masterfornews.com
Open in
urlscan Pro
23.109.82.247
Malicious Activity!
Public Scan
Submission: On June 05 via api from US — Scanned from NL
Summary
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.
This is the only time masterfornews.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 23.109.82.247 23.109.82.247 | 7979 (SERVERS-COM) (SERVERS-COM) | |
1 | 23.109.248.162 23.109.248.162 | 7979 (SERVERS-COM) (SERVERS-COM) | |
1 | 172.255.6.135 172.255.6.135 | 7979 (SERVERS-COM) (SERVERS-COM) | |
26 | 8.241.9.250 8.241.9.250 | 3356 (LEVEL3) (LEVEL3) | |
1 | 23.109.82.45 23.109.82.45 | 7979 (SERVERS-COM) (SERVERS-COM) | |
9 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:829::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2006 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2016 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
72 | 15 |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
futurecdn.net
cdn.mos.cms.futurecdn.net — Cisco Umbrella Rank: 14922 |
15 MB |
21 |
masterfornews.com
masterfornews.com — Cisco Umbrella Rank: 913985 |
172 KB |
9 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 99 |
956 KB |
4 |
googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 259 |
31 KB |
4 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
48 KB |
3 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 static.doubleclick.net — Cisco Umbrella Rank: 311 |
1 KB |
1 |
ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 250 |
6 KB |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 122 |
5 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
15 KB |
1 |
majomalonic.com
majomalonic.com |
2 KB |
1 |
gristleupanaya.com
gristleupanaya.com |
2 KB |
1 |
sutiletoroid.com
sutiletoroid.com |
1 KB |
72 | 12 |
Domain | Requested by | |
---|---|---|
26 | cdn.mos.cms.futurecdn.net |
masterfornews.com
|
21 | masterfornews.com |
masterfornews.com
|
9 | www.youtube.com |
masterfornews.com
www.youtube.com |
4 | jnn-pa.googleapis.com |
www.youtube.com
|
2 | www.gstatic.com |
www.youtube.com
www.gstatic.com |
2 | googleads.g.doubleclick.net |
1 redirects
www.youtube.com
|
2 | fonts.gstatic.com |
www.youtube.com
|
1 | yt3.ggpht.com |
www.youtube.com
|
1 | i.ytimg.com |
www.youtube.com
|
1 | www.google.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | majomalonic.com |
masterfornews.com
|
1 | gristleupanaya.com |
masterfornews.com
|
1 | sutiletoroid.com |
masterfornews.com
|
72 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.richardcobbett.com |
www.pcgamer.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
masterfornews.com R3 |
2023-04-28 - 2023-07-27 |
3 months | crt.sh |
sutiletoroid.com R3 |
2023-04-23 - 2023-07-22 |
3 months | crt.sh |
gristleupanaya.com R3 |
2023-05-14 - 2023-08-12 |
3 months | crt.sh |
*.futurecdn.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-06 - 2023-07-06 |
a year | crt.sh |
majomalonic.com R3 |
2023-05-28 - 2023-08-26 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://masterfornews.com/news/27291915/?utm_campaign=promo
Frame ID: C1B2D51F5538BEBA58CADC56CCF0DE51
Requests: 50 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/NP45b63Rzdc
Frame ID: 1EE9271FF4222336F3DC58D603E2276B
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Master of NewsDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Slick (JavaScript Libraries) Expand
Detected patterns
- (?:/([\d.]+))?/slick(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Richard Cobbett
Search URL Search Domain Scan URL
Title: Colonization
Search URL Search Domain Scan URL
Title: as the baddies
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 56- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
masterfornews.com/news/27291915/ |
31 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
