewcm.sz.creditcard.citicbank.citic
1 res.wx.qq.com ewcm.sz.creditcard.citicbank.citic
0 ss.creditcard.ecitic.com Failed ss.citiccardcdn.citicbank.com
24 9

This site contains no links.

Subject Issuer Validity Valid
cbs.sz.creditcard.ecitic.com
Secure Site Pro Extended Validation CA G2		 2022-03-25 -
2023-04-12		 a year crt.sh
*.weixin.qq.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-05-10 -
2023-06-11		 a year crt.sh
work.weixin.qq.com
DigiCert Secure Site CN CA G3		 2022-04-06 -
2023-05-07		 a year crt.sh
main.citiccardcdn.citicbank.com
Secure Site Pro Extended Validation CA G2		 2022-08-05 -
2023-08-17		 a year crt.sh
wtkinnet.sz.creditcard.ecitic.com
Secure Site Pro Extended Validation CA G2		 2021-11-19 -
2022-11-19		 a year crt.sh
ebank.creditcard.ecitic.com
Secure Site Pro Extended Validation CA G2		 2021-12-13 -
2023-01-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ewcm.sz.creditcard.citicbank.citic/
Frame ID: C028D9F442ED4DF00A8D62E008FA583F
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

中信银行信用卡

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

24
Requests

42 %
HTTPS

43 %
IPv6

4
Domains

9
Subdomains

8
IPs

4
Countries

586 kB
Transfer

1282 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ewcm.sz.creditcard.citicbank.citic/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
f63b548d2a8e07d7e234579424c7ba1cc5c181782eeca8a28a67243be4de7e2b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 23 Sep 2022 12:18:12 GMT
ETag
W/"6321a28c-1c40"
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 ID-6003173204055710 uproxy-17
jweixin-1.2.0.js
res.wx.qq.com/open/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.wx.qq.com/open/js/jweixin-1.2.0.js
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.29.19 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx/1.8.1 /
Resource Hash
f46308ef482b00d82694640bfa978af8f128d45c57918783215d90997eb2553f
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 16:53:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-forwarded-for
203.205.137.90
strict-transport-security
max-age=3600
x-verify-code
bc6b965a9c564f77a4a6288b337bdc13
content-length
3818
last-modified
Mon, 18 Jul 2022 16:50:00 GMT
server
nginx/1.8.1
vary
Origin
content-type
application/x-javascript
access-control-allow-origin
http://open.weixin.qq.com
cache-control
must-revalidate, max-age=31536000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
12625310019383673290
accept-ranges
bytes
expires
Tue, 18 Jul 2023 16:53:31 GMT
jwxwork-1.0.0.js
open.work.weixin.qq.com/wwopen/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.work.weixin.qq.com/wwopen/js/jwxwork-1.0.0.js
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.154.240.235 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
81fc3881f390ac366e9e9b0cc42e9c44459f37f126e19a7d2b4126886a3ddcf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:18:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
etag
W/"55a5-Gc39hBNemfcUADJa7krfTGzABu8"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
vendor.fb2369dee469663e8c7b.css
ewcm.sz.creditcard.citicbank.citic/ 		181 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/vendor.fb2369dee469663e8c7b.css
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
2decb1391cd4227bf339ba5579b1921a8bc8a824649476a8f10883791102e344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
W/"6321a28c-2d2e7"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 ID-6003173204055710 uproxy-17
Transfer-Encoding
chunked
Connection
Keep-alive
index.de53c231e3eb7aaf338a.css
ewcm.sz.creditcard.citicbank.citic/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/index.de53c231e3eb7aaf338a.css
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
fe46066e369ca356a0f3403eff1638c7519b355cfefb92c01748bd29af7cbb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
W/"6321a28c-2497"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 ID-6003173204055710 uproxy-15
Transfer-Encoding
chunked
Connection
Keep-alive
init-jsbridge.js
ewcm.sz.creditcard.citicbank.citic/static/jsbridge/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/static/jsbridge/init-jsbridge.js?time=1663148684677
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3d91ca52b77235cd6a47ff4b148748f907c0375cff2d91f22d0b7bfa4aa742c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
W/"6321a28c-1206"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 ID-6003173204055710 uproxy-15
Transfer-Encoding
chunked
Connection
Keep-alive
main.37b25c0d25dc389e434b.js
ewcm.sz.creditcard.citicbank.citic/pages/runtime/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/pages/runtime/main.37b25c0d25dc389e434b.js
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
022952079c313d6991f06d758dddf7cdbca41d0152fb7c4f65e43521d9f45406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
W/"6321a28c-10ed"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 ID-6003173204055710 uproxy-15
Transfer-Encoding
chunked
Connection
Keep-alive
vendor.38ef76314f5712461964.js
ewcm.sz.creditcard.citicbank.citic/assets/ 		395 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/assets/vendor.38ef76314f5712461964.js
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ad25d5267d3d921bb628f1d3adb2573ab70b7b2fa54120f0a4ba82ce74fd2718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
W/"6321a28c-62a12"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 ID-6003173204055710 uproxy-3
Transfer-Encoding
chunked
Connection
Keep-alive
main.6ca5ca058d21c3ca85ff.js
ewcm.sz.creditcard.citicbank.citic/pages/public/ 		151 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/pages/public/main.6ca5ca058d21c3ca85ff.js
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
faebf72b23ad2751333c005990bc9ffb39eab81e31ea4c9c786a33c09d2d4540

