urlscan.io logo urlscan.io
SecurityTrails logo

halifxidcase.online Open in urlscan Pro
46.17.175.2  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://halifxidcase.online/account
Effective URL: https://halifxidcase.online/account/logon/1659/
Submission: On September 28 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 28 HTTP transactions. The main IP is 46.17.175.2, located in Lithuania and belongs to AS-HOSTINGER, LT. The main domain is halifxidcase.online.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 28th 2020. Valid for: 3 months.
This is the only time halifxidcase.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Halifax Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
4 32 46.17.175.2 47583 (AS-HOSTINGER)
28 1
Apex Domain
Subdomains		 Transfer
32 halifxidcase.online
halifxidcase.online
494 KB
28 1
Domain Requested by
32 halifxidcase.online 4 redirects halifxidcase.online
28 1

This site contains no links.

Subject Issuer Validity Valid
halifxidcase.online
Let's Encrypt Authority X3		 2020-09-28 -
2020-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://halifxidcase.online/account/logon/1659/
Frame ID: 38248D2D9AC7A738F66BF2A2A0BF5F84
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://halifxidcase.online/account HTTP 301
    https://halifxidcase.online/account HTTP 301
    https://halifxidcase.online/account/ HTTP 302
    https://halifxidcase.online/account/logon/ HTTP 302
    https://halifxidcase.online/account/logon/1659/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

493 kB
Transfer

1867 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://halifxidcase.online/account HTTP 301
    https://halifxidcase.online/account HTTP 301
    https://halifxidcase.online/account/ HTTP 302
    https://halifxidcase.online/account/logon/ HTTP 302
    https://halifxidcase.online/account/logon/1659/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
halifxidcase.online/account/logon/1659/
Redirect Chain
  • http://halifxidcase.online/account
  • https://halifxidcase.online/account
  • https://halifxidcase.online/account/
  • https://halifxidcase.online/account/logon/
  • https://halifxidcase.online/account/logon/1659/
30 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed / PHP/7.2.32
Resource Hash
5366f51c5038c0c13aa50d50072ec8073974cad198661074789442aa4c7ae941
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
halifxidcase.online
:scheme
https
:path
/account/logon/1659/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=e0b9e474d41f0083007d9d459962b581
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-powered-by
PHP/7.2.32
content-type
text/html; charset=UTF-8
content-length
23275
content-encoding
br
vary
Accept-Encoding
date
Mon, 28 Sep 2020 21:10:55 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests

