darksecdevelopers.github.io Open in urlscan Pro
185.199.110.153  Malicious Activity! Public Scan

URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Submission: On April 06 via api from CA

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 31 HTTP transactions. The main IP is 185.199.110.153, located in United States and belongs to FASTLY, US. The main domain is darksecdevelopers.github.io.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 27th 2018. Valid for: 2 years.
This is the only time darksecdevelopers.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Verizon (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 185.199.110.153 54113 (FASTLY)
15 68.232.35.163 15133 (EDGECAST)
3 2600:9000:215... 16509 (AMAZON-02)
2 2.18.232.23 16625 (AKAMAI-AS)
1 162.251.148.152 6461 (ZAYO-6461)
5 2606:2800:2ab... 14153 (EDGECAST-IR)
1 140.108.21.103 33052 (VZUNET)
1 2 34.249.192.36 16509 (AMAZON-02)
31 9
Domain Requested by
15 scache.vzw.com darksecdevelopers.github.io
5 www.verizon.com darksecdevelopers.github.io
3 gateway.answerscloud.com darksecdevelopers.github.io
gateway.answerscloud.com
2 verizoncorp.demdex.net 1 redirects darksecdevelopers.github.io
2 assets.adobedtm.com darksecdevelopers.github.io
assets.adobedtm.com
2 darksecdevelopers.github.io verizon.inq.com
1 collaborateext.verizon.com darksecdevelopers.github.io
1 verizon.inq.com darksecdevelopers.github.io
0 uem.vzw.com Failed scache.vzw.com
31 9

This site contains links to these domains. Also see Links.

Domain
www.verizon.com
www.verizonwireless.com
espanol.verizon.com
myverizonid.verizon.com
Subject Issuer Validity Valid
www.github.com
DigiCert SHA2 High Assurance Server CA
2018-06-27 -
2020-06-20
2 years crt.sh
www.vzw.com
DigiCert Baltimore CA-2 G2
2019-12-09 -
2021-12-13
2 years crt.sh
answerscloud.com
Amazon
2019-10-21 -
2020-11-21
a year crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA
2019-10-22 -
2021-10-01
2 years crt.sh
*.inq.com
GeoTrust RSA CA 2018
2019-10-30 -
2021-12-08
2 years crt.sh
www.verizon.com
DigiCert SHA2 Extended Validation Server CA
2020-03-16 -
2021-11-07
2 years crt.sh
collaborateext.verizon.com
DigiCert Baltimore CA-2 G2
2019-06-26 -
2021-06-29
2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh

This page contains 2 frames:

Primary Page: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Frame ID: ECF2B42E293F323ABA3090CE04FD146F
Requests: 30 HTTP requests in this frame

Frame: https://darksecdevelopers.github.io/inqChat.html?IFRAME
Frame ID: 88130ECACE04E0FCB1E2B43791538CD1
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i

Overall confidence: 100%
Detected patterns
  • script /bootstrap[.-]([\d.]*\d)[^/]*\.js/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