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:13 GMT
Via
1.1 ID-6003173204055710 uproxy-15
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
"6321a28c-97"
Content-Type
application/javascript
Connection
Keep-alive
Accept-Ranges
bytes
Content-Length
151
main.809b694734edbe520fe3.js
ewcm.sz.creditcard.citicbank.citic/pages/index/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/pages/index/main.809b694734edbe520fe3.js
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d9fec2d34b5748cb09f5cd73305cc82643521168f2a56462c46a14cd98b27bb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
W/"6321a28c-238e"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 ID-6003173204055710 uproxy-17
Transfer-Encoding
chunked
Connection
Keep-alive
1x1-00000000.91e42db1c6.png
wwcdn.weixin.qq.com/node/wework/images/ 		68 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwcdn.weixin.qq.com/node/wework/images/1x1-00000000.91e42db1c6.png
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.205.136.81 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nws_static_mid /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 07:19:06 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 10 Jan 2020 03:27:45 GMT
server
nws_static_mid
age
17950
content-type
image/png
cache-control
max-age=315360000
x-nws-log-uuid
2245637636026445427
accept-ranges
bytes
x-verify-code
dfe273f0bd363af09e36ac4c79063004
content-length
68
expires
Mon, 20 Sep 2032 07:19:06 GMT
tp_entrance.js
main.citiccardcdn.citicbank.com/citiccard/wtk/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.citiccardcdn.citicbank.com/citiccard/wtk/tp_entrance.js
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/assets/vendor.38ef76314f5712461964.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.172 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4ca8a541d31371cfe68404b5f17545aac2358f6289a0ae3ffd738fc4f29be457

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 11:42:40 GMT
via
cache2.l2de2[0,0,304-0,H], cache14.l2de2[1,0], ens-cache5.de4[0,0,200-0,H], ens-cache2.de4[2,0]
age
2136
x-cache
HIT TCP_MEM_HIT dirn:8:90538817
x-swift-cachetime
3600
x-swift-savetime
Fri, 23 Sep 2022 12:02:57 GMT
content-encoding
gzip
content-length
5256
last-modified
Thu, 30 Jun 2022 02:04:49 GMT
server
Tengine
etag
"62bd04c1-345b"
vary
Accept-Encoding
ali-swift-global-savetime
1663933361
content-type
application/javascript
access-control-allow-origin
*
timing-allow-origin
*
eagleid
2ff62b1a16639354970374031e
doAuth
ewcm.sz.creditcard.citicbank.citic/ewcm-api-gateway/bizWeChatAuth/ 		59 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/ewcm-api-gateway/bizWeChatAuth/doAuth
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/assets/vendor.38ef76314f5712461964.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
af6e36913f0f690ecf747a666813b69ee74866aa2ce733da5d1d1e6ea7b3efbc

