progressivefoam.com
Open in
urlscan Pro
50.62.188.190
Malicious Activity!
Public Scan
URL:
http://progressivefoam.com/nedbank2015/nedlogon.html
Submission: On February 23 via automatic, source phishtank
Submission: On February 23 via automatic, source phishtank
Summary
This website contacted 9 IPs
in 4 countries
across 10 domains to perform 90 HTTP transactions.
The main IP is 50.62.188.190, located in
Scottsdale, United States and
belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US.
The main domain is progressivefoam.com.
This is the only time progressivefoam.com was scanned on urlscan.io!
This is the only time progressivefoam.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nedbank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 42 | 50.62.188.190 50.62.188.190 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
| 2 | 2a00:1450:401... 2a00:1450:4010:c07::5f | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
| 37 | 168.142.204.33 168.142.204.33 | 3741 (IS) (IS) | |
| 2 | 2a00:1450:401... 2a00:1450:4010:c0b::8b | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
| 3 | 23.74.189.50 23.74.189.50 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 52.0.34.38 52.0.34.38 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 54.75.230.6 54.75.230.6 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 54.174.176.16 54.174.176.16 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 90 | 9 |
42
50.62.188.190
(Scottsdale, United States)
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-50-62-188-190.ip.secureserver.net
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-50-62-188-190.ip.secureserver.net
| progressivefoam.com | |
| www.progressivefoam.com |
3
23.74.189.50
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-74-189-50.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-74-189-50.deploy.static.akamaitechnologies.com
| js.hs-analytics.net | |
| js.hs-scripts.com | |
| js.hsleadflows.net |
1
52.0.34.38
(Ashburn, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-0-34-38.compute-1.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-0-34-38.compute-1.amazonaws.com
| track.hubspot.com |
1
54.75.230.6
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-75-230-6.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-75-230-6.eu-west-1.compute.amazonaws.com
| www.splash-screen.net |
1
54.174.176.16
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-174-176-16.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-174-176-16.compute-1.amazonaws.com
| js.leadin.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 42 |
progressivefoam.com
progressivefoam.com www.progressivefoam.com |
935 KB |
| 37 |
nedsecure.co.za
netbank.nedsecure.co.za |
313 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
12 KB |
| 2 |
googleapis.com
ajax.googleapis.com |
65 KB |
| 1 |
leadin.com
js.leadin.com |
221 B |
| 1 |
hsleadflows.net
js.hsleadflows.net |
33 KB |
| 1 |
splash-screen.net
www.splash-screen.net |
177 B |
| 1 |
hubspot.com
track.hubspot.com |
45 B |
| 1 |
hs-scripts.com
js.hs-scripts.com |
389 B |
| 1 |
hs-analytics.net
js.hs-analytics.net |
20 KB |
| 90 | 10 |
| Domain | Requested by | |
|---|---|---|
| 40 | www.progressivefoam.com |
progressivefoam.com
www.progressivefoam.com |
| 37 | netbank.nedsecure.co.za |
progressivefoam.com
netbank.nedsecure.co.za |
| 2 | www.google-analytics.com |
www.progressivefoam.com
progressivefoam.com |
| 2 | ajax.googleapis.com |
progressivefoam.com
www.progressivefoam.com |
| 2 | progressivefoam.com | |
| 1 | js.leadin.com |
js.hsleadflows.net
|
| 1 | js.hsleadflows.net |
js.hs-scripts.com
|
| 1 | www.splash-screen.net |
progressivefoam.com
|
| 1 | track.hubspot.com |
progressivefoam.com
|
| 1 | js.hs-scripts.com | |
| 1 | js.hs-analytics.net |
www.progressivefoam.com
|
| 90 | 11 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| netbank.nedsecure.co.za |
| www.nedbank.co.za |
| www.netbankdemo.co.za |
| nedbankonlinetrading.nedsecure.co.za |
| www.entrust.net |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.googleapis.com Google Internet Authority G2 |
2017-02-01 - 2017-04-26 |
3 months | crt.sh |
| netbank.nedsecure.co.za Entrust Certification Authority - L1M |
2016-10-25 - 2018-10-25 |
2 years | crt.sh |
| *.google-analytics.com Google Internet Authority G2 |
2017-02-01 - 2017-04-26 |
3 months | crt.sh |
| hubspot.net DigiCert SHA2 High Assurance Server CA |
2017-01-25 - 2020-01-30 |
3 years | crt.sh |
| *.leadin.com DigiCert SHA2 High Assurance Server CA |
2017-02-01 - 2019-02-06 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
http://progressivefoam.com/nedbank2015/nedlogon.html
Frame ID: 15769.1
Requests: 43 HTTP requests in this frame
Frame:
http://www.progressivefoam.com/nedbank2015/html/ForgetPasswordInfo.htm
Frame ID: 15769.2
Requests: 46 HTTP requests in this frame
Frame:
https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/Welcome.htm
Frame ID: 15769.3
Requests: 1 HTTP requests in this frame
20 Outgoing links
These are links going to different origins than the main page.
