mail.begumprinters.com
Open in
urlscan Pro
103.138.150.130
Malicious Activity!
Public Scan
Submission: On December 14 via automatic, source phishtank
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 24th 2020. Valid for: 3 months.
This is the only time mail.begumprinters.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ABSA (Banking)Domain & IP information
ASN139016 (EXONHOST-AS-AP EXONHOST, BD)
PTR: bd01.exonhost.com
mail.begumprinters.com | |
begumprinters.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com | |
googleads.g.doubleclick.net | |
adservice.google.de | |
adservice.google.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN14618 (AMAZON-AES, US)
analytics.sitewit.com |
ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-211-19.compute-1.amazonaws.com
connect.sitewit.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
wp.com
c0.wp.com stats.wp.com pixel.wp.com |
101 KB |
15 |
begumprinters.com
mail.begumprinters.com begumprinters.com |
166 KB |
12 |
absa.co.za
ib.absa.co.za |
43 KB |
6 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
147 KB |
3 |
sitewit.com
analytics.sitewit.com connect.sitewit.com |
21 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net |
|
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
34 KB |
1 |
googletagservices.com
www.googletagservices.com |
28 KB |
1 |
google.com
adservice.google.com |
169 B |
1 |
google.de
adservice.google.de |
169 B |
1 |
googleadservices.com
partner.googleadservices.com |
267 B |
1 |
facebook.com
www.facebook.com |
|
1 |
facebook.net
connect.facebook.net |
74 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
38 KB |
0 |
strongcapitalads.ga
Failed
drake.strongcapitalads.ga Failed |
|
84 | 16 |
Domain | Requested by | |
---|---|---|
15 | c0.wp.com |
begumprinters.com
|
13 | begumprinters.com |
mail.begumprinters.com
c0.wp.com |
12 | ib.absa.co.za |
begumprinters.com
|
4 | pagead2.googlesyndication.com |
begumprinters.com
pagead2.googlesyndication.com |
2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
2 | analytics.sitewit.com |
begumprinters.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | stats.wp.com |
begumprinters.com
|
2 | mail.begumprinters.com |
mail.begumprinters.com
|
1 | connect.sitewit.com |
analytics.sitewit.com
|
1 | pixel.wp.com |
begumprinters.com
|
1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | www.facebook.com |
connect.facebook.net
|
1 | connect.facebook.net |
begumprinters.com
|
1 | www.googletagmanager.com |
begumprinters.com
|
1 | fonts.googleapis.com |
begumprinters.com
|
1 | ajax.googleapis.com |
mail.begumprinters.com
|
0 | drake.strongcapitalads.ga Failed |
begumprinters.com
|
84 | 22 |
This site contains links to these domains. Also see Links.
Domain |
---|
ib.absa.co.za |
www.absa.co.za |
Subject Issuer | Validity | Valid | |
---|---|---|---|
begumprinters.com cPanel, Inc. Certification Authority |
2020-10-24 - 2021-01-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
ib.absa.co.za DigiCert SHA2 Extended Validation Server CA |
2019-06-11 - 2021-07-03 |
2 years | crt.sh |
*.wp.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-02 - 2022-07-05 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
analytics.sitewit.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-10-05 - 2021-11-04 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-11-02 - 2021-01-30 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.sitewit.com Sectigo RSA Domain Validation Secure Server CA |
2020-07-02 - 2021-08-01 |
a year | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://mail.begumprinters.com/css/absa/AbsaOnline.htm
Frame ID: 5CD45CF300E3A7394EB9F8640EEC9238
Requests: 26 HTTP requests in this frame
Frame:
https://begumprinters.com/css/absa/images/dot_002.gif
Frame ID: 80637ADF6F99E083B63F985C386B709E
Requests: 54 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: C8F4E61A460CD5173D15282BDE11E317