Request headers

Accept
application/json, text/plain, */*
Referer
https://ewcm.sz.creditcard.citicbank.citic/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-ewcm-token
Content-Type
application/json

Response headers

Date
Fri, 23 Sep 2022 12:18:15 GMT
Via
1.1 ID-6003173204055710 uproxy-3
Server
nginx
Connection
Keep-alive
Transfer-Encoding
chunked
X-Application-Context
ewcm-api-gateway:prod:8080
Content-Type
application/json;charset=UTF-8
564.8fa2b2b61e2a9f519b6d.js
ewcm.sz.creditcard.citicbank.citic/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/assets/564.8fa2b2b61e2a9f519b6d.js
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/pages/runtime/main.37b25c0d25dc389e434b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
92faa38ead80f47db2543c292d48612cfa23be47768d2d587add5d58f65f77ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
W/"6321a28c-1a6b"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 ID-6003173204055710 uproxy-17
Transfer-Encoding
chunked
Connection
Keep-alive
ib-wtkin-core-net-v1.1.js
wtkinnet.sz.creditcard.ecitic.com/citiccard/ib/wtkin/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wtkinnet.sz.creditcard.ecitic.com/citiccard/ib/wtkin/ib-wtkin-core-net-v1.1.js
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/pages/index/main.809b694734edbe520fe3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::19 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
c7b4fc05298feeaf320b34722d23936609a5d0a94614f2071b10e7a2d98047fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:17 GMT
Via
1.1 ID-6003173204055710 uproxy-3
Last-Modified
Fri, 17 Jun 2022 11:44:26 GMT
Server
nginx/1.22.0
ETag
"62ac691a-555a"
Content-Type
application/javascript
Connection
Keep-alive
Accept-Ranges
bytes
Content-Length
21850
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b563f454eff400ad9cdfc42b35638d8d31e0633a7b52ccead1d90b0eacc887d

Request headers

Referer
Origin
https://ewcm.sz.creditcard.citicbank.citic
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
back.png
ewcm.sz.creditcard.citicbank.citic/static/image/ 		511 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewcm.sz.creditcard.citicbank.citic/static/image/back.png
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
3982a8013c8fd736c0f0d5093b6451c3a6b996aa60a1621e5295d83070514781

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:15 GMT
Via
1.1 ID-6003173204055710 uproxy-3
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
"6321a28c-1ff"
Content-Type
image/png
Connection
Keep-alive
Accept-Ranges
bytes
Content-Length
511
search.png
ewcm.sz.creditcard.citicbank.citic/static/image/ 		991 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewcm.sz.creditcard.citicbank.citic/static/image/search.png
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8b034d0008577b3fa703cedcea6416f4fa8c0bb5c2175c6f62373e5c63fa97d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:15 GMT
Via
1.1 ID-6003173204055710 uproxy-17
Last-Modified
Wed, 14 Sep 2022 09:44:44 GMT
Server
nginx
ETag
"6321a28c-3df"
Content-Type
image/png
Connection
Keep-alive
Accept-Ranges
bytes
Content-Length
991
query-list.do
ewcm.sz.creditcard.citicbank.citic/ewcm-api-gateway/ewcm-app-backend/cust/ 		53 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewcm.sz.creditcard.citicbank.citic/ewcm-api-gateway/ewcm-app-backend/cust/query-list.do?status=1&page=0
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/assets/vendor.38ef76314f5712461964.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::26 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b96f917387554c2a095f0fbdc2511a532b0144b31fb5e2cc8a8046ecc23bf91b

