www.bninvestissements.ca
Open in
urlscan Pro
104.111.219.22
Malicious Activity!
Public Scan
Effective URL: https://www.bninvestissements.ca/
Submission: On July 02 via manual from CA
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on October 25th 2018. Valid for: 2 years.
This is the only time www.bninvestissements.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: National Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.119.99 13.111.119.99 | 22606 (EXACT-7) (EXACT-7 - ExactTarget) | |
50 | 104.111.219.22 104.111.219.22 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
9 | 104.111.217.111 104.111.217.111 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 3 | 52.212.6.126 52.212.6.126 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 2a00:1450:400... 2a00:1450:4001:816::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 52.19.121.121 52.19.121.121 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 66.117.29.225 66.117.29.225 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 1 | 66.117.28.86 66.117.28.86 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 52.222.157.50 52.222.157.50 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 216.58.205.230 216.58.205.230 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 54.171.104.131 54.171.104.131 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
76 | 12 |
ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.messagebnc.nbc.ca
click.messagebnc.nbc.ca |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-219-22.deploy.static.akamaitechnologies.com
www.bninvestissements.ca |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-217-111.deploy.static.akamaitechnologies.com
assets.adobedtm.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-6-126.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-121-121.eu-west-1.compute.amazonaws.com
nationalbankofcanada.demdex.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
nationalbankofcanada.d2.sc.omtrdc.net |
ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-50.fra53.r.cloudfront.net
cdn.appdynamics.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net
5357220.fls.doubleclick.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-104-131.eu-west-1.compute.amazonaws.com
col.eum-appdynamics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
50 |
bninvestissements.ca
www.bninvestissements.ca |
944 KB |
9 |
adobedtm.com
assets.adobedtm.com |
65 KB |
4 |
youtube.com
www.youtube.com |
931 B |
4 |
demdex.net
1 redirects
dpm.demdex.net nationalbankofcanada.demdex.net |
3 KB |
2 |
facebook.net
connect.facebook.net |
24 KB |
2 |
doubleclick.net
1 redirects
5357220.fls.doubleclick.net |
625 B |
2 |
appdynamics.com
cdn.appdynamics.com |
43 KB |
2 |
omtrdc.net
nationalbankofcanada.d2.sc.omtrdc.net |
6 KB |
1 |
eum-appdynamics.com
col.eum-appdynamics.com |
297 B |
1 |
facebook.com
www.facebook.com |
323 B |
1 |
ytimg.com
s.ytimg.com |
8 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
527 B |
1 |
nbc.ca
1 redirects
click.messagebnc.nbc.ca |
208 B |
76 | 13 |
Domain | Requested by | |
---|---|---|
50 | www.bninvestissements.ca |
www.bninvestissements.ca
|
9 | assets.adobedtm.com |
www.bninvestissements.ca
assets.adobedtm.com |
4 | www.youtube.com |
www.bninvestissements.ca
assets.adobedtm.com |
3 | dpm.demdex.net |
1 redirects
assets.adobedtm.com
www.bninvestissements.ca |
2 | connect.facebook.net |
