fcb-b70-qa.adobecqms.net
Open in
urlscan Pro
52.4.66.119
Malicious Activity!
Public Scan
Submission: On October 16 via api from US
Summary
TLS certificate: Issued by DigiCert Global CA G2 on August 26th 2020. Valid for: a year.
This is the only time fcb-b70-qa.adobecqms.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: First Citizens Bank (Banking)Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-66-119.compute-1.amazonaws.com
fcb-b70-qa.adobecqms.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-68-226.compute-1.amazonaws.com
trk.firstcitizens.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-138-222.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-96-5-142.ca-central-1.compute.amazonaws.com
www.sc.pages08.net |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-49.vie50.r.cloudfront.net
js-cdn.dynatrace.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-153-209.eu-west-1.compute.amazonaws.com
firstcitizens.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-90-77.eu-west-1.compute.amazonaws.com
firstcitizens.tt.omtrdc.net |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
9786468.fls.doubleclick.net |
ASN13335 (CLOUDFLARENET, US)
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com | |
siteintercept.qualtrics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
firstcitizens.sc.omtrdc.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-167-71.compute-1.amazonaws.com
bf55932nol.bf.dynatrace.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
adobecqms.net
1 redirects
fcb-b70-qa.adobecqms.net |
2 MB |
10 |
qualtrics.com
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com siteintercept.qualtrics.com |
54 KB |
4 |
firstcitizens.com
trk.firstcitizens.com |
35 KB |
4 |
adobedtm.com
assets.adobedtm.com |
130 KB |
3 |
doubleclick.net
1 redirects
9786468.fls.doubleclick.net stats.g.doubleclick.net |
1 KB |
3 |
dynatrace.com
js-cdn.dynatrace.com bf55932nol.bf.dynatrace.com |
54 KB |
3 |
demdex.net
dpm.demdex.net firstcitizens.demdex.net |
2 KB |
2 |
omtrdc.net
firstcitizens.tt.omtrdc.net firstcitizens.sc.omtrdc.net |
870 B |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
sitescdn.net
assets.sitescdn.net |
158 KB |
1 |
google.de
www.google.de |
513 B |
1 |
google.com
www.google.com |
513 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
554 B |
1 |
youtube.com
www.youtube.com |
|
1 |
pages08.net
www.sc.pages08.net |
14 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
38 KB |
68 | 16 |
Domain | Requested by | |
---|---|---|
32 | fcb-b70-qa.adobecqms.net |
1 redirects
fcb-b70-qa.adobecqms.net
|
9 | siteintercept.qualtrics.com |
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com
siteintercept.qualtrics.com |
4 | trk.firstcitizens.com |
fcb-b70-qa.adobecqms.net
trk.firstcitizens.com |
4 | assets.adobedtm.com |
fcb-b70-qa.adobecqms.net
assets.adobedtm.com |
2 | bf55932nol.bf.dynatrace.com |
js-cdn.dynatrace.com
|
2 | 9786468.fls.doubleclick.net |
1 redirects
assets.adobedtm.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | dpm.demdex.net |
assets.adobedtm.com
fcb-b70-qa.adobecqms.net |
2 | assets.sitescdn.net |
fcb-b70-qa.adobecqms.net
assets.sitescdn.net |
1 | firstcitizens.sc.omtrdc.net | |
1 | zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com |
assets.adobedtm.com
|
1 | www.google.de |
fcb-b70-qa.adobecqms.net
|
1 | www.google.com |
fcb-b70-qa.adobecqms.net
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | firstcitizens.tt.omtrdc.net |
assets.adobedtm.com
|
1 | cm.everesttech.net | 1 redirects |
1 | firstcitizens.demdex.net |
assets.adobedtm.com
|
1 | js-cdn.dynatrace.com |
fcb-b70-qa.adobecqms.net
|
1 | www.youtube.com |
fcb-b70-qa.adobecqms.net
|
1 | www.sc.pages08.net |
fcb-b70-qa.adobecqms.net
|
1 | www.googletagmanager.com |
assets.adobedtm.com
|
68 | 21 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
author-q.firstcitizens.com DigiCert Global CA G2 |
2020-08-26 - 2021-08-27 |
a year | crt.sh |
ssl882143.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-05-19 - 2020-11-25 |
