bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
Open in
urlscan Pro
2602:fea2:2::1
Public Scan
Submitted URL: http://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Effective URL: https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Submission: On April 26 via api from US — Scanned from DE
Effective URL: https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Submission: On April 26 via api from US — Scanned from DE
Summary
This website contacted 17 IPs
in 4 countries
across 13 domains to perform 65 HTTP transactions.
The main IP is 2602:fea2:2::1, located in
United States and
belongs to PROTOCOL, US.
The main domain is bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
15
2602:fea2:2::1
(United States)
ASN40680 (PROTOCOL, US)
ASN40680 (PROTOCOL, US)
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
1
2a02:26f0:3500:11::215:14ca
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| websdk.appsflyer.com |
4
2a02:26f0:3500:591::1e80
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| assets.adobedtm.com |
2
108.138.24.11
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-11.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-11.fra56.r.cloudfront.net
| d3rnm236tp90vs.cloudfront.net |
1
143.204.214.187
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-187.fra53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-187.fra53.r.cloudfront.net
| d21ctq9anmk97c.cloudfront.net |
14
13.224.194.3
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-3.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-3.fra2.r.cloudfront.net
| d140zf541n5jhi.cloudfront.net |
1
2a00:1450:4001:808::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
143.204.215.8
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-8.fra53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-8.fra53.r.cloudfront.net
| awa-euwest1-1.advanced-web-analytics.com |
2
52.215.85.23
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-85-23.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-85-23.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
4
34.253.251.171
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-251-171.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-251-171.eu-west-1.compute.amazonaws.com
| wa.onelink.me |
2
52.19.6.228
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-6-228.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-6-228.eu-west-1.compute.amazonaws.com
| wa.appsflyer.com |
1
52.211.104.127
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-104-127.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-104-127.eu-west-1.compute.amazonaws.com
| nedbank.demdex.net |
2
63.140.62.160
(United States)
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-160.data.adobedc.net
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-160.data.adobedc.net
| nedbank.d3.sc.omtrdc.net |
2
142.250.186.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
| cm.g.doubleclick.net |
1
2001:4860:4802:36::36
(United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net |
| Domain | Requested by | |
|---|---|---|
| 15 | bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 14 | d140zf541n5jhi.cloudfront.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
d140zf541n5jhi.cloudfront.net |
| 9 | secured.nedbank.co.za |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
secured.nedbank.co.za |
| 4 | wa.onelink.me |
websdk.appsflyer.com
|
| 4 | assets.adobedtm.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | nedbank.d3.sc.omtrdc.net |
assets.adobedtm.com
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
| 2 | wa.appsflyer.com |
websdk.appsflyer.com
|
| 2 | dpm.demdex.net |
assets.adobedtm.com
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link |
| 2 | d3rnm236tp90vs.cloudfront.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
d3rnm236tp90vs.cloudfront.net |
| 1 | europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | nedbank.demdex.net |
assets.adobedtm.com
|
| 1 | awa-euwest1-1.advanced-web-analytics.com |
