czechlngroup.com
Open in
urlscan Pro
51.210.156.4
Malicious Activity!
Public Scan
Submission: On February 14 via manual from TR — Scanned from FR
Summary
TLS certificate: Issued by R3 on February 14th 2022. Valid for: 3 months.
This is the only time czechlngroup.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-200-156.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN36351 (SOFTLAYER, US)
PTR: 1c.16.7534.ip4.static.sl-reverse.com
mylivechat.com |
ASN36351 (SOFTLAYER, US)
PTR: 18.16.7534.ip4.static.sl-reverse.com
a5.mylivechat.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-77-12.eu-west-1.compute.amazonaws.com
ingturkey.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
ingturkey.d3.sc.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-68-230.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN34403 (INGBANKTR-AS, TR)
PTR: pixels-1.ingbank.com.tr
pixels.ingbank.com.tr |
Apex Domain Subdomains |
Transfer | |
---|---|---|
54 |
czechlngroup.com
czechlngroup.com |
763 KB |
5 |
mylivechat.com
1 redirects
mylivechat.com — Cisco Umbrella Rank: 31949 a5.mylivechat.com — Cisco Umbrella Rank: 275253 |
71 KB |
3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187 ingturkey.demdex.net |
5 KB |
2 |
google-analytics.com
1 redirects
ssl.google-analytics.com — Cisco Umbrella Rank: 236 |
17 KB |
1 |
ingbank.com.tr
pixels.ingbank.com.tr |
692 B |
1 |
gstatic.com
fonts.gstatic.com |
8 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 881 |
517 B |
1 |
omtrdc.net
ingturkey.d3.sc.omtrdc.net |
317 B |
1 |
google.fr
www.google.fr — Cisco Umbrella Rank: 15945 |
501 B |
1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 |
577 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 67 |
472 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
407 B |
68 | 13 |
Domain | Requested by | |
---|---|---|
54 | czechlngroup.com |
czechlngroup.com
|
4 | a5.mylivechat.com |
czechlngroup.com
mylivechat.com |
2 | ssl.google-analytics.com |
1 redirects
czechlngroup.com
|
2 | dpm.demdex.net |
czechlngroup.com
|
1 | pixels.ingbank.com.tr |
czechlngroup.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
mylivechat.com
|
1 | cm.everesttech.net | 1 redirects |
1 | ingturkey.d3.sc.omtrdc.net |
czechlngroup.com
|
1 | ingturkey.demdex.net |
czechlngroup.com
|
1 | www.google.fr |
czechlngroup.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.facebook.com |
czechlngroup.com
|
1 | mylivechat.com | 1 redirects |
68 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
internetsubesi.ingbank.com.tr |
www.facebook.com |
twitter.com |
www.youtube.com |
www.linkedin.com |
instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
czechlngroup.com R3 |
2022-02-14 - 2022-05-15 |
3 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-01-17 - 2022-04-11 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-11-23 - 2022-02-21 |
3 months | crt.sh |
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-02-28 - 2022-03-04 |
2 years | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-01-17 - 2022-04-11 |
3 months | crt.sh |
*.mylivechat.com Go Daddy Secure Certificate Authority - G2 |
2021-09-05 - 2022-10-07 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-01-17 - 2022-04-11 |
3 months | crt.sh |
pixels.ingbank.com.tr Entrust Certification Authority - L1M |
2021-08-06 - 2022-08-22 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://czechlngroup.com/en/index.html
Frame ID: C44C9B7E7B5A131BDC83E60DD3F9576B
Requests: 67 HTTP requests in this frame
Frame:
https://ingturkey.demdex.net/dest5.html?d_nsid=0
Frame ID: 79D083A997D338D14C519F54687DBA91
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
ING BankDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Back to Online Banking
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 52- https://mylivechat.com/chatinline.aspx?hccid=68442646 HTTP 302
- https://a5.mylivechat.com/livechat2/livechat2.aspx?hccid=68442646&apimode=chatinline
- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1335998950&utmhn=czechlngroup.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ING%20Bank&utmhid=1839154268&utmr=-&utmp=%2Fen%2Findex.html&utmht=1644856089287&utmac=UA-671274-13&utmcc=__utma%3D118582875.508014061.1644856089.1644856089.1644856089.1%3B%2B__utmz%3D118582875.1644856089.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1360135259&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-671274-13&cid=508014061.1644856089&jid=1360135259&_v=5.7.2&z=1335998950 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-671274-13&cid=508014061.1644856089&jid=1360135259&_v=5.7.2&z=1335998950 HTTP 302
- https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-671274-13&cid=508014061.1644856089&jid=1360135259&_v=5.7.2&z=1335998950&slf_rd=1&random=1617861768
- https://cm.everesttech.net/cm/dd?d_uuid=05680900563572024511269235426158784949 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgqDGQAAAG_qKwP0
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
czechlngroup.com/en/ |
50 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
czechlngroup.com/en/documents/IngBank/assets/css/ |
1 KB 717 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.9.2.custom.min.css
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery-ui-1.9.2/css/ui-lightness/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-selectboxbb6f.css
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery-selectbox/ |
3 KB 909 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generalbb6f.css
czechlngroup.com/en/documents/IngBank/assets/css/ |
20 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uibb6f.css
czechlngroup.com/en/documents/IngBank/assets/css/ |
69 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sitebb6f.css
czechlngroup.com/en/documents/IngBank/assets/css/ |
93 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wfull-sitebb6f.css
czechlngroup.com/en/documents/IngBank/assets/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datePickerbb6f.css
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery-datepicker/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.css
czechlngroup.com/en/documents/IngBank/assets/plugins/fancybox/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pbkdf2.js
czechlngroup.com/en/documents/IngBank/assets/js/ |
185 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ommiture.js
czechlngroup.com/en/assets/scripts/ |
12 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.js
czechlngroup.com/en/documents/IngBank/assets/js/ |
2 KB 981 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
czechlngroup.com/connect.facebook.net/en_US/ |
231 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
INGBank_TuruncuEkstraEN_anasayfa.jpg
czechlngroup.com/en/F/Documents/banner/Sizin_icin/anasayfa/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader_icon_gif.gif
czechlngroup.com/en/assets/img/ |
25 KB 25 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
localisation.js
czechlngroup.com/en/documents/IngBank/assets/js/ |
1 KB 542 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
selection.js
czechlngroup.com/en/documents/IngBank/assets/plugins/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.js
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery/ |
267 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-selectbox-0.2-minbb6f.js
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery-selectbox/ |
24 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedInputs.js
czechlngroup.com/en/documents/IngBank/assets/plugins/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.tooltip.js
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery-tooltip/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
date.js
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery-datepicker/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
date_tr.js
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery-datepicker/ |
700 B 394 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.datePickerbb6f.js
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery-datepicker/ |
106 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.datePicker.js
czechlngroup.com/en/documents/IngBank/assets/plugins/ |
24 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.scrollTo-min.js
czechlngroup.com/en/documents/IngBank/assets/plugins/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.numberInputs.js