6 months | crt.sh |
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-10-22 - 2021-10-01 |
2 years | crt.sh |
trk.firstcitizens.com DigiCert SHA2 Secure Server CA |
2020-07-10 - 2022-07-11 |
2 years | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.engage8.silverpop.com DigiCert SHA2 Secure Server CA |
2020-04-16 - 2021-04-21 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
js-cdn.dynatrace.com Amazon |
2020-05-01 - 2021-06-01 |
a year | crt.sh |
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2017-10-19 - 2020-11-25 |
3 years | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.qualtrics.com DigiCert SHA2 Secure Server CA |
2018-10-08 - 2021-01-06 |
2 years | crt.sh |
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-02-28 - 2022-03-04 |
2 years | crt.sh |
*.bf.dynatrace.com Amazon |
2020-03-07 - 2021-04-07 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://fcb-b70-qa.adobecqms.net/?param=
Frame ID: 765E8BB2C066D87A553673AF6BB72A4D
Requests: 65 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/9NPeKR6xvGo?enablejsapi=1&rel=0
Frame ID: D9F22DE24CA8BA974EE95ACD39A5EB48
Requests: 1 HTTP requests in this frame
Frame:
https://firstcitizens.demdex.net/dest5.html?d_nsid=0
Frame ID: 02DA17E074E6EAEB269E8E3911FF2D98
Requests: 1 HTTP requests in this frame
Frame:
https://9786468.fls.doubleclick.net/activityi;dc_pre=COfPxL3guewCFYTLuwgdScMFuw;cat=fcb-u0;ord=1;src=9786468;type=unive0
Frame ID: 047F6B6735CFF366DD813E566E49F550
Requests: 1 HTTP requests in this frame
29 Outgoing links
These are links going to different origins than the main page.
Title: Find a Branch , Opens in a new tab
Search URL Search Domain Scan URL
Title: Careers, Opens in a new tab
Search URL Search Domain Scan URL
Title: , Opens in a new tab
Search URL Search Domain Scan URL
Title: , Opens in a new tab
Search URL Search Domain Scan URL
Title: , Opens in a new tab
Search URL Search Domain Scan URL
Title: , Opens in a new tab
Search URL Search Domain Scan URL
Title: Enroll Now Enroll in digital banking now
Search URL Search Domain Scan URL
Title: Forgot ID Select if you forgot your ID
Search URL Search Domain Scan URL
Title: Password? Select if you forgot your password
Search URL Search Domain Scan URL
Title: Log In Select to log in to BOB Advantage
Search URL Search Domain Scan URL
Title: First Citizens Rewards®, Opens in a new tab
Search URL Search Domain Scan URL
Title: My Insurance Center, Opens in a new tab
Search URL Search Domain Scan URL
Title: Online Brokerage, Opens in a new tab
Search URL Search Domain Scan URL
Title: Portfolio Online, Opens in a new tab
Search URL Search Domain Scan URL
Title: Retirement Plan Access, Opens in a new tab
Search URL Search Domain Scan URL
Title: Financial Planning Tool, Opens in a new tab
Search URL Search Domain Scan URL
Title: Stellar Technology - Fund, Opens in a new tab
Search URL Search Domain Scan URL
Title: Remote Image Deposit, Opens in a new tab
Search URL Search Domain Scan URL
Title: Automated Payables, Opens in a new tab
Search URL Search Domain Scan URL
Title: eReceivables Payment, Opens in a new tab
Search URL Search Domain Scan URL
Title: Loxbox Portal, Opens in a new tab
Search URL Search Domain Scan URL
Title: Smart Returns, Opens in a new tab
Search URL Search Domain Scan URL
Title: Online Payroll, Opens in a new tab
Search URL Search Domain Scan URL
Title: FXEnvoy, Opens in a new tab
Search URL Search Domain Scan URL
Title: Merchant eConnections, Opens in a new tab
Search URL Search Domain Scan URL
Title: Merchant Insights, Opens in a new tab
Search URL Search Domain Scan URL
Title: American Express Supplies, Opens in a new tab
Search URL Search Domain Scan URL
Title: Pay Your Rent / Dues, Opens in a new tab
Search URL Search Domain Scan URL
Title: RemitPoint - Property Management Lockbox, Opens in a new tab
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://cm.everesttech.net/cm/dd?d_uuid=05384097860999747742093029837718806918 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=X4nn9QAAB6DDzlL0
