web5768.web07.bero-webspace.de
Open in
urlscan Pro
109.71.253.24
Malicious Activity!
Public Scan
Effective URL: https://web5768.web07.bero-webspace.de/ab1/index.php
Submission: On May 25 via api from US
Summary
TLS certificate: Issued by R3 on May 25th 2021. Valid for: 3 months.
This is the only time web5768.web07.bero-webspace.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ABN Amro (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2001:dd8:1f:1... 2001:dd8:1f:1::43 | 56088 (PANDI-ID ...) (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia) | |
1 1 | 2a00:d0c0:200... 2a00:d0c0:200:0:6c1b:f5ff:fe8a:9a39 | 205766 (UBERSPACE) (UBERSPACE) | |
47 | 109.71.253.24 109.71.253.24 | 44486 (SYNLINQ s...) (SYNLINQ synlinq.de) | |
2 | 23.37.56.41 23.37.56.41 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 4 | 142.250.185.70 142.250.185.70 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 18.200.157.96 18.200.157.96 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 34.255.12.101 34.255.12.101 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:803::2002 | 15169 (GOOGLE) (GOOGLE) | |
5 | 15.236.176.210 15.236.176.210 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.224.89.37 13.224.89.37 | 16509 (AMAZON-02) (AMAZON-02) | |
66 | 10 |
ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID)
s.id |
ASN44486 (SYNLINQ synlinq.de, DE)
PTR: web07.bero-host.de
web5768.web07.bero-webspace.de |
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-56-41.deploy.static.akamaitechnologies.com
tags.tiqcdn.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
4368908.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-157-96.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
abnamro.sc.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-37.zrh50.r.cloudfront.net
d6tizftlrpuof.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
47 |
bero-webspace.de
web5768.web07.bero-webspace.de |
571 KB |
5 |
omtrdc.net
abnamro.sc.omtrdc.net |
1020 B |
4 |
doubleclick.net
2 redirects
4368908.fls.doubleclick.net |
2 KB |
2 |
google.de
adservice.google.de |
633 B |
2 |
google.com
adservice.google.com |
1 KB |
2 |
demdex.net
1 redirects
dpm.demdex.net |
2 KB |
2 |
tiqcdn.com
tags.tiqcdn.com |
103 KB |
2 |
s.id
2 redirects
s.id |
1 KB |
1 |
cloudfront.net
d6tizftlrpuof.cloudfront.net |
7 KB |
1 |
usabilla.com
w.usabilla.com |
13 KB |
1 |
shrtm.nu
1 redirects
shrtm.nu |
261 B |
66 | 11 |
Domain | Requested by | |
---|---|---|
47 | web5768.web07.bero-webspace.de |
web5768.web07.bero-webspace.de
|
5 | abnamro.sc.omtrdc.net |
web5768.web07.bero-webspace.de
|
4 | 4368908.fls.doubleclick.net |
2 redirects
web5768.web07.bero-webspace.de
|
2 | adservice.google.de |
adservice.google.com
|
2 | adservice.google.com |
4368908.fls.doubleclick.net
|
2 | dpm.demdex.net |
1 redirects
web5768.web07.bero-webspace.de
|
2 | tags.tiqcdn.com |
web5768.web07.bero-webspace.de
|
2 | s.id | 2 redirects |
1 | d6tizftlrpuof.cloudfront.net |
web5768.web07.bero-webspace.de
|
1 | w.usabilla.com |
web5768.web07.bero-webspace.de
|
1 | shrtm.nu | 1 redirects |
66 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.abnamro.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
web5768.web07.bero-webspace.de R3 |
2021-05-25 - 2021-08-23 |
3 months | crt.sh |
*.tiqcdn.com DigiCert SHA2 Secure Server CA |
2021-04-19 - 2022-04-27 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2021-05-03 - 2021-07-26 |
3 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
w.usabilla.com Amazon |
2021-03-12 - 2022-04-10 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-05-03 - 2021-07-26 |
3 months | crt.sh |
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-10-29 - 2021-11-29 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2021-02-22 - 2022-02-21 |
a year | crt.sh |
This page contains 10 frames:
Primary Page:
https://web5768.web07.bero-webspace.de/ab1/index.php
Frame ID: 91D9F6E0085D1513801C55A896E77FB0
Requests: 56 HTTP requests in this frame
Frame:
https://web5768.web07.bero-webspace.de/ab1/bestanden/index_002.htm
Frame ID: CA8CBDC3DFE3253B9F984EB3BADC1E87
Requests: 2 HTTP requests in this frame
Frame:
https://4368908.fls.doubleclick.net/activityi;dc_pre=CP-twp2_5fACFYaPUQodd-AOMw;src=4368908;type=tosy10;cat=2019_0;ord=4555899697492;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html
Frame ID: 69B114D1031503B39F1F754CC354DC7F
Requests: 1 HTTP requests in this frame
Frame:
https://4368908.fls.doubleclick.net/activityi;dc_pre=CK-xwp2_5fACFS0TBgAdgaUP1A;src=4368908;type=tosy10;cat=2019_0;ord=4431806523173;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html
Frame ID: 9FC47892F630BA80354195B31C2192B0
