urlscan.io logo urlscan.io
SecurityTrails logo

portal.nedsecure.co.za Open in urlscan Pro
168.142.240.191  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnp...
Submission: On October 12 via manual from HK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 168.142.240.191, located in Johannesburg, South Africa and belongs to IS, ZA. The main domain is portal.nedsecure.co.za.
TLS certificate: Issued by Entrust Certification Authority - L1M on September 5th 2017. Valid for: 2 years.
This is the only time portal.nedsecure.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 168.142.240.191 3741 (IS)
1 104.111.233.57 16625 (AKAMAI-AS)
1 104.108.55.167 16625 (AKAMAI-AS)
1 23.210.248.226 16625 (AKAMAI-AS)
24 4
21    168.142.240.191 (Johannesburg, South Africa)

ASN3741 (IS, ZA)
portal.nedsecure.co.za
1    104.111.233.57 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-233-57.deploy.static.akamaitechnologies.com
assets.secure.checkout.visa.com
1    104.108.55.167 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-55-167.deploy.static.akamaitechnologies.com
www.mastercard.com
1    23.210.248.226 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-226.deploy.static.akamaitechnologies.com
www.paypalobjects.com
Domain Requested by
21 portal.nedsecure.co.za portal.nedsecure.co.za
1 www.paypalobjects.com portal.nedsecure.co.za
1 www.mastercard.com portal.nedsecure.co.za
1 assets.secure.checkout.visa.com portal.nedsecure.co.za
24 4

This site contains no links.

Subject Issuer Validity Valid
portal.nedsecure.co.za
Entrust Certification Authority - L1M		 2017-09-05 -
2019-09-05		 2 years crt.sh
checkout.visa.com
GeoTrust RSA CA 2018		 2018-06-19 -
2019-12-18		 a year crt.sh
www.mastercard.com
Entrust Certification Authority - L1K		 2018-06-06 -
2020-09-05		 2 years crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2018-08-14 -
2020-08-18		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Frame ID: D8F027AE43D197303F6C11ED2C70C88C
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
  • url /\.aspx(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
  • url /\.aspx(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

449 kB
Transfer

441 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set Authorise.aspx
portal.nedsecure.co.za/DiVert/ 		68 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
a1032765d507ca230f134d5d751a773ebfd77a72fc6657e4e3ff75234b1b8904

Request headers

Host
portal.nedsecure.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Server
Microsoft-IIS/8.0
Set-Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo; path=/; secure; HttpOnly
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Fri, 12 Oct 2018 00:57:25 GMT
Content-Length
69318
bootstrap.min.css
portal.nedsecure.co.za/Scripts/bootstrap/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/Scripts/bootstrap/css/bootstrap.min.css
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:25 GMT
Last-Modified
Fri, 04 Nov 2016 12:06:32 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"09496e19336d21:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
121200
normalize.css
portal.nedsecure.co.za/Scripts/bootstrap/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/Scripts/bootstrap/css/normalize.css
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
d65bf66f0c26374e0550145b264b5dbdfb7e6b78c48e2e68453583878bc30801

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:25 GMT
Last-Modified
Thu, 02 Jun 2016 08:09:32 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"086c717a6bcd11:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
7279
font-awesome.min.css
portal.nedsecure.co.za/Scripts/bootstrap/css/ 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/Scripts/bootstrap/css/font-awesome.min.css
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:25 GMT
Last-Modified
Tue, 31 May 2016 07:58:40 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0b8543e12bbd11:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
29063
jquery.min.js
portal.nedsecure.co.za/Scripts/jquery/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/Scripts/jquery/js/jquery.min.js
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:25 GMT
Last-Modified
Fri, 04 Nov 2016 12:07:12 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0186ef99336d21:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
86709
bootstrap.min.js
portal.nedsecure.co.za/Scripts/bootstrap/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/Scripts/bootstrap/js/bootstrap.min.js
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:25 GMT
Last-Modified
Fri, 04 Nov 2016 12:06:44 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0a2bde89336d21:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
37045
jquery.browser.min.js
portal.nedsecure.co.za/Scripts/jquery/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/Scripts/jquery/js/jquery.browser.min.js
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
4752051d3d0c5a46e0bbabd7813e1113b4d24f844e2c36512ada5165e67f29ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:25 GMT
Last-Modified
Fri, 03 Jun 2016 06:17:04 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"030128c5fbdd11:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2595
viewportSize-min.js
portal.nedsecure.co.za/Scripts/ 		784 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/Scripts/viewportSize-min.js
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
898f28c3ab4949245f08caa675104e92ec71afbce8d9e048a74cc2eb147e341c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Wed, 01 Jun 2016 10:50:44 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0da5372f3bbd11:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
784
respond.min.js
portal.nedsecure.co.za/Scripts/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/Scripts/respond.min.js
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Fri, 09 Mar 2018 14:21:54 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0ed16f9b1b7d31:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4860
WebResource.axd
portal.nedsecure.co.za/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nedsecure.co.za/WebResource.axd?d=oohe2w_CcYWw_E0-IUlx3RmfWjEfYxAt--0_U-5jgY2ewvF9Ed1qxOhR5Nv76lQSib-JaPZKbqjppGE9CED1Hllp9kkkXlqCPXUKAuOh6BM1&t=636681675604795562
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Thu, 26 Jul 2018 00:06:00 GMT
Server
Microsoft-IIS/8.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
23063
Expires
Fri, 11 Oct 2019 03:02:45 GMT
StreamImage.aspx
portal.nedsecure.co.za/Common/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Common/StreamImage.aspx?filepath=%5c%5c105iveridbpr01%5cBackOfficeFiles%5cLogo%5cDiVert%5c262269%5cWestin_logo+JPG.jpg
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
63a8150986912d7ba809f0c8e3206cd8fc479f29e0d62dbf11835f5622a07c65