d140zf541n5jhi.cloudfront.net
|
| 1 | www.googletagmanager.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | d21ctq9anmk97c.cloudfront.net |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | websdk.appsflyer.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 1 | www.google-analytics.com |
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
|
| 65 | 17 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.i.ipfs.io R3 |
2023-03-27 - 2023-06-25 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
| *.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-22 - 2023-09-24 |
a year | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
| secured.nedbank.co.za Entrust Certification Authority - L1M |
2022-09-05 - 2023-10-04 |
a year | crt.sh |
| *.advanced-web-analytics.com GeoTrust TLS RSA CA G1 |
2023-04-13 - 2024-05-10 |
a year | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| *.onelink.me Amazon RSA 2048 M02 |
2023-02-04 - 2024-03-04 |
a year | crt.sh |
| *.sdk.af-sdk.io Amazon RSA 2048 M01 |
2022-10-26 - 2023-11-24 |
a year | crt.sh |
| *.d3.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-10 - 2024-03-08 |
a year | crt.sh |
| misc.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
Frame ID: 8E1BA5AF5B67F90164B67D8590A8E3A3
Requests: 59 HTTP requests in this frame
Frame:
https://awa-euwest1-1.advanced-web-analytics.com/623923/guhuna.html?e=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link&es=eyJpIjoibUV4UE10N1d2MmRmZVFrNDZNMjMxUT09IiwiZSI6IjNmOEl4eThTYVFFc00rRWVJZDRJYjVXXC9jblc0S25wT3NBTzEwS3pqTWZhMzltRFV3OUtzSzAwZ0tQNFAzMjFFM1pKbUdiOWxiSjNxUFVVV1RSaHJ3T0hFTW5uUGFOTkdVYUdWWmdvU3NEZUpqNVd6YkpsUU94d0VqQmkyaEQwUGZuNGQxUXhXQlp2eXd4ZWI2ak11Vnc9PSJ9.1ada63c5ad2b9692.NzRlZmZkOGQ4YmIwOGQxYzYyZDA1M2I1ZmIxMDZjYWQ0MmI3N2UxN2RiMWU0N2E1N2FiNTI0NGMyMjNmN2U3Mw%3D%3D&eu=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link%2F&icid=168248886626718691
Frame ID: 5AFC01AADB71C53AB0EB2183B63635E3
Requests: 1 HTTP requests in this frame
Frame:
https://nedbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 9E23334C1845D452E5B06F038D1C38BC
Requests: 3 HTTP requests in this frame
Frame:
https://d140zf541n5jhi.cloudfront.net/623923/feda.html?sui=80ddbf05fb11eb3f112df98c6fc5bd897dabc675f163f2d22f2a49e45683c468
Frame ID: 8B50FBB7AF2B9F256E75DCBD2636A4D3
Requests: 1 HTTP requests in this frame
Frame:
https://d140zf541n5jhi.cloudfront.net/623923/ernge.html?si=0&e=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link&LSESSIONID=eyJpIjoibUV4UE10N1d2MmRmZVFrNDZNMjMxUT09IiwiZSI6IjNmOEl4eThTYVFFc00rRWVJZDRJYjVXXC9jblc0S25wT3NBTzEwS3pqTWZhMzltRFV3OUtzSzAwZ0tQNFAzMjFFM1pKbUdiOWxiSjNxUFVVV1RSaHJ3T0hFTW5uUGFOTkdVYUdWWmdvU3NEZUpqNVd6YkpsUU94d0VqQmkyaEQwUGZuNGQxUXhXQlp2eXd4ZWI2ak11Vnc9PSJ9.1ada63c5ad2b9692.NzRlZmZkOGQ4YmIwOGQxYzYyZDA1M2I1ZmIxMDZjYWQ0MmI3N2UxN2RiMWU0N2E1N2FiNTI0NGMyMjNmN2U3Mw%3D%3D&t=xframe&eu=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link%2F&icid=168248887066520764&sr=https%3A%2F%2Fbafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link%2Fclose-gray.255d2087c5e383f8.svg
Frame ID: 5D846F3F837CF0F10A0B03AE04DB92A9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Online BankingPage URL History Show full URLs
-
http://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
HTTP 307
https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ Page URL
Detected technologies
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/
HTTP 307
https://bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 52- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjYzMTQ4ODM1NTc0Mzc3NzQ4MTA5OTA5MzgzODY2OTMxNjU3NzE= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjYzMTQ4ODM1NTc0Mzc3NzQ4MTA5OTA5MzgzODY2OTMxNjU3NzE=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=3?gdpr=0&gdpr_consent=
65 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ Redirect Chain
|
2 MB 218 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
websdk.appsflyer.com/ |
34 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-1bbd76e19c63.min.js
assets.adobedtm.com/6422e0f550a2/567d03ce12ec/ |