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v6.0/plugins/customerchat.php?app_id=&attribution=wordpress&attribution_version=1.7&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c96da2621cbd8%26domain%3Dbegumprinters.com%26origin%3Dhttps%253A%252F%252Fbegumprinters.com%252Ff280849cf5987c8%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=100740878348193&request_time=1607944664758&sdk=joey
Frame ID: 421E580B44309BD5D2B99DD3FEA7E951
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4198446650079178&output=html&adk=318159125&adf=2773238260&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C40%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fmail.begumprinters.com%2Fcss%2Fabsa%2FAbsaOnline.htm&ea=0&flash=0&pra=5&wgl=1&dt=1607944664709&bpp=12&bdt=320&idt=63&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&nras=1&correlator=494125639443&frm=24&ife=1&pv=2&ga_vid=372020198.1607944665&ga_sid=1607944665&ga_hid=1012191504&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1133515155&scr_x=-12245933&scr_y=-12245933&eid=21068769&oid=3&pvsid=2001151138378277&pem=544&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=0.vn35osku4y9l&fsb=1&dtd=78
Frame ID: CCABBB3A877FDEC9605E849DF8B5DCB8
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 480CB436F7BF16375C2A7BB16CD6CAF5
Requests: 1 HTTP requests in this frame
13 Outgoing links
These are links going to different origins than the main page.
Title: Registration
Search URL Search Domain Scan URL
Title: Absa home page
Search URL Search Domain Scan URL
Title: 2018 Tax certificates now available online
Search URL Search Domain Scan URL
Title: Planned Maintenance
Search URL Search Domain Scan URL
Title: Inter-Bank Payment delay
Search URL Search Domain Scan URL
Title: Security enhancement
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Latest scams
Search URL Search Domain Scan URL
Title: Latest internet security software
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Software requirements
Search URL Search Domain Scan URL
Title: Banking regulations
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
84 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
AbsaOnline.htm
mail.begumprinters.com/css/absa/ |
52 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
absa.css
begumprinters.com/css/absa/css/ |
151 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
begumprinters.com/css/absa/css/ |
3 KB 988 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jcaptcha.css
begumprinters.com/css/absa/css/ |
1 KB 445 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
absajslogo.php
begumprinters.com/css/absa/php/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader-2.gif
begumprinters.com/css/absa/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
absa-logo-2018.png
begumprinters.com/css/absa/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ao-logo2.png
begumprinters.com/css/absa/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dot_002.gif
begumprinters.com/css/absa/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locale_en.gif
begumprinters.com/css/absa/images/ |
70 B 137 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
orange_banner_en_2.jpg
begumprinters.com/css/absa/images/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
orange_banner_en_1.jpg
begumprinters.com/css/absa/images/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dot_002.gif
begumprinters.com/css/absa/images/ Frame 8063 |
33 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-navigation-rounded-2018.gif
ib.absa.co.za/absa-online/static/style/resources/ |
100 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite-titlebar-no-gradients-2018.png
ib.absa.co.za/absa-online/static/style/resources/ |
621 B 922 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite-dividers.gif
ib.absa.co.za/absa-online/static/style/resources/ |
289 B 590 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite-corners-rounded.png
ib.absa.co.za/absa-online/static/style/resources/ |
246 B 547 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gadget-bg.png
ib.absa.co.za/absa-online/static/style/resources/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gadget-login-bg.png
ib.absa.co.za/absa-online/static/style/resources/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