URL: https://netbank.nedsecure.co.za/
Title: Home
Title: Home
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/website/content/promotions/index_detail.asp?PromoID=529
Title: Online Security
Title: Online Security
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/website/content/forms/Formsdetails.asp?FormsId=661
Title: Apply
Title: Apply
Search URL Search Domain Scan URL
URL: http://www.netbankdemo.co.za/NetbankRetailDemo/
Title: NetBank Demo
Title: NetBank Demo
Search URL Search Domain Scan URL
URL: http://www.netbankdemo.co.za/NetbankRel12011/Netbank%20UserGuide/main_menu.html
Title: NetBank User Guide
Title: NetBank User Guide
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/website/content/promotions/index_detail.asp?PromoID=528
Title: More About NetBank
Title: More About NetBank
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/website/content/forms/form.asp?FormsId=68&Location=&FormLocation=
Title: Talk to Us
Title: Talk to Us
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/personalmoneymanager/
Title: Personal Money Manager
Title: Personal Money Manager
Search URL Search Domain Scan URL
URL: https://nedbankonlinetrading.nedsecure.co.za/Home.aspx
Title: Online Share Trading
Title: Online Share Trading
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/uploads/terms/TCSelfServiceBankingE.pdf
Title: Terms & Conditions
Title: Terms & Conditions
Search URL Search Domain Scan URL
URL: http://www.netbankdemo.co.za/NetbankRel12011/DOCS/internet%20banking%202011FAQs.pdf
Title: FAQ
Title: FAQ
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/rapport/
Title: Trusteer Rapport Security
Title: Trusteer Rapport Security
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/fica/
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/products/product_detail.asp?SubSubcatid=1869&Subcatid=502&ProductID=661
Search URL Search Domain Scan URL
URL: https://www.entrust.net/customer/profile.cfm?domain=netbank.nedsecure.co.za
Title: Click here
Title: Click here
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/bfc/
Title: Fees
Title: Fees
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/askonce/askonce.asp
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/
Title: Home
Title: Home
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/legal/index.asp
Title: Legal Requirements
Title: Legal Requirements
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/home/glossary.asp
Title: Glossary
Title: Glossary
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request 1- http://progressivefoam.com/nedbank2015/branding/info.css?version=3.6.1016.0
- http://www.progressivefoam.com/nedbank2015/branding/info.css?version=3.6.1016.0
- http://progressivefoam.com/nedbank2015/branding/main.css?version=3.6.1016.0
- http://www.progressivefoam.com/nedbank2015/branding/main.css?version=3.6.1016.0
- http://progressivefoam.com/nedbank2015/html/ForgetPasswordInfo.htm
- http://www.progressivefoam.com/nedbank2015/html/ForgetPasswordInfo.htm
- https://js.leadin.com/js/v1/1677566.js
- https://js.hs-scripts.com/1677566.js
90 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
nedlogon.html
progressivefoam.com/nedbank2015/ |
172 KB 172 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
info.css
www.progressivefoam.com/nedbank2015/branding/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
main.css
www.progressivefoam.com/nedbank2015/branding/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
jquery-ui-1.8.16.custom.css
netbank.nedsecure.co.za/App_Themes/NedbankTheme/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
Nedbank.css
netbank.nedsecure.co.za/App_Themes/NedbankTheme/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
jquery.min.js
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/jQuery/ |
78 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
JQuery.js
netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/ |
70 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
jquery-ui.min.js
netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/ |
197 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
USSDDialog.js
netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/ |
18 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
USSDPolling.js
netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/ |
42 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
MyFinancialLife.js
netbank.nedsecure.co.za/Browser/Common/Scripts/MyFinancialLife/ |
2 KB 680 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
RTCCutoff.js
netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/ |
1 KB 457 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
DarkHours.js
netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/ |