masterfornews.com/assets/css/ |
111 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
masterfornews.com/assets/css/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.css
masterfornews.com/assets/css/ |
45 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font.css
masterfornews.com/assets/css/ |
478 B 578 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
li-scroller.css
masterfornews.com/assets/css/ |
655 B 708 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slick.css
masterfornews.com/assets/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.fancybox.css
masterfornews.com/assets/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.css
masterfornews.com/assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
masterfornews.com/assets/css/ |
35 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
50245
sutiletoroid.com/pQ31BzQmm1ENszad/ |
6 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
50246
gristleupanaya.com/f3h4KShLN4mdHRx/ |
6 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
masterfornews.com/images/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dVUebmTdCqZFmESNSzYAnP.jpg
cdn.mos.cms.futurecdn.net/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vQUmLixSwUdc8LNjo8uya3.jpg
cdn.mos.cms.futurecdn.net/ |
159 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Kpk2kvGhurFqEY6q22TuQ4.jpg
cdn.mos.cms.futurecdn.net/ |
3 MB 3 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dD9cBdn4nXtTrv2Ltfr9Hi.png
cdn.mos.cms.futurecdn.net/ |
990 KB 992 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ayyxVW7t2JcXKurmsSW4rW.jpg
cdn.mos.cms.futurecdn.net/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
myrjAsRZDZknabDgnHimvk.jpg
cdn.mos.cms.futurecdn.net/ |
1016 KB 1018 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gjudeerEgtACj5tYfHn7kX.jpg
cdn.mos.cms.futurecdn.net/ |
65 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
awNNjtCtJC6FrxQzyux2i5.jpg
cdn.mos.cms.futurecdn.net/ |
585 KB 586 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ogP47EqegnX75UomHmAiAc.jpg
cdn.mos.cms.futurecdn.net/ |
744 KB 745 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
50247
majomalonic.com/tYacuv7I0HO/ |
5 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adkZzW9AdES7jfAnwpeXKY.jpg
cdn.mos.cms.futurecdn.net/ |
378 KB 379 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2d0c135ea1d775c44a4cc6534ca7c2e3.jpg
cdn.mos.cms.futurecdn.net/ |
62 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1283237e77fa2d88ecb1da3b960f6c03.jpg
cdn.mos.cms.futurecdn.net/ |
94 KB 95 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ef9a7c376980c07dee2d5846c643e924.jpg
cdn.mos.cms.futurecdn.net/ |
106 KB 107 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f0b466f7881d26034dc00abe8fc5b090.jpg
cdn.mos.cms.futurecdn.net/ |
105 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
03afcbaff64eb97ea9d40db3fb9d98b6.jpg
cdn.mos.cms.futurecdn.net/ |
105 KB 105 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5615e1bf4bc725c3b66f2730819197b7.jpg
cdn.mos.cms.futurecdn.net/ |
116 KB 116 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d3a7092d856c8d035f7ead8e2dd84d6b.jpg
cdn.mos.cms.futurecdn.net/ |
135 KB 136 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d7669490c5b65ed3d379c5d3c3bb89b4.jpg
cdn.mos.cms.futurecdn.net/ |
134 KB 135 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e8533cc81254cac387f1a3344d145b8a.jpg
cdn.mos.cms.futurecdn.net/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2555d84455daa3f977cfd5d5cc7bfd56.jpg
cdn.mos.cms.futurecdn.net/ |
115 KB 116 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67c666d8686b510b9818a82ea733a69d.jpg
cdn.mos.cms.futurecdn.net/ |
52 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FAd6unHPWd6nagnzhbJTq8.jpeg
cdn.mos.cms.futurecdn.net/ |