Redirect headers

status
302
x-powered-by
PHP/7.2.32
location
1659/
set-cookie
PHPSESSID=e0b9e474d41f0083007d9d459962b581; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
217
content-encoding
br
vary
Accept-Encoding
date
Mon, 28 Sep 2020 21:10:54 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
enc.js
halifxidcase.online/account/logon/1659/includes/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/includes/enc.js
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6369118b817a8a0549092cce8b77d77ac7ec88cc76a66d3ed9e32e9c4f6fb23f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:55 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:54 GMT
server
LiteSpeed
etag
"2139-5f72515e-f66bfa8fde13001f;br"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
2644
expires
Mon, 05 Oct 2020 21:10:55 GMT
global1-min180920.css
halifxidcase.online/account/logon/1659/media/ 		256 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7b1bf5da817cb82d48153d8d920a0622e771d77d5b96e5bb1190c7e3b53955af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:55 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"3fe21-5f72515d-316c59aad17e43db;br"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
44470
expires
Mon, 05 Oct 2020 21:10:55 GMT
global2-min180920.css
halifxidcase.online/account/logon/1659/media/ 		98 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/global2-min180920.css
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
29fa538dea25c2ca46488c4b85cf4748a8f412046bb61de6d7ee7d16ee2f7389
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:55 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:52 GMT
server
LiteSpeed
etag
"1862a-5f72515c-ad35b61818d4af54;br"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
16564
expires
Mon, 05 Oct 2020 21:10:55 GMT
global3-min180920.css
halifxidcase.online/account/logon/1659/media/ 		243 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/global3-min180920.css
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a1ed629c959c395063479c8fe341e8cc0bf12a8dab3ee0886b89d879e07aa359
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:55 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:52 GMT
server
LiteSpeed
etag
"3cdde-5f72515c-1c4b9513b5e57ad2;br"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
39372
expires
Mon, 05 Oct 2020 21:10:55 GMT
global4-min180920.css
halifxidcase.online/account/logon/1659/media/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/global4-min180920.css
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fa1410b2173fa55a62ea2beddb112f5b344651ac0d4ded1a253432a397e4508c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:55 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"401b-5f72515d-4b0c6182d9aaedc3;br"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3165
expires
Mon, 05 Oct 2020 21:10:55 GMT
print_base-min180920.css
halifxidcase.online/account/logon/1659/media/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/print_base-min180920.css
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
011fb0b13acc5be40f7cb0bedde221cfe8a8a2f7da3d46b412c852d7d71f9283
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"20cf-5f72515d-3f31cbd6fedc5e88;br"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1699
expires
Mon, 05 Oct 2020 21:10:56 GMT
jquery-min180920.js
halifxidcase.online/account/logon/1659/media/ 		320 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/jquery-min180920.js
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1686fcb961c3d87a388b64fb078e033884636645ca4827834a8e11108f5c4187
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:52 GMT
server
LiteSpeed
etag
"4fe02-5f72515c-30c1ceb9d45c8f1;br"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
78714
expires
Mon, 05 Oct 2020 21:10:56 GMT
scriptsnippet.js
halifxidcase.online/account/logon/1659/media/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/scriptsnippet.js
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4cb183256edcf53acee17d7687ac8c492a4edc11de527394ee0eb9048ac902d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"13fde-5f72515d-1edadc12bf5eb944;br"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
17634
expires
Mon, 05 Oct 2020 21:10:56 GMT
global-min180920.js
halifxidcase.online/account/logon/1659/media/ 		618 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/global-min180920.js
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f36a740ff38bc5732c01eefcecf2b1c01a34a46260ed3da569e85e833e8f9062
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:52 GMT
server
LiteSpeed
etag
"9a83b-5f72515c-7139874c2baebb91;br"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
124024
expires
Mon, 05 Oct 2020 21:10:56 GMT
custom-min180920.js
halifxidcase.online/account/logon/1659/media/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/custom-min180920.js
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
11bba34f60a043116a0c65d70a39fe7e7bc216b3342a07b137c9219f3b1e3cfa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:54 GMT
server
LiteSpeed
etag
"1013-5f72515e-c83ede9488fdce33;br"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1003
expires
Mon, 05 Oct 2020 21:10:56 GMT
ajax-loader.gif
halifxidcase.online/account/logon/1659/media/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/ajax-loader.gif
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5c99e404a4da25046815a8da382868ad501faf4f58ee21a30cb858843b5ea03f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"24ba-5f72515d-b341d299932b37ce;;;"
content-type
image/gif
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
9402
expires
Mon, 05 Oct 2020 21:10:56 GMT
1455717749.jpg
halifxidcase.online/account/logon/1659/media/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/1455717749.jpg
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
16b51e560ac13dbaca5387ea9f347fe6d06f69a56e255cdd54bc1e10db3fa949
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:51 GMT
server
LiteSpeed
etag
"137c-5f72515b-55fe299818dd2f86;;;"
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
4988
expires
Mon, 05 Oct 2020 21:10:56 GMT
1432115798.png
halifxidcase.online/account/logon/1659/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/1432115798.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c5bafb009f4e1f964a63551c8b5201ea67476bf837dde26795f1b184c008ea51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"b44-5f72515d-fc4da2a68747431e;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
2884
expires
Mon, 05 Oct 2020 21:10:56 GMT
1563185267.gif
halifxidcase.online/account/logon/1659/media/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/1563185267.gif
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8fd5da187ac862027c3eb46404e1e6560703d35daa59ca855d9a242b9cc26967
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:54 GMT
server
LiteSpeed
etag
"3c04-5f72515e-976650746baa8336;;;"
content-type
image/gif
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
15364
expires
Mon, 05 Oct 2020 21:10:56 GMT
1509380052.png
halifxidcase.online/account/logon/1659/media/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/1509380052.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
244fe8a615f148071aad64f49e3d75083906cd31bd6e9132a6c83776ea49734f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:54 GMT
server
LiteSpeed
etag
"1d03-5f72515e-493f9aeb665590cf;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
7427
expires
Mon, 05 Oct 2020 21:10:56 GMT
1534762370.gif
halifxidcase.online/account/logon/1659/media/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/1534762370.gif
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c7ade846da8f9483be15713b08d6702b7a9aa6c4a5d56cb4ab61c7bd54de167b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"f568-5f72515d-f57de42a87628be8;;;"
content-type
image/gif
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
62824
expires
Mon, 05 Oct 2020 21:10:56 GMT
FSCS_image-1536763366.gif
halifxidcase.online/account/logon/1659/media/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/FSCS_image-1536763366.gif
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
423945bfda1edd3760053efee46af765e258cce8e2dbb4bfd4909e34416316c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"7058-5f72515d-b3b9124753581b22;;;"
content-type
image/gif
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
28760
expires
Mon, 05 Oct 2020 21:10:56 GMT
header-footer-min180920.js
halifxidcase.online/account/logon/1659/media/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halifxidcase.online/account/logon/1659/media/header-footer-min180920.js
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
624a55ea936ef3e909b53557238980f592b6022ce0f127e780c767c6b1ba528d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
content-encoding
br
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"d1cc-5f72515d-f027bcb320b6b934;br"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
13470
expires
Mon, 05 Oct 2020 21:10:56 GMT
header_bg.png
halifxidcase.online/account/logon/1659/media/ 		410 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/header_bg.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5429563ef6fb1bfb565142b8466fccd64684b08ea9725dadb8395c94a1913a95
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:52 GMT
server
LiteSpeed
etag
"19a-5f72515c-838fcbc5c2a178f6;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
410
expires
Mon, 05 Oct 2020 21:10:56 GMT
logo_scrn.png
halifxidcase.online/account/logon/1659/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/logo_scrn.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a9ba92bf7baffa72e78ab7a2772f99e85ca7b033733a246efa81f97575264732
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:54 GMT
server
LiteSpeed
etag
"a4f-5f72515e-1f6f7bcf97b94aaf;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
2639
expires
Mon, 05 Oct 2020 21:10:56 GMT
padlock_secureMsg.png
halifxidcase.online/account/logon/1659/media/ 		872 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/padlock_secureMsg.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
56d5bdbb170ef769250396f9cc9da6091103e2d73b83acb4dd696cbb003281c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:54 GMT
server
LiteSpeed
etag
"368-5f72515e-8864a74fd0cf2694;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
872
expires
Mon, 05 Oct 2020 21:10:56 GMT
arrow_lo.png
halifxidcase.online/account/logon/1659/media/ 		180 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/arrow_lo.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7c455b6627629be4ce63d760888b316cabe0ad3dfd353f633a0f1f8608b98d3a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:52 GMT
server
LiteSpeed
etag
"b4-5f72515c-7ca574f1150ad057;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
180
expires
Mon, 05 Oct 2020 21:10:56 GMT
horiz_div.png
halifxidcase.online/account/logon/1659/media/ 		98 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/horiz_div.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6397fb29be11aa0141c0078103bb7875ef0315669ed9ce9f1dd297f8d3860759
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"62-5f72515d-bd525ca5c9070d24;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
98
expires
Mon, 05 Oct 2020 21:10:56 GMT
arrow.png
halifxidcase.online/account/logon/1659/media/ 		180 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/arrow.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dd11e419ee50c9703ff820a6e64f01c9b8c7c7b6b4e820f02d734f24036e5652
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:52 GMT
server
LiteSpeed
etag
"b4-5f72515c-b9f2511813533e69;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
180
expires
Mon, 05 Oct 2020 21:10:56 GMT
secondary_accordion_bg.png
halifxidcase.online/account/logon/1659/media/ 		162 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/secondary_accordion_bg.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
355b5c45d1515da771d3506f604a124d055a6aa7541793776599efc0f6f53e53
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"a2-5f72515d-32d7c0edfdef893b;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
162
expires
Mon, 05 Oct 2020 21:10:56 GMT
plus.png
halifxidcase.online/account/logon/1659/media/ 		515 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/plus.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
96c81f09d628ef873723fa1c83dc2d6274ee182477c1994ed22063c15161b23a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:52 GMT
server
LiteSpeed
etag
"203-5f72515c-17bf1c5c7d2d1640;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
515
expires
Mon, 05 Oct 2020 21:10:56 GMT
footer_bg.png
halifxidcase.online/account/logon/1659/media/ 		238 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halifxidcase.online/account/logon/1659/media/footer_bg.png
Requested by
Host: halifxidcase.online
URL: https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
46.17.175.2 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6f1ffe1dd280ac3d04df2bbd47991d0e194d89240aa68982c0fc5d005e3ab9f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://halifxidcase.online/account/logon/1659/media/global1-min180920.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 21:10:56 GMT
last-modified
Mon, 28 Sep 2020 21:10:53 GMT
server
LiteSpeed
etag
"ee-5f72515d-b24e854e44f955d4;;;"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
238
expires
Mon, 05 Oct 2020 21:10:56 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Halifax Bank (Banking)

