pre-crypto.com
Open in
urlscan Pro
185.244.149.250
Malicious Activity!
Public Scan
URL:
https://pre-crypto.com/app/
Submission Tags: 7287345
Submission: On September 09 via api from NL — Scanned from DE
Submission Tags: 7287345
Submission: On September 09 via api from NL — Scanned from DE
Summary
This website contacted 17 IPs
in 7 countries
across 12 domains to perform 75 HTTP transactions.
The main IP is 185.244.149.250, located in
Bucharest, Romania and
belongs to HS, AE.
The main domain is pre-crypto.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 13th 2021. Valid for: 3 months.
This is the only time pre-crypto.com was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 13th 2021. Valid for: 3 months.
This is the only time pre-crypto.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Emiliano (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 28 | 185.244.149.250 185.244.149.250 | 60117 (HS) (HS) | |
| 18 | 193.43.5.142 193.43.5.142 | 13180 (CEDACRINO...) (CEDACRINORD-AS via Conventino) | |
| 1 | 193.43.5.69 193.43.5.69 | 13180 (CEDACRINO...) (CEDACRINORD-AS via Conventino) | |
| 1 | 172.67.71.57 172.67.71.57 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 51.89.24.70 51.89.24.70 | 16276 (OVH) (OVH) | |
| 1 | 67.202.94.93 67.202.94.93 | 32748 (STEADFAST) (STEADFAST) | |
| 1 | 13.224.225.60 13.224.225.60 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 52.28.151.162 52.28.151.162 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 13.224.225.34 13.224.225.34 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 45.55.120.93 45.55.120.93 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 2 | 104.76.200.221 104.76.200.221 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 2 2 | 146.59.148.16 146.59.148.16 | 16276 (OVH) (OVH) | |
| 1 | 13.224.225.92 13.224.225.92 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 13.224.225.54 13.224.225.54 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 104.16.88.26 104.16.88.26 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 7 | 208.100.17.181 208.100.17.181 | 32748 (STEADFAST) (STEADFAST) | |
| 1 | 67.202.105.32 67.202.105.32 | 32748 (STEADFAST) (STEADFAST) | |
| 75 | 17 |
18
193.43.5.142
(Bovisio-Masciago, Italy)
ASN13180 (CEDACRINORD-AS via Conventino, 1, IT)
PTR: mybanking.credem.it
ASN13180 (CEDACRINORD-AS via Conventino, 1, IT)
PTR: mybanking.credem.it
| mybanking.credem.it |
1
193.43.5.69
(Bovisio-Masciago, Italy)
ASN13180 (CEDACRINORD-AS via Conventino, 1, IT)
ASN13180 (CEDACRINORD-AS via Conventino, 1, IT)
| secure.credem.it |
1
13.224.225.60
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-60.lhr61.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-60.lhr61.r.cloudfront.net
| get.s-onetag.com |
1
52.28.151.162
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-151-162.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-151-162.eu-central-1.compute.amazonaws.com
| pd.sharethis.com |
2
13.224.225.34
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-34.lhr61.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-34.lhr61.r.cloudfront.net
| tags.crwdcntrl.net |
2
104.76.200.221
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
| tags.bluekai.com |
1
13.224.225.92
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-92.lhr61.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-92.lhr61.r.cloudfront.net
| onetag-geo.s-onetag.com |
1
13.224.225.54
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-54.lhr61.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-54.lhr61.r.cloudfront.net
| onetag-geo-grouping.s-onetag.com |
7
208.100.17.181
(United States)
ASN32748 (STEADFAST, US)
PTR: ip181.208-100-17.static.steadfastdns.net
ASN32748 (STEADFAST, US)
PTR: ip181.208-100-17.static.steadfastdns.net
| ic.tynt.com |
1
67.202.105.32
(United States)
ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
| de.tynt.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 28 |
pre-crypto.com
pre-crypto.com |
46 KB |
| 19 |
credem.it
mybanking.credem.it secure.credem.it |
490 KB |
| 9 |
tynt.com
cdn.tynt.com ic.tynt.com de.tynt.com |
8 KB |
| 3 |
s-onetag.com
get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com |
12 KB |
| 3 |
dtscout.com
t.dtscout.com |
10 KB |
| 2 |
onaudience.com
2 redirects
pixel.onaudience.com |
717 B |
| 2 |
bluekai.com
tags.bluekai.com |
633 B |
| 2 |
crwdcntrl.net
tags.crwdcntrl.net bcp.crwdcntrl.net Failed |
14 KB |
| 1 |
dtscdn.com
t.dtscdn.com |
407 B |
| 1 |
sharethis.com
pd.sharethis.com |
88 B |
| 1 |
amung.us
whos.amung.us |
145 B |
| 1 |
waust.at
waust.at |
7 KB |
| 75 | 12 |
| Domain | Requested by | |