assets.adobedtm.com
connect.facebook.net |
2 | 5357220.fls.doubleclick.net |
1 redirects
assets.adobedtm.com
|
2 | cdn.appdynamics.com |
assets.adobedtm.com
cdn.appdynamics.com |
2 | nationalbankofcanada.d2.sc.omtrdc.net |
assets.adobedtm.com
|
1 | col.eum-appdynamics.com |
cdn.appdynamics.com
|
1 | www.facebook.com | |
1 | s.ytimg.com |
www.youtube.com
|
1 | cm.everesttech.net | 1 redirects |
1 | nationalbankofcanada.demdex.net |
assets.adobedtm.com
|
1 | click.messagebnc.nbc.ca | 1 redirects |
76 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
mfda.ca |
www.bnc.ca |
www.linkedin.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bnc.ca Entrust Certification Authority - L1M |
2018-10-25 - 2020-10-25 |
2 years | crt.sh |
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-06-27 - 2021-07-01 |
2 years | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
*.google.com Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
*.d2.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2019-04-23 - 2020-04-14 |
a year | crt.sh |
*.appdynamics.com DigiCert SHA2 Secure Server CA |
2019-04-15 - 2020-06-17 |
a year | crt.sh |
*.doubleclick.net Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
*.eum-appdynamics.com DigiCert SHA2 Secure Server CA |
2019-04-15 - 2020-06-10 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
https://www.bninvestissements.ca/
Frame ID: F9548783689F6DF5C8914B84297E813D
Requests: 69 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/VcxBlQ4xcLo?rel=0&showinfo=0&enablejsapi=1
Frame ID: 0F507CAA8DE00A858DAB5630B8F09B7D
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/K4oHnArnmEQ?rel=0&showinfo=0&enablejsapi=1
Frame ID: 2CB4069CD0A2774FF6F2F180178B2BF3
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/e6QsWol2148?rel=0&showinfo=0&enablejsapi=1
Frame ID: D5C5BE4BF1842866E0C4E6B74572DE79
Requests: 1 HTTP requests in this frame
Frame:
https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=0
Frame ID: 5E4433BC0918084A95D517BEFE5A5391
Requests: 1 HTTP requests in this frame
Frame:
https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5c62fb7764746d2dde00212d.html
Frame ID: 7C4FAA3DEE766ACB4B37892FAFF2C782
Requests: 1 HTTP requests in this frame
Frame:
https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5c66d65b64746d205d000f86.html
Frame ID: 1C54E1E1C4BE4B9272EDC3D6ACF00528
Requests: 1 HTTP requests in this frame
Frame:
https://5357220.fls.doubleclick.net/activityi;dc_pre=CIyYq9PbluMCFUuLdwoduR8Nxg;src=5357220;type=bnc-p001;cat=bnc-p00x;u1=undefined;u2=;u3=;u4=fr;u5=bni;u6=site;u7=undefined;u8=;u9=bni:accueil;u10=;u11=;u12=;u13=;u14=;u19=bni:accueil;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: BF8513BF3D7FDE1C1FDC5F347471A39D
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://click.messagebnc.nbc.ca/?qs=522c0f8076d88697ba61babaccd987b3eec81420b9388f8e98dcce3772d0aacf7179fda5...
HTTP 302
https://www.bninvestissements.ca/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Adobe DTM (Tag Managers) Expand
Detected patterns
- script /\/\/assets.adobedtm.com\//i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
SiteCatalyst (Analytics) Expand
Detected patterns
- script /\/s[_-]code.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: Banque Nationale Investissements inc., à titre de courtier en épargne collective, est membre de l’Association canadienne des courtiers de fonds mutuels.
