urlscan.io logo urlscan.io
SecurityTrails logo

netbank.nedsecure.co.za Open in urlscan Pro
168.142.204.33  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://votehumanist.com/NedBank/success.php
Effective URL: https://netbank.nedsecure.co.za/Logoff.bank
Submission Tags: 6049248
Submission: On May 21 via api from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 168.142.204.33, located in South Africa and belongs to IS, ZA. The main domain is netbank.nedsecure.co.za.
TLS certificate: Issued by Entrust Certification Authority - L1M on October 22nd 2018. Valid for: 2 years.
This is the only time netbank.nedsecure.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nedbank (Banking)

Domain & IP information

IP Address AS Autonomous System
6 91.212.150.100 43350 (NFORCE)
19 168.142.204.33 3741 (IS)
25 2
Apex Domain
Subdomains		 Transfer
19 nedsecure.co.za
netbank.nedsecure.co.za
204 KB
6 votehumanist.com
votehumanist.com
23 KB
25 2
Domain Requested by
19 netbank.nedsecure.co.za netbank.nedsecure.co.za
6 votehumanist.com votehumanist.com
25 2

This site contains no links.

Subject Issuer Validity Valid
votehumanist.com
cPanel, Inc. Certification Authority		 2019-05-20 -
2019-08-18		 3 months crt.sh
netbank.nedsecure.co.za
Entrust Certification Authority - L1M		 2018-10-22 -
2020-10-22		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://netbank.nedsecure.co.za/Logoff.bank
Frame ID: F9ACEAD2D46B065B12FC2A1EED423BAE
Requests: 23 HTTP requests in this frame

Frame: https://netbank.nedsecure.co.za/Browser/Common/blank.htm
Frame ID: E6CA0A849E4F0EB672B513D5B57D84CB
Requests: 1 HTTP requests in this frame

Frame: https://netbank.nedsecure.co.za/Browser/Common/blank.htm
Frame ID: CDF2FDE8B1BFDDEA8633AF89F9DCF60C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://votehumanist.com/NedBank/success.php Page URL
  2. https://netbank.nedsecure.co.za/Logoff.bank Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

227 kB
Transfer

795 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://votehumanist.com/NedBank/success.php Page URL
  2. https://netbank.nedsecure.co.za/Logoff.bank Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
success.php
votehumanist.com/NedBank/ 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://votehumanist.com/NedBank/success.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.150.100 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS
Software
Apache /
Resource Hash
753f595016e59740a3dba95e4c71ad6c340c9123817746629d2899d463149700

Request headers

Host
votehumanist.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:01 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
NedbankLogo.gif
votehumanist.com/NedBank/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votehumanist.com/NedBank/images/NedbankLogo.gif
Requested by
Host: votehumanist.com
URL: https://votehumanist.com/NedBank/success.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.150.100 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS
Software
Apache /
Resource Hash
4b37cbf8a4c74b2744c791ee3c1581d5b725c0ff615cbed9d7d456190933572b

Request headers

Referer
https://votehumanist.com/NedBank/success.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:01 GMT
Last-Modified
Mon, 31 Dec 2018 09:59:20 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4722
contactus_up.gif
votehumanist.com/NedBank/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votehumanist.com/NedBank/images/contactus_up.gif
Requested by
Host: votehumanist.com
URL: https://votehumanist.com/NedBank/success.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.150.100 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS
Software
Apache /
Resource Hash
a663a3aa00e6530d72f10b7e61c4ffdd57f9807f0cc9ed79f6741df7bdf99fa4

Request headers

Referer
https://votehumanist.com/NedBank/success.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:01 GMT
Last-Modified
Mon, 31 Dec 2018 09:59:16 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1122
help_up.gif
votehumanist.com/NedBank/images/ 		355 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votehumanist.com/NedBank/images/help_up.gif
Requested by
Host: votehumanist.com
URL: https://votehumanist.com/NedBank/success.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.150.100 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS
Software
Apache /
Resource Hash
e9fadc8afd38992f73991102c2c09c70ecde2458ad834e165833e0c17e16a228

Request headers

Referer
https://votehumanist.com/NedBank/success.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:01 GMT
Last-Modified
Mon, 31 Dec 2018 09:59:16 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
355
logoff_up.gif
votehumanist.com/NedBank/images/ 		383 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votehumanist.com/NedBank/images/logoff_up.gif
Requested by
Host: votehumanist.com
URL: https://votehumanist.com/NedBank/success.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.150.100 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS
Software
Apache /
Resource Hash
7f65261ef6076fdf93ab784443d5dbf9269f5d7ba0be8e1168a8ca7c8c27ff46