|---|---|---|
| 28 | pre-crypto.com |
pre-crypto.com
|
| 18 | mybanking.credem.it |
pre-crypto.com
mybanking.credem.it |
| 7 | ic.tynt.com |
pre-crypto.com
|
| 3 | t.dtscout.com |
waust.at
t.dtscout.com |
| 2 | pixel.onaudience.com | 2 redirects |
| 2 | tags.bluekai.com |
pre-crypto.com
|
| 2 | tags.crwdcntrl.net |
t.dtscout.com
tags.crwdcntrl.net |
| 1 | de.tynt.com |
cdn.tynt.com
|
| 1 | cdn.tynt.com |
waust.at
|
| 1 | onetag-geo-grouping.s-onetag.com |
get.s-onetag.com
|
| 1 | onetag-geo.s-onetag.com |
get.s-onetag.com
|
| 1 | t.dtscdn.com |
t.dtscout.com
|
| 1 | pd.sharethis.com |
t.dtscout.com
|
| 1 | get.s-onetag.com |
t.dtscout.com
|
| 1 | whos.amung.us |
waust.at
|
| 1 | waust.at |
pre-crypto.com
|
| 1 | secure.credem.it |
pre-crypto.com
|
| 0 | bcp.crwdcntrl.net Failed |
tags.crwdcntrl.net
|
| 75 | 18 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.credem.it |
| whos.amung.us |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| pre-crypto.com cPanel, Inc. Certification Authority |
2021-07-13 - 2021-10-11 |
3 months | crt.sh |
| mybanking.credem.it DigiCert SHA2 Extended Validation Server CA |
2021-06-16 - 2022-06-20 |
a year | crt.sh |
| secure.credem.it DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-06 - 2022-07-11 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-08-04 - 2022-08-03 |
a year | crt.sh |
| *.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-11-03 - 2021-11-03 |
a year | crt.sh |
| whos.amung.us Sectigo RSA Domain Validation Secure Server CA |
2020-05-21 - 2022-05-21 |
2 years | crt.sh |
| *.s-onetag.com Amazon |
2021-02-03 - 2022-03-04 |
a year | crt.sh |
| sharethis.com Amazon |
2020-08-17 - 2021-09-16 |
a year | crt.sh |
| *.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2021-04-29 - 2022-05-31 |
a year | crt.sh |
| t.dtscdn.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-11-03 - 2021-11-15 |
a year | crt.sh |
| odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA |
2021-04-25 - 2022-04-26 |
a year | crt.sh |
| *.tynt.com Sectigo RSA Domain Validation Secure Server CA |
2019-10-01 - 2021-09-30 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://pre-crypto.com/app/
Frame ID: D6FBA9BDC791FE51300D4E4B2819C18A
Requests: 76 HTTP requests in this frame
Frame:
https://t.dtscout.com/idg/?su=51A01631193631F71CD19A0E8012DAC2
Frame ID: 46E79EA19F36C8E003B36D3D62B8BDFC
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Credem Home BankingDetected technologies
Lightbox
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- lightbox(?:-plus-jquery)?.{0,32}\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
URL: https://www.credem.it/content/credem/it/contatti/chiamaci.html
Title: 800 273336
Title: 800 273336
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/contatti/ricerca-filiali.html
Title: Agenzie
Title: Agenzie
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/contatti.html
Title: Contatti
Title: Contatti
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/gruppo-credem.html
Title: Gruppo Credem
Title: Gruppo Credem
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/gruppo-credem/lavora-con-noi.html
Title: Lavora con noi
Title: Lavora con noi
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/privati-e-famiglie.html
Title: PRIVATI E FAMIGLIE
Title: PRIVATI E FAMIGLIE
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/imprese-e-professionisti.html
Title: IMPRESE E PROFESSIONISTI
Title: IMPRESE E PROFESSIONISTI
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/private-banking.html
Title: PRIVATE BANKING
Title: PRIVATE BANKING
Search URL Search Domain Scan URL
URL: https://www.credem.it/
Title: Torna all'Home Page
Title: Torna all'Home Page
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/footer/privacy.html
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/footer/informativa-cookie.html
Title: Informativa Cookie
Title: Informativa Cookie
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/footer/trasparenza.html
Title: Trasparenza
Title: Trasparenza
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/footer/depositi-dormienti.html
Title: Depositi dormienti
Title: Depositi dormienti
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/footer/sepa.html
Title: Sepa
Title: Sepa
Search URL Search Domain Scan URL
URL: https://www.credem.it/content/credem/it/footer/prospetti.html
Title: Prospetti
Title: Prospetti
Search URL Search Domain Scan URL
URL: https://whos.amung.us/stats/xjqmhfwwsy/
Title: 21
Title: 21
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 61- https://pixel.onaudience.com/?partner=137085098&mapped=51A01631193631F71CD19A0E8012DAC2 HTTP 302