- https://9786468.fls.doubleclick.net/activityi;cat=fcb-u0;ord=1;src=9786468;type=unive0 HTTP 302
- https://9786468.fls.doubleclick.net/activityi;dc_pre=COfPxL3guewCFYTLuwgdScMFuw;cat=fcb-u0;ord=1;src=9786468;type=unive0
- https://fcb-b70-qa.adobecqms.net/content/firstcitizens/en/personal/jcr:content/root/globalLayoutContainer/globalLayoutContainer-parsys/layout_container_158999756/col1/resources.default.json HTTP 301
- https://fcb-b70-qa.adobecqms.net/personal/jcr:content/root/globalLayoutContainer/globalLayoutContainer-parsys/layout_container_158999756/col1/resources.default.json
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
fcb-b70-qa.adobecqms.net/ |
410 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-aem.css
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/ |
283 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
fcb-b70-qa.adobecqms.net/etc.clientlibs/clientlibs/granite/ |
288 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
fcb-b70-qa.adobecqms.net/etc.clientlibs/clientlibs/granite/ |
47 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
answers.min.js
assets.sitescdn.net/answers/v0.13.1/ |
368 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-5a5dc9e26019-staging.min.js
assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/ |
485 KB 115 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.png
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/logos/fcb-logo-horiz-web-2020@2x.png.transform/image-scaled-2x-to-1x/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.jpeg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/home-hero/retail-hero@2x.jpg.transform/image-scaled-2x-to-1x/ |
162 KB 162 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.jpeg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/feature-highlight/feature-highlight-background--home@2x.jpg.transform/image-scaled-2x-to-1x/ |
51 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.png
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-spending@2x.png.transform/image-scaled-2x-to-1x/ |
65 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.png
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-bill-pay@2x.png.transform/image-scaled-2x-to-1x/ |
47 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.png
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-alerts@2x.png.transform/image-scaled-2x-to-1x/ |
57 KB 58 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.jpeg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/promo/associate/ray@2x.jpg.transform/image-scaled-2x-to-1x/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.png
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/promo/associate/ray-signature@2x.png.transform/original/ |
48 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social-media-facebook.svg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/icons/ |
646 B 851 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social-media-twitter.svg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/icons/ |
925 B 977 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social-media-linked-in.svg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/icons/ |
710 B 874 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social-media-youtube.svg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/icons/ |
730 B 876 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forever-first-web.svg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/logos/ |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fcb-logo-brandmark-web.svg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/logos/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mDv7.js
trk.firstcitizens.com/aprs/ |
71 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.svg
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/ |
1 MB 243 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wave-pattern-blue.svg
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/ |
135 KB 43 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wave-pattern-green.svg
