urlscan.io logo urlscan.io
SecurityTrails logo

sanwells.se Open in urlscan Pro
2606:4700:3033::ac43:dd7c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sanwells.se/
Effective URL: https://sanwells.se/login
Submission Tags: phishing spamreports malicious Search All
Submission: On January 21 via api from BG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3033::ac43:dd7c, located in United States and belongs to CLOUDFLARENET, US. The main domain is sanwells.se.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 14th 2021. Valid for: a year.
This is the only time sanwells.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 19 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 3
Apex Domain
Subdomains		 Transfer
19 sanwells.se
sanwells.se
213 KB
2 google-analytics.com
www.google-analytics.com
395 B
1 googletagmanager.com
www.googletagmanager.com
52 KB
20 3
Domain Requested by
19 sanwells.se 2 redirects sanwells.se
2 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com sanwells.se
20 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-14 -
2022-01-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sanwells.se/login
Frame ID: 0C5E61D8DFA0812C69F9F2E10CEE1A88
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sanwells.se/ HTTP 301
    https://sanwells.se/ HTTP 302
    https://sanwells.se/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

264 kB
Transfer

885 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sanwells.se/ HTTP 301
    https://sanwells.se/ HTTP 302
    https://sanwells.se/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
sanwells.se/
Redirect Chain
  • http://sanwells.se/
  • https://sanwells.se/
  • https://sanwells.se/login
11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf65a831b8e4a69ca5d5cbf3bcb6647ec5fbc36eccee8aaa6021dd4fab9a8ff

Request headers

:method
GET
:authority
sanwells.se
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dcf6803f1ff7258ad3e861566d010e7e01611227995; PHPSESSID=0dc3f28ba3ed65e7c7a28b10197d5874
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:56 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
07c64538f700002b1e8a188000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=232grNs2FpvaKAQmcOntZZJu9YwxvLOg7cdxx%2BxXSg%2Fla%2FwmeM8v6ifHCZLJIU268hnj8p4Qqv%2FFClelXvne7FUEaAZjlIkaGVx4rn3vW6szAAe8%2FR%2BqDQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6150a4a18bdc2b1e-FRA
content-encoding
br

Redirect headers

date
Thu, 21 Jan 2021 11:19:56 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dcf6803f1ff7258ad3e861566d010e7e01611227995; expires=Sat, 20-Feb-21 11:19:55 GMT; path=/; domain=.sanwells.se; HttpOnly; SameSite=Lax; Secure PHPSESSID=0dc3f28ba3ed65e7c7a28b10197d5874; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
location
./login
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
07c645370c00002b1ed49c7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VCPBrX8AVvM3d4DkX%2FXBwHbvhZI6S4j2e5TNwUV2SDQ0AyVOE97VwEfhEI5iIBkBU7JNLwGPz9NfdTnSp408O%2Bk7JNPvVBzRe5irLoG%2BiuYQUwTXW2QCFQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6150a49e7c7c2b1e-FRA
loadFont.js
sanwells.se/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/js/loadFont.js
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5c7cc62f1dd3cc33e186553d36a5ef8900cead0c1cb800c4e12979899b1c500

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Feb 2020 04:43:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EOMVd5qScGslHDJlLCM9u%2BV9s0c9of3svexntp%2Fzp8cCxp0km19pBIm4l4xQeG3vgcNZg8PpWehuq8FAIpfqbqUdF6BaZ4DME%2F0AZ2IA0hjfTs9ShDtw1g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23dea2b1e-FRA
cf-request-id
07c645396300002b1eb3b1a000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
jquery.js
sanwells.se/assets/js/ 		286 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/js/jquery.js
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e277e93187de26fde0a08c620655be9b2465377aab0d1f353361f7d8e13f43c

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Feb 2020 04:43:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RIcXcyTpItvlYJAR5w3ioodWyY6jcAGzNFbE58xPGKIuEEOmEAks5zUCU6rUhDkFsdyyQ98UMpJgEX3gRWEXbwOwCM3XH8Ljw4%2FFU%2Bx5wJnmVEgRJB80fQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23df12b1e-FRA
cf-request-id
07c645396300002b1eaa1f8000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
bootstrap.css
sanwells.se/assets/css/ 		122 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/css/bootstrap.css
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6a815844915fe8afaf30fd14503b11e3d24cdebb34e7dc06bbc345b55a3a16