1 KB 457 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow_down.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
56 B 56 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
56 B 56 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
menu_shadow_left.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
405 B 405 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ResetPassword.js
netbank.nedsecure.co.za/Browser/Common/Scripts/ResetPassword/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Login_Top.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
230 B 230 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Promo_Left.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
195 B 195 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lock.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
587 B 587 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logonButton.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SubmitButton.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CancelButton.png
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Promo_Right.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
197 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Login_Bottom.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
233 B 233 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Promo_Top.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
244 B 244 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
banner_1.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
banner_2.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
banner_3.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
keyboard.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Promo_Bottom.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
247 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
alertIcon.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
754 B 754 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
EntrustLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
PSALogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
448 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AskOnceLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankFooterLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ForgetPasswordInfo.htm
www.progressivefoam.com/nedbank2015/html/ Frame 1576 Redirect Chain
|
23 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
Welcome.htm
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/ Frame 1576 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui-bg_flat_75_ffffff_40x100.png
netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ |
178 B 178 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui-icons_222222_256x240.png
netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui-bg_highlight-soft_75_005641_1x100.png
netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ |
133 B 133 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3658-layout.css
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3820-layout.css
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3679-layout.css
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3668-layout.css
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3720-layout.css
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3675-layout.css
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
www.progressivefoam.com/wp-content/themes/pft2016/css/ Frame 1576 |
120 KB 120 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
magnific-popup.min.css
www.progressivefoam.com/wp-content/themes/pft2016/css/ Frame 1576 |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.min.css
www.progressivefoam.com/wp-content/plugins/bb-plugin/css/ Frame 1576 |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ie10-viewport-bug-workaround.css
www.progressivefoam.com/wp-content/themes/pft2016/css/ Frame 1576 |
519 B 519 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.mmenu.custom.css
www.progressivefoam.com/wp-content/themes/pft2016/css/ Frame 1576 |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
www.progressivefoam.com/wp-content/themes/pft2016/ Frame 1576 |
39 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pft-logo-740x134.png
www.progressivefoam.com/wp-content/uploads/ Frame 1576 |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader-gray.gif
www.progressivefoam.com/wp-content/themes/pft2016/images/ Frame 1576 |
28 KB 28 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
output.css
www.progressivefoam.com/wp-content/plugins/addthis/css/ Frame 1576 |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 1576 |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3658-layout.js