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Cache-Control
private
Server
Microsoft-IIS/8.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
6013
Content-Type
text/html
CardImages.png
portal.nedsecure.co.za/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/CardImages.png
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
91d09267e51dab45222c916f8146366e812bb3f72a8a3118fd6c13657dcaed9e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Mon, 12 Sep 2016 06:59:58 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"a96ac46c3cd21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3111
POS_vertical_large_49x31_wht01.png
assets.secure.checkout.visa.com/VmeCardArts/partner/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.secure.checkout.visa.com/VmeCardArts/partner/POS_vertical_large_49x31_wht01.png
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.233.57 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-233-57.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5d5d4278113eb9c49b5c75791578ab17691280a029b72f8dc9de5bce7d1230a4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000;includeSubdomains
X-CORRELATION-ID
1_1539277404_344_677_l73p098_ARM
X-Content-Security-Policy-Report-Only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Security-Policy-Report-Only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Connection
keep-alive
Content-Length
1584
X-XSS-Protection
1; mode=block
X-SERVED-BY
l73p012
v-token
1_{001}:AARQMTZBLAWgT4C8NXNTu+F38b3kfK25fYCun5E9B5nL6QuQi0eqSEjPBznUyP8feel5xWUK7hcqg0TnYfzxUyX/bGgyxBCIPVGM1VrOMjucXQRDY04v4WR7qKL5h98w+ug6AxA/6KFs8U3tBzUgBh5qoh2huO5p/zQjbJsiqjTWPGGWz/zFMH94v4vTzUY0u76FqYNhOESNIzna7nJ3NJHqHvCYN+z4v+jqXshJMhip9IhlIe8Fg98KFTwYc7wKEK4dFyhZ0SqL0nkPjrEHPOyjm3kClA1QDmG1Siss0lqKeFwoDrQgoJLFMb6IC0gIxWpl/7xPDe9ABHgRi5P45xhiJIBf3LKYUVyX2/27zELwsTxtKiyPyGUEE2/dCnfrCsRm/bHkpIT4jk6laQhWGQlpy8qFmLhFVpE+rMfcg57A/w==
Allow
X-APP-STATUS
200
Server
Apache
Date
Fri, 12 Oct 2018 00:57:27 GMT
X-WebKit-CSP-Report-Only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Pragma
no-cache
Cache-Control
private, must-revalidate, max-age=3600
Content-Type
image/png;charset=UTF-8
X-Content-Type-Options
nosniff
mp_mc_acc_030px_gif.gif
www.mastercard.com/mc_us/wallet/img/en/ZA/ 		290 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mastercard.com/mc_us/wallet/img/en/ZA/mp_mc_acc_030px_gif.gif
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.55.167 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-55-167.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37defe65218fc992d0210794cea5f760d7a1da40bd8a862a44ef51d0e390de49

Request headers

Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:27 GMT
Last-Modified
Sun, 25 Mar 2018 06:49:38 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"122-568370fab1ba2"
Content-Length
290
Content-Type
image/gif
pp-logo-100px.png
www.paypalobjects.com/webstatic/mktg/Logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/Logo/pp-logo-100px.png
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c52172011ba565ee2f7be9bb7e30237b1ff85a551dcc73f6cfecc6b4cd7088f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Oct 2018 00:57:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Aug 2014 21:13:43 GMT
server
Apache
strict-transport-security
max-age=31536000
p3p
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
status
200
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-type
image/png
content-length
4647
expires
Fri, 12 Oct 2018 00:57:27 GMT
required.png
portal.nedsecure.co.za/Images/ 		728 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/required.png
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
6623fe531dead6e414bde72865140aa6f58f7db9ec03905427ed73d92c51c987

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Thu, 17 Aug 2017 11:25:38 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"06588d4b17d31:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
728
question.png
portal.nedsecure.co.za/Images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/question.png
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
4060db1d72e2c37b11fcbd4dc69d2823014a1f782df2776e4317fc20ad3a8ff7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Fri, 27 May 2016 13:23:26 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"05b3df31ab8d11:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
12284
visa.png
portal.nedsecure.co.za/Images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/visa.png
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
fa0d1af63d584d7548e0c425693734966c2dd5eee972f1ee35c05b14b0804a06

