Submitted URL: https://dcgichg.r.bh.d.sendibt3.com/tr/cl/TPueEzL6bN1kcF2EAltrk9-3LRuE5lMU44Ofn2u_y8ynd1NrSGh59Ka94jPb6W90XB8aMzjkeCxp70h6MpPASDxKab...
Effective URL: http://sakora-gophish.site/?rid=Sj2UzPH
Submission: On December 08 via manual from PL

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 80.211.249.156, located in Warsaw, Poland and belongs to ARUBA, PL. The main domain is sakora-gophish.site.
This is the only time sakora-gophish.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.107.232.244 200484 (SENDINBLU...)
1 80.211.249.156 205727 (ARUBA)
15 109.95.156.156 48896 (DHOSTING-...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
21 4
Domain Requested by
15 dev-niebezpieczny-pracownik.pl sakora-gophish.site
4 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com sakora-gophish.site
1 sakora-gophish.site
1 dcgichg.r.bh.d.sendibt3.com 1 redirects
21 5

This site contains links to these domains. Also see Links.

Domain
dev-niebezpieczny-pracownik.pl
Subject Issuer Validity Valid
dev-niebezpieczny-pracownik.pl
Let's Encrypt Authority X3
2020-11-27 -
2021-02-25
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh

This page contains 1 frames:

Primary Page: http://sakora-gophish.site/?rid=Sj2UzPH
Frame ID: BB4F874B198EF067D3D193A3F02B7B51
Requests: 21 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://dcgichg.r.bh.d.sendibt3.com/tr/cl/TPueEzL6bN1kcF2EAltrk9-3LRuE5lMU44Ofn2u_y8ynd1NrSGh59Ka94jPb6W90XB8aMz... HTTP 302
    http://sakora-gophish.site/?rid=Sj2UzPH Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

21
Requests

95 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

307 kB
Transfer

524 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dcgichg.r.bh.d.sendibt3.com/tr/cl/TPueEzL6bN1kcF2EAltrk9-3LRuE5lMU44Ofn2u_y8ynd1NrSGh59Ka94jPb6W90XB8aMzjkeCxp70h6MpPASDxKabhHJUGvhkceF-H1zyuRD3HqLIZii82Ovix2LJhyetYLs-UdRApbT0exYGqvkh_aAHEiWFwhyRE-XIJQfbYzEZK778oHFzKl4J9pdGzxs2QZR9LRMPR6mw4yq-mdQcxTvD_4 HTTP 302
    http://sakora-gophish.site/?rid=Sj2UzPH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sakora-gophish.site/
Redirect Chain
  • https://dcgichg.r.bh.d.sendibt3.com/tr/cl/TPueEzL6bN1kcF2EAltrk9-3LRuE5lMU44Ofn2u_y8ynd1NrSGh59Ka94jPb6W90XB8aMzjkeCxp70h6MpPASDxKabhHJUGvhkceF-H1zyuRD3HqLIZii82Ovix2LJhyetYLs-UdRApbT0exYGqvkh_aAHE...
  • http://sakora-gophish.site/?rid=Sj2UzPH
30 KB
7 KB
Document
General
Full URL
http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
HTTP/1.1
Server
80.211.249.156 Warsaw, Poland, ASN205727 (ARUBA, PL),
Reverse DNS
host156-249-211-80.static.arubacloud.pl
Software
/
Resource Hash
57e05bf589842af044ccad1f63b03595d9d5317b3829207627e386cf7cd9a607

Request headers

Host
sakora-gophish.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
X-Server
gophish
Date
Tue, 08 Dec 2020 09:32:42 GMT
Transfer-Encoding
chunked