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/ |
135 KB 43 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HarmoniaSansStd-Regular.woff2
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ |
19 KB 20 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HarmoniaSansStd-Bold.woff2
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ |
21 KB 21 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HarmoniaSansStd-SemiBd.woff2
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ |
21 KB 21 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
372 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
94 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iMAWebCookie.js
www.sc.pages08.net/lp/static/js/ |
14 KB 14 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-aem.js
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/ |
237 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-dependencies.js
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/ |
0 315 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9NPeKR6xvGo
www.youtube.com/embed/ Frame D9F2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagent_A2SVfqru_10199200831173248.js
js-cdn.dynatrace.com/jstag/16898c892dc/ |
131 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
firstcitizens.demdex.net/ Frame 02DA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=X4nn9QAAB6DDzlL0
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
delivery
firstcitizens.tt.omtrdc.net/rest/v1/ |
286 B 474 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
answerstemplates.compiled.min.js
assets.sitescdn.net/answers/v0.13.1/ |
263 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
activityi;dc_pre=COfPxL3guewCFYTLuwgdScMFuw;cat=fcb-u0;ord=1;src=9786468;type=unive0
9786468.fls.doubleclick.net/ Frame 047F Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resources.default.json
fcb-b70-qa.adobecqms.net/personal/jcr:content/root/globalLayoutContainer/globalLayoutContainer-parsys/layout_container_158999756/col1/ Redirect Chain
|
2 KB 901 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 434 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sys-search@2x.png
fcb-b70-qa.adobecqms.net/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/ |
960 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 492 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 513 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 513 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.jpeg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/resources/personal/budgeting/balancing-your-accounts_2280x1206.jpg.transform/image-scaled-2x-to-1x/ |
173 KB 174 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.jpeg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/resources/personal/family/bank-for-your-family_2280x1206.jpg.transform/image-scaled-2x-to-1x/ |
129 KB 129 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.20200810.jpeg
fcb-b70-qa.adobecqms.net/content/dam/firstcitizens/images/resources/personal/security/in-app-purchases_2280x1206.jpg.transform/image-scaled-2x-to-1x/ |
96 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
igc
trk.firstcitizens.com/aprs/jqo/ |
247 B 939 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
54 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC56edf52b9a324e36af8de6c378309b5d-source.min.js
assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/fee3fb70a522/ |
988 B 773 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s45076843887366
firstcitizens.sc.omtrdc.net/b/ss/fcb-staging/1/JS-2.22.0-LAWA/ |
43 B 396 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
88 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12.b675a789a316190b0b01.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
2 KB 878 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.6e7898d649884aef6f03.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
25 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FeedbackLinkModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