Request headers

Accept
application/json, text/plain, */*
Referer
https://ewcm.sz.creditcard.citicbank.citic/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-ewcm-token
undefined

Response headers

Date
Fri, 23 Sep 2022 12:18:16 GMT
Via
1.1 ID-6003173204055710 uproxy-15
Server
nginx
Connection
Keep-alive
Transfer-Encoding
chunked
X-Application-Context
ewcm-api-gateway:prod:8080
Content-Type
application/json;charset=UTF-8
track.js
main.citiccardcdn.citicbank.com/citiccard/wtk/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.citiccardcdn.citicbank.com/citiccard/wtk/track.js
Requested by
Host: main.citiccardcdn.citicbank.com
URL: https://main.citiccardcdn.citicbank.com/citiccard/wtk/tp_entrance.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.172 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5770a6049f824a3dbde6ca1c96ec69543d389748cd2b5156d0ad651ba8316cc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:07:08 GMT
via
cache21.l2de2[601,601,304-0,M], cache23.l2de2[603,0], ens-cache8.de4[0,0,200-0,H], ens-cache2.de4[1,0]
age
669
x-cache
HIT TCP_MEM_HIT dirn:9:269554129
x-swift-cachetime
3600
x-swift-savetime
Fri, 23 Sep 2022 12:07:08 GMT
content-encoding
gzip
content-length
66596
last-modified
Thu, 30 Jun 2022 02:04:49 GMT
server
Tengine
etag
"62bd04c1-2cc5e"
vary
Accept-Encoding
ali-swift-global-savetime
1663934828
content-type
application/javascript
access-control-allow-origin
*
timing-allow-origin
*
eagleid
2ff62b1a16639354970534063e
zxing.min.js
ss.citiccardcdn.citicbank.com/zxfps/static/ 		230 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ss.citiccardcdn.citicbank.com/zxfps/static/zxing.min.js
Requested by
Host: main.citiccardcdn.citicbank.com
URL: https://main.citiccardcdn.citicbank.com/citiccard/wtk/tp_entrance.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.172 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
76f67439058b7502655727479a5730f73c40844d8819a09ac1a3ce09cfdf22fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 11:58:53 GMT
via
cache25.l2de2[0,0,304-0,H], cache23.l2de2[1,0], ens-cache8.de4[0,0,200-0,H], ens-cache2.de4[1,0]
age
1165
x-cache
HIT TCP_MEM_HIT dirn:9:273823522
x-swift-cachetime
3600
x-swift-savetime
Fri, 23 Sep 2022 12:07:08 GMT
content-encoding
gzip
content-length
70112
last-modified
Wed, 23 Mar 2022 08:55:13 GMT
server
Tengine
etag
"623ae071-399f0"
vary
Accept-Encoding
ali-swift-global-savetime
1663934333
content-type
application/javascript
access-control-allow-origin
*
timing-allow-origin
*
eagleid
2ff62b1a16639354981465734e
report
ebank.creditcard.ecitic.com/citiccard/wtk/behavior/ 		0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ebank.creditcard.ecitic.com/citiccard/wtk/behavior/report?action_name=%E7%B3%BB%E7%BB%9F%2F%E9%A1%B5%E9%9D%A2%E5%90%8D%E7%A7%B0&fpgrp_=ewcm&fpid_=ewcm-frontend-h5&pid_=dc3d&v_=2&evt_=PageView&vdt_=20220923201817&tms_=145&pload_d_=275&url_r_=%23%2F&libt_=JS&libv_=2.6.3&devid_=75eabb7599193d008369205b29899fe6&fvdt_=1663935497146&nvisit_=1&idsite=5&rec=1&r=918641&h=12&m=18&s=17&url=https%3A%2F%2Fewcm.sz.creditcard.citicbank.citic%2F%23%2F&_id=4f56a4185b00bf2c&_idts=1663935497&_idvc=1&_idn=0&_refts=0&_viewts=1663935497&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&data=%7B%22crd_%22%3A%22e%22%7D&gt_ms=275&pv_id=jg55ol
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
240e:604:208:702::10b , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:18 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
pk.js
wtkinnet.sz.creditcard.ecitic.com/citiccard/ib/wtkin/ 		164 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wtkinnet.sz.creditcard.ecitic.com/citiccard/ib/wtkin/pk.js
Requested by
Host: wtkinnet.sz.creditcard.ecitic.com
URL: https://wtkinnet.sz.creditcard.ecitic.com/citiccard/ib/wtkin/ib-wtkin-core-net-v1.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::19 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
2cc22ad2a613c6f52d2280183f349dab34b3f11a9f718cf8fec86fd0e2484ec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:18 GMT
Via
1.1 ID-6003173204055710 uproxy-3
Last-Modified
Fri, 17 Jun 2022 16:21:43 GMT
Server
nginx/1.22.0
ETag
"62acaa17-28e0f"
Content-Type
application/javascript
Connection
Keep-alive
Accept-Ranges
bytes
Content-Length
167439
cms
wtkinnet.sz.creditcard.ecitic.com/citiccard/ib/wtkin/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtkinnet.sz.creditcard.ecitic.com/citiccard/ib/wtkin/cms?action_name=%E4%B8%AD%E4%BF%A1%E9%93%B6%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1&idsite=1&rec=1&r=758696&h=12&m=18&s=19&url=https%3A%2F%2Fewcm.sz.creditcard.citicbank.citic%2F%23%2F&uid=systemUser&_id=8382dd812ef858a5&_idts=1663935499&_idvc=1&_idn=0&_refts=0&_viewts=1663935499&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=275&pv_id=GHQn6x
Requested by
Host: ewcm.sz.creditcard.citicbank.citic
URL: https://ewcm.sz.creditcard.citicbank.citic/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8754:3020:40::19 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx/1.22.0 / PHP/7.1.11
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ewcm.sz.creditcard.citicbank.citic/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 12:18:19 GMT
Via
1.1 ID-6003173204055710 uproxy-3
Server
nginx/1.22.0
Connection
Keep-alive
X-Powered-By
PHP/7.1.11
Transfer-Encoding
chunked
Content-Type
image/gif
devf
ss.creditcard.ecitic.com/zxfps/dev/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ss.creditcard.ecitic.com
URL
https://ss.creditcard.ecitic.com/zxfps/dev/devf