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| Aes object| Base64 object| Utf8 string| hea2p string| hea2t string| output string| ctrTxt object| swfobject object| LBG function| applyAriaAttributes function| submitit function| $ function| jQuery function| DP_jQuery boolean| hasDuplicate object| campaignScripts undefined| index object| Messages object| DI undefined| countryData function| AspectCollection function| Config function| Repeatable function| LoanRepeatable function| RepeatableWrapper function| UniqueSelection function| OPSCalculatorController function| OPSCalculator function| OPSMonthlyCalculator function| OPSTotalCalculator function| Model function| OPSCalculatorModel function| OPSLevelCalculatorModel function| OPSDecreasingCalculatorModel function| overlayMliCRQuotePage function| BaseSelectableTable function| HorizontalSelectableTable function| VerticalSelectableTable boolean| AuthPollingInProgress function| AuthPolling function| addSupportNeedButtonEnableDisable function| hideAllSupportNeedsText function| hideAllSupportNeedsDurationText string| mobileType string| userAgent function| positionOnPageLoad function| AttroneyPoa function| bankInputFocusHandler function| bankInputBlurHandler function| setBankBrowseLinks function| displayResults function| getJsonResults object| Autobinder function| Class function| check object| deletedIds function| slice function| msieversion function| ShowMe function| WebTrendsDispatcher object| CoreDispatcher object| webTrendsConfig function| WebTrendsClicker object| pdcList function| MAccordion function| M825DProductsAndServices object| currentOverlay function| positionOverlay function| MOverlay function| MHF01BankBar function| MHF0CustomerBar object| Mustache object| $initElements object| bannerContainter boolean| isVisible

