mx-staging.bfni.ca
Open in
urlscan Pro
52.228.35.138
Malicious Activity!
Public Scan
Effective URL: https://mx-staging.bfni.ca/
Submission: On July 09 via api from TW
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 18th 2019. Valid for: 2 years.
This is the only time mx-staging.bfni.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Scotiabank (Banking)Domain & IP information
ASN15133 (EDGECAST, US)
scotiabankfiles.azureedge.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Domain | Requested by | |
---|---|---|
36 | scotiabankfiles.azureedge.net |
mx-staging.bfni.ca
|
21 | mx-staging.bfni.ca |
1 redirects
mx-staging.bfni.ca
|
6 | scotiabank.demdex.net |
scotiabankfiles.azureedge.net
|
4 | s.amazon-adsystem.com |
2 redirects
c.amazon-adsystem.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com mx-staging.bfni.ca |
3 | dpm.demdex.net |
1 redirects
scotiabankfiles.azureedge.net
mx-staging.bfni.ca |
2 | px.ads.linkedin.com |
1 redirects
mx-staging.bfni.ca
|
2 | connect.facebook.net |
mx-staging.bfni.ca
connect.facebook.net |
2 | 9050316.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | www.facebook.com |
mx-staging.bfni.ca
|
1 | www.google.de |
mx-staging.bfni.ca
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.linkedin.com | 1 redirects |
1 | cdnssl.clicktale.net |
mx-staging.bfni.ca
|
1 | c.amazon-adsystem.com |
mx-staging.bfni.ca
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | snap.licdn.com |
mx-staging.bfni.ca
|
1 | cdn.agilitycms.com |
mx-staging.bfni.ca
|
1 | cm.everesttech.net | 1 redirects |
1 | www.googletagmanager.com |
mx-staging.bfni.ca
|
1 | assets.adobedtm.com |
mx-staging.bfni.ca
|
1 | cdnjs.cloudflare.com |
mx-staging.bfni.ca
|
85 | 25 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.bfni.ca Go Daddy Secure Certificate Authority - G2 |
2019-06-18 - 2021-08-26 |
2 years | crt.sh |
cloudflare.com Cloudflare Inc ECC CA-3 |
2020-07-04 - 2021-07-04 |
a year | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2020-03-18 - 2022-03-18 |
2 years | crt.sh |
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-10-22 - 2021-10-01 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
sni13ecgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2020-06-18 - 2021-06-23 |
a year | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-06-17 - 2020-09-15 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
c.amazon-adsystem.com Amazon |
2019-10-07 - 2020-09-29 |
a year | crt.sh |
*.clicktale.net DigiCert SHA2 Secure Server CA |
2019-10-06 - 2020-11-04 |
a year | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2020-03-04 - 2020-09-04 |
6 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
s.amazon-adsystem.com Amazon |
2019-12-03 - 2020-11-06 |
a year | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-06-18 - 2020-09-16 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-06-16 - 2020-09-14 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://mx-staging.bfni.ca/
Frame ID: 4C8345ACF8F48EB39AA6B4DEBCA59866
Requests: 80 HTTP requests in this frame
Frame:
https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: D438C8E5724E32EBC60CF197C2274D27
Requests: 1 HTTP requests in this frame
Frame:
https://9050316.fls.doubleclick.net/activityi;dc_pre=COWzv-bgwOoCFQG63godKvIBtw;src=9050316;type=rmktw0;cat=scoti0;ord=7266602310315;gtm=2wg6o0;auiddc=1255000538.1594317845;~oref=https%3A%2F%2Fmx-staging.bfni.ca%2F
Frame ID: 110AA44C603BBC62996F998C1FCC4F9C
Requests: 1 HTTP requests in this frame
Frame:
https://s.amazon-adsystem.com/iu3?pid=fdfe8adf-c6ba-4122-b40f-7729ea0697ae&event=PageView&ts=1594317845005&dcc=t
Frame ID: 944C901D72B2C9146DDD73F953DAFD4D
Requests: 1 HTTP requests in this frame
Frame:
https://s.amazon-adsystem.com/iu3?pid=fdfe8adf-c6ba-4122-b40f-7729ea0697ae&event=PageView&page=/&ts=1594317845005&dcc=t
Frame ID: 213471156A4036070BCFFB1E4E0D7B93
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: CBD003C391C41C07E5F70AA1B6B08E94
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mx-staging.bfni.ca/
HTTP 301
https://mx-staging.bfni.ca/ Page URL
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
Title: ActÃvate
Search URL Search Domain Scan URL
Title: Reserva Viajes en LÃnea
Search URL Search Domain Scan URL
Title: Wealth Management
Search URL Search Domain Scan URL
Title: More Sites
Search URL Search Domain Scan URL
Title: Más información
Search URL Search Domain Scan URL
Title: Conoce más
Search URL Search Domain Scan URL
Title: Conoce más
Search URL Search Domain Scan URL
Title: Más información
Search URL Search Domain Scan URL
Title: *Consulta términos, condiciones y requisitos de contratación.