Requests: 1 HTTP requests in this frame
Frame:
https://w.usabilla.com/3fdfb3d605e5.js?lv=1
Frame ID: 49E0BF61214A8E9F6222616C4946D259
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CK-xwp2_5fACFS0TBgAdgaUP1A;src=4368908;type=tosy10;cat=2019_0;ord=4431806523173;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html
Frame ID: 4E868AD9F99722BF45A1EA5615257F94
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CP-twp2_5fACFYaPUQodd-AOMw;src=4368908;type=tosy10;cat=2019_0;ord=4555899697492;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html
Frame ID: 845DC5F9A83BCAE0008E30CA4BF10A58
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.de/ddm/fls/i/dc_pre=CK-xwp2_5fACFS0TBgAdgaUP1A;src=4368908;type=tosy10;cat=2019_0;ord=4431806523173;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html
Frame ID: A7EDEC41F5F0254004E4B6BE936112F3
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.de/ddm/fls/i/dc_pre=CP-twp2_5fACFYaPUQodd-AOMw;src=4368908;type=tosy10;cat=2019_0;ord=4555899697492;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html
Frame ID: A3D001325A062AEC19ED1482F2456E5C
Requests: 1 HTTP requests in this frame
Frame:
https://d6tizftlrpuof.cloudfront.net/themes/production/abnamro-button-3683dd96add3e002f24067465cf2ac2d.png
Frame ID: B3E05F87A1AF983B7DB714A7D0CF0898
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://s.id/huntingab1
HTTP 301
https://s.id/huntingab1 HTTP 301
https://shrtm.nu/L8DT HTTP 301
https://web5768.web07.bero-webspace.de/ab1/index.php Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Tealium (Advertising Networks) Expand
Detected patterns
- script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: ABNAMRO.nl
Search URL Search Domain Scan URL
Title: Een (nieuwe) Identificatiecode aanvragen (html, )
Search URL Search Domain Scan URL
Title: NL
Search URL Search Domain Scan URL
Title: EN
Search URL Search Domain Scan URL
Title: Over ABN AMRO
Search URL Search Domain Scan URL
Title: Toegankelijkheid
Search URL Search Domain Scan URL
Title: Duurzaamheid
Search URL Search Domain Scan URL
Title: Veiligheid
Search URL Search Domain Scan URL
Title: Privacy en cookies
Search URL Search Domain Scan URL
Title: Disclaimer
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://s.id/huntingab1
HTTP 301
https://s.id/huntingab1 HTTP 301
https://shrtm.nu/L8DT HTTP 301
https://web5768.web07.bero-webspace.de/ab1/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 49- https://4368908.fls.doubleclick.net/activityi;src=4368908;type=tosy10;cat=2019_0;ord=4555899697492;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html HTTP 302
- https://4368908.fls.doubleclick.net/activityi;dc_pre=CP-twp2_5fACFYaPUQodd-AOMw;src=4368908;type=tosy10;cat=2019_0;ord=4555899697492;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html
- https://4368908.fls.doubleclick.net/activityi;src=4368908;type=tosy10;cat=2019_0;ord=4431806523173;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html HTTP 302
- https://4368908.fls.doubleclick.net/activityi;dc_pre=CK-xwp2_5fACFS0TBgAdgaUP1A;src=4368908;type=tosy10;cat=2019_0;ord=4431806523173;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht;u22=overzicht;u24=NL;u25=nl;u26=mij%3Amijn%3Aoverzicht%3Aindex;u27=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html;u28=0;~oref=https%3A%2F%2Fwww.abnamro.nl%2Fportalserver%2Fmijn-abnamro%2Fmijn-overzicht%2Foverzicht%2Findex.html
- https://dpm.demdex.net/id?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0861467352782C5E0A490D45%40AdobeOrg&d_nsid=0&ts=1621968425805 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0861467352782C5E0A490D45%40AdobeOrg&d_nsid=0&ts=1621968425805
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.php
web5768.web07.bero-webspace.de/ab1/ Redirect Chain
|
138 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-regular.woff2
web5768.web07.bero-webspace.de/ab1/bestanden/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-bold.woff2
web5768.web07.bero-webspace.de/ab1/bestanden/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-condensed-regular.woff2
web5768.web07.bero-webspace.de/ab1/bestanden/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
43 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r42_library.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
69 KB 70 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag_008.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
182 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
95 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
portalclient-min.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