Redirect headers

Content-Length
62
Content-Type
text/html; charset=utf-8
Date
Tue, 08 Dec 2020 09:32:42 GMT
Location
http://sakora-gophish.site/?rid=Sj2UzPH
X-Content-Type-Options
nosniff
X-Sib-Server
SENDINBLUE-red1-2
X-Xss-Protection
1
style.min.css
dev-niebezpieczny-pracownik.pl/wp-includes/css/dist/block-library/
53 KB
8 KB
Stylesheet
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-includes/css/dist/block-library/style.min.css?ver=9b75690c1b5e84addab503c78afe33bf
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
7455
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Nov 2020 16:54:11 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
animate.min.css
dev-niebezpieczny-pracownik.pl/wp-content/plugins/otter-blocks/vendor/codeinwp/gutenberg-animation/assets/css/
57 KB
4 KB
Stylesheet
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/plugins/otter-blocks/vendor/codeinwp/gutenberg-animation/assets/css/animate.min.css?ver=9b75690c1b5e84addab503c78afe33bf
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
8c0416f65608757f0fac8daf545f2e5ab94a6e34b45da84f9cee661cbd5a3226
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
4024
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Nov 2020 17:12:47 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
style.css
dev-niebezpieczny-pracownik.pl/wp-content/plugins/otter-blocks/vendor/codeinwp/gutenberg-animation/assets/css/
3 KB
618 B
Stylesheet
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/plugins/otter-blocks/vendor/codeinwp/gutenberg-animation/assets/css/style.css?ver=9b75690c1b5e84addab503c78afe33bf
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
3b4708ed3f834950d6a63bb4e6539e9133b805df775c79bf57e2f61ee77178ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
578
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Nov 2020 17:12:47 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
style.css
dev-niebezpieczny-pracownik.pl/wp-content/plugins/otter-blocks/vendor/codeinwp/gutenberg-blocks/build/
33 KB
3 KB
Stylesheet
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/plugins/otter-blocks/vendor/codeinwp/gutenberg-blocks/build/style.css?ver=1.5.10
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
5ffb44d8f7d0a7dbacaeb0a0c5b0ff90799759d7c1664d1a0bf7ec96b25e1019
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
3506
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Nov 2020 17:12:47 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
frontend.min.css
dev-niebezpieczny-pracownik.pl/wp-content/plugins/google-analytics-for-wordpress/assets/css/
8 KB
785 B
Stylesheet
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/plugins/google-analytics-for-wordpress/assets/css/frontend.min.css?ver=7.13.2
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
90368b5a3711b1777dc287f535cfc1be62b69a362a1af847558cb7c44c7f3974
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
722
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Dec 2020 20:00:32 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
style.min.css
dev-niebezpieczny-pracownik.pl/wp-content/themes/neve/
46 KB
8 KB
Stylesheet
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/themes/neve/style.min.css?ver=2.9.1
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
e5bd8da4b9aa5b1c1ed9ec5b66c4a7f77e2d68df3e86e8dcf67abe44c9dbaff9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
8558
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 07 Dec 2020 16:08:22 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
post-553-1607417721.css
dev-niebezpieczny-pracownik.pl/wp-content/uploads/themeisle-gutenberg/
0
60 B
Stylesheet
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/uploads/themeisle-gutenberg/post-553-1607417721.css?ver=1.5.10
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
referrer-policy
no-referrer-when-downgrade
expires
Thu, 07 Jan 2021 09:32:42 GMT
last-modified
Tue, 08 Dec 2020 08:55:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
0
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
css
fonts.googleapis.com/
2 KB
591 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&display=swap&subset=latin-ext&ver=9b75690c1b5e84addab503c78afe33bf
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d355d2f5cd12b66012d40337fa5d86f6d5a9c94562476f10764aa01abfe830d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Dec 2020 09:32:42 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Tue, 08 Dec 2020 09:32:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 08 Dec 2020 09:32:42 GMT
cropped-6-1-1-e1606508332802.png
dev-niebezpieczny-pracownik.pl/wp-content/uploads/
18 KB
18 KB
Image
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/uploads/cropped-6-1-1-e1606508332802.png
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
e1579d7edb2624eb4a8f6a64ded6df6eeb7d083f6039c63c507b0d328b9a0229
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
referrer-policy
no-referrer-when-downgrade
expires
Thu, 07 Jan 2021 09:32:42 GMT
last-modified
Fri, 27 Nov 2020 20:19:24 GMT
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
18483
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
animate.js
dev-niebezpieczny-pracownik.pl/wp-content/plugins/otter-blocks/vendor/codeinwp/gutenberg-animation/build/
5 KB
2 KB
Script
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/plugins/otter-blocks/vendor/codeinwp/gutenberg-animation/build/animate.js?ver=9b75690c1b5e84addab503c78afe33bf
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
e284caedfb112f7377c8eedc2215aa065a7b70071d03727ecd132a3902c7750f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
1655
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Nov 2020 17:12:47 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
frontend.js
dev-niebezpieczny-pracownik.pl/wp-content/themes/neve/assets/js/build/modern/
6 KB
2 KB
Script
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=2.9.1
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
2b91c72da32cc3f87ad0b0aeb05c8923d5728ba17fe86fce211eeb2acb3e8fec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
1955
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 07 Dec 2020 16:08:18 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
comment-reply.min.js
dev-niebezpieczny-pracownik.pl/wp-includes/js/
3 KB
1 KB
Script
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-includes/js/comment-reply.min.js?ver=9b75690c1b5e84addab503c78afe33bf
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
1238
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Nov 2020 16:54:11 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
wp-embed.min.js
dev-niebezpieczny-pracownik.pl/wp-includes/js/
1 KB
708 B
Script
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-includes/js/wp-embed.min.js?ver=9b75690c1b5e84addab503c78afe33bf
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
668
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Nov 2020 16:54:11 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
wp-emoji-release.min.js
dev-niebezpieczny-pracownik.pl/wp-includes/js/
14 KB
4 KB
Script
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-includes/js/wp-emoji-release.min.js?ver=9b75690c1b5e84addab503c78afe33bf
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
strict-transport-security
max-age=2592000
content-length
4319
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Nov 2020 16:54:11 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 07 Jan 2021 09:32:42 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&display=swap&subset=latin-ext&ver=9b75690c1b5e84addab503c78afe33bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://sakora-gophish.site
Referer
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&display=swap&subset=latin-ext&ver=9b75690c1b5e84addab503c78afe33bf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 21:58:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
214438
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Sun, 05 Dec 2021 21:58:44 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&display=swap&subset=latin-ext&ver=9b75690c1b5e84addab503c78afe33bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://sakora-gophish.site
Referer
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&display=swap&subset=latin-ext&ver=9b75690c1b5e84addab503c78afe33bf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 09:30:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:15 GMT
server
sffe
age
259352
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Sun, 05 Dec 2021 09:30:10 GMT
pxiByp8kv8JHgFVrLEj6Z1JlFd2JQEl8qw.woff2
fonts.gstatic.com/s/poppins/v15/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1JlFd2JQEl8qw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&display=swap&subset=latin-ext&ver=9b75690c1b5e84addab503c78afe33bf
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81f808ca766112a73497cdf7cd4224e27063c394f07b12b7d7a5e0599c19f37e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://sakora-gophish.site
Referer
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&display=swap&subset=latin-ext&ver=9b75690c1b5e84addab503c78afe33bf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 22:12:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:39 GMT
server
sffe
age
472794
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5480
x-xss-protection
0
expires
Thu, 02 Dec 2021 22:12:48 GMT
pxiEyp8kv8JHgFVrJJnecnFHGPezSQ.woff2
fonts.gstatic.com/s/poppins/v15/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJnecnFHGPezSQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&display=swap&subset=latin-ext&ver=9b75690c1b5e84addab503c78afe33bf
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738cb7aba1703ee4705776436452858e9832ef81847f0f646ed83949c7763c53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://sakora-gophish.site
Referer
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&display=swap&subset=latin-ext&ver=9b75690c1b5e84addab503c78afe33bf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 14:41:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:17 GMT
server
sffe
age
240699
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5504
x-xss-protection
0
expires
Sun, 05 Dec 2021 14:41:03 GMT
pobrane.png
dev-niebezpieczny-pracownik.pl/wp-content/uploads/
4 KB
4 KB
Image
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/uploads/pobrane.png
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
d9be6780b23aea5b1480bf22212c84c452921742fe23f74c6008be31c6e1a1e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
referrer-policy
no-referrer-when-downgrade
expires
Thu, 07 Jan 2021 09:32:42 GMT
last-modified
Tue, 08 Dec 2020 08:52:33 GMT
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
3805
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure
ABC..-Rozpoznania-phishingu-1-scaled-e1607417668547.jpg
dev-niebezpieczny-pracownik.pl/wp-content/uploads/
216 KB
217 KB
Image
General
Full URL
https://dev-niebezpieczny-pracownik.pl/wp-content/uploads/ABC..-Rozpoznania-phishingu-1-scaled-e1607417668547.jpg
Requested by
Host: sakora-gophish.site
URL: http://sakora-gophish.site/?rid=Sj2UzPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.95.156.156 Warsaw, Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS
Software
/
Resource Hash
b2af9807261ef91289d2c0cc3c5a3cd6f44401763c4b600092131d9db2c1730a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sakora-gophish.site/?rid=Sj2UzPH
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 09:32:42 GMT
referrer-policy
no-referrer-when-downgrade
expires
Thu, 07 Jan 2021 09:32:42 GMT
last-modified
Tue, 08 Dec 2020 08:54:28 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=2592000
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
221524
x-content-type-options
nosniff
edit
Set-Cookie ^(.*)$ $1;HttpOnly;Secure