Search URL Search Domain Scan URL
Title: Cuida más tu dineroGana certificados de hasta $500* Más información
Search URL Search Domain Scan URL
Title: Conoce #ScotiaContigoUn programa enfocado en darte asesorÃa personalizada. Más información
Search URL Search Domain Scan URL
Title: Mantente informadoConoce todas las acciones que estamos tomando Más información
Search URL Search Domain Scan URL
Title: Protege tu información #ElPrimerFiltroEresTúConoce los tipos de fraudes que existen.Más información
Search URL Search Domain Scan URL
Title: Aviso Importante Tu contrato cambiará a partir del 8 de junio. Conoce más
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: FATCA
Search URL Search Domain Scan URL
Title: Banca y Mercados Globales
Search URL Search Domain Scan URL
Title: Ofertas de Empleo
Search URL Search Domain Scan URL
Title: Directorio Agencias de Cobranza
Search URL Search Domain Scan URL
Title: Términos y Condiciones Promociones
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mx-staging.bfni.ca/
HTTP 301
https://mx-staging.bfni.ca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 43- https://cm.everesttech.net/cm/dd?d_uuid=66510637940839743950418866763328811092 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XwdcFAAAAo8yli3- HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XwdcFAAAAo8yli3-
- https://9050316.fls.doubleclick.net/activityi;src=9050316;type=rmktw0;cat=scoti0;ord=7266602310315;gtm=2wg6o0;auiddc=1255000538.1594317845;~oref=https%3A%2F%2Fmx-staging.bfni.ca%2F HTTP 302
- https://9050316.fls.doubleclick.net/activityi;dc_pre=COWzv-bgwOoCFQG63godKvIBtw;src=9050316;type=rmktw0;cat=scoti0;ord=7266602310315;gtm=2wg6o0;auiddc=1255000538.1594317845;~oref=https%3A%2F%2Fmx-staging.bfni.ca%2F
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31046&url=https%3A%2F%2Fmx-staging.bfni.ca%2F&time=1594317845015 HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D31046%26url%3Dhttps%253A%252F%252Fmx-staging.bfni.ca%252F%26time%3D1594317845015%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31046&url=https%3A%2F%2Fmx-staging.bfni.ca%2F&time=1594317845015&liSync=true
- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-16719465-8&cid=1866308448.1594317845&jid=1491689223&gjid=1349824095&_gid=219334011.1594317845&_u=aHBAgEAj~&z=701081410 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16719465-8&cid=1866308448.1594317845&jid=1491689223&_v=j83&z=701081410 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16719465-8&cid=1866308448.1594317845&jid=1491689223&_v=j83&z=701081410&slf_rd=1&random=4079678064
- https://s.amazon-adsystem.com/iu3?pid=fdfe8adf-c6ba-4122-b40f-7729ea0697ae&event=PageView&ts=1594317845005 HTTP 302
- https://s.amazon-adsystem.com/iu3?pid=fdfe8adf-c6ba-4122-b40f-7729ea0697ae&event=PageView&ts=1594317845005&dcc=t
- https://s.amazon-adsystem.com/iu3?pid=fdfe8adf-c6ba-4122-b40f-7729ea0697ae&event=PageView&page=/&ts=1594317845005 HTTP 302
- https://s.amazon-adsystem.com/iu3?pid=fdfe8adf-c6ba-4122-b40f-7729ea0697ae&event=PageView&page=/&ts=1594317845005&dcc=t
85 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
mx-staging.bfni.ca/ Redirect Chain
|
94 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktop.css
mx-staging.bfni.ca/Styles/Build/ |
146 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ |
56 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lity.min.css
mx-staging.bfni.ca/Scripts/plugins/lity-2.3.1/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.css
mx-staging.bfni.ca/Styles/Redesign/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redesign_desktop.css
mx-staging.bfni.ca/Styles/Build/ |
45 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RedesignSBJs
mx-staging.bfni.ca/bundles/ |
118 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GlobalStyles.css
scotiabankfiles.azureedge.net/scotia-bank-mexico/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-3ac7cbb77fc8-staging.min.js
assets.adobedtm.com/27c34d6e7144/86160a92edbd/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scotiabank.css