czechlngroup.com/en/documents/IngBank/assets/plugins/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.tabControl.js
czechlngroup.com/en/documents/IngBank/assets/plugins/ |
2 KB 571 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mousewheel-3.0.6.pack.js
czechlngroup.com/en/documents/IngBank/assets/plugins/ |
1 KB 676 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancyboxbb6f.js
czechlngroup.com/en/documents/IngBank/assets/plugins/fancybox/ |
47 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox-mediabb6f.js
czechlngroup.com/en/documents/IngBank/assets/plugins/fancybox/helpers/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
calculatebb6f.js
czechlngroup.com/en/documents/IngBank/assets/js/ |
52 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.bbWarningBar.js
czechlngroup.com/en/documents/IngBank/assets/plugins/ |
11 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commonbb6f.js
czechlngroup.com/en/documents/IngBank/assets/js/ |
116 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onlinebb6f.js
czechlngroup.com/en/documents/IngBank/assets/js/ |
50 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ingbankbb6f.js
czechlngroup.com/en/assets/scripts/ |
21 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VisitorAPI_v1bb6f.js
czechlngroup.com/en/documents/IngBank/assets/js/ |
44 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_v11bb6f.js
czechlngroup.com/en/documents/IngBank/assets/js/ |
44 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Omniture_v34bb6f.js
czechlngroup.com/en/F/Documents/Gfx/omniture/ |
77 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm5445.html
czechlngroup.com/www.googletagmanager.com/ |
2 KB 645 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w640-uibb6f.css
czechlngroup.com/en/documents/IngBank/assets/css/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w640-sitebb6f.css
czechlngroup.com/en/documents/IngBank/assets/css/ |
46 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-iconsb602.png
czechlngroup.com/en/documents/IngBank/assets/img/ |
81 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
czechlngroup.com/en/documents/IngBank/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-arrows4d8d.png
czechlngroup.com/en/documents/IngBank/assets/img/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
INGMe.woff
czechlngroup.com/en/documents/IngBank/assets/css/font/ |
49 KB 49 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
INGMe-Bold.otf
czechlngroup.com/en/documents/IngBank/assets/css/font/ |
98 KB 58 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GetParity
czechlngroup.com/ProxyManagement/SiteManagerService_Script.aspx/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
368 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbds.js
czechlngroup.com/connect.facebook.net/en_US/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
livechat2.aspx
a5.mylivechat.com/livechat2/ Redirect Chain
|
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-login-bar.png
czechlngroup.com/en/documents/IngBank/assets/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-layouts4d8d.png
czechlngroup.com/en/documents/IngBank/assets/img/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow4d8d.png
czechlngroup.com/en/documents/IngBank/assets/plugins/jquery-tooltip/ |
615 B 679 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 407 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.fr/ads/ Redirect Chain
|
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
ingturkey.demdex.net/ Frame 79D0 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
ingturkey.d3.sc.omtrdc.net/ |
2 B 317 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YgqDGQAAAG_qKwP0
dpm.demdex.net/ Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chatinline.css
a5.mylivechat.com/livechat2/ |
35 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
resources2.aspx
a5.mylivechat.com/livechat2/ |
116 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
livechatinit2.js
a5.mylivechat.com/livechat2/script/ |
62 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
pixels.ingbank.com.tr/ |