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| NeveProperties object| addComment object| wp object| twemoji object| HFG

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dcgichg.r.bh.d.sendibt3.com
dev-niebezpieczny-pracownik.pl
fonts.googleapis.com
fonts.gstatic.com
sakora-gophish.site
109.95.156.156
185.107.232.244
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
80.211.249.156
2b91c72da32cc3f87ad0b0aeb05c8923d5728ba17fe86fce211eeb2acb3e8fec
3b4708ed3f834950d6a63bb4e6539e9133b805df775c79bf57e2f61ee77178ce
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
57e05bf589842af044ccad1f63b03595d9d5317b3829207627e386cf7cd9a607
5ffb44d8f7d0a7dbacaeb0a0c5b0ff90799759d7c1664d1a0bf7ec96b25e1019
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
738cb7aba1703ee4705776436452858e9832ef81847f0f646ed83949c7763c53
81f808ca766112a73497cdf7cd4224e27063c394f07b12b7d7a5e0599c19f37e
8c0416f65608757f0fac8daf545f2e5ab94a6e34b45da84f9cee661cbd5a3226
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
90368b5a3711b1777dc287f535cfc1be62b69a362a1af847558cb7c44c7f3974
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
b2af9807261ef91289d2c0cc3c5a3cd6f44401763c4b600092131d9db2c1730a
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
d355d2f5cd12b66012d40337fa5d86f6d5a9c94562476f10764aa01abfe830d0
d9be6780b23aea5b1480bf22212c84c452921742fe23f74c6008be31c6e1a1e2
e1579d7edb2624eb4a8f6a64ded6df6eeb7d083f6039c63c507b0d328b9a0229
e284caedfb112f7377c8eedc2215aa065a7b70071d03727ecd132a3902c7750f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bd8da4b9aa5b1c1ed9ec5b66c4a7f77e2d68df3e86e8dcf67abe44c9dbaff9