Search URL Search Domain Scan URL
Title: Banque Nationale du Canada
Search URL Search Domain Scan URL
Title: Filiales Banque Nationale
Search URL Search Domain Scan URL
Title: Suivre BNI sur LinkedIn
Search URL Search Domain Scan URL
Title: S'abonner à la chaine youtube
Search URL Search Domain Scan URL
Title: Conditions d'utilisation
Search URL Search Domain Scan URL
Title: Politique de confidentialité
Search URL Search Domain Scan URL
Title: Fichiers témoins
Search URL Search Domain Scan URL
Title: L'ABC de la sécurité
Search URL Search Domain Scan URL
Title: Conditions d'utilisations
Search URL Search Domain Scan URL
Title: Fichiers témoins
Search URL Search Domain Scan URL
Title: L'ABC de la sécurité
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://click.messagebnc.nbc.ca/?qs=522c0f8076d88697ba61babaccd987b3eec81420b9388f8e98dcce3772d0aacf7179fda519da4f1a090dc310b74ff0a11e5d802c6d948520
HTTP 302
https://www.bninvestissements.ca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 56- https://cm.everesttech.net/cm/dd?d_uuid=06575600894224806192452427126349899478 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XRuOcAAAFDXMBRKk HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XRuOcAAAFDXMBRKk
- https://5357220.fls.doubleclick.net/activityi;src=5357220;type=bnc-p001;cat=bnc-p00x;u1=undefined;u2=;u3=;u4=fr;u5=bni;u6=site;u7=undefined;u8=;u9=bni:accueil;u10=;u11=;u12=;u13=;u14=;u19=bni:accueil;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
- https://5357220.fls.doubleclick.net/activityi;dc_pre=CIyYq9PbluMCFUuLdwoduR8Nxg;src=5357220;type=bnc-p001;cat=bnc-p00x;u1=undefined;u2=;u3=;u4=fr;u5=bni;u6=site;u7=undefined;u8=;u9=bni:accueil;u10=;u11=;u12=;u13=;u14=;u19=bni:accueil;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
76 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
www.bninvestissements.ca/ Redirect Chain
|
346 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-5c00cefc6c4cde92fec11380007558ee1044df19.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/ |
132 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/vendor/jquery/ |
96 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/vendor/ |
35 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/vendor/ |
20 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dotdotdot.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/vendor/jquery/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
websites.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
component.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-sticky-1-0-4.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/vendor/jquery/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stickyBehavior.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deviceSpecificAction.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
835 B 926 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eventBus.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
events.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/components/product/clientlibs/core/ |
13 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dataLayer.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bncCrossOriginWindowCommunication.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aemFrame.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.min.css
www.bninvestissements.ca/etc.clientlibs/web-sites-bncr/clientlibs/clientlib-site/ |
791 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/components/schema/clientlibs/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-bnc-flag.svg
www.bninvestissements.ca/content/dam/bnc/commun/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-bni.png
www.bninvestissements.ca/content/dam/bni/logo/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-bnc-162x42.png
www.bninvestissements.ca/content/dam/bnc/formulaires/picto/ |
116 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-close.png
www.bninvestissements.ca/etc.clientlibs/web-sites-bncr/clientlibs/clientlib-site/theme/resources/images/ |
600 B 994 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eventListenerHandlers.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