42 B 692 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)268 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| structuredClone object| dataLayer function| $ function| jQuery object| CryptoJS function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events string| s_giValue function| OmmitureBanner function| OmmitureTopNavigationMenu function| OmmitureTopOnlineBankingMenu function| OmmitureFormPageView function| OmmitureFormItemsOnBlur function| OmmitureFormItemsOnClick function| OmmitureSectionLandingButtons function| OmmitureSectionLandingAccordionHeader function| OmmitureArticleLeftMenu function| OmmitureArticleDownloadFile function| OmmitureArticleWatchVideo function| OmmitureKnowledgeBaseSection function| OmmitureKnowledgeBaseDetailAccordionHeader function| OmmitureKnowledgeBaseDetailFAQQuestion function| OmmitureCalculationButtons function| OmmitureProductLandingButtons function| OmmitureProductLandingAccordionHeader function| OmmitureBDDKAccordionHeader function| OmmitureATMAndBranchFinderSearch function| OmnitureSiteMapAccordion function| OmnitureSiteMapLink function| OmmitureListPagesClick object| FB function| trackOutboundLink function| blurFunc object| _LOCALISATION function| DP_jQuery_1644856089166 object| CALC object| jING object| liveChat object| SITE function| getStringParams function| getParameterByName function| base64Decode function| utf8Decode function| CharLimit function| logoutBarInit function| memberRemember function| isMailValidation function| MailDomainReplace function| ReplaceTurkishChars function| GetNameIfExists function| ingbankInit function| whatsNewBoxInit function| MeeterGreeterInit function| ShowMeeterGreeterPanel function| RateMeLightBox function| MainSlidesBannerSettings function| MainSlidesCampaignSettings function| LoadParityTable function| LogoutBarLogoutPost function| ReverseControl object| visitor function| Visitor object| s_c_il number| s_c_in string| s_account object| s function| s_doPlugins function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| Omniture string| CultureCode string| LanguageCode string| CountryCode number| CountryId number| LanguageId number| PageId number| SiteId string| DocumentsPath number| SiteLanguageId string| RouteLanguageIdentifier string| Url object| _gaq object| _fbq object| _0xb010 function| lb function| add_chatinline object| _gat object| gaGlobal string| utmsrc string| utmmdm string| utmcmp string| utmcnt string| utmtrm object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt string| f0 string| mlcp function| MyLiveChat_AddScript function| MyLiveChat_GetLastScriptTag function| MyLiveChat_ImportCss function| MyLiveChat_DocWrite object| MyLiveChat object| MyLiveChat_Lib object| MyLiveChat_WrapperBase function| MyLiveChat_WrapperBaseConstructor function| MyLiveChat_CreateWrapper function| MyLiveChat_BuildWrapper function| MyLiveChat_SetBaseCss function| MyLiveChat_DefineStyle function| MyLiveChat_RunStyle function| MyLiveChat_ApplyStyle object| MyLiveChat_InitCss2Handlers function| MyLiveChat_InitCss2 function| MLCUI_FireOAuthStart function| MLCUI_GetOAuthUrlBase function| MLCUI_TryLogoutOAuth function| MLCUI_TryGetOAuth function| MLCUI_ShowOAuth function| MLCUI_ImplOAuth function| MLCUI_CreateCustomFields function| MyLiveChat_SetupButtonMode function| MLCUI_InlineHelper function| MyLiveChat_CreateDialogPanel function| MyLiveChat_SupportHtml5Upload function| MyLiveChat_CreateMainPanel function| MyLiveChat_CreateInlinePanel function| MyLiveChat_InitOnce function| MyLiveChat_CalcImagePath function| MyLiveChat_CalcCustomUrl function| MyLiveChat_InitOnceInline function| MyLiveChat_InitOnceFinal function| MyLiveChat_IsDuringOperatingHours function| MyLiveChat_InitStorate function| MyLiveChat_LoadUserDataBehavior function| MyLiveChat_SupportLocalData function| MyLiveChat_GetCookie function| MyLiveChat_SetCookie function| MyLiveChat_GetLocalData function| MyLiveChat_SetLocalData function| MyLiveChat_InitID function| MyLiveChat_SyncToCPR function| MyLiveChat_PatternMatch function| MyLiveChat_HtmlEncode function| MyLiveChat_InvokeEvent function| MyLiveChat_PlaySound function| MyLiveChat_DelayRequest function| MyLiveChat_SetNextReqTimeout