221 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
34 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pqwct.js
d3rnm236tp90vs.cloudfront.net/623923/ |
70 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
load.js
d21ctq9anmk97c.cloudfront.net/623923/ |
72 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bryenou.js
d140zf541n5jhi.cloudfront.net/623923/ |
86 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lida.js
d140zf541n5jhi.cloudfront.net/623923/ |
69 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
erob.js
d140zf541n5jhi.cloudfront.net/pref/ |
87 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bleca.js
d140zf541n5jhi.cloudfront.net/623923/ |
88 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
0 584 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
0 584 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
yqn
d140zf541n5jhi.cloudfront.net/pref/ |
0 584 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCe2e740ff7ea141e09ef378aa05f76b39-source.min.js
assets.adobedtm.com/6422e0f550a2/567d03ce12ec/110d57bdb7d5/ |
1 KB 877 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
0 582 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.4b9418b516c0a164.css
secured.nedbank.co.za/ |
318 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankIcon.svg
secured.nedbank.co.za/assets/svg/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cross-Black-small.svg
secured.nedbank.co.za/assets/svg/ |
816 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
outdated-browser.svg
secured.nedbank.co.za/assets/svg/ |
49 KB 15 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Error_Orange.svg
secured.nedbank.co.za/assets/svg/ |
933 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runtime.23a3296a909c3297.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
polyfills.fbd9ff4638904619.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scripts.38d1d65f5303bd85.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.da7144912a048223.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
113 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utils.js
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/assets/js/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FFMarkWebProRegular.69386de63644c744.ttf
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FFMarkWebProRegular.3594b4997f3f4009.woff
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
guhuna.html
awa-euwest1-1.advanced-web-analytics.com/623923/ Frame 5AFC |
67 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FFMarkWebProRegular.fb38458d0fa9adfc.woff2
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.4b9418b516c0a164.css
secured.nedbank.co.za/ |
318 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
outdated-browser.svg
secured.nedbank.co.za/assets/svg/ |
49 KB 15 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
NedbankIcon.3cee39915afd52c3.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
214 B 214 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-chat-thin.aecf4aeab466cacf.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
217 B 217 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location-blank-green.15740b1c831edc89.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
223 B 223 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
contact-blank-green.36dfab02d2901e0a.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
222 B 222 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankLogin_v4.png
secured.nedbank.co.za/assets/png/ |
124 KB 125 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flags.f73aa829a0084837.png
secured.nedbank.co.za/ |
69 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close-gray.255d2087c5e383f8.svg
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ |
213 B 213 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
642 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
13 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
13 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