168 KB 169 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u2rhDQdgasqrtdByVGxABP.jpg
cdn.mos.cms.futurecdn.net/ |
309 KB 310 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pVMPobdrC6ic3vHHbpo4H6.jpg
cdn.mos.cms.futurecdn.net/ |
3 MB 3 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pgxsrA8A8ouGrYzY3SKBMZ.jpg
cdn.mos.cms.futurecdn.net/ |
373 KB 374 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NzfC9MDJnvpUeiTyptCLFj.jpg
cdn.mos.cms.futurecdn.net/ |
353 KB 354 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
masterfornews.com/assets/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wow.min.js
masterfornews.com/assets/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
masterfornews.com/assets/js/ |
35 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slick.min.js
masterfornews.com/assets/js/ |
31 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.li-scroller.1.0.js
masterfornews.com/assets/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.newsTicker.min.js
masterfornews.com/assets/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.fancybox.pack.js
masterfornews.com/assets/js/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.js
masterfornews.com/assets/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NP45b63Rzdc
www.youtube.com/embed/ Frame 1EE9 |
72 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
status.gif
masterfornews.com/assets/css/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Oswald-Regular-400.woff
masterfornews.com/assets/fonts/ |
19 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-player.css
www.youtube.com/s/player/f55759b8/ Frame 1EE9 |
406 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1EE9 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1EE9 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-embed-player.js
www.youtube.com/s/player/f55759b8/www-embed-player.vflset/ Frame 1EE9 |
306 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
www.youtube.com/s/player/f55759b8/player_ias.vflset/nl_NL/ Frame 1EE9 |
2 MB 741 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fetch-polyfill.js
www.youtube.com/s/player/f55759b8/fetch-polyfill.vflset/ Frame 1EE9 |
9 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
googleads.g.doubleclick.net/pagead/ Frame 1EE9 Redirect Chain
|
100 B 242 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame 1EE9 |
29 B 494 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1EE9 |
68 KB 31 KB |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
remote.js
www.youtube.com/s/player/f55759b8/player_ias.vflset/nl_NL/ Frame 1EE9 |
116 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eee_KjLo8HjJC2kczPWeD_UvQFOi_GikGCFFwzkCqeE.js
www.google.com/js/th/ Frame 1EE9 |
37 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.jpg
i.ytimg.com/vi/NP45b63Rzdc/ Frame 1EE9 |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
embed.js
www.youtube.com/s/player/f55759b8/player_ias.vflset/nl_NL/ Frame 1EE9 |
29 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1EE9 |
175 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FPHT1gfOZNvWAuYNEQwr6BzkgUZ2YUTE2bJC8n0W4vM7W2TjavFv05UzatXinH0M3ub6hwVgrQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 1EE9 |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1EE9 |
90 B 134 B |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1EE9 |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
www.youtube.com/ Frame 1EE9 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/eureka/clank/114/ Frame 1EE9 |
51 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log_event
www.youtube.com/youtubei/v1/ Frame 1EE9 |
28 B 54 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| WOW object| jQuery111107257393435071746 object| wow object| now number| year10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