- https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
- https://tags.bluekai.com/site/33141?&id=fb33ecd93a32b77d
75 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
pre-crypto.com/app/ |
45 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dtagent_A23bjrvx_7000200051022.js
pre-crypto.com/newvir/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
theme.css.xhtml
mybanking.credem.it/newvir/javax.faces.resource/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jsf.js.xhtml
pre-crypto.com/newvir/javax.faces.resource/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.all.css
mybanking.credem.it/newvir/resources/themes/base/ |
47 B 792 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.min.css
mybanking.credem.it/newvir/resources/css/ |
214 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style_CR.css
mybanking.credem.it/newvir/resources/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
menu_profili_CR.css
mybanking.credem.it/newvir/resources/css/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.7.1.js
pre-crypto.com/newvir/resources/js/jQuery/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.8.18.custom.min.js
pre-crypto.com/newvir/resources/js/jQuery/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.tablesorter.js
pre-crypto.com/newvir/resources/js/jQuery/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.ui.datepicker-it.js
pre-crypto.com/newvir/resources/js/jQuery/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.lightbox-0.5.min.js
pre-crypto.com/newvir/resources/js/jQuery/lightbox/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
credem.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
start.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
live_validation.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main-style.css
mybanking.credem.it/newvir/resources/css3/assets/css/ |
829 KB 395 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
credem-banca.png
mybanking.credem.it/newvir/resources/css3/assets/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assistance.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assistance.css
mybanking.credem.it/newvir/resources/css3/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stylesheet.css
mybanking.credem.it/newvir/resources/fonts/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
encoding.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fp.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fpCaller.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscp.js
secure.credem.it/Strumenti/_js/ |
74 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d.js
waust.at/ |
13 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.base.css
mybanking.credem.it/newvir/resources/themes/base/ |
217 B 867 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.theme.css
mybanking.credem.it/newvir/resources/themes/base/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.core.css
mybanking.credem.it/newvir/resources/themes/base/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.accordion.css
mybanking.credem.it/newvir/resources/themes/base/ |
774 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.dialog.css
mybanking.credem.it/newvir/resources/themes/base/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.slider.css
mybanking.credem.it/newvir/resources/themes/base/ |
931 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.tabs.css
mybanking.credem.it/newvir/resources/themes/base/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.datepicker.css
mybanking.credem.it/newvir/resources/themes/base/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.progressbar.css
mybanking.credem.it/newvir/resources/themes/base/ |
169 B 878 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.8.18.custom.min.js
pre-crypto.com/newvir/resources/js/jQuery/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.tablesorter.js
pre-crypto.com/newvir/resources/js/jQuery/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.ui.datepicker-it.js
pre-crypto.com/newvir/resources/js/jQuery/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.lightbox-0.5.min.js
pre-crypto.com/newvir/resources/js/jQuery/lightbox/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
credem.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
start.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
live_validation.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
Roboto-Regular-webfont.woff
mybanking.credem.it/newvir/resources/css3/assets/fonts/roboto-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