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Fri, 09 Mar 2018 14:21:54 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0ed16f9b1b7d31:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1416
mastercard.png
portal.nedsecure.co.za/Images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/mastercard.png
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
aa3b551dc7b2022eead264a269f9e1f94fb01173902a96821e18094cf17d519a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Fri, 09 Mar 2018 14:21:54 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0ed16f9b1b7d31:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1461
amex.png
portal.nedsecure.co.za/Images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/amex.png
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
532294b194e7a6b5304116ac626868141fbf808cd1e235f724160aca51fddf6f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Fri, 27 May 2016 13:21:34 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0837bb01ab8d11:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5625
diners.png
portal.nedsecure.co.za/Images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/diners.png
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
854f781bb39495970086f5f9023f8c52d2da9b5b0161832ca026de232a2efb2c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Fri, 27 May 2016 13:21:34 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0837bb01ab8d11:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2523
3dsecure_visa.jpg
portal.nedsecure.co.za/Images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/3dsecure_visa.jpg
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
d41b08d48e91882832d3b4bee8b04f7cf985de6b5582ad4908c7866006e64edc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Fri, 27 May 2016 13:21:34 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0837bb01ab8d11:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
6186
3dsecure_mastercard.jpg
portal.nedsecure.co.za/Images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/3dsecure_mastercard.jpg
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
1fd333a7214ca4246ca11f6252057791268d7d4730d502245e884ae85794dacf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:28 GMT
Last-Modified
Fri, 27 May 2016 13:21:34 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0837bb01ab8d11:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
15322
3dsecure_amex.jpg
portal.nedsecure.co.za/Images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.nedsecure.co.za/Images/3dsecure_amex.jpg
Requested by
Host: portal.nedsecure.co.za
URL: https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.142.240.191 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
94d5280d25803522a5c0f165ea43f4a732dcffc959f5b5d6041e5ff0581dfd37

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
portal.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
Cookie
ASP.NET_SessionId=5qwza5apo51tduv3bse2sgbo
Connection
keep-alive
Cache-Control
no-cache
Referer
https://portal.nedsecure.co.za/DiVert/Authorise.aspx?RequestId=%7BEF6992D1-9E38-474D-A7EF-5CF474721F99%7D&SecurityToken=dFpHSnpEVG1rSFF3OEcvV1Y0N0thMndCY3RhMk1tNVQ4K0F0VkRJTks5ST01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 00:57:26 GMT
Last-Modified
Fri, 27 May 2016 13:21:34 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0837bb01ab8d11:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
8516

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQBrowser object| viewportSize object| respond object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| setPaymentMethod function| mediaQueriesSupported function| trim function| checkSubmitRequiredFields function| disableButtonOnClick function| positionTooltip function| onVisaCheckoutReady function| paypalCheckoutReady

1 Cookies

Domain/Path Name / Value
portal.nedsecure.co.za/ Name: ASP.NET_SessionId
Value: 5qwza5apo51tduv3bse2sgbo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.secure.checkout.visa.com
portal.nedsecure.co.za
www.mastercard.com
www.paypalobjects.com
104.108.55.167
104.111.233.57
168.142.240.191
23.210.248.226
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0c52172011ba565ee2f7be9bb7e30237b1ff85a551dcc73f6cfecc6b4cd7088f
1fd333a7214ca4246ca11f6252057791268d7d4730d502245e884ae85794dacf
37defe65218fc992d0210794cea5f760d7a1da40bd8a862a44ef51d0e390de49
4060db1d72e2c37b11fcbd4dc69d2823014a1f782df2776e4317fc20ad3a8ff7
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4752051d3d0c5a46e0bbabd7813e1113b4d24f844e2c36512ada5165e67f29ef
532294b194e7a6b5304116ac626868141fbf808cd1e235f724160aca51fddf6f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5d5d4278113eb9c49b5c75791578ab17691280a029b72f8dc9de5bce7d1230a4
63a8150986912d7ba809f0c8e3206cd8fc479f29e0d62dbf11835f5622a07c65
6623fe531dead6e414bde72865140aa6f58f7db9ec03905427ed73d92c51c987
854f781bb39495970086f5f9023f8c52d2da9b5b0161832ca026de232a2efb2c
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
898f28c3ab4949245f08caa675104e92ec71afbce8d9e048a74cc2eb147e341c
91d09267e51dab45222c916f8146366e812bb3f72a8a3118fd6c13657dcaed9e
94d5280d25803522a5c0f165ea43f4a732dcffc959f5b5d6041e5ff0581dfd37
a1032765d507ca230f134d5d751a773ebfd77a72fc6657e4e3ff75234b1b8904
aa3b551dc7b2022eead264a269f9e1f94fb01173902a96821e18094cf17d519a
d41b08d48e91882832d3b4bee8b04f7cf985de6b5582ad4908c7866006e64edc
d65bf66f0c26374e0550145b264b5dbdfb7e6b78c48e2e68453583878bc30801
e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa0d1af63d584d7548e0c425693734966c2dd5eee972f1ee35c05b14b0804a06