basepage.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sticky.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/components/layouts/bni/header/clientlibs/ |
11 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/components/panelContainer/clientlibs/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
textandimage.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lightbox.min.css
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lightbox.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modal.min.css
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
553 B 717 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modal.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/components/columns/clientlibs/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-architecture-ouverte-400x135.png
www.bninvestissements.ca/content/dam/bni/img/graph/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-portefeuilles-meritage-400x109.png
www.bninvestissements.ca/content/dam/bni/img/graph/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-cadenas-48x61.png
www.bninvestissements.ca/content/dam/bni/icon/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-sales-representative-47x62.png
www.bninvestissements.ca/content/dam/bni/icon/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-send-message-60x43.png
www.bninvestissements.ca/content/dam/bni/icon/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-contact-us-42x54.png
www.bninvestissements.ca/content/dam/bni/icon/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-mfda-fr-400x69.png
www.bninvestissements.ca/content/dam/bni/logo/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picto-logo-bn-24x22.png
www.bninvestissements.ca/content/dam/bnc/particuliers/picto/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
collapse-responsive.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/components/collapse/clientlibs/site/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsiveBootstrapToolkit.min.js
www.bninvestissements.ca/etc.clientlibs/web-sites/clientlibs/core/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5cc0c8a464746d503d000190.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
51 B 303 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datalayer-rules-bni.json
www.bninvestissements.ca/content/dam/dataLayerConfig/ |
60 KB 61 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnc-icon-font.ttf
www.bninvestissements.ca/etc.clientlibs/web-sites-bncr/clientlibs/clientlib-site/theme/resources/fonts/bnc-icon/ |
4 KB 4 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gilroy-Light.woff2
www.bninvestissements.ca/etc.clientlibs/web-sites-bncr/clientlibs/clientlib-site/theme/resources/fonts/Gilroy/ |
25 KB 25 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gilroy-SemiBold.woff2
www.bninvestissements.ca/etc.clientlibs/web-sites-bncr/clientlibs/clientlib-site/theme/resources/fonts/Gilroy/ |
25 KB 26 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gilroy-Regular.woff2
www.bninvestissements.ca/etc.clientlibs/web-sites-bncr/clientlibs/clientlib-site/theme/resources/fonts/Gilroy/ |
24 KB 25 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gilroy-Medium.woff2
www.bninvestissements.ca/etc.clientlibs/web-sites-bncr/clientlibs/clientlib-site/theme/resources/fonts/Gilroy/ |
25 KB 26 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VcxBlQ4xcLo
www.youtube.com/embed/ Frame 0F50 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
K4oHnArnmEQ
www.youtube.com/embed/ Frame 2CB4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e6QsWol2148
www.youtube.com/embed/ Frame D5C5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
nationalbankofcanada.demdex.net/ Frame 5E44 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
nationalbankofcanada.d2.sc.omtrdc.net/ |
3 B 488 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Redirect Chain
|
42 B 769 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
859 B 931 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5be30d8464746d259c003c6d.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
596 B 556 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5ccca09764746d75360039d8.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