masterfornews.com/ | Name: GL_UI4 Value: eJw9jVtOwzAURPNOgSYwUhbAEuI0qPQTsQg%2BIz9uU9PErhyTiN1jIcHXHI3OaKIoSppHxGuRIf3iL3imTgqmpKCj4q%2FHjtGB04kfzqoTfd%2BfBO70MnguJvIZdsvMnR%2F8mmE%2FkiGn5SCtogpPwfprrsZuJkMuHDeqQj4HY6pQCme3hVyTIjN8JhTvF2dD5jP%2FtA4pY31gbQLHLRK7NGl9j%2FJDGxWG9R4Ja%2Bu6iPBwm7g%2FWzcPWhUx8tFxRYjfsJPc02jdN0pFy9XbG2AnNfz7v7%2FpxloUilYtw7n1F3I%2FG8hPPw%3D%3D |
|
masterfornews.com/ | Name: GL_GI10 Value: eJxNjEtLw0AUhdNJGRrbRA64cdc%2F4ECkVdzqNmRXXQ4xua2D7b3DzPiIv15aobg6h%2FP4sixTVxWU8ygf1ua2rk29ujP3K%2BQ7Eqi2waKXD05htNwdCPOW0huFfcdDhA60c8Il5n%2FG9jIQLtrmZsPvLF98Lo7fEtPepbFEcZTTtpohd9HjuqEu0gu9Lv%2Fhl4%2Fm2aBgSjZ6ogHFkwQvoUuE6pyeODrHzEXrg3yPeoLL5A70I0xWtttISStMPrX6BYjZR1g%3D |
|
majomalonic.com/ | Name: GL_UI4 Value: eJw9jVtOwzAURPNOgSYwUhbAEuI0qPQTsQg%2BIz9uU9PErhyTiN1jIcHXHI3OaKIoSppHxGuRIf3iL3imTgqmpKCj4q%2FHjtGB04kfzqoTfd%2BfBO70MnguJvIZdsvMnR%2F8mmE%2FkiGn5SCtogpPwfprrsZuJkMuHDeqQj4HY6pQCme3hVyTIjN8JhTvF2dD5jP%2FtA4pY31gbQLHLRK7NGl9j%2FJDGxWG9R4Ja%2Bu6iPBwm7g%2FWzcPWhUx8tFxRYjfsJPc02jdN0pFy9XbG2AnNfz7v7%2FpxloUilYtw7n1F3I%2FG8hPPw%3D%3D |
|
majomalonic.com/ | Name: GL_GI10 Value: eJxNjEtLw0AUhdNJGRrbRA64cdc%2F4ECkVdzqNmRXXQ4xua2D7b3DzPiIv15aobg6h%2FP4sixTVxWU8ygf1ua2rk29ujP3K%2BQ7Eqi2waKXD05htNwdCPOW0huFfcdDhA60c8Il5n%2FG9jIQLtrmZsPvLF98Lo7fEtPepbFEcZTTtpohd9HjuqEu0gu9Lv%2Fhl4%2Fm2aBgSjZ6ogHFkwQvoUuE6pyeODrHzEXrg3yPeoLL5A70I0xWtttISStMPrX6BYjZR1g%3D |
|
.youtube.com/ | Name: YSC Value: Ws3bip8TU0w |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: XkvAVBcHYlw |
|
sutiletoroid.com/ | Name: GL_UI4 Value: eJw9jVtOwzAURPNOgSYwUhbAEuI0qPQTsQg%2BIz9uU9PErhyTiN1jIcHXHI3OaKIoSppHxGuRIf3iL3imTgqmpKCj4q%2FHjtGB04kfzqoTfd%2BfBO70MnguJvIZdsvMnR%2F8mmE%2FkiGn5SCtogpPwfprrsZuJkMuHDeqQj4HY6pQCme3hVyTIjN8JhTvF2dD5jP%2FtA4pY31gbQLHLRK7NGl9j%2FJDGxWG9R4Ja%2Bu6iPBwm7g%2FWzcPWhUx8tFxRYjfsJPc02jdN0pFy9XbG2AnNfz7v7%2FpxloUilYtw7n1F3I%2FG8hPPw%3D%3D |
|
sutiletoroid.com/ | Name: GL_GI10 Value: eJxNjEtLw0AUhdNJGRrbRA64cdc%2F4ECkVdzqNmRXXQ4xua2D7b3DzPiIv15aobg6h%2FP4sixTVxWU8ygf1ua2rk29ujP3K%2BQ7Eqi2waKXD05htNwdCPOW0huFfcdDhA60c8Il5n%2FG9jIQLtrmZsPvLF98Lo7fEtPepbFEcZTTtpohd9HjuqEu0gu9Lv%2Fhl4%2Fm2aBgSjZ6ogHFkwQvoUuE6pyeODrHzEXrg3yPeoLL5A70I0xWtttISStMPrX6BYjZR1g%3D |
|
gristleupanaya.com/ | Name: GL_UI4 Value: eJw9jVtOwzAURPNOgSYwUhbAEuI0qPQTsQg%2BIz9uU9PErhyTiN1jIcHXHI3OaKIoSppHxGuRIf3iL3imTgqmpKCj4q%2FHjtGB04kfzqoTfd%2BfBO70MnguJvIZdsvMnR%2F8mmE%2FkiGn5SCtogpPwfprrsZuJkMuHDeqQj4HY6pQCme3hVyTIjN8JhTvF2dD5jP%2FtA4pY31gbQLHLRK7NGl9j%2FJDGxWG9R4Ja%2Bu6iPBwm7g%2FWzcPWhUx8tFxRYjfsJPc02jdN0pFy9XbG2AnNfz7v7%2FpxloUilYtw7n1F3I%2FG8hPPw%3D%3D |
|
gristleupanaya.com/ | Name: GL_GI10 Value: eJxNjEtLw0AUhdNJGRrbRA64cdc%2F4ECkVdzqNmRXXQ4xua2D7b3DzPiIv15aobg6h%2FP4sixTVxWU8ygf1ua2rk29ujP3K%2BQ7Eqi2waKXD05htNwdCPOW0huFfcdDhA60c8Il5n%2FG9jIQLtrmZsPvLF98Lo7fEtPepbFEcZTTtpohd9HjuqEu0gu9Lv%2Fhl4%2Fm2aBgSjZ6ogHFkwQvoUuE6pyeODrHzEXrg3yPeoLL5A70I0xWtttISStMPrX6BYjZR1g%3D |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=1 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.mos.cms.futurecdn.net
fonts.gstatic.com
googleads.g.doubleclick.net
gristleupanaya.com
i.ytimg.com
jnn-pa.googleapis.com
majomalonic.com
masterfornews.com
static.doubleclick.net
sutiletoroid.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
172.255.6.135
23.109.248.162
23.109.82.247
23.109.82.45
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2016
2a00:1450:4001:830::200a
8.241.9.250
017189ef67494a2f5fd2810feaa572855a63e5007ac2cbdb4833a7d8090ea37f
073389e3d1e65c840ce18edaabc5abd3a94363dbbcd6dc942f4305cdf92d28e5
0aeb3d549b96f6a01d34114b7dd6abbf1d6fdb5ed6d65b5c2e115c4a5387ac11
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
17c7cfe81ae8c308d57170b007727e01f8e13e53ae8fef88f278e193288101b3
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