325 B 306 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
45 B 317 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feedback-dkblue-right.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics//siteintercept/ |
442 B 868 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
re3
trk.firstcitizens.com/aprs/ |
157 B 849 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
igc
trk.firstcitizens.com/aprs/jqo/ |
247 B 939 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bf
bf55932nol.bf.dynatrace.com/ |
749 B 889 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bf
bf55932nol.bf.dynatrace.com/ |
289 B 428 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: First Citizens Bank (Banking)71 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| matched object| browser object| Granite function| initAnswers object| ANSWERS function| setImmediate function| clearImmediate object| regeneratorRuntime object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| dataLayer function| gtag function| trackEvent object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| getPayloadDetail function| getComponentRoot function| getComponentName function| getComponentDescription function| getComponentDetails object| dT_ function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| dtrum function| Dropkick function| iFrameResize object| gaplugins object| gaGlobal object| gaData object| ___so34490 object| M number| CLIWHIT string| PSESSIONID string| SSESSIONID object| regex object| match string| LSESSIONID object| __tp number| __gt object| TemplateBundle function| twexieukcl_vcdbx object| QSI object| digitalData object| WAFQualtricsWebpackJsonP-cloud-1.36.1 object| s_i_fcb-staging object| _qsie function| xrwluik_fhevvfid function| tqsiizbrhuzbkclg16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: IDE Value: AHWqTUnOBGjOe9575x50BkRuwSg5BhhprGdDGtOV-pTUP73XJQkTNmgdUo4F1sgb |
|
.demdex.net/ | Name: demdex Value: 05384097860999747742093029837718806918 |
|
.adobecqms.net/ | Name: dtPC Value: -4$273333470_84h6vKFAMRIGJOFKWTEQLJTAJGVAECHUKVKUC-0e1 |
|
.adobecqms.net/ | Name: _gat_gtag_UA_2437458_1 Value: 1 |
|
.adobecqms.net/ | Name: rxvt Value: 1602875134616|1602873333477 |
|
.adobecqms.net/ | Name: _gid Value: GA1.2.1917095243.1602873334 |
|
.adobecqms.net/ | Name: mbox Value: session#f256878210ea470d8f397ba571f5edb5#1602875194|PC#f256878210ea470d8f397ba571f5edb5.37_0#1666118134 |
|
fcb-b70-qa.adobecqms.net/ | Name: site-section Value: personal |
|
.adobecqms.net/ | Name: dtLatC Value: 113 |
|
.adobecqms.net/ | Name: dtSa Value: - |
|
.adobecqms.net/ | Name: AMCVS_E6D235355CF7C1DE0A495EEC%40AdobeOrg Value: 1 |
|
.adobecqms.net/ | Name: rxVisitor Value: 1602873333475IE6L16G60G08L5GBM836H6RBF77MV2SF |
|
.adobecqms.net/ | Name: dtCookie Value: -4$Q72K30F6G6VH3AMQ3OU7IOI28GIH9FHT |
|
.adobecqms.net/ | Name: AMCV_E6D235355CF7C1DE0A495EEC%40AdobeOrg Value: 870038026%7CMCIDTS%7C18552%7CMCMID%7C11448312215200744101553881214944519514%7CMCAAMLH-1603478133%7C6%7CMCAAMB-1603478133%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1602880533s%7CNONE%7CMCSYNCSOP%7C411-18559%7CvVersion%7C5.0.0 |
|
.adobecqms.net/ | Name: _ga Value: GA1.2.758272097.1602873334 |
|
.adobecqms.net/ | Name: at_check Value: true |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9786468.fls.doubleclick.net
assets.adobedtm.com
assets.sitescdn.net
bf55932nol.bf.dynatrace.com
cm.everesttech.net
dpm.demdex.net
fcb-b70-qa.adobecqms.net
firstcitizens.demdex.net
firstcitizens.sc.omtrdc.net
firstcitizens.tt.omtrdc.net
js-cdn.dynatrace.com
siteintercept.qualtrics.com
stats.g.doubleclick.net
trk.firstcitizens.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.sc.pages08.net
www.youtube.com
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com
104.17.209.240
142.250.74.198
15.236.9.100
18.214.167.71
23.21.68.226
2606:4700::6812:7034
2a00:1450:4001:806::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::200e
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9a