function| MyLiveChat_NextRequest function| MyLiveChat_SyncFromCPR function| MyLiveChat_CPRDecode function| MyLiveChat_CPREncode function| MyLiveChat_GetSourceUrl function| MyLiveChat_GetReferrer function| MyLiveChat_AppendToUrl function| MyLiveChat_ChangeUrl function| MyLiveChat_GetDialogUrl function| MyLiveChat_IsUseInlineChat function| MyLiveChat_OpenDialog function| MyLiveChat_UpdateWidgetInline function| MyLiveChat_ShowChatWidget function| MyLiveChat_ForEachElement function| MyLiveChat_WriteOrSetHTML function| MyLiveChat_Initialize function| MyLiveChat_RunLoadingHandler function| MyLiveChat_AddCustomData function| MergeCustomData function| ConvertToJson function| MyLiveChat_InlineTriggerMatch function| MyLiveChat_FilterStringMatch function| MyLiveChat_InlineTriggerNewMatch function| MyLiveChat_MatchNewTriggers function| MyLiveChat_MatchServerTriggers function| MyLiveChat_TryServerInvitation function| MyLiveChat_OnServerInvitation function| MyLiveChat_RestoreServerInvite function| MyLiveChat_StartServerInvitation function| MyLiveChat_InlineChatInit function| mlcwidget_findelements function| mlcwidget_calcpoint function| mlcwidget_calcbodypoint function| mlcwidget_nextposition function| MyLiveChat_CalcBodyPoint function| MyLiveChat_CalcPoint function| MyLiveChat_MovePoint function| MyLiveChat_SetUserName function| MyLiveChat_SetEmail function| MyLiveChat_SetDepartment function| MyLiveChat_SetSubject function| MyLiveChat_SetQuestion function| MyLiveChat_SetCustomData function| MyLiveChat_SetContextData function| MyLiveChat_SetProductName function| MyLiveChat_SetProductKey function| MyLiveChat_OnUserIsOnline function| MyLiveChat_PrepairInlineChat function| MyLiveChat_ShowInPageChat function| MyLiveChat_ShowInlineChat function| MyLiveChat_ShowChatBox function| MyLiveChat_ShowInvite function| MyLiveChat_HideInvite function| MyLiveChat_AcceptInvite function| MyLiveChat_OnInviteAccepted function| MyLiveChat_RejectInvite function| MyLiveChat_ShowInviteTemplate function| MyLiveChat_HideInviteTemplate boolean| isnewid object| _mlctemp_ object| MlcBuidinWidget16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.czechlngroup.com/ | Name: __utma Value: 118582875.508014061.1644856089.1644856089.1644856089.1 |
|
.czechlngroup.com/ | Name: __utmc Value: 118582875 |
|
.czechlngroup.com/ | Name: __utmz Value: 118582875.1644856089.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.czechlngroup.com/ | Name: __utmt Value: 1 |
|
.czechlngroup.com/ | Name: __utmb Value: 118582875.1.10.1644856089 |
|
.facebook.com/ | Name: fr Value: 0k7u08QBVo8hAPXyy..BiCoMZ...1.0.BiCoMZ. |
|
.demdex.net/ | Name: demdex Value: 05680900563572024511269235426158784949 |
|
czechlngroup.com/ | Name: AMCVS_D39B0C73547C67010A4C98A4%40AdobeOrg Value: 1 |
|
.czechlngroup.com/ | Name: s_ppn Value: public%3Aen%3Aindex.html |
|
.czechlngroup.com/ | Name: gdslv Value: 1644856089411 |
|
.czechlngroup.com/ | Name: gdslv_s Value: First%20Visit |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YgqDGQAAAG_qKwP0 |
|
.dpm.demdex.net/ | Name: dpm Value: 05680900563572024511269235426158784949 |
|
czechlngroup.com/ | Name: AMCV_D39B0C73547C67010A4C98A4%40AdobeOrg Value: 1406116232%7CMCIDTS%7C19038%7CMCMID%7C05488202176678824751288791544219235917%7CMCAAMLH-1645460889%7C6%7CMCAAMB-1645460889%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1644863289s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19045%7CvVersion%7C2.5.0 |
|
.czechlngroup.com/ | Name: s_ppvl Value: public%253Aen%253Aindex.html%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP |
|
.czechlngroup.com/ | Name: s_ppv Value: public%253Aen%253Aindex.html%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a5.mylivechat.com
cm.everesttech.net
czechlngroup.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
ingturkey.d3.sc.omtrdc.net
ingturkey.demdex.net
mylivechat.com
pixels.ingbank.com.tr
ssl.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.fr
15.236.176.210
2a00:1450:4001:809::2004
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9b
2a03:2880:f11c:8183:face:b00c:0:25de
51.210.156.4
52.117.22.24
52.117.22.28
54.195.77.12
54.75.68.230
54.76.200.156
85.158.99.103