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3820-layout.js
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3679-layout.js
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3668-layout.js
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3720-layout.js
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3675-layout.js
www.progressivefoam.com/wp-content/uploads/bb-plugin/cache/ Frame 1576 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
www.progressivefoam.com/wp-content/themes/pft2016/js/ Frame 1576 |
36 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.magnific-popup.min.js
www.progressivefoam.com/wp-content/themes/pft2016/js/ Frame 1576 |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-scrolltofixed-min.js
www.progressivefoam.com/wp-content/themes/pft2016/js/ Frame 1576 |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ie10-viewport-bug-workaround.js
www.progressivefoam.com/wp-content/themes/pft2016/js/ Frame 1576 |
641 B 641 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.mmenu.custom.js
www.progressivefoam.com/wp-content/themes/pft2016/js/ Frame 1576 |
20 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.bootbox.min.js
www.progressivefoam.com/wp-content/themes/pft2016/js/ Frame 1576 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ini.js
www.progressivefoam.com/wp-content/themes/pft2016/js/ Frame 1576 |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pft.geosearch.js
www.progressivefoam.com/wp-content/themes/pft2016/js/ Frame 1576 |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-embed.min.js
www.progressivefoam.com/wp-includes/js/ Frame 1576 |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ Frame 1576 |
28 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg-body.png
www.progressivefoam.com/wp-content/themes/pft2016/images/ Frame 1576 |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ColfaxWebMedium.woff
www.progressivefoam.com/wp-content/themes/pft2016/fonts/ Frame 1576 |
40 KB 40 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff2
www.progressivefoam.com/wp-content/plugins/bb-plugin/fonts/ Frame 1576 |
65 KB 65 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ColfaxWebRegular.woff
www.progressivefoam.com/wp-content/themes/pft2016/fonts/ Frame 1576 |
40 KB 40 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
map-marker.png
www.progressivefoam.com/wp-content/themes/pft2016/images/ Frame 1576 |
561 B 561 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
www.progressivefoam.com/wp-content/plugins/bb-plugin/js/ Frame 1576 |
91 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.migrate.min.js
www.progressivefoam.com/wp-content/plugins/bb-plugin/js/ Frame 1576 |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/r/ Frame 1576 |
35 B 44 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1677566.js
js.hs-analytics.net/analytics/1487837700000/ Frame 1576 |
54 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1677566.js
js.hs-scripts.com/ Frame 1576 Redirect Chain
|
1018 B 389 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
__ptq.gif
track.hubspot.com/ Frame 1576 |
45 B 45 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rapi.js
www.splash-screen.net/71524/ |
177 B 177 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
progressivefoam.com/ |
0 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
leadin.js
js.hsleadflows.net/ Frame 1576 |
175 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config
js.leadin.com/js/v2/ Frame 1576 |
300 B 221 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/Welcome.htm
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nedbank (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| progressivefoam.com/ | Name: PHPSESSID Value: 66e87a16366165e05b5339fbbf7c700d |
|
| .progressivefoam.com/ | Name: __hssc Value: 191020597.1.1487837539567 |
|
| .progressivefoam.com/ | Name: __hssrc Value: 1 |
|
| .progressivefoam.com/ | Name: _ga Value: GA1.2.1558138248.1487837539 |
|
| .progressivefoam.com/ | Name: hubspotutk Value: eed9f0b5ac12c7d19ec792261b7f7a2c |
|
| .progressivefoam.com/ | Name: __hstc Value: 191020597.eed9f0b5ac12c7d19ec792261b7f7a2c.1487837539566.1487837539566.1487837539566.1 |
|
| www.progressivefoam.com/ | Name: PHPSESSID Value: 4c05a3dbeb0523988ce91438ca0de148 |
|
| .progressivefoam.com/ | Name: _gat Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
js.hs-analytics.net
js.hs-scripts.com
js.hsleadflows.net
js.leadin.com
netbank.nedsecure.co.za
progressivefoam.com
track.hubspot.com
www.google-analytics.com
www.progressivefoam.com
www.splash-screen.net
netbank.nedsecure.co.za
168.142.204.33
23.74.189.50
2a00:1450:4010:c07::5f
2a00:1450:4010:c0b::8b
50.62.188.190
52.0.34.38
54.174.176.16
54.75.230.6