2a02:26f0:10c:59b::1e80
3.96.5.142
34.241.138.222
34.247.153.209
52.4.66.119
54.76.90.77
66.117.28.86
99.86.243.49
033cce384207ee8edc8fbdb8805032c9c646af75159925eb7b3a6cacb9e19810
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
112646b6a3606cf96c0fd6e9247351325cb07fdb8801ec5069c9e6213d44945c
133868aa8341136d56d76dd9cb61bc4a605111bc01449159ac1a3e013592ac94
183ef18ace5bd1d06d7d84b586885258874dfd58ef1196d17f2600c4cc8daa93
196ee4f2a14b079610f0f452d8d68337815e8758333e5d165bee9a13d0843209
1ef07013b9e10f8f80a614dc6c2677a566b59c97aa361b441ef009f0aa928084
224402be56723f5881fea7203369b5c08932b73b5973f782d4252622ace26fdc
2ec03e83b01b08cc6ecd6035877d1ccac62884c4a021ecd67f1ce5d14488841a
39545e1b9ab46b9d464f8c248c9f974fa54ae149c5773d7aa218234afc3d68b7
3966f3091c7e9c586b259d00f5f9be81420299206ce4e503d7730436809cd200
3cfe5b84709091e3f61cd770abe298c9c59cb09e706032c9cfa8d1f525f4f487
3de8e54a5c06897f0b373ed4a01e47f1d0bcf172991c16988be944a9e2557595
4117933a86ce0c91525ac4a06a3fea910a0b8798f667ffc73cd7a5bbb45a2cdc
41caf4e6b598d62c5e42e32486414dcae0955bfe4405d24bcd349ed553c1e28d
422ec025073211cbf815dbcfcfe3c342f0fbef633fd440fc0e89262f87eba1ba
449af2e0ae18d06a99c26b116d364d8ca0ac7ba5fe1cd758a6953d94038c6192
512f6f9a1d8ffee576eac71f692d17bb65db8674d8e252fa920cfbe44e27defd
56880c220888346c1dd6b286563a827de59a358ad28362889593113779d6d22b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
66d181b8d9b4353502b5de03f9f0463d2eedb669d71fd93674922a0529a488b9
6acdd0a9a45db4fdcd0bf8aa60d38594a8d7653f7a63368156a5c45b9d7bd2f3
6cdb76a12fdc124b0a3e053eb3be7d2a837afb43e459fdda17416979a95d0220
6f395140cdd1f50b8aa5ed94160888952771aa7c3de5196908e782a28276a057
71a3d262894e1ede2bd30ef543d23ed087e63fa05338e62411828f0f889500e3
75086780e3baf43f8a3cf68f891d0a00f4063c2025cee0654e088fd91ea75b2b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8650c4df5a32ed554d97c9ca0f5442c3e17748cff90a2feef95643c6fa860acd
88650f455541ce1046a7f34e0062e126f70dc7522fa994b881909261b4102069
8ec4955cf8409babc80d8be144ee14fb795dec328c2775178ea9997781429e0c
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
91ad9da82508967f0e7c1bb506d572ea37a703e65450a0dec4bbbe04ab120e16
9f0b41d167efdaf7158ae8e5272c4a22ea6c9925c7f603ff788b9ff6dc1d8761
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a6b56f307227ee4cf42951f15398ca0ede0e934bc62bd09cf02fcd39f5812531
a9d2732ff867dd198256c6981e868f03df8da007e1b80294c26f9f5f90d81622
aa35794c2129769f61f3379e2d170dbbcbe7076722261a9117388f4cbe15a445
ae0a7c36fe14a23ecd69764c8291d05fa00810c4ee9146885a60fcf1a4951d23
ae8b169a3a00e5da3b452394b70fbe8601e45df0951661c56070636f1840b7ad
b871681d1e25b54790b3f594a5ea599388158812429ecd99a39ac9ec5b924fb4
b937804c6a80e27b2ae31f413899d1404d466f62257ce074e8970d3c8553a568
bc7fd0e8be8afc1705ff6f2513999811d056dc28d0231230dc3d1339481571d0
c0b7c76efac50c209dade96fbcc48a62621aafaf239f983a50aaf0c270f0362c
c7e8d012b8af2930a9b2075f6f1b242f44021eb8a90cea16a06ca8c22b4396f4
cf9f2fd27ac0c6ab7fd7643f4b4cf68c8b083eb06fd750eb1169c3a96f47bae3
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
db761aa82220971f4dacd956781ddecbc87a433a7c602ec42e2b0301837f7b4c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1cc10d4ff9404d907346776ed7b6c0cfa012a3a150a001fdfc4b5469a3364ca
e353530eb4cca2e769eb7eed1d7d795bdd0ba013b792ee99292802e26567b0ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c30bc50654922ca9940aede31966832c6ca1ddf161bd9f9690a8dd9edf8e1b
e6879037b7a72b2cf3ac3af397ef1820b7bda111e91fd3afb4de6d9527bee3a0
e6f237d757cba8f53fb2b91b9a57f2584afe694f3a7448da1bf479e24291fe71
ec63eb90ab8df068057937fef6f8d00756faf6f74e121764a7d84572134601ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22ad21b4987de624367e500abe2ce42156b6b31906740711f906fdc98ec3f94
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f9de9b9973d962a29ab06ee1c08082eae0e6eb7876f50e5fc6e204e36527f50e
fa65cd4f38dc90a138e0158183203c0bb5e78197825e878c6abb5c41c37d2b96
faf7cb15d1e0ddf8c697883d15b9dcb2527df78a575a14b2f7adaf0bcad0f3fb
fdb88055ceb15da9b51e572c3f3031815ff7da829602836614a8c6c5265951b2