events
wa.appsflyer.com/ |
138 B 621 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
nedbank.demdex.net/ Frame 9E23 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
nedbank.d3.sc.omtrdc.net/ |
2 B 311 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
events
wa.appsflyer.com/ |
138 B 621 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s65220005224140
nedbank.d3.sc.omtrdc.net/b/ss/nedbankonlinebankingprd,nedbankglobal/1/JS-2.23.0-LCXS/ |
43 B 200 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
51 B 538 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
51 B 538 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=&google_error=3
dpm.demdex.net/ Frame 9E23 Redirect Chain
|
42 B 960 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie-sync
europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net/ Frame 9E23 |
0 187 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FFMarkWebProRegular.69386de63644c744.ttf
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
feda.html
d140zf541n5jhi.cloudfront.net/623923/ Frame 8B50 |
22 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FFMarkWebProRegular.3594b4997f3f4009.woff
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
FFMarkWebProRegular.fb38458d0fa9adfc.woff2
secured.nedbank.co.za/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
90 B 653 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dSFu
d140zf541n5jhi.cloudfront.net/623923/ |
89 B 650 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
89 B 652 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d3rnm236tp90vs.cloudfront.net/623923/ |
90 B 654 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ernge.html
d140zf541n5jhi.cloudfront.net/623923/ Frame 5D84 |
76 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zeJc
d140zf541n5jhi.cloudfront.net/623923/ |
80 B 643 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FFMarkWebProRegular.69386de63644c744.ttf
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FFMarkWebProRegular.3594b4997f3f4009.woff
- Domain
- secured.nedbank.co.za
- URL
- https://secured.nedbank.co.za/FFMarkWebProRegular.fb38458d0fa9adfc.woff2
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless function| _0x4d2e function| _0x5545 function| _0x3f498a function| goToNedbankHome string| AppsFlyerSdkObject function| AF object| google_tag_data function| ga object| gaplugins object| ___sc623923 object| ___so623923 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt object| global function| inIframe object| tokenValue object| ____0.8892721414275973 function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap function| target string| ua number| msie boolean| isIEOldVersion object| rootElement object| outDatedBrowser object| google_tag_manager object| dataLayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| AF_SDK object| s_i_nedbankonlinebankingprd_nedbankglobal11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: LSESSIONID Value: eyJpIjoibUV4UE10N1d2MmRmZVFrNDZNMjMxUT09IiwiZSI6IjNmOEl4eThTYVFFc00rRWVJZDRJYjVXXC9jblc0S25wT3NBTzEwS3pqTWZhMzltRFV3OUtzSzAwZ0tQNFAzMjFFM1pKbUdiOWxiSjNxUFVVV1RSaHJ3T0hFTW5uUGFOTkdVYUdWWmdvU3NEZUpqNVd6YkpsUU94d0VqQmkyaEQwUGZuNGQxUXhXQlp2eXd4ZWI2ak11Vnc9PSJ9.1ada63c5ad2b9692.NzRlZmZkOGQ4YmIwOGQxYzYyZDA1M2I1ZmIxMDZjYWQ0MmI3N2UxN2RiMWU0N2E1N2FiNTI0NGMyMjNmN2U3Mw%3D%3D |
|
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: __gdic Value: lgxafhspje6kfgn1ro |
|
| .demdex.net/ | Name: demdex Value: 26314883557437774810990938386693165771 |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: AMCVS_5B5243A15589607E7F000101%40AdobeOrg Value: 1 |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: AMCV_5B5243A15589607E7F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C19474%7CMCMID%7C26330497110828891850994751546191253475%7CMCAAMLH-1683093667%7C6%7CMCAAMB-1683093667%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1682496067s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.5.0 |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: afUserId Value: e9e061b3-7f20-4e92-b695-b77a4b872608-p |