scotiabankfiles.azureedge.net/scotia-bank-mexico/digital-factory/fonts/ |
2 KB 373 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dil.js
scotiabankfiles.azureedge.net/scotia-bank-mexico/digital-factory/aam/ |
33 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visitorapi.min.js
scotiabankfiles.azureedge.net/scotia-bank-mexico/digital-factory/aam/ |
59 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JqueryJswipeJs
mx-staging.bfni.ca/bundles/ |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RedesignRotatorJs
mx-staging.bfni.ca/bundles/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RedesignTilesJs
mx-staging.bfni.ca/bundles/ |
0 616 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScotiaBank_logo-registered-1.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_flying_s_36_20200515003009_0_20200519002024_0.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/Attachments/NewItems/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seachIcon.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/spanish/icons/ |
699 B 782 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.css
mx-staging.bfni.ca/Styles/Build/ |
97 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redesign_mobile.css
mx-staging.bfni.ca/Styles/Build/ |
43 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Rotator.js
mx-staging.bfni.ca/Scripts/Redesign/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TouchRotatorComponent.js
mx-staging.bfni.ca/Scripts/Redesign/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_left_20171023142347_0.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/Attachments/NewItems/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_right.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/ |
520 B 581 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contactIcon.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconComputer.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/icons/ |
311 B 409 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconMobile.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/icons/ |
290 B 328 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconXpress.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/icons/ |
728 B 767 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
questionIcon.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/ |
497 B 559 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbIcon.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitterIcon.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagramIcon.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtubeIcon.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedinIcon.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_ipab.gif
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BuroLogo.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/ |
1012 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trusteer.gif
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/ |
528 B 610 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
231 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LightBoxBG.png
mx-staging.bfni.ca/Images/ |
950 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Scotia_W_Bd.woff
mx-staging.bfni.ca/Common/Fonts/ |
14 KB 14 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Scotia_W_Rg.woff
mx-staging.bfni.ca/Common/Fonts/ |
14 KB 14 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
scotiabank.demdex.net/ Frame D438 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
scotiabank.demdex.net/ |
5 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_chevron-white-down.svg
cdn.agilitycms.com/scotiabank-costa-rica/2019-global-rebrand/ |
312 B 665 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide-msiescuelas.jpg
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/slides/ |
464 KB 464 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide-pagare.jpg