0167df051de262477bacd5db85160f22bb9f66a31b699a1b0271a382c60c2e33
040843be29b68c4945c6ff46dece5200b64061841aef42d153301fcade94f5cd
04a07a2d47ac28097936104995b996bd289c14e99783ecc2e9f880a36b5f877f
05379cc93990d9dda3f406636da82400cf350f2fda3e2c2fb0a24375b5d30043
1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046
20f55f99b281290a331e1438f3dd5ec5410484ae92f99fc40eddf56e7e2db55e
22b83c0b6d9080c7912e8ce3b7cf6040b2094bb2760d26c5fe3ad8d33623aaed
25dfbb69dfd0e9fa5d6deb8e7691db0cd97b8eb49945b37e9e1da1f0dcc8d5cf
2be13db1c15b34c30e223cd4d45eb912687af8e89b66477873a123bc3dc97c61
3184b468597748509039c40b6d99bd06d0dcf5087057f98596ff600b6266d0e3
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
37e945a559a859901ffaa6da05970c8d18ccc0b364a5c8106d36ed6e2a94a218
3803b1c3075131ef9a80f44cc00b897657f7f389833a80093b368eae4466ae6c
39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5
3a18ff487b9fcc4b10efb7bad289ff8cdf545159637b30ff3fe2bf15606d8f77
3f5cd6abe1ce40910aac6bb42e6ecc21e5f19fc88dbaf609f41e13e1d91634ff
40e4ed7b942863a52a0e3fce7d1fdd6a51559c9eedee6f5ed49aba0d7ae1f617
43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf
443ffea27d512002cf9c6cf790db768319ccb4166114522d7851586db9d12b37
45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
5937806fca01e7df4cb8b9fbd800b5a697126c0802188c0f3f8e37a4708e472c
5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4
5d6c838e884407d498f2972291b87ce84ed5095d6d3c7696182ec83a674f865e
5e64ee5b810e9f9ea79b3a5a23698e2af1c4cdc535e02e6a37b374de8cff221d
6bd42374a6f107f1e26e316fe656f868fc578448410343d807ac12226c30b0ac
6c1a56367032d031feb64ec8dda18f6fc4722d20ccf9391fdad5942e3d46fc31
6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917
6f995360f78490d03da132628bf9de1719484d57521cc0ba81204ffc5dbc08b9
71b1e6fa4eacd771334533831e6b1c176ebc05b66661c9bdb01022ac4be0d7bb
734d23e0a44b69c5562d1466f4570598df149222d27411049d446af27888d3cd
7c8736463bf40b36031f0025b1c2a64a2856beb77758137355a1c873950e58c5
7ffc63987f91ebf7d27b5789c91907d6bca04278b158c0f30d9d742c4e9782cd
811a0d96cb6b717ef578136f7097d43de2a459f727ca760626e5cefa5eff59c3
8312e80c26ccafc8f48ad68bc2e3ba8763f8d6007cda5183a60b71e2348bbb51
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8425572a8a5189cecacd00f0ce5fdc563deb3ef9be0414bbd4042b69b6c7fec0
87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891
89fdecac64019eebad7cd1121c2c83c528808f1c7fcf3832a50c7743d641ed86
8bfc148075549bf004db23b05c5e2faa72c22c9dc6b5083e854451675a217ed4
8ed1373d075fc630d530e9de8fbdbfbc70475a98d5db1e14b3cdbfb954aa14c0
8fc18cc8710972015a01043b87edbe653ba82239251e8e897c598bdaf75f58da
90b56a073f03f39c42582515240d6b624e70fc0235ac654db13ba3a2e90939da
9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050
983d714fb0db2b10d458dbd13d75924e1f69f9da53050b7ae8430f3fb211977a
a0956d28843e85ae84f94276b4f3ae4c00ecc28931e642dffa72f0bfe892b1e2
a2ccfdc001858222885a9df39200840ac7a3f479ba889727d32a10398db7918a
a4fa2ceb07c70e6c4357e66c5803a8c666b0a5d4f6c07891ac7c8918003cc406
a63fd9e18d3dbf8a5e90f695bcf8d33ef712ca44ff1b9486cb6195aabb1e0331
a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b57fca80367abea5e43eac67cd96c36c7cca3188fa1f4b4ecd23ab71385f78a6
bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc
c00841470208df555d2bb8d3f627ed78782ecb628b57dfba878a6eacd2ae372e
c1fa7fbba24442086fa71f53894edb5e6224ef848f2f61e68444cb10f2144bfb
c4710f862b06ce2fa554b66f9a0d1fb61f89fa8d3afbdcc5b6ffc0f386b80e74
ca37427d16f23d512f20434f4b7adf6b1136c2d9cf6301fe0353e55d3003720c
cb3d3da6212ad4986d9e01a717bbfb43af7f3458969a0ef0e9950ac8770416ea
d09c43907e99f3323be424e4d83e7ddd3072b3596580a56adb50fcbb57fc5ddf
d4a16af416105cc57eba45b8320ac756f30356040f4427f9f35fe7510c089186
d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2
d93d5de642569242af13f59efe0fb4fc7bfaae83b01eb84966183c15fffc8f1d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc2e84a13f85f1a79a3f65d23836abe443ab58852143954b6abab61269323725
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
def475bca16e5f330dee0a9509aed60b71fc157ff349792980ae1979fa5f2f2c
df5748e607e020b5bb09d92ba17f78d1e0cd09971b3914eef217630081b9c195
e15a853084d56a40f8ba9e1fd0346a94198c881de072e99a3da9a1555aededed
e62c0b776499966ea573a244c18721ac7c15899e4dcfa920d6907156562754b9
e846652fe9bc83c8581aca54ed7c1c57f09e203c80cd51403cbfb8188f89a7d3
eb21b5f35836c63edf337cdd294d6f64caf39420d4e07e3ec29b09d4e5eb2427
ec0aea08f2d68dbb03d32d140346685eb89be06c8e5c864ff83cb03dcd264de9
ec3ee1c3ed128957c773f31d9752bb249522cc12ae6ef6b2de746f7445ac8cac
f663fd5d5698e04a8e56de60c13c54abcb6943adcb21c3d5e80866d0eda0604d
f90bbbda341041e7fc90c8aeeeac44942984199f74f6cdb324a551a7b130a7f6
fbed31fe516c5f3e20d8df909160988e65a7199781e1cf5a43b9d278629b704d
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995