Roboto-Bold-webfont.woff
mybanking.credem.it/newvir/resources/css3/assets/fonts/roboto-bold/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assistance.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
Roboto-Regular-webfont.ttf
mybanking.credem.it/newvir/resources/css3/assets/fonts/roboto-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
Roboto-Bold-webfont.ttf
mybanking.credem.it/newvir/resources/css3/assets/fonts/roboto-bold/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
encoding.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fp.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fpCaller.js
pre-crypto.com/newvir/resources/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
t.dtscout.com/i/ |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
whos.amung.us/pingjs/ |
29 B 145 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
t.dtscout.com/idg/ Frame 46E7 |
1 KB 749 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ |
30 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dtscout
pd.sharethis.com/pd/ |
0 88 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
t.dtscout.com/pv/ |
50 B 318 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ |
38 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
t.dtscdn.com/widget/ |
0 407 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
27675
tags.bluekai.com/site/ |
62 B 329 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
33141
tags.bluekai.com/site/ Redirect Chain
|
62 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
onetag-geo.s-onetag.com/ |
555 B 961 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ |
1 KB 830 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc.js
cdn.tynt.com/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v2
de.tynt.com/deb/ |
4 B 202 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ |
4 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
data
bcp.crwdcntrl.net/6/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mybanking.credem.it
- URL
- https://mybanking.credem.it/newvir/resources/css3/assets/fonts/roboto-regular/Roboto-Regular-webfont.woff
- Domain
- mybanking.credem.it
- URL
- https://mybanking.credem.it/newvir/resources/css3/assets/fonts/roboto-bold/Roboto-Bold-webfont.woff
- Domain
- mybanking.credem.it
- URL
- https://mybanking.credem.it/newvir/resources/css3/assets/fonts/roboto-regular/Roboto-Regular-webfont.ttf
- Domain
- mybanking.credem.it
- URL
- https://mybanking.credem.it/newvir/resources/css3/assets/fonts/roboto-bold/Roboto-Bold-webfont.ttf
- Domain
- bcp.crwdcntrl.net
- URL
- https://bcp.crwdcntrl.net/6/data
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Emiliano (Banking)190 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect boolean| originAgentCluster object| dT_ function| busyFunction function| openGenericPopup function| popupClose function| chatRequested function| chatUrlLoaded function| chatRecovered function| closeChat function| isErrorPage function| loadAssistanceConfig object| _0xe0c7 object| _lst object| _cvrp object| _cvpr object| _cvrpf object| _cvprf object| _f string| AFP_ROOT_NAMESPACE object| AFPAPP object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| a object| cv object| _dtspv object| lotame_3825 number| char object| __connect function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_d function| lt3825_e function| lt3825_da function| lt3825_ea object| lt3825_fa object| lt3825_ object| lt3825_4 function| lt3825_aa function| lt3825_a function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_l function| lt3825_ga function| lt3825_k function| lt3825_m function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_r function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_ha function| lt3825_ia function| lt3825_w function| lt3825_ja function| lt3825_x function| lt3825_y function| lt3825_v function| lt3825_z function| lt3825_A function| lt3825_B function| lt3825_C function| lt3825_D function| lt3825_E function| lt3825_F function| lt3825_G function| lt3825_H function| lt3825_I function| lt3825_J function| lt3825_L function| lt3825_M function| lt3825_N function| lt3825_K function| lt3825_ka function| lt3825_la function| lt3825_P function| lt3825_O function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_T function| lt3825_ma function| lt3825_na function| lt3825_oa function| lt3825_pa function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_qa function| lt3825_sa function| lt3825_ra function| lt3825_X function| lt3825_ta function| lt3825_ua function| lt3825_Y function| lt3825_Z function| lt3825__ function| lt3825_va