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Feb 2020 04:43:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mr1VS0IT%2Bc06kIvUXUCghUGp9fsUY7d2SSaAnF5BE0H2ahUG8PdjV3dWlx8ZQW1KVsCAGpTkLJz7Q0NRE%2BBYbtxh6VtPEMzpuKBgs08ny8GgmksARpddaQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23dd92b1e-FRA
cf-request-id
07c645396000002b1eb5ad0000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
bootstrap.js
sanwells.se/assets/js/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/js/bootstrap.js
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f4dd98be76b634e0221ccafa53dc825f1c9d7c534f30d2608334c30b3f59649

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
16162
cf-request-id
07c645396400002b1e8213a000000001
last-modified
Thu, 13 Feb 2020 04:43:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C1Q7yqpu%2BDCzznRKIIMJmrBW6I2tZmkQq%2FUdu285F%2FjmJH0QhqFJVoZzA4nnGK1n2jYJtX8Oz0MGJTkg%2BT%2BHZaHAOvzRQFGGyUN3PF946178KjTngRBabw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23df32b1e-FRA
expires
Thu, 28 Jan 2021 06:50:40 GMT
forge-sha256.js
sanwells.se/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/js/forge-sha256.js
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25df090fe88fb94c17ac1d1d1e00c8f664689d0a273ae37ffe1b494866e4ca6f

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
97376
cf-request-id
07c645396400002b1e7c3a6000000001
last-modified
Thu, 13 Feb 2020 04:43:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bn0xCkUzZNt6ZGgo%2FmqylPYfe3WdzFK0LUkhUHu%2FH9%2FnnR9dtm56oQqk9FkWGdAAFnrliGsuNIZADe2%2FP%2BtzNuNU0BfsWLStsPpPNb1xrNGJWMs2rvrMJA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23df62b1e-FRA
expires
Wed, 27 Jan 2021 08:17:05 GMT
blog.css
sanwells.se/assets/css/ 		58 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/css/blog.css
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3622fbf5aabd0586bd8d43f7dfce47680f1ac0ae7729bdd189acb0e19bef5dc3

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 16 Feb 2020 04:02:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7vGqfWesLiydi3cg%2FIul8Fm6NVrQl3ds4f5HPtie75A016t2R%2BanLixmSxMYJPZI0hpcY5YKPj%2FMPWJtjMhtR8ZaSSiL14g7EPbvxY6%2FGwWPEnGbRAtkmA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23dde2b1e-FRA
cf-request-id
07c645396100002b1ed8397000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
login.css
sanwells.se/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/css/login.css
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4077655b87f1bec660ffd74e8db82a18208d6a1c16287ab2e31e236697b93a57

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 10 Feb 2020 16:43:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wbn8niMmjnnW9DfpIH2I17xz6AA%2FQhAeXxBJpFjs1ay29W5jG3IzWDOB9en0WMqX3%2BCF3dsGr5pYgT7kOKN%2BJjHhKsJBIbNNtaFkz3rRnX7Wa9rAm8%2B3yQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23ddf2b1e-FRA
cf-request-id
07c645396100002b1e7fbba000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
blog.js
sanwells.se/assets/js/ 		42 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/js/blog.js
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8752c53ce0475de6ff4e2c8a390cb32c97d4f0785348f428739074c4239b3eb

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 04 Apr 2020 21:03:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E8j0ZuWz%2B3q6pcAi4DIE10kYLdDSN2UNuXGUhxwMYAQTbCrrxXYM%2B6Nezj%2BJCXGKzelGcw7VFIXd7RUNz6GGQPkASfS72EaefjFXULuXBdSZP1iExvA8sA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23df72b1e-FRA
cf-request-id
07c645396800002b1ecc1f8000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
login.js
sanwells.se/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/js/login.js
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be433d040a17e25ed29126696cbdcd41bd15a4edcd6519cc5ef053630c7819b4

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 15 Feb 2020 03:16:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UBY%2FxXUlSyKdulSfGDX4pe12NuBjRK%2BJtHwYwTO7TN3h5w4mj0GqN3sxAaLDGfYzo1%2F7%2FxlaFKqN8WcT%2Bb1EfF9DoFrFvBNk%2FyeKXy0%2FiAG07NA3SJsQyQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23df92b1e-FRA
cf-request-id
07c645396400002b1ef000c000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
bootstrap-notify.css
sanwells.se/assets/css/ 		408 B
427 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/css/bootstrap-notify.css
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b5135be8c38fe17c7754f5299e033ae8d19954c57ef30a2fdcb5e1080468f4

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Feb 2020 04:43:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JvG4Dhcn%2F%2F3KVuFRQt8U%2FbULTF2P8OQgzHnzJwtRnIF6yiaANcRyV1z9Y52nHU8DCm7SwUCL70bsh87V%2BSVMf4dCMLHAiw3FqwTq%2F0yaZYyGcUUQwldeQQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23de12b1e-FRA
cf-request-id
07c645396100002b1ef30a8000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
alert-bangtidy.css
sanwells.se/assets/css/ 		2 KB
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/css/alert-bangtidy.css
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6d88d45b75b135df6d4ed4554869bb49c2bd16aa791e8ef1b5abe451fd30acb