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/slides/ |
388 KB 388 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide-fiu2.jpg
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/slides/ |
408 KB 408 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner_fiu_624x410.png
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/tiles/ |
123 KB 123 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tile-cuentas.jpg
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/tiles/ |
142 KB 142 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tile-scotiacontigo.jpg
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/tiles/ |
217 KB 217 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tile-covid-j.jpg
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/tiles/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tile-seguridad.jpg
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/tiles/ |
192 KB 192 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tile-avisoimportante-j.jpg
scotiabankfiles.azureedge.net/scotia-bank-mexico/images/redesign/tiles/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-backToTop.svg
scotiabankfiles.azureedge.net/scotia-bank-mexico/2019-global-rebrand/ |
502 B 596 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Scotia_W_Headline.woff
mx-staging.bfni.ca/Common/Fonts/ |
15 KB 15 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scotia_W_Lt.woff2
scotiabankfiles.azureedge.net/scotia-bank-mexico/digital-factory/fonts/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scotia_W_Headline.woff2
scotiabankfiles.azureedge.net/scotia-bank-mexico/digital-factory/fonts/ |
12 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scotia_W_Bd.woff2
scotiabankfiles.azureedge.net/scotia-bank-mexico/digital-factory/fonts/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Frutiger-Light.woff
mx-staging.bfni.ca/Common/Fonts/ |
22 KB 22 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Frutiger-Roman.woff
mx-staging.bfni.ca/Common/Fonts/ |
14 KB 14 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.woff
mx-staging.bfni.ca/Common/Fonts/ |
71 KB 72 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scotia_W_Rg.woff2
scotiabankfiles.azureedge.net/scotia-bank-mexico/digital-factory/fonts/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
scotiabank.demdex.net/ |
5 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-611015.js
static.hotjar.com/c/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=COWzv-bgwOoCFQG63godKvIBtw;src=9050316;type=rmktw0;cat=scoti0;ord=7266602310315;gtm=2wg6o0;auiddc=1255000538.1594317845;~oref=https%3A%2F%2Fmx-staging.bfni.ca%2F
9050316.fls.doubleclick.net/ Frame 110A Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
134 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amzn.js
c.amazon-adsystem.com/aat/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ecbde6d1-a5ab-4f3c-aae1-1bde1e14f053.js
cdnssl.clicktale.net/www14/ptc/ |
180 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 58 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 925 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
201874380363725
connect.facebook.net/signals/config/ |
150 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
scotiabank.demdex.net/ |
5 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iu3
s.amazon-adsystem.com/ Frame 944C Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iu3
s.amazon-adsystem.com/ Frame 2134 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.ee2ae2546215b60e619e.js
script.hotjar.com/ |
424 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
scotiabank.demdex.net/ |
5 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
scotiabank.demdex.net/ |