function| lt3825_wa function| lt3825_xa function| lt3825_ya function| lt3825_0 function| lt3825_za function| lt3825_Aa function| lt3825_Ba function| lt3825_1 function| lt3825_Da function| lt3825_Ca function| lt3825_Ea function| lt3825_Fa function| lt3825_Ga function| lt3825_Ha function| lt3825_2 function| lt3825_3 function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_Oa function| lt3825_Pa function| lt3825_Qa function| lt3825_5 function| lt3825_6 function| lt3825_Ta function| lt3825_Ua function| lt3825_Sa function| lt3825_Ra function| lt3825_Wa function| lt3825_Va function| lt3825_Ya function| lt3825_Xa function| lt3825_7 function| lt3825_Za function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_2a function| lt3825_4a function| lt3825_7a function| lt3825_6a function| lt3825_3a function| lt3825_9a function| lt3825_5a function| lt3825_8a function| lt3825_ab function| lt3825_$a function| lt3825_bb function| lt3825_8 function| lt3825_cb function| lt3825_db function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_ib function| lt3825_kb function| lt3825_$ function| lt3825_jb function| lt3825_lb function| lt3825_9 object| x string| x1 string| x2 object| Tynt object| _33Across function| __uspapi12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| pre-crypto.com/ | Name: dtCookie Value: N32H09OQRIHJIBQE9S1O3P21S0G7916R |
|
| pre-crypto.com/ | Name: dtPC Value: 393619919_83h1 |
|
| .dtscout.com/ | Name: m Value: 1 |
|
| .dtscout.com/ | Name: b Value: 1 |
|
| .dtscout.com/ | Name: st Value: 1 |
|
| .dtscout.com/ | Name: oa Value: 1 |
|
| .dtscout.com/ | Name: df Value: 1631193631 |
|
| .dtscout.com/ | Name: l Value: 51A01631193631F71CD19A0E8012DAC2 |
|
| .pre-crypto.com/ | Name: __dtsu Value: 51A01631193631F71CD19A0E8012DAC2 |
|
| .onaudience.com/ | Name: cookie Value: 3ab2db1a41bfed01 |
|
| .onaudience.com/ | Name: done_redirects109 Value: 1 |
|
| .dtscdn.com/ | Name: uid Value: 51A01631193631F71CD19A0E8012DAC2 |
35 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bcp.crwdcntrl.net
cdn.tynt.com
de.tynt.com
get.s-onetag.com
ic.tynt.com
mybanking.credem.it
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel.onaudience.com
pre-crypto.com
secure.credem.it
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
waust.at
whos.amung.us
bcp.crwdcntrl.net
mybanking.credem.it
104.16.88.26
104.76.200.221
13.224.225.34
13.224.225.54
13.224.225.60
13.224.225.92
146.59.148.16
172.67.71.57
185.244.149.250
193.43.5.142
193.43.5.69
208.100.17.181
45.55.120.93
51.89.24.70
52.28.151.162
67.202.105.32
67.202.94.93
0676dcfb2d4f032411c43c0b7c19bf74f4b9df546eb97f48ac40e0242c2fa939
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
16091d212af38ba99013dc8878bf5108eae2aa4cccb4ebe56fb8f2ee381a06c3
17b9e7ba8a78c3ccf8d1dd0ae66477795e76da55b1e584908cb08e98844bd872
19bf5b3bf9c0fbdd6a33cb7b9f39398418970c53df6e14b9640df6d8e5249fa6
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
264ac6c8ffae3317da7fcf1aa2e20f2094122d147f02013784d586ea989e556f
33f099ad4de7d04563c96ea825d823433559ec4226734bde18c37b14ffffbced
4c5b5f431915533d389cc610b090b97b626d1cca8cbe6353d4dbf38691b36f25
522fa96ffcc6ddf559561fcb2e6e83e5b3a6fad7c7f699bbda2b12095137962d
57d8d94abd188adf480e0e17a09dd6cd47a62ab575fcd732943e71ae642987c4
5822b683d87e6dc6fdd331923f4f0a0b4a8b39f5e878de112e5c32934b6b0297
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
668a3daebec071332fe9f78d77e50a7127a98be6b4c5e1cf4a1d4df226be38eb
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
7430420c6a4a9e497a341b26fae45926c046b9d90bbd5cea2ee3c79e94cd105a
75fa29ed4b6018a614204ae97dba4c29991bd14eccd66189c4870d0449c7c939
7ccd055dd2a980811d37f796a8c7379facfb892ff03bf325406804be542c0730
7df90db04b5aa4871d2804f1cb692eb8ddcc3c2e3558a52203e69412b62c3cb4
84a091e667d733db8a2ed48cb5e63a1b01631a3c5b8194f6d79f5229856300a5
897771a44c9b626a5fb42d68aee1c46e3e23e4d1317fd3c91b9deb578ddec97a
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
b20d44183e01f5b1ed189fff1cb651c432eaaf2c19cc2265d64bc4f08388f52c
bd9343e493cd44c5213f0af31541550cfeaf0590f1f1998c0f1876c7746b4e43
cbea0d80270e8e7c0e428edba97d600088887df62f9b30ff4cd0df0aff1dd9e1
ce20ef9fb704354ca1ab44db425723582cc5e1cf0ae7c4b877f69784d32cfcb0
d0ddd35ebbc48c9618fb43642a11e731b3f638f3eebe9cad52e6aa4932652755
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
da28a2c9379c1f82d2f37624203d383762057f2cecc0f73eb1eff5a3de7305b9
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb9f4999fa2d5f41706a879a3b3c90e28f37646ecea12e431656c78b9fccfab4
f3779677ebcfc0ff1a4fbc94fd0494c97260eb4ebbf7cf060016d3986526a2da
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c