680 B 581 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5bdc6d3364746d728c00105e.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
1 KB 766 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-73f5415a426aa2f6d7f3faa224ec9dcfe44499f0.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/ |
62 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflPBjLfx/ |
21 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-4.5.0.773.js
cdn.appdynamics.com/adrum/ |
65 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ban-accueil-2000x400.png
www.bninvestissements.ca/content/dam/bni/ban/ |
357 KB 357 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js
cdn.appdynamics.com/ |
50 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5c62fb7764746d2dde00212d.html
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ Frame 7C4F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5c66d65b64746d205d000f85.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5c66d65b64746d205d000f86.html
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ Frame 1C54 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CIyYq9PbluMCFUuLdwoduR8Nxg;src=5357220;type=bnc-p001;cat=bnc-p00x;u1=undefined;u2=;u3=;u4=fr;u5=bni;u6=site;u7=undefined;u8=;u9=bni:accueil;u10=;u11=;u12=;u13=;u14=;u19=bni:accueil...
5357220.fls.doubleclick.net/ Frame BF85 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
53 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1783130221942772
connect.facebook.net/signals/config/ |
21 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 323 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAM-UUN/ |
0 297 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s75272048095539
nationalbankofcanada.d2.sc.omtrdc.net/b/ss/nbca-bni-production/10/JS-2.9.0-D7QN/ |
5 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: National Bank (Banking)57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| Visitor object| _satellite object| s_c_il number| s_c_in number| adrum-start-time function| $ function| jQuery object| jQuery111204284600270355565 object| html5 object| Modernizr function| yepnope object| respond object| Websites function| EventBusClass object| EventBus object| com object| elements object| digitalData object| cqtags function| picturefill object| bowser string| parameter object| fakeScroll boolean| firstDownload function| clickEventDownloadHandler object| ResponsiveBootstrapToolkit string| dtmSource object| YT object| YTConfig function| onYTReady string| video_state string| video_time object| player function| onYouTubeIframeAPIReady function| onPlayerStateChange object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| adrum-config function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq object| ADRUM object| nodes string| trackingCode function| fbq function| _fbq object| s_i_nbca-bni-production3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: demdex Value: 06575600894224806192452427126349899478 |
|
.bninvestissements.ca/ | Name: AMCV_1E24776A524450D90A490D44%40AdobeOrg Value: -330454231%7CMCIDTS%7C18080%7CMCMID%7C00553110837006205593165004915739225906%7CMCAAMLH-1562691823%7C6%7CMCAAMB-1562691823%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1562094223s%7CNONE%7CMCSYNCSOP%7C411-18087%7CvVersion%7C3.1.2 |
|
www.bninvestissements.ca/ | Name: BIGipServer~PR_ECOM~WWW.BNC.CA_HTTPS_443_POOL Value: rd1807o00000000000000000000ffff0a40924co443 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5357220.fls.doubleclick.net
assets.adobedtm.com
cdn.appdynamics.com
click.messagebnc.nbc.ca
cm.everesttech.net
col.eum-appdynamics.com
connect.facebook.net
dpm.demdex.net
nationalbankofcanada.d2.sc.omtrdc.net
nationalbankofcanada.demdex.net
s.ytimg.com
www.bninvestissements.ca
www.facebook.com
www.youtube.com
104.111.217.111
104.111.219.22
13.111.119.99
216.58.205.230
2a00:1450:4001:808::200e
2a00:1450:4001:816::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.19.121.121
52.212.6.126
52.222.157.50
54.171.104.131
66.117.28.86
66.117.29.225
016cd8cb9dfca38ef908809cc3b78a5293ad5ab8c0507d8b43f2bd0189ac0118
0a05d9d769b0948b7be13d4b759f354cbae2a141530ab602e5d3189c6144f876
0c74c09170147afdc30f00d3aee7913aa6ce428eef81e90d67bc59dc08e9b096