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| jWeixin object| wx object| WWOpenData object| lib number| rem number| dpr function| ownKeys function| _objectSpread function| _defineProperty object| tower object| webpackChunkH5 object| citic_cli object| regeneratorRuntime object| _paq boolean| __VUE_OPTIONS_API__ boolean| __VUE_PROD_DEVTOOLS__ boolean| __VUE__ function| _typeof function| getSystemInfo function| toString function| isNumber function| objectAssign function| isNumber$1 function| slice function| getOwnSymbols function| toObject function| shouldUseNative function| index function| Cookies function| Cookies$1 object| index$1 function| isIos function| isApp function| isPc function| isMicroMessenger function| getIdsite function| getcookies function| getCookie function| getChid function| getWTKPid function| WTKsetcookie function| WTKsearchUrlAndSaveCookie function| getArgs object| wtk_chid object| wtk_pid object| wtk_cls object| wtk_args object| deviceFm object| ret object| wtk object| chid object| str object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| JSON_PIWIK object| AnalyticsTracker function| piwik_log object| Piwik function| buttonEvent function| inputEvent function| selectEvent function| getTrackURl function| sendUrl function| getURlFteWithoutHash object| _wtk object| _0x49e5 function| _0x5513 function| fpsMd5 function| fpsAes function| fpsJSEncrypt string| def object| KJUR object| Hex object| ___Base64 function| ASN1 object| WTK object| Matomo number| fpstatus string| t string| n string| r string| o string| a