icon-questionmark-grey.png
mail.begumprinters.com/css/absa/static/style/resources/ |
33 KB 33 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keypad-bg.gif
ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/keypad/ |
439 B 741 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
key-button.gif
ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/ |
379 B 681 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keypad-backspace.png
ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/ |
209 B 510 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.png
ib.absa.co.za/absa-online/static/style/resources/ |
491 B 792 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buttonArrowWhite.png
ib.absa.co.za/absa-online/static/style/resources/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite-icons-bar-status.png
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
c0.wp.com/c/5.4.4/wp-includes/css/dist/block-library/ Frame 8063 |
52 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors-style.css
c0.wp.com/p/woocommerce/4.4.1/packages/woocommerce-blocks/build/ Frame 8063 |
3 KB 942 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
c0.wp.com/p/woocommerce/4.4.1/packages/woocommerce-blocks/build/ Frame 8063 |
152 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woocommerce-layout.css
c0.wp.com/p/woocommerce/4.4.1/assets/css/ Frame 8063 |
17 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woocommerce-smallscreen.css
c0.wp.com/p/woocommerce/4.4.1/assets/css/ Frame 8063 |
7 KB 996 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woocommerce.css
c0.wp.com/p/woocommerce/4.4.1/assets/css/ Frame 8063 |
61 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 8063 |
5 KB 729 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jetpack.css
c0.wp.com/p/jetpack/8.9/css/ Frame 8063 |
75 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
c0.wp.com/c/5.4.4/wp-includes/js/jquery/ Frame 8063 |
95 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
c0.wp.com/c/5.4.4/wp-includes/js/jquery/ Frame 8063 |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-202051.js
stats.wp.com/ Frame 8063 |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 8063 |
96 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8063 |
133 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.blockUI.min.js
c0.wp.com/p/woocommerce/4.4.1/assets/js/jquery-blockui/ Frame 8063 |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
add-to-cart.min.js
c0.wp.com/p/woocommerce/4.4.1/assets/js/frontend/ Frame 8063 |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js.cookie.min.js
c0.wp.com/p/woocommerce/4.4.1/assets/js/js-cookie/ Frame 8063 |
2 KB 924 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woocommerce.min.js
c0.wp.com/p/woocommerce/4.4.1/assets/js/frontend/ Frame 8063 |
2 KB 695 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cart-fragments.min.js
c0.wp.com/p/woocommerce/4.4.1/assets/js/frontend/ Frame 8063 |
3 KB 966 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
c0.wp.com/c/5.4.4/wp-includes/js/ Frame 8063 |
1 KB 721 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e-202051.js
stats.wp.com/ Frame 8063 |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
drake.strongcapitalads.ga/ Frame 8063 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 8063 |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sw.js
analytics.sitewit.com/v3/408880283/ Frame 8063 |
19 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ Frame 8063 |
254 KB 74 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ Frame 8063 |
1 B 66 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame 8063 |
234 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame C8F4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
det.php
begumprinters.com/ Frame 8063 |
571 B 656 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
customerchat.php
www.facebook.com/v6.0/plugins/ Frame 421E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ Frame 8063 |
207 B 267 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ Frame 8063 |