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 10 Feb 2020 16:43:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ZXOT%2B9PsUkPTc46bN7g3GJfcApDGqlD7Sr9SbFNHA36k7GGlGbixRhr8MJ1dnvXzGRJsSGGuefTC3tGAmRzhdL6BK1vtqpxjUAajaJTBDTLe3dKHy77Rw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23de32b1e-FRA
cf-request-id
07c645396200002b1ec58ee000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
alert-blackgloss.css
sanwells.se/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/css/alert-blackgloss.css
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b7bdc4f944df2645d679ff1c9931fa8d2b7e68890efe291a41ae389e8a5b44

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 10 Feb 2020 16:43:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oxfmY0hxqfn5YiZInT%2Bsawy3OuHd%2BJm3UAUPd%2BiiFAzmW5yhPETevZoxqY8A%2FRAyCjTjkzvV7UeLgxkC9%2FM1VDIXOlQ%2F2M9eVeqS3AOKJlrjdREMbrP75A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23de72b1e-FRA
cf-request-id
07c645396200002b1ed792a000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
bootstrap-notify.js
sanwells.se/assets/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/js/bootstrap-notify.js
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
515ff7020d311b227c2d6103f2ab5d8258342ce2af7dd3e6757ce8af8793fe36

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Feb 2020 04:43:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=axEdDrvrcJCUqcpNmAUq1Er%2FOwmxJyHWb3qbHYuHVPX%2BrKDKp4SUDoSqny9qzlsB5XkgMaSYbPfQ7VdNGndY%2FzpyCWoOVC32l5jawQp5vzp8%2BASrSqUvzw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23dfd2b1e-FRA
cf-request-id
07c645396800002b1e96322000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
animate.css
sanwells.se/assets/css/ 		77 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/css/animate.css
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7b8111c9653407bf8fc77d886392cda6dc03cccf15c4ad5a4fbec06d4585e8a

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Feb 2020 04:43:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eCsNEcXzuMm7SpagSkN5xUgk7xd%2BO7YZcdm8s94jrLV%2BhbHtowh%2Bxja7hFbX9CkZKBq%2FAZ3bTizE6U5nbDgBKA4GTHgVeKPIkmHV%2BLnMlerZg%2BwD8M9IOw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23de92b1e-FRA
cf-request-id
07c645396200002b1ee98a2000000001
expires
Thu, 28 Jan 2021 11:20:05 GMT
js
www.googletagmanager.com/gtag/ 		136 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GCMS7BPKMP
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6cd4392b9e56744d14811a78398681661d3764dc21eb200d1adf547e84487e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53319
x-xss-protection
0
expires
Thu, 21 Jan 2021 11:19:58 GMT
lang.js
sanwells.se/assets/js/ 		613 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/js/lang.js
Requested by
Host: sanwells.se
URL: https://sanwells.se/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5fc20493dab544c86fc503c78fe9bce4d7799fbae799db37a815cc7b11adb3

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Feb 2020 04:43:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kL%2F7mQFvJiPIxp3DXazlforzRoAZV3Es8EfC5RblUsNLYKNJpiWXpoLQUR%2BCjGDTpaLTgMEm1m6Z4b4YMBW8FDO1dqFcJV54tF2Ld5fBq9gjjbhQKkPekw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
6150a4a23e002b1e-FRA
cf-request-id
07c645396500002b1edabd1000000001
expires
Thu, 28 Jan 2021 11:20:03 GMT
Roboto-Regular.woff2
sanwells.se/assets/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sanwells.se/assets/fonts/Roboto-Regular.woff2
Requested by
Host: sanwells.se
URL: https://sanwells.se/assets/css/blog.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365