Request headers

Referer
https://votehumanist.com/NedBank/success.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:01 GMT
Last-Modified
Mon, 31 Dec 2018 09:59:18 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
383
loading.gif
votehumanist.com/NedBank/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votehumanist.com/NedBank/loading.gif
Requested by
Host: votehumanist.com
URL: https://votehumanist.com/NedBank/success.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.150.100 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS
Software
Apache /
Resource Hash
3d71963b80307efca0ccb06c8394158d0cc141f53aa9f6bee99c8b9470ca6fd7

Request headers

Referer
https://votehumanist.com/NedBank/success.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:01 GMT
Last-Modified
Mon, 31 Dec 2018 09:58:30 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9662
Primary Request Cookie set Logoff.bank
netbank.nedsecure.co.za/ 		326 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a66efe1850915f91cf7e219bc67711061446df760baa3b056647f296fbae8be3

Request headers

Host
netbank.nedsecure.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://votehumanist.com/NedBank/success.php
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://votehumanist.com/NedBank/success.php

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Tue, 21 May 2019 06:21:02 GMT
Content-Length
75611
Set-Cookie
BIGipServer~partition_so-retail~poolprd_nbr-ie-nedbank_11001=3909163180.63786.0000; path=/ TS01d73912=01db7de3379ac194ac3c3a8618ed2e3f48f2c3dc1a9627131ebc034edc93c09ac51b8474b568f6d8d0ccfe8c63bd3f60619e24da5c; Path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
Keep-Alive
jquery-ui-1.8.16.custom.css
netbank.nedsecure.co.za/App_Themes/NedbankTheme/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/jquery-ui-1.8.16.custom.css
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
df5748e607e020b5bb09d92ba17f78d1e0cd09971b3914eef217630081b9c195

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:02 GMT
Content-Encoding
gzip
ETag
"0521fdff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:04 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4590
Expires
Tue, 21 May 2019 08:21:03 GMT
Nedbank.css
netbank.nedsecure.co.za/App_Themes/NedbankTheme/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/Nedbank.css
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
b6d564c22df601ee79a04d8f4c90319ba14fd99fef56580af4a25918aca6b07a

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"0521fdff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:04 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4967
Expires
Tue, 21 May 2019 08:21:03 GMT
JQuery.js
netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/JQuery.js?3.7.0023.0
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a63fd9e18d3dbf8a5e90f695bcf8d33ef712ca44ff1b9486cb6195aabb1e0331

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"0711bb2ebf0d31:0"
Last-Modified
Mon, 21 May 2018 10:08:42 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
27101
Expires
Tue, 21 May 2019 08:21:03 GMT
jquery-ui.min.js
netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/ 		197 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/jquery-ui.min.js?3.7.0023.0
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
7ffc63987f91ebf7d27b5789c91907d6bca04278b158c0f30d9d742c4e9782cd

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"0c8cfeff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:32 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
60301
Expires
Tue, 21 May 2019 08:21:03 GMT
USSDDialog2016.js
netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/ 		27 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/USSDDialog2016.js?3.7.0023.0
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
6d677c61f637349c0276377b14971926c11e24786d26c8ed808849d0698dcdee

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"0f50f1f2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:34 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3585
Expires
Tue, 21 May 2019 08:21:03 GMT
USSDPolling2016.js
netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/ 		68 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/USSDPolling2016.js?3.7.0023.0
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
01b9e3d492b3d1db028325365a9b5b11e830d6a8529be61b2d0f753493d401cf

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"05dd603cad41:0"
Last-Modified
Fri, 22 Jun 2018 15:19:14 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10405
Expires
Tue, 21 May 2019 08:21:03 GMT
Indemnityflow.js
netbank.nedsecure.co.za/Browser/Common/Scripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/Scripts/Indemnityflow.js?3.7.0023.0
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
f750d92809d696eb13ca24509b99ec79fbcd4854b2b8ddfd85eec23e2c108a8f