273 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plx.check.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
495 B 445 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-rem.css
web5768.web07.bero-webspace.de/ab1/bestanden/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.css
web5768.web07.bero-webspace.de/ab1/bestanden/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
system.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
140 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
systemjs-runtime.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
38 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adobe-scode.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
71 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tealium-environment.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
818 B 590 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dtm-code.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
154 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery_002.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segments.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tcm-config-oca.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
37 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookiesettings.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init-widget.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
635 B 571 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usabilla-nl.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag_007.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
75 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag_006.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag_005.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
33 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag_002.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag_003.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag_004.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
web5768.web07.bero-webspace.de/ab1/bestanden/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
016d8d707af40011725e295935e60004e002a00d0086e
web5768.web07.bero-webspace.de/ab1/bestanden/ |
697 B 857 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.gif
web5768.web07.bero-webspace.de/ab1/bestanden/ |
43 B 211 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0_002.gif
web5768.web07.bero-webspace.de/ab1/bestanden/ |
43 B 211 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identifier
web5768.web07.bero-webspace.de/configuration/url2state/ |
808 B 500 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-rem.css
web5768.web07.bero-webspace.de/ab1/bestanden/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
web5768.web07.bero-webspace.de/ab1/bestanden/ |
329 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
myabnamro-compatability.css
web5768.web07.bero-webspace.de/ab1/bestanden/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-bold.woff2
web5768.web07.bero-webspace.de/ab1/bestanden/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/abn-amro/retail/prod/ |
394 KB 102 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
em-brand-logo.03858305.svg
web5768.web07.bero-webspace.de/ab1/bestanden/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ocf-logo-cutout-em.svg
web5768.web07.bero-webspace.de/ab1/bestanden/ |
160 B 332 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sy-arrow-chevron-left.2f35541f.svg
web5768.web07.bero-webspace.de/ab1/bestanden/ |
319 B 492 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
em-header-gradient.668ea565.svg
web5768.web07.bero-webspace.de/ab1/bestanden/ |
413 B 586 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pr-authentication-ed.svg
web5768.web07.bero-webspace.de/ab1/bestanden/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-medium.woff2
web5768.web07.bero-webspace.de/ab1/bestanden/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3c617290-cedf-4104-a502-020c47dee649
https://web5768.web07.bero-webspace.de/ |
109 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
2a935d06-87e9-485a-83ab-62507f585e7f
https://web5768.web07.bero-webspace.de/ |
364 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
236006cf-3b09-42b9-b0d8-082957da36bd
https://web5768.web07.bero-webspace.de/ |
3 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index_002.htm
web5768.web07.bero-webspace.de/ab1/bestanden/ Frame CA8C |
522 B 595 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
activityi;dc_pre=CP-twp2_5fACFYaPUQodd-AOMw;src=4368908;type=tosy10;cat=2019_0;ord=4555899697492;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn...