5 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame CBD0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Scotiabank (Banking)63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| ddlCountry_Change function| handleKeyPressSearch function| getCookie function| centerPopUp function| getViewportHeight function| getViewportWidth object| LightBox number| mobileScrollPos object| WindowSize object| Tabbable function| $ function| jQuery function| Init function| Setup function| Scroll function| ShineOn function| ShineOff object| Gentle_Anchors object| SBMX function| lity object| dataLayer function| DIL function| e object| adobe function| Visitor object| xDIL object| se object| s_c_il number| s_c_in object| SearchDefaults function| RecurringTimer function| Rotator function| TouchRotatorComponent string| _linkedin_data_partner_id object| pdfLinks number| len object| _bfnrotator string| cName object| pCOOKIES number| bb object| NmeVal object| google_tag_manager function| postscribe object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| amzn boolean| clickTaleTagInjected function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| CS_CONF object| CSPathComputation object| _uxa13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.amazon-adsystem.com/ | Name: ad-id Value: A9ROWOR83Ey1mxioleCl0YY |
|
.amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
|
.bfni.ca/ | Name: _hjid Value: 82f7ec00-dfe5-48c1-941e-bfa46a81d835 |
|
.demdex.net/ | Name: dextp Value: 269-1-1594317845019|358-1-1594317845120|601-1-1594317845220|771-1-1594317845321|822-1-1594317845422|1121-1-1594317845522 |
|
.mx-staging.bfni.ca/ | Name: ad_uuid Value: 66510637940839743950418866763328811092 |
|
.bfni.ca/ | Name: _dc_gtm_UA-16719465-8 Value: 1 |
|
.bfni.ca/ | Name: _ga Value: GA1.2.1866308448.1594317845 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnex8G-GkQCuX2-2zSBHlFChHym7--jXiTpBgnCZafdb7HwnJV2I18KDeZS |
|
.bfni.ca/ | Name: _gid Value: GA1.2.219334011.1594317845 |
|
.bfni.ca/ | Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 1075005958%7CMCIDTS%7C18453%7CMCMID%7C58635486111365452570631291434627980614%7CMCAAMLH-1594922644%7C6%7CMCAAMB-1594922644%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1594325044s%7CNONE%7CMCSYNCSOP%7C411-18460%7CvVersion%7C4.4.1 |
|
.bfni.ca/ | Name: _fbp Value: fb.1.1594317845083.1843519784 |
|
.bfni.ca/ | Name: _gcl_au Value: 1.1.1255000538.1594317845 |
|
.demdex.net/ | Name: demdex Value: 66510637940839743950418866763328811092 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: 'unsafe-inline' 'unsafe-eval' data:;connect-src 'self' https: wss: 'unsafe-inline' 'unsafe-eval'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1;mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9050316.fls.doubleclick.net
assets.adobedtm.com
c.amazon-adsystem.com
cdn.agilitycms.com
cdnjs.cloudflare.com
cdnssl.clicktale.net
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
mx-staging.bfni.ca
px.ads.linkedin.com
s.amazon-adsystem.com
scotiabank.demdex.net
scotiabankfiles.azureedge.net
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.224.199.29
147.75.100.245
147.75.33.131
147.75.33.229
172.217.23.166
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:85e5
2620:1ec:21::14
2a00:1450:4001:806::2008
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9b
2a02:26f0:6c00:2a0::2db0
2a02:26f0:eb:390::1e80
2a02:26f0:eb:3b4::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
52.18.58.124
52.228.35.138
54.76.175.152
66.117.28.86
72.21.206.140
02df832a6737132c45d19c6e2d32e42fcf97fdd873d3a49d8140dd72d16b23ba
05e2c9fd7f7fc220962768fa468724eb7e8b5c33fa2db26dcf504264269029a0
085b97a5ab443590df9e71f58d134986a182c27dd36d6c657e75f19294be27c0
0cd1baf87e8115f4bb21d0b12096e25babc8c1f458aa6acda5feade28cfd3554
0df61bd42b29aad66b5a3416423f524e4b728953ea7b3c4c9f7f674572b91f7a
0e104595b9e95a8001a5ba07b2f1a14308f2d0a275a9a74bc75a79ec90f090df
0e3dafad1e0e1da4d74087c5c2a9687ee9d8e4d9e6da014f9970ce82f24db56a
0fe43a4b943c8a9d3c66429a5908636cae46a710cad5ed87fb12aa03a9c6ec88
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
225b303fb805a0458183fda35006011553774d40bfda9de266af3d6ba387bd7a
23a4b968ffe44e832e8db97ce012113969c256aff955bf2da26b94b85ea633cd
2c6e1eb6cb7d283ef4cb5173bab78a94f0421f6a508155a3000aa5de8112b5a8