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"0c8cfeff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:32 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3216
Expires
Tue, 21 May 2019 08:21:03 GMT
MyFinancialLife.js
netbank.nedsecure.co.za/Browser/Common/Scripts/MyFinancialLife/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/Scripts/MyFinancialLife/MyFinancialLife.js?3.7.0023.0
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
de7f53c8184a04810a790a15853dd914c224bdc3e0c8e3aaa60d9725eaf90b73

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"0c8cfeff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:32 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1134
Expires
Tue, 21 May 2019 08:21:04 GMT
RTCCutoff.js
netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/ 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/RTCCutoff.js?3.7.0023.0
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
6cf3f6c6a740c8eb99295946b2f5b6164ee09546b7b699e2937ed54b298dfa32

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"0c8cfeff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:32 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
546
Expires
Tue, 21 May 2019 08:21:04 GMT
DarkHours.js
netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/ 		2 KB
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/DarkHours.js?3.7.0023.0
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d2919555fdb4f3645266b00678a2a7a8f3a5d4047b652781c16b88fd2bbc1129

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"0c8cfeff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:32 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
543
Expires
Tue, 21 May 2019 08:21:04 GMT
BankAccountProducts.js
netbank.nedsecure.co.za/Browser/Common/Scripts/ApplyOnline/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/Scripts/ApplyOnline/BankAccountProducts.js?3.7.0023.0
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ed8a49539c2ab401f972799e4bf8335ab8a61d61491223e309cab74ee04f5c3c

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:03 GMT
Content-Encoding
gzip
ETag
"0c8cfeff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:32 GMT
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
838
Expires
Tue, 21 May 2019 08:21:04 GMT
blank.htm
netbank.nedsecure.co.za/Browser/Common/ Frame E6CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/blank.htm
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Host
netbank.nedsecure.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://netbank.nedsecure.co.za/Logoff.bank
Accept-Encoding
gzip, deflate, br
Cookie
BIGipServer~partition_so-retail~poolprd_nbr-ie-nedbank_11001=3909163180.63786.0000; TS01d73912=01db7de3379ac194ac3c3a8618ed2e3f48f2c3dc1a9627131ebc034edc93c09ac51b8474b568f6d8d0ccfe8c63bd3f60619e24da5c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://netbank.nedsecure.co.za/Logoff.bank

Response headers

Content-Type
text/html
Last-Modified
Mon, 21 May 2018 11:00:34 GMT
Accept-Ranges
bytes
ETag
"0f50f1f2f0d31:0"
X-Powered-By
ASP.NET
Date
Tue, 21 May 2019 06:21:04 GMT
Content-Length
310
Cache-Control
max-age=7200, public
Expires
Tue, 21 May 2019 08:21:04 GMT
LoadScript.aspx
netbank.nedsecure.co.za/Browser/Common/Utils/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/Utils/LoadScript.aspx
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
82574e9d8bda49e8802d8e74098c1f72d4a130e5fd144b895d58b742d89188a6

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
Origin
https://netbank.nedsecure.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 21 May 2019 06:21:04 GMT
Content-Encoding
gzip
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
private
Connection
Keep-Alive
Content-Length
4266
Expires
-1
blank.gif
netbank.nedsecure.co.za/Browser/Common/Scripts/Menu/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netbank.nedsecure.co.za/Browser/Common/Scripts/Menu/blank.gif
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Logoff.bank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://netbank.nedsecure.co.za/Logoff.bank
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:04 GMT
ETag
"0711bb2ebf0d31:0"
Last-Modified
Mon, 21 May 2018 10:08:42 GMT
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=7200, public
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 21 May 2019 08:21:05 GMT
ui-bg_flat_75_ffffff_40x100.png
netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ 		178 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ui-bg_flat_75_ffffff_40x100.png
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/JQuery.js?3.7.0023.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5

Request headers

Referer
https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/jquery-ui-1.8.16.custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:04 GMT
ETag
"0521fdff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:04 GMT
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=7200, public
Accept-Ranges
bytes
Content-Length
178
Expires
Tue, 21 May 2019 08:21:05 GMT
ui-icons_222222_256x240.png
netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ui-icons_222222_256x240.png
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/JQuery.js?3.7.0023.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a2ccfdc001858222885a9df39200840ac7a3f479ba889727d32a10398db7918a