Request headers

Origin
https://sanwells.se
Referer
https://sanwells.se/assets/css/blog.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 11:19:58 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
64832
cf-request-id
07c645411a00002b1ea2065000000001
last-modified
Fri, 14 Feb 2020 15:59:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3wUfOXY7emLfEHBoNRSd0%2F0%2F%2Fhzz9k01qRsuzMDNhOadOSmBOaGUILCK%2F7RW6yVrjGr9yV%2BbfW4%2Bu7lC1MPIqMS5biC0Gye080mFOpjPsC26eSWOjIJ1TQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6150a4ae8c852b1e-FRA
expires
Thu, 28 Jan 2021 11:20:05 GMT
collect
www.google-analytics.com/g/ 		0
60 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GCMS7BPKMP&gtm=2oe1d0&_p=927741276&sr=1600x1200&ul=en-us&cid=606228143.1611227999&_s=1&dl=https%3A%2F%2Fsanwells.se%2Flogin&dr=&dt=SAN-WELLS.WS&sid=1611227998&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GCMS7BPKMP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 11:19:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sanwells.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
335 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GCMS7BPKMP&gtm=2oe1d0&_p=927741276&sr=1600x1200&ul=en-us&cid=606228143.1611227999&_s=2&dl=https%3A%2F%2Fsanwells.se%2Flogin&dr=&dt=SAN-WELLS.WS&sid=1611227998&sct=1&seg=0&en=scroll&_et=6&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GCMS7BPKMP
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sanwells.se/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 11:20:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sanwells.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| loadFont function| $ function| jQuery object| jQuery111103368433225477372 function| forge_sha256 string| page string| lang string| danger string| group string| last_req string| captcha object| tmp object| tmp2 object| param string| get function| alertother function| notification_hide function| notification_open function| message_print function| isBanned object| NavigationCache function| href_ajax function| loading_page function| common_error function| alert_print function| isInt function| change_div function| msg_cleaning function| msg_cleaning_send function| hrefClear function| href function| ip_input function| forbidden function| captcha_on function| captcha_off function| rules_close function| rules_open function| captcha_check function| language function| captchaEnter function| cart_open function| cart_close function| cart_count function| cartedit function| cart_empty function| cart_buy function| ordertable_complete function| ordertable_cancel function| setCookie function| deleteCookie function| getCookie function| ChatSend function| chatFine function| chatDelete function| chatEnter function| nameChat function| chatUnban function| acceptChatRules number| server_error string| codeRecovery string| codePin string| hashPin string| loginUser function| login function| confrim_rules function| loginEnter function| generatorPassword function| passwordRecovery function| loginEnterCheck function| checkPayment function| unlock function| gtag object| dataLayer function| compareRandom function| clearPin function| Lang number| win_h object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady

4 Cookies

Domain/Path Name / Value
.sanwells.se/ Name: _ga
Value: GA1.1.606228143.1611227999
.sanwells.se/ Name: _ga_GCMS7BPKMP
Value: GS1.1.1611227998.1.0.1611227998.0
sanwells.se/ Name: PHPSESSID
Value: 0dc3f28ba3ed65e7c7a28b10197d5874
.sanwells.se/ Name: __cfduid
Value: dcf6803f1ff7258ad3e861566d010e7e01611227995

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sanwells.se
www.google-analytics.com
www.googletagmanager.com
2606:4700:3033::ac43:dd7c
2a00:1450:4001:800::200e
2a00:1450:4001:816::2008
02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365
21b7bdc4f944df2645d679ff1c9931fa8d2b7e68890efe291a41ae389e8a5b44
25df090fe88fb94c17ac1d1d1e00c8f664689d0a273ae37ffe1b494866e4ca6f
3622fbf5aabd0586bd8d43f7dfce47680f1ac0ae7729bdd189acb0e19bef5dc3
4077655b87f1bec660ffd74e8db82a18208d6a1c16287ab2e31e236697b93a57
515ff7020d311b227c2d6103f2ab5d8258342ce2af7dd3e6757ce8af8793fe36
5f4dd98be76b634e0221ccafa53dc825f1c9d7c534f30d2608334c30b3f59649
6cd4392b9e56744d14811a78398681661d3764dc21eb200d1adf547e84487e98
89b5135be8c38fe17c7754f5299e033ae8d19954c57ef30a2fdcb5e1080468f4
8d5fc20493dab544c86fc503c78fe9bce4d7799fbae799db37a815cc7b11adb3
9e277e93187de26fde0a08c620655be9b2465377aab0d1f353361f7d8e13f43c
be433d040a17e25ed29126696cbdcd41bd15a4edcd6519cc5ef053630c7819b4
bf6a815844915fe8afaf30fd14503b11e3d24cdebb34e7dc06bbc345b55a3a16
c5c7cc62f1dd3cc33e186553d36a5ef8900cead0c1cb800c4e12979899b1c500
c6d88d45b75b135df6d4ed4554869bb49c2bd16aa791e8ef1b5abe451fd30acb
cdf65a831b8e4a69ca5d5cbf3bcb6647ec5fbc36eccee8aaa6021dd4fab9a8ff
d7b8111c9653407bf8fc77d886392cda6dc03cccf15c4ad5a4fbec06d4585e8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8752c53ce0475de6ff4e2c8a390cb32c97d4f0785348f428739074c4239b3eb