1e088ea82c80308b4e9deb1913c1f45f3ea1297ef245951a42ba0c2557e9b579
1e3c53495fecb767865fd65606fe9dc774b312ae64be384fb2624e99c515b544
20907204999dc4a65c8a946ee99c90d12903ea78f2a4ed81dd535cdd6fe652cc
28e6c5a407143db3292ae92f798a21b237b1c73cb86f5eef9b46c2044e2eecc9
2cdafecdfd509283af603d5def92431a59407e03d2bf050a6acddccc39b704bd
2da3463d43c823fbf9a6df6c58b0bca86f25083def66cd532f31b114b997df04
3286ed7d7957dca09965f62de2ddbd832dcc62777290a2511f38b3d6a1638377
36a88df037dc6c940450a9e251a34c9321d76d894d3d1734ee8cede45028d84c
3811855532dda3c283a80ff6c75a2f75f5baf480fb28b9307b705ef2239d1ed3
38ed39314b0883d51d83512aba005ad1dab32dd646946ff7ca868ec0a9a557c4
39c3f8cb9993dcc14e6a4d3f2c318b1c16930efc54c81745301ec834e1a53ff2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fe0bfb85ab37cd798278d136f9b39c8c1be0b3c1dc3445528680323247d67f7
4ea33a67432c2c4b0c88e18ce874211e52402996c4b190808811c9fbdbeb105f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
56c4b7b40419f1b442d966b468e6f01c749df985f1d0886ad8ef2a656f76a05e
594293bb40b8e044829827c61d60c39dca7e0d1d6f7f5c7d0e371bc903574e46
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fadbd3541cde7e99c319b7d133e2894c719689fba03eb03367fd65c2e74d8b5
64102b9435b984a42f11879d25a0ab4e344d32a20616540de1ebda7ac4b1cef4
67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6833005f69bffe6fcd3ebc52499d2485c04c3873beb506e5070e8db8c18b2259
685ba76259d3706e0697ec6ac6a2abcea7c0363c2f981ca2bc42eefb484fb1ff
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
79e7bf2a32e8f078c90b691cccf59e0ff52f4053a2fc68a4182145c33902a9e1
7fa1b1c7a22de3156eb436a534c57dee2b838cd2b5d485d7fe2b97a543bcc540
84fd540a91c6ccd552954114d9b77afba5394fd1fcf01c714598338d3977f7c7
85984736f3336061869b9a3e351a2aa85d18081567e778fd2ed3a1322b7eee52
8abaa9ae8d54eac4b18090ddc355c2baf4f4f783cb894fc7491411107aef97db
8d482f276fdae27f80011320eae724996a57b3872431af9d8d820108dac4a7f1
93aea9c3ee22da82266a5ecef207b2d033f426afd0c093f04200b4aabdfb0f4d
95a5de646da4d055a7739c45ca50a885cf1b1be6411c5c843b76b07ae7e584db
97287901af1abf501b3d659b0040669b0e026af07ab1bc1bc6f8056e6ab014f5
a5a4f82b1f0edaed05e8fa8e9e72f688f8b46ded11c6077c63b2c5b9bb4c918f
a906b1b3cc9d7e108f615789f34054190a5f5c7770506b8cc8c588460c030432
a92384d89126fd9f506a488dd9518377478136896c2f852b9a78a424840acd12
a9bf1cb9217dc32571c7ac8f38a6180d5a8a52a07bb983e90a1faca556adc470
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
aeb980de1e3127bbf0bafb9e4a8daa507e0d6f2a3eb273b5451bd25dcf9ed1b0
b0ad365190af5a06779cb0f7f10205d631b5aceee452d6e48aae5ec84b2c1f0e
b2aade242f14d3b0b5cf649cea3f4fe5a0013ed93c7c1ea18e6bca2088180ea0
b9d90cfa2231a56b4b82496e3a883070ed591484d7725c56411d100eda4c622a
b9f5e26e6801b6a835e3b22bddaa410b96768b33e226622e315d2b219b64c29f
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
beec9cb157f8b4ece7487d55de3db6a265d8235716018577d55384f53592fd7c
c34626072b265e7bf5fd8dbf4a2cbcb6d66fe2e4f1cf2caed03736005284fe32
c3dba03cfe3a981f9cebd63069f1a779ea961729d45ced3b7b8b38d2418525e6
d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
d8dc6a157ad70bfed83a655e508234cf8f9b136d56fea918d05216338f314e6f
d915b7ea7184527d3505d1776e04b984ee3f6b990b8e7592e9dccd2011bfbac3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fa217dea42f444dd3d1b3eec6c569eecbd066ad6fdd48ed806a7b6a096bf53
ec519c0ffc41b13c1f0901a3168a6d4f8ead24fa8eae082eb1c62207a740dcbc
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f04a34917f9b0cf477738cf6e75765e8885ea85c7d3c3848a450530db0ca0ba5
f502ac313962a6d5c44ee9b310b4d40a3a674177072f731da2f040e72137df41
f5419d3d2e402811bb641a80dfa644073b7eb8cdc60d9900d14abab190948331
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
fc0b9aaf31f900c3b7e6c68350e6b945b9cbe5d83dba0c81cde8dc6e0edcff46
fc434e00e66a00cd47ceea9e12f308d3df1399b800e5bd1267338c28405847d2