Request headers

Referer
https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/jquery-ui-1.8.16.custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:04 GMT
ETag
"0521fdff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:04 GMT
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=7200, public
Accept-Ranges
bytes
Content-Length
4369
Expires
Tue, 21 May 2019 08:21:05 GMT
ui-bg_highlight-soft_75_005641_1x100.png
netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ 		133 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ui-bg_highlight-soft_75_005641_1x100.png
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/JQuery.js?3.7.0023.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
7c8736463bf40b36031f0025b1c2a64a2856beb77758137355a1c873950e58c5

Request headers

Referer
https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/jquery-ui-1.8.16.custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 06:21:04 GMT
ETag
"0521fdff2f0d31:0"
Last-Modified
Mon, 21 May 2018 11:00:04 GMT
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=7200, public
Accept-Ranges
bytes
Content-Length
133
Expires
Tue, 21 May 2019 08:21:05 GMT
blank.htm
netbank.nedsecure.co.za/Browser/Common/ Frame CDF2 		310 B
605 B 		Document
General
Check archive.org
Download Go to
Full URL
https://netbank.nedsecure.co.za/Browser/Common/blank.htm
Requested by
Host: netbank.nedsecure.co.za
URL: https://netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/JQuery.js?3.7.0023.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.142.204.33 , South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ASP.NET
Resource Hash
464c928b3376e2e1baf265fd3de82ec6a7303650f02baaa4b8ff84e02bf6cad1

Request headers

Host
netbank.nedsecure.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://netbank.nedsecure.co.za/Logoff.bank
Accept-Encoding
gzip, deflate, br
Cookie
BIGipServer~partition_so-retail~poolprd_nbr-ie-nedbank_11001=3909163180.63786.0000; ASP.NET_SessionId=ctk2keemliab1rifkovcd5dl; TS01d73912=01db7de3372eaf6905bd46137ffa1b1e6162cb4baf9627131ebc034edc93c09ac51b8474b5aa9ab885f2d9d7223af3054f2ef71eadfc88eefa302fb51467545775c69e0da9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://netbank.nedsecure.co.za/Logoff.bank

Response headers

Content-Type
text/html
Last-Modified
Mon, 21 May 2018 11:00:34 GMT
Accept-Ranges
bytes
ETag
"0f50f1f2f0d31:0"
X-Powered-By
ASP.NET
Date
Tue, 21 May 2019 06:21:04 GMT
Content-Length
310
Cache-Control
max-age=7200, public
Expires
Tue, 21 May 2019 08:21:05 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nedbank (Banking)

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| showHelp function| $ function| jQuery function| DP_jQuery_1558419664760 object| USSDDialog object| USSDDialog1 function| SetNonceValue object| USSD object| USSD1 object| INdemnity object| IndemnityDialog object| MFL object| MFLDialog object| RTC object| RTCDialog object| Dark object| DarkHourDialog object| BankProduct object| BankProductDialog string| ApplicationPath string| GlobalBrand object| $this object| AJAXPageDisable function| LoadScript function| CreateNamespace object| jsCommon function| ProcessResetPasswordAjaxUSSD string| controlPrefix object| divErrorMsg function| AjaxErrorRetrievingResetPasswordUSSD function| EnableNewAndConfirmPassword object| Nedbank string| pageHelp object| form boolean| _isFutureDatedPayment function| Accept function| getnextUrl function| SubmitOnceOffSinglePayment function| GetPaymentDate function| CalculateAndSetReoccurrenceData function| IsFutureDatedPayment function| CalculateOccurences function| GetDailyOccurrences function| GetWeeklyOccurrences function| GetMonthlyOccurrences function| CalculateNextPaymentDate function| GetNextPaymentDateDaily function| GetNextPaymentDateWeekly function| GetSubFrequencyValue function| GetNextPaymentDateMonthly function| GetSubFrequency function| GetTodayDate function| CreateDateObject function| CalculateEndDate function| GetEndDateMonthly function| GetEndDateWeekly function| GetEndDateDaily function| GetBankApprovedBeneficiaryDropDown function| GetAccountTypeDropDown function| GetFromAccountDropDown function| GetNotificationTypeDropDown function| GetFirstLetterBeneficiaryDropDown function| GetCreditCardBankListDropdown function| GetBankListDropDown function| GetBranchNameDropDown function| GetFirstLetterBranchNameDropDown function| GetBeneficiaryId function| GetNotificationDetail function| Print function| Cancel function| AcceptBoxClicked function| ajaxNoticeInfo function| ShowMenu object| UndoValidateChanges object| ValidateCtrlParms object| ValidateCtrlIds object| ValidateTableParms object| ValidateTableIds string| buildDir boolean| ie4 boolean| ie5_mac boolean| ie55 boolean| ie9 boolean| nn4 boolean| dom boolean| opera boolean| safari string| agent undefined| version object| blank string| sizeOfUpperFrame undefined| warningWin function| ContentResize function| ContentInit function| findPosition string| LoadTime undefined| SubmitTime function| PageGetLoadTime function| PageGetSubmitTime object| BrowserDetect number| NonceValue string| captureRTC function| SelectMenuItem function| SelectRedirect function| SelectRedirect1 function| SelectRedirectToBankproduct object| PageOnLoadEvents object| FormOnSubmitEvents object| EmptyFormOnSubmitEvents function| Events object| jsHtmlControls boolean| docType undefined| bodyRef function| menu function| separator function| item function| html function| reset function| roll function| showMenu function| hideAfter number| wait undefined| hideTimer function| keepOpen function| hide function| hideAll function| debug function| floatMenu object| menus object| framesCommon object| okLink boolean| logoffUser boolean| loggedIn function| TechnicalErrorOnLoad function| ShowOnlyTechError function| WriteErrorHtml function| ClickOk object| footerTimer