046fce66a235f94402705ea4ee3968ec34f8c2226158391092a7496c010dea04
05517b689cd8b8978897bbc9ee16b095b21aa7ec106a1c27fec89357b5fb35bb
09ea9619710075e21501a79148ca53a494be014a7bbbe78276ce9200797c63f6
0b7955c065b33e70fb792d39baad4e5f8fac2a67e151ebb8b3ca22a8bb54b837
0be2f325e47ee61ab21797d237bb536733e7ba471a90f3dae5aa34b55e3542c0
1055aa69d25048123ec599348b92326142f1626ae62d978663ba34e1a8a845c6
1055ce9db26f17305a5f983e832e8dd66300d09275b2f68649fe20e60af749c6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1105e97dfdd35d3c2f14d12bf9b7a2a7da47842c2c6f7ff72331d2304cc6ef7b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1495e760a4d6d74703decdcc0979ab815a9fc82cc60163e714ccd0bca594a610
14f4657ffe0729295baf354a0495bd6070a7a5713dd6e7c66a34ffbf9ad3c97a
223c14d1f523eef54681f67daea8a787e63eef44c57adb933457c7b44a19fc88
280cb415a973193abf870646bc157e9badefb0ac20df08c43c47c483af4bb542
29e725350b3f595b21ca292934a87d391c4e1a9fa9f22742b030c0bda6215d5a
2d30b3407aeaf7c4f4fb287fa1239e2d6550503db0bc92549663057ceda5d08e
2d9b07b21d9b55fb5546692e681585607636a5124e1fbee2f65ad9d2b1094f66
34f046e00ae98b022c5a8d505c2e637c0db9708387e5ce65a5e165577f9f83bc
3cfedf92f6f2cb6e0e24c71be4dc87d5b602198fa9512d92e078815ea946f20e
3d5c7b13ca4b95ea86e6dd26292dda8febb297e5c160853e22988dea6c2788fe
413cc8b13a01c03d0dc372f82ed27f276b3873fbc67451201ffa7fc8e92fe67e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449e2a97ac91e67d6d364049e7783a2c513fe88f45716db210e5f13c53af5215
4d5ba25ebfb632e5a143579395013c8f37de6d35cb4953974c1c29eaff280d41
511c9a98b176d06f5732942d80a177e9159ad9904dafd7710806afc952c07e7f
58d9235fbfcd5803f44fae5d99669cde847dfb9b458c2a90effaafb3e810c815
5e45da60b5acf33fc76a30c18c7193a7611e29b2b25ab954c72f48d27be567af
5ec4a60ef9af2d30fc89a7ff674405a94c9da5bf4aeab2d9353d39622d5fdc30
5fc4c245f19b7afd967811763a3b7e0c35ca5bb7af98ff55dfd8ac0911124141
62751e8582dabebe6712d841cd91a89ce15df1f08710dece5f5e3d22f3d06908
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
6ad72842d85c19b61830c59b0295df9a9abb05fb9db7f5caca9fc8fa6085f45a
6bc56b42212e4c576df0d77298534d79c889ae8b5ef0a2c1d0f921af13662681
70c65bd0e084398a87baa298c1fafa52afff402096cb350d563d309565c07e83
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bf17caa04264e7d1900c80de3d0649c730b24db34bc5f9541fb74a1579ed134
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8044be2d3f5fae0c44a3bdc2bb390c97a28101f416123d90fd9bbe8758011b43
892062c0bb4414b45dfab33b2b3cca4e7786233235f1967fd1391a07cc0d06fa
8b919199952a909aee7d202c2068c2d8ef5c91cef4990a5a75ffefe8478a10b6
8ba8559a2f8c0fdd4ff1af46e038cdbb5d3b12407a080fc518e282cd0ee2c898
931749faba969d4accca673aedac7e4ff9e8e16d732032dee82b7868a64c6bce
9574c3a5df6c9ea70f4f0d5528319150debd731d75cce0b922d34ac80afac21e
95b1628509afcb14354296aa50bc4126d19d3418d2f08f4e21e560ca75e978a1
984c09e727b377032a5aa557b62c89b96ab2245a99f44b6bcb6df5f66d239744
9d53d12a1b7942f2833961b1ca392adbfd78fa657b34bc32fa4c453ab2ffe4d4
9fc1ebdd1d49741a4f0aeb25fafa46d73290cb1381aed455ff8d23b44570acc1
a8db65d8ea127f93d2eec5750fa40d6126dff6908c9bafa7695c514d080892a0
ae43e5b1cc6e9642a9f901fe977db7bbcb6548de60c67ae39aaecaa1283bb9ec
b4d61f74eba4a2d7102a4fb097c8d716910e235b876e9675d7192b76fd9eb32f
c21eed3b7c83fecafc7dbf93c7277f75fc00f7dfac1054412e8111299c60f759
c3b2b767d376d0dec194ccb15928d6f4be1354f574527876df234dc2c3f46e12
cd703b4fe62969769436ea82508586729951eb19129fce3b85ee352860353284
d066a0d8127fceb6709d34cc717ae3a3ac41630527d9f17226c169fdf06f7398
d16763e88305bcd7f3bb7b77202921eec1fbeafa99323d261e35edb2bc7f734d
dbf8470aa84d8b3e72dd085fcaf5d414533929101037fd9e30166f1d2f088783
e383a88a35b6b9bf365e2d16677e107e770bb83f2b9ff11f69ef391c6411ca54
e8f2ded5d74c0ee5f427a20b6715e65bc79ed5c4fc67fb00d89005515c8efe63
e94d56091dabd9f3c4e25f8c20edef0ddbf0678d67ae155319039f090dae8136
ea322fed645d84e3631e92190f616e0bda7be1d475e05fbb151bb036dab0731b
ea40d995ee45324e7f3057016481a49a4badb93a85fead6c93fa99f02c3b7c45
eedeea769f67ad65049d02589f891caec7331a5fa5fbf9234f99addac4ccf3c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f731802c30343981bcb8b3b5883cbb4473b04093d8eb48da3563910d2f7b614c
fa99c9729e4d5c6f9e68fbbb472a43dde6f20ca3dd76b95af7f2d8cebe93e2b1
fc7693a0df420428068d4cfa227e1d3792bc15817618c6bf8efaa4d1e9f34f78