109 B 169 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ Frame 8063 |
109 B 169 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
googleads.g.doubleclick.net/pagead/ Frame CCAB |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8063 |
74 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.gif
pixel.wp.com/ Frame 8063 |
50 B 92 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sw_connect.js
connect.sitewit.com/js/408880283/ Frame 8063 |
23 B 642 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cq_blank.gif
analytics.sitewit.com/images/ Frame 8063 |
35 B 623 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8063 |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8063 |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 480C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8063 |
0 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fplugins%2Fti-woocommerce-wishlist%2Fassets%2Fcss%2Fpublic.min.css&ver=1.21.4
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fthemes%2Fenvo-shop%2Fcss%2Fbootstrap.css&ver=3.3.7
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fthemes%2Fenvo-shop%2Fcss%2Fmmenu-light.min.css&ver=1.0.4
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fthemes%2Fenvo-shop%2Fstyle.css&ver=1.0.4
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fthemes%2Fenvo-shop%2Fcss%2Fline-awesome.min.css&ver=1.3.0
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159/wp-content/uploads/2020/06/cropped-logo-1.jpg
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159/wp-content/uploads/2020/06/L805-300x300.jpg
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159/wp-content/uploads/2020/06/epson-L3110-300x300.jpg
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159/wp-content/uploads/2020/06/epson-L130-300x300.jpg
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159/wp-content/uploads/woocommerce-placeholder-300x300.png
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159/wp-content/uploads/2020/06/unnamed-300x300.jpg
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fplugins%2Fmailchimp-for-woocommerce%2Fpublic%2Fjs%2Fmailchimp-woocommerce-public.min.js&ver=2.4.5
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fplugins%2Fti-woocommerce-wishlist%2Fassets%2Fjs%2Fpublic.min.js&ver=1.21.4
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fthemes%2Fenvo-shop%2Fjs%2Fbootstrap.min.js&ver=3.3.7
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fthemes%2Fenvo-shop%2Fjs%2Fcustomscript.js&ver=1.0.4
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159%2Fwp-content%2Fthemes%2Fenvo-shop%2Fjs%2Fmmenu-light.min.js&ver=1.0.4
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/det.php?stem=1159/wp-includes/js/wp-emoji-release.min.js?ver=5.4.4
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ABSA (Banking)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| checkPwd function| loginContinue2 function| onForm1Submit object| absa function| google string| siteURL10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
begumprinters.com/ | Name: mailchimp_landing_site Value: https%3A%2F%2Fdrake.strongcapitalads.ga%2Fdet.php%3Fstem%3D1158%2Fdet.php%3Fstem%3D1158%252F%26wc-ajax%3Dget_refreshed_fragments |
|
.begumprinters.com/ | Name: _swa_u Value: 47a38a04-39a1-4cf7-bbfb-42843db76401 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.begumprinters.com/ | Name: tk_lr Value: %22https%3A%2F%2Fmail.begumprinters.com%2Fcss%2Fabsa%2FAbsaOnline.htm%22 |
|
.begumprinters.com/ | Name: tk_r3d Value: %22https%3A%2F%2Fmail.begumprinters.com%2Fcss%2Fabsa%2FAbsaOnline.htm%22 |
|
.begumprinters.com/ | Name: _ga Value: GA1.2.372020198.1607944665 |
|
.begumprinters.com/ | Name: tk_or Value: %22https%3A%2F%2Fmail.begumprinters.com%2Fcss%2Fabsa%2FAbsaOnline.htm%22 |
|
.begumprinters.com/ | Name: __gads Value: ID=7f38aa12784b41e4-2245db4d8ba600fe:T=1607944664:RT=1607944664:S=ALNI_MYx4m54lgJ5wqwOzUw1LJfUFB93ng |
|
.begumprinters.com/ | Name: _gat_gtag_UA_148469881_1 Value: 1 |
|