3 Cookies

Domain/Path Name / Value
netbank.nedsecure.co.za/ Name: TS01d73912
Value: 01db7de3372eaf6905bd46137ffa1b1e6162cb4baf9627131ebc034edc93c09ac51b8474b5aa9ab885f2d9d7223af3054f2ef71eadfc88eefa302fb51467545775c69e0da9
netbank.nedsecure.co.za/ Name: ASP.NET_SessionId
Value: ctk2keemliab1rifkovcd5dl
netbank.nedsecure.co.za/ Name: BIGipServer~partition_so-retail~poolprd_nbr-ie-nedbank_11001
Value: 3909163180.63786.0000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

netbank.nedsecure.co.za
votehumanist.com
168.142.204.33
91.212.150.100
01b9e3d492b3d1db028325365a9b5b11e830d6a8529be61b2d0f753493d401cf
39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5
3d71963b80307efca0ccb06c8394158d0cc141f53aa9f6bee99c8b9470ca6fd7
464c928b3376e2e1baf265fd3de82ec6a7303650f02baaa4b8ff84e02bf6cad1
4b37cbf8a4c74b2744c791ee3c1581d5b725c0ff615cbed9d7d456190933572b
6cf3f6c6a740c8eb99295946b2f5b6164ee09546b7b699e2937ed54b298dfa32
6d677c61f637349c0276377b14971926c11e24786d26c8ed808849d0698dcdee
753f595016e59740a3dba95e4c71ad6c340c9123817746629d2899d463149700
7c8736463bf40b36031f0025b1c2a64a2856beb77758137355a1c873950e58c5
7f65261ef6076fdf93ab784443d5dbf9269f5d7ba0be8e1168a8ca7c8c27ff46
7ffc63987f91ebf7d27b5789c91907d6bca04278b158c0f30d9d742c4e9782cd
82574e9d8bda49e8802d8e74098c1f72d4a130e5fd144b895d58b742d89188a6
a2ccfdc001858222885a9df39200840ac7a3f479ba889727d32a10398db7918a
a63fd9e18d3dbf8a5e90f695bcf8d33ef712ca44ff1b9486cb6195aabb1e0331
a663a3aa00e6530d72f10b7e61c4ffdd57f9807f0cc9ed79f6741df7bdf99fa4
a66efe1850915f91cf7e219bc67711061446df760baa3b056647f296fbae8be3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6d564c22df601ee79a04d8f4c90319ba14fd99fef56580af4a25918aca6b07a
d2919555fdb4f3645266b00678a2a7a8f3a5d4047b652781c16b88fd2bbc1129
de7f53c8184a04810a790a15853dd914c224bdc3e0c8e3aaa60d9725eaf90b73
df5748e607e020b5bb09d92ba17f78d1e0cd09971b3914eef217630081b9c195
e9fadc8afd38992f73991102c2c09c70ecde2458ad834e165833e0c17e16a228
ed8a49539c2ab401f972799e4bf8335ab8a61d61491223e309cab74ee04f5c3c
f750d92809d696eb13ca24509b99ec79fbcd4854b2b8ddfd85eec23e2c108a8f