4368908.fls.doubleclick.net/ Frame 69B1 Redirect Chain
|
793 B 525 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
activityi;dc_pre=CK-xwp2_5fACFS0TBgAdgaUP1A;src=4368908;type=tosy10;cat=2019_0;ord=4431806523173;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn...
4368908.fls.doubleclick.net/ Frame 9FC4 Redirect Chain
|
793 B 525 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
216 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3fdfb3d605e5.js
w.usabilla.com/ Frame 49E0 |
50 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 243 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abnamro-button-3683dd96add3e002f24067465cf2ac2d.png
web5768.web07.bero-webspace.de/ab1/bestanden/index_data_002/ Frame CA8C |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CK-xwp2_5fACFS0TBgAdgaUP1A;src=4368908;type=tosy10;cat=2019_0;ord=4431806523173;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht...
adservice.google.com/ddm/fls/i/ Frame 4E86 |
792 B 732 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CP-twp2_5fACFYaPUQodd-AOMw;src=4368908;type=tosy10;cat=2019_0;ord=4555899697492;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht...
adservice.google.com/ddm/fls/i/ Frame 845D |
792 B 565 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
abnamro.sc.omtrdc.net/ |
2 B 328 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CK-xwp2_5fACFS0TBgAdgaUP1A;src=4368908;type=tosy10;cat=2019_0;ord=4431806523173;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht...
adservice.google.de/ddm/fls/i/ Frame A7ED |
194 B 391 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CP-twp2_5fACFYaPUQodd-AOMw;src=4368908;type=tosy10;cat=2019_0;ord=4555899697492;gtm=2od9p0;auiddc=1533169593.1570036182;u15=b1d3d8a2-83bb-4f3f-ba0a-06c1b603af58;u20=retail;u21=mijn-overzicht...
adservice.google.de/ddm/fls/i/ Frame A3D0 |
194 B 242 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
s25782487878157
abnamro.sc.omtrdc.net/b/ss/abnamrotealium-et/1/JS-2.12.0/ |
43 B 220 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s27477423632593
abnamro.sc.omtrdc.net/b/ss/abnamrotealium-et/1/JS-2.12.0/ |
43 B 142 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s24698907800616
abnamro.sc.omtrdc.net/b/ss/abnamrotealium-et/1/JS-2.12.0/ |
43 B 121 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
abnamro-button-3683dd96add3e002f24067465cf2ac2d.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame B3E0 |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s29333555318541
abnamro.sc.omtrdc.net/b/ss/abnamrotealium-et/1/JS-2.12.0/ |
43 B 209 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ABN Amro (Banking)123 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery boolean| DBG function| b$ function| __DOMContentLoaded object| Mustache string| defaultChrome object| gadgets object| bp function| PLX object| google_tag_data function| ga object| gaplugins function| _st object| _stq object| _stTracker object| $__curScript function| URLPolyfill object| SystemJS object| System string| s_account string| locationHost object| s string| codeVersion function| s_doPlugins undefined| AdverSC function| checkCampaigneCookie function| createCookie function| readCookie function| eraseCookie function| querySt function| removeEventFromQueue function| trackDial function| setLinkTrackCookie function| trackImageLinks