7 Cookies

Domain/Path Name / Value
ewcm.sz.creditcard.citicbank.citic/ Name: USERID
Value: systemUser
ewcm.sz.creditcard.citicbank.citic/ Name: _bm_id.dc3d
Value: 75eabb7599193d008369205b29899fe6
ewcm.sz.creditcard.citicbank.citic/ Name: _bm_fvdt.dc3d
Value: 1663935497146
ewcm.sz.creditcard.citicbank.citic/ Name: _pk_id.5.9f72
Value: 4f56a4185b00bf2c.1663935497.1.1663935497.1663935497.
ewcm.sz.creditcard.citicbank.citic/ Name: _pk_ses.5.9f72
Value: *
ewcm.sz.creditcard.citicbank.citic/ Name: _pk_id.1.9f72
Value: 8382dd812ef858a5.1663935499.1.1663935499.1663935499.
ewcm.sz.creditcard.citicbank.citic/ Name: _pk_ses.1.9f72
Value: *

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ebank.creditcard.ecitic.com
ewcm.sz.creditcard.citicbank.citic
main.citiccardcdn.citicbank.com
open.work.weixin.qq.com
res.wx.qq.com
ss.citiccardcdn.citicbank.com
ss.creditcard.ecitic.com
wtkinnet.sz.creditcard.ecitic.com
wwcdn.weixin.qq.com
ss.creditcard.ecitic.com
163.181.56.172
203.205.136.81
2409:8754:3020:40::19
2409:8754:3020:40::26
240e:604:208:702::10b
43.152.29.19
43.154.240.235
022952079c313d6991f06d758dddf7cdbca41d0152fb7c4f65e43521d9f45406
2cc22ad2a613c6f52d2280183f349dab34b3f11a9f718cf8fec86fd0e2484ec1
2decb1391cd4227bf339ba5579b1921a8bc8a824649476a8f10883791102e344
3982a8013c8fd736c0f0d5093b6451c3a6b996aa60a1621e5295d83070514781
4ca8a541d31371cfe68404b5f17545aac2358f6289a0ae3ffd738fc4f29be457
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5770a6049f824a3dbde6ca1c96ec69543d389748cd2b5156d0ad651ba8316cc4
5b563f454eff400ad9cdfc42b35638d8d31e0633a7b52ccead1d90b0eacc887d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
76f67439058b7502655727479a5730f73c40844d8819a09ac1a3ce09cfdf22fb
81fc3881f390ac366e9e9b0cc42e9c44459f37f126e19a7d2b4126886a3ddcf0
8b034d0008577b3fa703cedcea6416f4fa8c0bb5c2175c6f62373e5c63fa97d7
92faa38ead80f47db2543c292d48612cfa23be47768d2d587add5d58f65f77ee
ad25d5267d3d921bb628f1d3adb2573ab70b7b2fa54120f0a4ba82ce74fd2718
af6e36913f0f690ecf747a666813b69ee74866aa2ce733da5d1d1e6ea7b3efbc
b96f917387554c2a095f0fbdc2511a532b0144b31fb5e2cc8a8046ecc23bf91b
c7b4fc05298feeaf320b34722d23936609a5d0a94614f2071b10e7a2d98047fe
d9fec2d34b5748cb09f5cd73305cc82643521168f2a56462c46a14cd98b27bb0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d91ca52b77235cd6a47ff4b148748f907c0375cff2d91f22d0b7bfa4aa742c
f46308ef482b00d82694640bfa978af8f128d45c57918783215d90997eb2553f
f63b548d2a8e07d7e234579424c7ba1cc5c181782eeca8a28a67243be4de7e2b
faebf72b23ad2751333c005990bc9ffb39eab81e31ea4c9c786a33c09d2d4540
fe46066e369ca356a0f3403eff1638c7519b355cfefb92c01748bd29af7cbb47