2eee16d94346aca4d56f71215945e76ca4f2de1bb4375eeaa13bb7dda1b14015
348416eccd0fbc1f692ab79fe4f2d2c89357e8a8d8225d49f25eab7f378cdcb3
3751f37d4aa2c0f6cbf756a2c912e109a8d6a035e3c8dd2d5f8babe7c80fc0eb
382a8ba64ebf7975efb986a413afc146b4fd377eb746b3485043ee7158f38972
3e76dd384aa094b70be98493cd5bae61b46da8835b6356ffc069a0ed896a7d8e
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4216df7efb24441133d6829766bc8e804e7bc2ef1ed909ca653c94b3267c27b1
493012b7d424ad3186f158e20583939c56d8da99405fad028544d80258d191fd
4ab8ef10aa463eb98cdc335e65a1eaf2d16be4e5d52762d6e0d5cd510a101dd4
4fe10d7f380355058083ee984e9b96a3090d5350c825d2079363b66ae9dd2135
5002d831cf0d74b06ce04cb0db00faf4912a9cd81cd18bac1946379b8a6e9295
56547bc5916d3717d3939976cd0644d6d3eaaaa0b85d3663063d4d92d2b4182c
5aac17ce5a596d58c1444b90ef3c63f82dd90571f30cb952b4ffbd83015ac261
5aeddf5d9a89f4744a58633295278a754c34557eb342d346b4ed69540ec010c4
5bc665ff01c9ef52ea30ef1d06ec4590b5ee190e06db2b6c79ed38b1c4d7930e
5e8308b8c38a2b5359cd2835dddfdc17756a63d6e7b647e9a0aa9a1cffe7cba7
61b5e7be34454b35214df2ac3ed00a490385223bf8009b22f9d83f257fa3c6a8
645ebc34705c98569aadf626ca4afa08708ec07f0c01afd143eba86d08afa761
66385667c02dc2fd0115b5c7a369221c810bed40b6d880d8bad5be0f2d281dd1
67baa589d2128ccd73bd710b56976a058547e2c401e5bbf64019beb0f32fa0a0
7555831ca5aefb7f39cfdaaebcdf8b898da0c90ed43dfd7976b698537d46a6e6
78d8b637bc411447213ab4ba36e24fb46dbdeef9b8b13516e305dba70eceb06a
7bcfdb83e2d5d299df1f6da5e566a367d4d0198b0768b24c24dfa0875a7a5736
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8481d8ff33537ffe4f56abec85799d8d0b2cd51174018bce5ad6783956cf63b9
877b3784517bcd06618ed594e1bc7fad996065f92c5bd0caa2f5fdfa24f3bc6a
8785743b01c663969835fbf95cf30627e645bfa400107de59917a61fba2f964c
8b0c8084ec9ac519b94d1bade184fe31be15115b88a8cdb9d46db01aa81cbdb1
8c1c60b79b3e65b3d04095801291ab91ffefdd9b2b578d622d98b9844bfe2f8e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
940ebf6351c35b6ebaa73d92236a9f908ff825f56795444980d04fd1b4516c2d
96a7829ded392b8cf80eeff90ec702941801d34425eea433cab7f2f69662f58c
9b596a8c31748aba7beb202b2daedcbbce34ad1037eecd9bd2a4845209c0b821
9e2cdd49723ec96a42175155f5fc8e1751911de118f5d45c5cd1f0a9a7018d0b
a18b9d3a6421974b636671feea76cece1d76d71bfbdae36150464c6e4677547b
a2a0b65472bab890e0f20259b5011f1a4bf88bee55566c27fe5b54e649d3c54d
a836db9742f6e9e8a6cf29efdeb00c37f4b859ee5ee6bae76a16bb104a91e114
af3b55cd44e9b881047ac906ad729b60d63f32ec164bcf59223f1083f3080d45
b38f47fae3ba95e89890779c5d982bfa9eb8001a6900f24a6b27eb3f4af64a49
b4273bb6b8f3e6c0f2a77fb8030267a62bd864f15aef22c716c19db6cb41ba94
b5ef56344bed5810b08f5240b5fe8856c4939fb00b8103c1dfe7911a5331bca9
b6959e96d24808b6c6e6dfe02b06816a57219b0dbc64d3c4d4c97699007b898d
bfb5bfc8e5f33eaa68d8e98c2398d1b4d414993186393ec90a8edd1ebd5689a5
c47e5df6cfc5b5a6e25bfa4523d3d855ee62bfb95b71943c016982e739f1b562
d00ed857057c8c99cc61a860937ba668f1b48d589be5e1ed6a5aad9da26a5084
d0873c0c42212a2566c575c14c7d6aa922e287325b592074f8d46291e9153f2a
d6b97c3adae89045ed65cfdeb864c4a8b2116a1023cca92b2f46d3a6db139419
d6bb0b70d8e655372c426bb4bd262f9b15d47c376c4d0289306b7f6bd1366a05
dd4b1ba44ad89411d5e49af5cf4bbbf9365d4c5e043b9e1f67ddbb6d17835e75
ddff7291f55ccc4df541ec758c3024cb7d3942289495fbc740e6fc80ff831377
e2b8a416894cf4b606e7b510a7f6971d2b7d0562254aec608526ab30e18107cb
e37584e9b32f0299ea0e9997ca2faf5199658dfc23a97e6b451a9dccacb680a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bcd6f7827fb362f6e340bd6b010aaa1c0375e845d0b0566112735d34351be6
e86f966eb0999b30ba63c5ad7a1aa7ed403a581809112a1f76b866d477bda654
eae5a3981b08f19063dda195a22a6487d7c71bfd0f3b00e908ffeb5458b916be
eb794075f1bfeeb7e40b4e91c3bd36cfaa0fd786e26a445e968fa9afa7071881
ec89fdf53a67c1531cd1b45a2c6b9b10f3a7ca1ae4f5b898f15009a59aa41946
eef4bd6e3dd4d278f245c5bc57185c8447911d273d10165e219839076fa35615
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43c26bbcda05b34bfab2b4014f74496b2b4b825324c63c00843c43b5a2705f7
f62f3a22c8dfd5b4af86d3c6d7488b487261fe033ef4c4b2e38f7de59543a316
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955