function| loadIAMJS number| s_objectID string| s_code function| s_gi function| s_giqf function| c_r function| c_rspers function| c_w string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq string| tealiumProfile string| tealiumEnvironment object| _satellite function| ABNA_OCA_DoubleClick_Forms function| widgetsAnalytics function| dataLayerManager object| dataLayer function| GDL_get_lastIndex function| GDL_get function| GDL_getfrom_last function| GDL_getfrom_last_key function| GDL_get_event object| TMSConfigObject object| continueChat undefined| evt undefined| customLinkName function| sendToAnalytics undefined| _typeof object| AAB function| bman1 object| google_tag_manager object| browserMatch object| cookiesettings function| lightningjs function| usabilla_live object| jQuery1124010966290497040987 number| jh_PLTs string| j string| s_tnt object| utag_err boolean| utag_condload object| utag function| e function| generatePageName function| utagLinkErrorHandler function| _tealium_old_error object| utag_data number| utagLinkErrorCount object| utag_cfg_ovrd object| adobe function| Visitor string| gtagRename function| gtag object| tealium_s function| AppMeasurement function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| googleAnalyticsDataLayer function| generateBusinessLinePrefix object| gtagDataLayer object| s_i_abnamrotealium-et8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
web5768.web07.bero-webspace.de/ | Name: Segment Value: 234593f9-e963-4f42-a9b1-c5f40091729e-31363030313230303234656e |
|
.bero-webspace.de/ | Name: utag_main Value: v_id:0179a4da132d0019a19afde45dfe00072003406a00b08$_sn:1$_se:3$_ss:0$_st:1621970226734$ses_id:1621968425777%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:bero-webspace.de |
|
.bero-webspace.de/ | Name: s_cc Value: true |
|
.bero-webspace.de/ | Name: AMCV_0861467352782C5E0A490D45%40AdobeOrg Value: 281789898%7CMCIDTS%7C18773%7CMCMID%7C54514177880871852044515000490116944414%7CMCAAMLH-1622573226%7C6%7CMCAAMB-1622573226%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1621975626s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.1.0 |
|
.bero-webspace.de/ | Name: AMCVS_0861467352782C5E0A490D45%40AdobeOrg Value: 1 |
|
.bero-webspace.de/ | Name: UVID Value: e98e6bd9-e599-436e-a017-1bea32065f18 |
|
.bero-webspace.de/ | Name: s_pers Value: %20s_vs%3D1%7C1621970225696%3B%20s_cpdirect%3D1%7C1621970225705%3B%20s_cahi%3D%255B%255B%2527Direct%2527%252C%25271621968425710%2527%255D%255D%7C1779734825710%3B%20s_channel%3D%255B%255B%2527Direct%2527%252C%25271621968425713%2527%255D%255D%7C1779734825713%3B%20s_fid%3D2E954E8CE9AD2469-1F1270818F11E59A%7C1685040425735%3B%20s_new_repeat%3D1621968425747-New%7C1653504425747%3B |
|
.bero-webspace.de/ | Name: s_sess Value: %20s_cpext%3DTyped%252FBookmarkedTyped%252FBookmarkedundefined%3B%20s_e_%3DprodView%3B%20s_crurl%3D-index-https%253A%252F%252Fweb5768.web07.bero-webspace.de%252Fab1%252Findex.php%3B%20s_cc%3Dtrue%3B |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4368908.fls.doubleclick.net
abnamro.sc.omtrdc.net
adservice.google.com
adservice.google.de
d6tizftlrpuof.cloudfront.net
dpm.demdex.net
s.id
shrtm.nu
tags.tiqcdn.com
w.usabilla.com
web5768.web07.bero-webspace.de
109.71.253.24
13.224.89.37
142.250.185.70
15.236.176.210
18.200.157.96
2001:dd8:1f:1::43
23.37.56.41
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:d0c0:200:0:6c1b:f5ff:fe8a:9a39