.begumprinters.com/ | Name: _gid Value: GA1.2.571509258.1607944665 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.sitewit.com
begumprinters.com
c0.wp.com
connect.facebook.net
connect.sitewit.com
drake.strongcapitalads.ga
fonts.googleapis.com
googleads.g.doubleclick.net
ib.absa.co.za
mail.begumprinters.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
stats.wp.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
drake.strongcapitalads.ga
103.138.150.130
169.202.9.74
172.217.22.2
192.0.76.3
192.0.77.37
2600:1f18:243f:2d01:5781:9259:3780:5373
2a00:1450:4001:800::2002
2a00:1450:4001:801::200a
2a00:1450:4001:808::2008
2a00:1450:4001:814::200a
2a00:1450:4001:81d::2001
2a00:1450:4001:81f::2002
2a00:1450:4001:820::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.82.211.19
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
097dcc4e28686dcbbec7f504955c90ae983c52dc92a5e691470176d9c598328a
0d6e90cc11a257e94b6fc4d594e2c68d255cfa865e24d0abae16d35693a6ae8c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
1723fd2bd8c98417e8739ab2853cb92dfb0e50113a7a9726d2cceb69d00eea05
1a26395eab756d476a44492edba11fbb4dfe44d42ed1599f04fdef5ea18ac954
1ae32e985455f30900d774e13ba435d030c547c7f68f7383c3e060e870e2e038
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
21b1c346a04696c68f33050088b8bbda850a1d9c015bd70df23d7bb34f6d0e1c
31d4c1cd3bf18363ff7643f87a54fecd70376fed89cd5805ced2e323127fa334
33d2293d7b742271810040755b03ce1bc1bf4c4ba537de2563d22539c7b0dcd9
3c243a2d63452b7a8392cdf93e637ec423b3241149831b2082283063d1e34413
3d9062add3a3419de36dac8b09af9960e412c570e256cbe5ca6c0910b30d9aef
3f596c191ddbe25572cfb3ace361b84724d6dd5ac3a486ed5cbbfde21865163f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c526a8ac3b7f6304c22445b81f50b2614373ceb70bb200c1af33fdb7481f0e7
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6a1423dcdc9a531df9d5dfc5a1ea720eec868eda0a56e1580a0c71c69e79b8fe
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f815600ce71d197cc62dbcbdc44f3397cec471546dda6a243b0ce622a48f704
7772a9cc35fc902c0cccb8871670ec3e45e4695e1bc6941aee1c24db3de8c544
7c489dd2e13acb8940f20b68b9ae2225c53d71643b08609834043c174c4cedaa
80d39702e0f3d7d8359686a4ff20971ef465c1f8d590ed8748079ffd486055c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
946e3771efeabcf9a23d88089ce6ef6cb94531e36775004483fd8e237275dc29
9bf96b99c7d67787d9b37c7063b4b1a6f48270261a5eb3fd591376687b631052
9f8e9f22e07c69671b529f27fbd307da8409f499fc844e686a1efe81aa74de45
a0bfd5bef65c754b35599a259b2aa7373857a385802d705f090ea4fef18470be
ada2e972abcb9493c9b709ce52c1b2122b0320a9ec37d4c5ca13a132dfda11e1
ae3f857e0ecebdf3782b884b2bb1937e67b065af2f5f1c813588cb94d4c8ba82
b21856646facadad8c17467be3b8a827e2fe85956559b41011040134c88b01a4
b2a69df0d82365bf7a07a5205972818c68d95aba64e13c42d6eaea8e534548f3
b6b693de4c17c014dad29abe5294359606104283674d45ee8348e9dc731ff540
b90e9d891c1b60bbb442d0c18a93bef607f0c49854a151e204bb66ca409ca1e4
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bdeef2e16c3c26f27cb1607e9b5b4370b0907150d5fa5a9a1bca38901026d851
be3c0c344f95514f458bb69996d2b7e20a5edd584a62dc3072a6d2be615269dd
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c27aee2360a4554999091c3f4acbe28c3e0badb1484d2aee914e1d8b4f7ace1f
c300b2811698bc68ed2928ff2686ed40e21753f1d308956268f567ab2149e576
c66a747ea5c78d9a59e00f76f285ea5367ad6e9b5285f1aad18ec87572bf8ceb
c71b243fedf9d5386f4b0d649991e7612c2f6405b13ffad130553f05b692f194
d3dbb7567bec3fa266960ee53ee72d534e1834e481ff502a0901fcb32af7ff23
d6d7f89894e8236e22c4a5c50b52b11e1ea7603cea5cc7e665d1363f6ab6b995
d7af19230979e79830e6ec831a56423468385e2cc7bc294a09fb087aba551492
dbdc69769919eb9de6942ac447a2b029681b71b36c0154e7bee12977063b1f42
dc115bfea8a92ce5f9bc8b58de195488451e194042569132f08cfe4436737c30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5bd1cfaace748c07f5c9bc61b20b721b87e82324ee0d57534b2b273e48bde44
eae2795b5a018bdc3a805827321cff5f4c8c7aaf5ae45a800b395a36cbedd4e3
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fcb853255d453255606fccd0f824acbdb506446730fd2e444886683af4646bab
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
ff92a2936fef1d863f847d12bca7a3d9e1e946511648650fcc6a0a1ebbeec2e9