|
| .bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: AF_SYNC Value: 1682488867730 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .demdex.net/ | Name: dextp Value: 771-1-1682488867727|1048458-1-1682488867828 |
|
| .dpm.demdex.net/ | Name: dpm Value: 26314883557437774810990938386693165771 |
|
| bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link/ | Name: ___r623923 Value: 0.3309795473797 |
30 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
awa-euwest1-1.advanced-web-analytics.com
bafybeia7vz4upvstchv7pzkt3wfpjboly4w7fcut4dngtes37aefawbvam.ipfs.dweb.link
cm.g.doubleclick.net
d140zf541n5jhi.cloudfront.net
d21ctq9anmk97c.cloudfront.net
d3rnm236tp90vs.cloudfront.net
dpm.demdex.net
europe-west1-rtbhouse-traffic-adobe.cloudfunctions.net
nedbank.d3.sc.omtrdc.net
nedbank.demdex.net
secured.nedbank.co.za
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.google-analytics.com
www.googletagmanager.com
secured.nedbank.co.za
108.138.24.11
13.224.194.3
142.250.186.130
143.204.214.187
143.204.215.8
168.142.204.82
2001:4860:4802:36::36
2001:4860:4802:38::178
2602:fea2:2::1
2a00:1450:4001:808::2008
2a02:26f0:3500:11::215:14ca
2a02:26f0:3500:591::1e80
34.253.251.171
52.19.6.228
52.211.104.127
52.215.85.23
63.140.62.160
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
1e18760ed18470f264f73c2984ea3b302a190cb29d0fe64faeb018df4860355b
24af98f5927069908c81e519b1082493492411999b322d3297a0be59baed39ed
28cd52da53590e96dc3dc2110d5f7f93590e694a7ed47d338b32c7932ef1dfc9
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48fd359a21ad1b9ef309c82ee444be17aa34430d71333fb4f2357353ff01bca8
588beff7eab00cd7125b89577e8d37be2c7c89ed92c95c52a9744db22ae35962
5e322cd772ea8ad0f5abe1978a60fd4655e098c66eb9ba602d389e23f13f1316
6158ef9ca80adb1a0e5374e587fdfab7b5c18c8ae3156720ba2034588c838ae4
649c784b3c5625f6c94b37a9838c9922bb943a75b06e3bb6ed26c39bc19fda9c
723699e461c4ca4475bfa41f26bd9fe45820937b4952ba168317273ed0589883
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
79ac9cbbca9c02b511090576ea85f0a47cc207455b6b035565a62165baaed0da
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
81362bc9579b9ad60cfefa0002c817e7d85c9ca7a9b7b86c6caeeaa39bc6c792
8f09e2919336113059aa34d6971187075de0c65826ce6001a189625d83117bb5
95bc386696dfadf3495d73cb04e85fd3d904a8d7b075fb465dbae1ddc58f47fe
9c55435d2255b149ef541de7b6746370591e0f472d985f0de1f1333bd351a83b
9c74020e0b6de0f9b058e80bd43a0315ec7d6dbaf2ebe697202fcc65a28d2492
9e318d672c5a1c8ffb52a52cf62cfc4cf0a4a92a0b27d2647eaf8a0070900567
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2f8ec43189ae6170f88340c9717e83cc8f137ff7d9ec8389430f1bae9d4b729
a79b27eca5edc2e11ae80873e90f5dd26050dd94513a13a0ccac677b2f9b5645
a800d49491719704387ae31653f203eef7841588885a5e69908638204f90aa20
afe7cc5e82489507cc7d179d6258b258f71b4e796b899e8ba848c0d90ceb1914
b5c2c79c0685b427201fa0d18a8f04568bf8524fa84579ecab48db0f82e0d45e
cbc51e4d4dfd84c231cc31db97c66cb1e7b7c4eeb67c17a574a886cf95e32b3e
d2eb727f2d849d06f7c0488b720b5f57100d2578fafd17b79b1302172b9ed41d
d4c4f3bcdff08509878d55ff3e067e99aa3ee36d01a9f6dab3d5dbfb6c926c83
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d76a2c7fd1421fde1c101c1cce1c7a4b4c89fbbd5505f0d1579d02727a10e58f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a25dcf31e55c83546cb83fe70e86970632ae2868956c47b011aff6a357cd78
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb28ee69b7696a72988f8c4498b63e42397b75654abddebdd132f739ecb1024f
edd1d70d0899f78664db714f337db2b479dbe66d621e8b3e0a3532bdccfd2389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc5af6b7915736a7aa604c8dcf8842f19f6c9c745c488d829eca8630f0ba60e
f0c1cd30623203adb216e82b0dac86393b6a6bce4771ad02d346d0a09fed0f93
f32949e445bb5c1fc5eb71443bf454405ee214fe739199b157303715e5360db1
f598e0f0e9fd2c4f75f3ef37d931dea9d62ff9c5bb8a3638c4e78c27ca8e3560
f6736758ea7a037f4dcc9d958e42d1900b3020906e565737da602c46718511df
f7baf6fab8ed8563ffcf45e566735dc4adf36fd5243d0c2ffdf472905bc7e018
ffc5f1d5f704d07b64a1667c8a84a339ec3e399ec1babdee06e8da649c7267a2