34.255.12.101
01014c4867b439d9f6aacc852231cbc63fc63650e2143bc2c7bcff0cdb24f3e0
04cab510dd7dfc6fbe965e9932468ba15f56e2550216aaeef68ca6b3c5d63484
0572169bb29ef1fc67eddf911eb83dfb1019838cc767450c96dafe59e72383a7
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea
135709e4c0cc5cfb0f98f216732e0d6a471f0355bb1680e9e174be839b3f8dae
259356f21c7ad2ebe982638163550fdd1cf6b19b75a6cd015d8dfad767701b36
25dbbcf847d41c0e96987f9045c154d2e646b8b02ab26f2ea88d4f4c98fa2429
2826a167c38ca84f1bd4ceaf548d08dea0a5ad559b75afc4b197bab64f5b4ad7
293680a5c9b05ee7c9c775597a78a96e2326217111b9d8d46689349877dc497c
2a84a71ef9499381d11d82740e86c61d79a6c0260fe78ce4405e8e9569ee3a29
2fc7a0390d33cecd2375abb1b8b0b1c743b9e3a78b462be9b8aec007c58adabb
31de7129b9ae733e50fb9e5c3e6e1694e21ae151ed44b9a3e4326e8499ea981c
369638d6f3e1f9a469ba77f91eba83f532e1669a66d82d2021028fd6b9e130ed
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5429f02b98849bf88e40af143a2214738a08691f573104b9437f7d5f6661d376
548a810d3d51c4a985ee74e23734f0612776095044322d0f147e29c5881bee36
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b575f45ef0b089f3aa81c9a890021c9eec31d36acaad6270fd8403780ce03a6
621f18fe641d405022bf6db951d83e3614ebae5feb03a94c18e1a54e9f2d3a73
6500b0be94e84c24cfd0040c76ee1deff2a0b6a661afe5ed63d910a56996d9be
650d8997c892ec731e5f9bde2ebc0545f24af2694ad6a250345a7bfdbae87b2d
6f3fa6eabc95109029619d0bf4df1d43b3bc306fe20cde62dfcdcbd7aabe47f5
767138e5e0e5977e3f0c793fcbd2422c3563796886aa55e4c704e516f94849b5
7974ad20bf189360f3ef33f7fbe9322b907b933f9c590fbc20674f173fa6cee4
7e9ae28686d300452164a68f22d664d32ba914c52c4ad3aa6db75e6871dc1e0b
80eb4e02419816d4fd0759188c9f7e154563d070e5f41c101cd5b9f2d66f51b3
84c6f28623071bfd378ef2a178b0731140c0d30a7712bbfb175d201dd0c856de
93ace5bacc64d2fb7e5a6711426fe640e218180a1c451ca67ae137ebab649f7f
979a47f2e9f7c3c0c347d06566aacb659d75db72f0837c3d72d517a90cade48e
9ecaa4309ade9754a4c963e2c5d0bca4bf671a03b2b419b697cbd88cc69af42a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a55443ad1ca6a60aeaa5a968296cdbf95bcacd83e90471d6a768124c97246c96
a74fe2a3cac163de425f4fb72099640ede08e4650318cc0b2849a38c11d2ab79
ab70b7e30ea49dbc657f477d31d563cec633607a6a539eb21e78efa1ebaa4549
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bccf409a6f04ce5d4dff78e55e551dcc502bf27de50d821fd0c6736ddf2abfc3
c169123f97322456762986418c90181f6cec0da11b1934e7213bc80391227ae8
c3ce6b6141047c646393645c96a9c361868ee51064da2a6508bb145e4f6bf7e4
c4c6570762a50af036f5b0bc8ea53fb4ab6c045ef9e51632d69b739d15c284a2
cc415517aa38b6486894686f9bc8d977f4759c424787c820b2d7e8de8efe286e
cd28aa47adc90d568cda246180b472c11ab44583a2385b67bf3e3969312b19c2
d5b6c1585078457d1847f53534de24e154953294a07fc0f519be9cf84ac15760
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc9becd01c729ec57c64530980c50c07c81d5e4af6d29294983a197f907a31d1
e3225551518868498aa7a5414c7b1f5e0acb644b57efde3e259cbab2ab553b4e
e3c57d4156a1eb7ed7a699f7adcac10d29e05fbb5407e413983507d86aeea08a
f420885a2d54658cf1fa67f025e04112160d244a2af4d8eb4e9f169cfe508c65
f4d7c09c1e402abcb3280abeccea1b9389a02c61ceaacf30442f00ad04555889
f6993aecf5c9f21bdc9f4e7122ff522e5ace49e3222cf87fe4fa4dc66e9aacbc
f70d823c5d0cbf25e6a6d191ed5b6a437c5ae939bca9c62a7dbcd817619a3e05
f8d1ffa3ebc0a60acb6a500ca3347b0d06ddcedd4aa8f566a5bc728a53dcb767
fb8e4c5085b223336182521f6f9adc517513b5abf2cf04bbba7c40ecd7517771