0dd5aca6f75da5a763256a2c3b3acadcffb3c547633e8a4ee3cb198537478f78
0e9b606b64960e08b874fcc0dc2a5465c63389c87ca22c54e60fe10ff7275137
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14a806b8e455dcc19500055370d9972233470b28bd0cd5c81ece4bd115267faa
1719f6580a787e2868d91118ce6ba052eb179160a5e9cec05d846079a8d29b94
176ebb5253835bee30c9dc82088979dd5fde91bc49421f08102e094b08136b5e
18561726f05838d7205651a103db5f7ce9dbc1d071e8a5760076ae2f0c10451e
1b74d5c7ef3416806f45dcf59aa5c09d8f9b7007dbb2fabe3411aebb4867f8ff
1da87730df8eb665b900822b6992f7efe09dff1e56914a07a2101ecc75ac8640
1f0a166a9d871f1e11e7f24c885812e39ece64afa502c72bfbb766568bc8013d
24024f1914debd173dd104d5d94691b70b8604147f4d8b7b3de2b5c57b0cc3b6
2ae170bed35d4855d90218dab63edb2a6ad3ccbdbf231cb80db6026141649e0e
322503771f6e438ab2426cdf4971bd17899b91d03b246671f463aac17f68a7be
35b13821af1fbc1316984182011305e120c7cac0a5cb5aec9a4a7f5271a4a068
384f77a58459e64ff3466cf96741516c16ea82e3fa7dc01c4dafc5da76a0864a
39015ed7481e15d749561610c7cd0187f18d1d3cd880315bb9ad0df856d51b04
3c18026d2fbb405ddc841df5316d5fa30a9c47d8449af259678d5d675f22c398
412f96bf41a2aa57127c5a1d5595121330be95297d86e23eec3945448e037f99
4ad760e5f40c551b558a388fe5c4f22a41a32bda4b253fccd7cf0e7c1116f843
4afb3f04d0617d104427982eb32e287352d7bde19384fe8d4d48ab5efe9ae6e5
5398dbad7f8bf81a4b784833d35901a2bd70ae9c2621f88184392851c8d57b8a
57fe6a3166f0192781aa98c77f79a09fa0a45b0566d216238921bd3b2c9bda6c
593f3cd8adef879b9fbf9f319dcbb36971cbeabc7fb6fc79f7bd18dfc8746328
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
66e1090e163eaf25c4b49ff5210abd1b9d3e583f2d2e78873b14c68dda2a3582
68028d2ad29ed3b633d0a2f7bd356a0c85c2a255a89680327f39b5feb0434540
6f7646254a2cf0cc9dad80b623a082360c32664f89f3e4cc3840aa08382ab046
7209f7a038cb90659845bc2c4ed33953b3f9f456546a4a07d0ebb07850a8f4cb
73a969a4353147eb5be29d77a2865f7998213e217127fa27bb0393ac4b060586
752c4b425751d1fa1c101d1c5d95e782dc4f526252be74b27fb0e431f411af36
7d8c8e4adf9a346fae8bf53dbf9a7345182d9313d24e5bd20b234ee1516890b4
7ecaf543aa86bff1ce6d50c7dc171f6fea99ddd1df9e4d7134f2f9155ee93a34
82e2d5865f4c41eb4074fc4b388c46bbc60e1c40b6e014ada23510f1d32c6ba4
8fa32c6511b332686295c33cace99d00c618de613db67a2b07cc7e8499ba1fcf
94c887343159adc85f5de06513962ba1b45ac0cbca39e3d2a59bc64fe5d8004d
95fb733de03dbaa7f2908433aa1a6c1451a5d0e169332f1974e8f46c0c890f56
982817f6015c1893ccc11e50e97597632cd56eb62cf6b112b9e43198e80a8ba9
a409a2907eb084543167f019235ce5e2a94a5b4ab1d99b19806df27ee59f77e6
a5384fe41f11026d72f95765a86e87846217dfa1dba3473e2e83d42528fcf650
a85d87d5fca459b33d20764add8ee341ebc2305daba4def776f7f8998987f056
a8744888aebf3312de33f70872d7bc0f33f7588debe70073160d1574465899a3
ace709165c891fe5f9aa88bc2ae05e8581b51f5ffeefe803cdc54f18ec2d4a46
af2c4b1a82033adc5b5270c573dc5b2e7a074ecb37bc342d58196f2d6ab07a90
af30c9eb3ac5f9cba397622da80e8c51615c1c2be9061280e347bb9475400b76
b3ffa5dfc4d8fc8e8a592a3fdac22b420a9b4772d558bc0b7156a52823e38da9
b41905f1b1a49e0672cef87d69782e1e27f2f2cfae0d4aa38e8ce8d90292969a
b61727847d181470ec4388f0789fbd167efc78798d5d44b5b682f7f7a2c235c8
bad57958155308a4d887d02e79eed962393128bb171991c869a3af0eebf8d927
c0694d81bac29574ef471c16e2f41e0ea7bbadf1280639d0442bed6f440a7861
c1ece79cdb56536cba866c6576aa9353c374fa5d19b8a5bcaee616e53429343c
c2be68257a8acf5e5bb5b6a3b78d091fac746cdf6b4ed10881d2595b888fccb3
c65449f2910795772826db564730ea6b492ce6b927071440ddb3bf62bb27074c
c66c7e8a427cd432ee98f05833672746ab85d5702b1a066020590fa19e33604b
c8425c3f87ee6171a94c0761a321e8229cb6a09e57470cbffc699426938ac937
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdcde695daff0f075ccbcc552c6cf3a474aac2cf2107259cd69d4513fb9cf863
cdef084ebde68e5ddd9ea12aac9305b514e526ebdeb7cb48fc2b482f631c021e
e220b03de15ac4f143023772ad21a880056a0186c53651005d5f2beb022bc4ad
e26287c8e2b22e5fe88614e1fedeac3eee867a6169425aa557f1280378e23f59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea11dd3dcfcb1eb9459b7af77bad4a5fd7fda1c27aec65d681d3ef04cbb4578a
ee48e8e55e4506a62cc2c68ac2363844a7cc7b021e571777b24eea04210800a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27ac0906ed6681932e15620e7e11e5f0968e21ee7a8694bca0f5a3372eb646e
f7fadba864dce6361098f7eaaa8fc176ff733734235f967151bdad50b0d580f3
ff8e51a069b1dae80f424aefb694739f4f8518992e5a988ee359c0b448bf3c7a