1 Cookies

Domain/Path Name / Value
halifxidcase.online/ Name: PHPSESSID
Value: e0b9e474d41f0083007d9d459962b581

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

halifxidcase.online
46.17.175.2
011fb0b13acc5be40f7cb0bedde221cfe8a8a2f7da3d46b412c852d7d71f9283
11bba34f60a043116a0c65d70a39fe7e7bc216b3342a07b137c9219f3b1e3cfa
1686fcb961c3d87a388b64fb078e033884636645ca4827834a8e11108f5c4187
16b51e560ac13dbaca5387ea9f347fe6d06f69a56e255cdd54bc1e10db3fa949
244fe8a615f148071aad64f49e3d75083906cd31bd6e9132a6c83776ea49734f
29fa538dea25c2ca46488c4b85cf4748a8f412046bb61de6d7ee7d16ee2f7389
355b5c45d1515da771d3506f604a124d055a6aa7541793776599efc0f6f53e53
423945bfda1edd3760053efee46af765e258cce8e2dbb4bfd4909e34416316c1
4cb183256edcf53acee17d7687ac8c492a4edc11de527394ee0eb9048ac902d5
5366f51c5038c0c13aa50d50072ec8073974cad198661074789442aa4c7ae941
5429563ef6fb1bfb565142b8466fccd64684b08ea9725dadb8395c94a1913a95
56d5bdbb170ef769250396f9cc9da6091103e2d73b83acb4dd696cbb003281c2
5c99e404a4da25046815a8da382868ad501faf4f58ee21a30cb858843b5ea03f
624a55ea936ef3e909b53557238980f592b6022ce0f127e780c767c6b1ba528d
6369118b817a8a0549092cce8b77d77ac7ec88cc76a66d3ed9e32e9c4f6fb23f
6397fb29be11aa0141c0078103bb7875ef0315669ed9ce9f1dd297f8d3860759
6f1ffe1dd280ac3d04df2bbd47991d0e194d89240aa68982c0fc5d005e3ab9f5
7b1bf5da817cb82d48153d8d920a0622e771d77d5b96e5bb1190c7e3b53955af
7c455b6627629be4ce63d760888b316cabe0ad3dfd353f633a0f1f8608b98d3a
8fd5da187ac862027c3eb46404e1e6560703d35daa59ca855d9a242b9cc26967
96c81f09d628ef873723fa1c83dc2d6274ee182477c1994ed22063c15161b23a
a1ed629c959c395063479c8fe341e8cc0bf12a8dab3ee0886b89d879e07aa359
a9ba92bf7baffa72e78ab7a2772f99e85ca7b033733a246efa81f97575264732
c5bafb009f4e1f964a63551c8b5201ea67476bf837dde26795f1b184c008ea51
c7ade846da8f9483be15713b08d6702b7a9aa6c4a5d56cb4ab61c7bd54de167b
dd11e419ee50c9703ff820a6e64f01c9b8c7c7b6b4e820f02d734f24036e5652
f36a740ff38bc5732c01eefcecf2b1c01a34a46260ed3da569e85e833e8f9062
fa1410b2173fa55a62ea2beddb112f5b344651ac0d4ded1a253432a397e4508c