97 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

720 kB
Transfer

1913 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://verizoncorp.demdex.net/event?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData HTTP 302
  • https://verizoncorp.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
19 KB
6 KB
Document
General
Full URL
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
ae4d1c7f619a2092d4bece9b9d41f1798b9cf98795bec5fb98efe833506368e9
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:method
GET
:authority
darksecdevelopers.github.io
:scheme
https
:path
/HiddenEye/WebPages/verizon/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
server
GitHub.com
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31556952
last-modified
Sat, 04 Apr 2020 02:51:54 GMT
etag
W/"5e87f64a-4b1a"
access-control-allow-origin
*
expires
Sun, 05 Apr 2020 21:51:36 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
FEDC:5851:34080B:437574:5E8A508F
accept-ranges
bytes
date
Mon, 06 Apr 2020 00:07:36 GMT
via
1.1 varnish
age
0
x-served-by
cache-ams21066-AMS
x-cache
MISS
x-cache-hits
0
x-timer
S1586131656.128645,VS0,VE93
vary
Accept-Encoding
x-fastly-request-id
6e5ad4df50d24528d3316b2777aae2a33ebab814
content-length
5723
bootstrap-3.3.7.min.css
scache.vzw.com/am/css/
118 KB
19 KB
Stylesheet
General
Full URL
https://scache.vzw.com/am/css/bootstrap-3.3.7.min.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC8) /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 07:12:14 GMT
server
ECS (amb/6BC8)
age
63072
etag
"1d970-5e6b324e+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
19740
expires
Tue, 07 Apr 2020 00:07:36 GMT
less-space.css
scache.vzw.com/am/css/
20 KB
3 KB
Stylesheet
General
Full URL
https://scache.vzw.com/am/css/less-space.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB1) /
Resource Hash
d6fa67395861849e050da5ed40fc7b85cace91cfadb8a1f50e4237d1678bf8ed
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 07:12:14 GMT
server
ECS (amb/6BB1)
age
63072
etag
"4e0a-5e6b324e+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
2432
expires
Tue, 07 Apr 2020 00:07:36 GMT
style-2.0.css
scache.vzw.com/am/css/
33 KB
14 KB
Stylesheet
General
Full URL
https://scache.vzw.com/am/css/style-2.0.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7C) /
Resource Hash
eeadb0776b00b95ab33fc549d5529f115a5eb3ea2c70bfba7eb869d5ee2a70ba
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 07:12:14 GMT
server
ECS (amb/6B7C)
age
63072
etag
"8255-5e6b324e+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
14473
expires
Tue, 07 Apr 2020 00:07:36 GMT
globalnav-js.css
scache.vzw.com/globalnav/css/
83 KB
15 KB
Stylesheet
General
Full URL
https://scache.vzw.com/globalnav/css/globalnav-js.css?v=3
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8E) /
Resource Hash
6fef0470d1e56c3cc4bbb9040c22bd51410c08986a64ddafca19c1ca7a77336a
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Tue, 12 Jun 2018 02:13:42 GMT
server
ECS (amb/6B8E)
age
34595
etag
"14a5d-5b1f2c48+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
15366
expires
Tue, 07 Apr 2020 00:07:36 GMT
vzw_jquery19.js
scache.vzw.com/globalnav/scripts/
92 KB
33 KB
Script
General
Full URL
https://scache.vzw.com/globalnav/scripts/vzw_jquery19.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB8) /
Resource Hash
193e607c847e1acebd0f072aabf843ec1570b618dc9ccbc1621567215c3d1ac4
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2015 07:56:20 GMT
server
ECS (amb/6BB8)
age
39572
etag
"16fb5-55e7fd18+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
33324
expires
Tue, 07 Apr 2020 00:07:36 GMT
gnav.js
scache.vzw.com/globalnav/
152 KB
33 KB
Script
General
Full URL
https://scache.vzw.com/globalnav/gnav.js?v=3
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBA) /
Resource Hash
a53dc0914a956cacca623b0698a0e06d83e315a0e97439c943007ff2eb1ac900
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Mar 2019 08:32:34 GMT
server
ECS (amb/6BBA)
age
24833
etag
"26190-5c90a915+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
34025
expires
Tue, 07 Apr 2020 00:07:36 GMT
omnifooter.css
scache.vzw.com/globalnav/css/
23 KB
4 KB
Stylesheet
General
Full URL
https://scache.vzw.com/globalnav/css/omnifooter.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BAD) /
Resource Hash
e5f02a7f2e1dc57907fe087cbab3814df7dccc8fe7382dfe319b03739258ec7d
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2017 18:16:22 GMT
server
ECS (amb/6BAD)
age
60623
etag
"5a2b-58fa4c76+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
3709
expires
Tue, 07 Apr 2020 00:07:36 GMT
omnifooter.js
scache.vzw.com/globalnav/
10 KB
3 KB
Script
General
Full URL
https://scache.vzw.com/globalnav/omnifooter.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB9) /
Resource Hash
474b188d15887ed18709e11b531f12bd42b79b9e011263cba10020d68ccb5f71
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Wed, 09 May 2018 05:43:27 GMT
server
ECS (amb/6BB9)
age
24833
etag
"29b1-5af28a7f+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
2995
expires
Tue, 07 Apr 2020 00:07:36 GMT
gateway.min.js
gateway.answerscloud.com/verizonwireless/production/
83 KB
23 KB
Script
General
Full URL
https://gateway.answerscloud.com/verizonwireless/production/gateway.min.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:6400:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
00d73329eb01595a1fe9c6e8e48a44323b888182105e720046a603b9311faf95

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 22:31:28 GMT
content-encoding
gzip
age
5768
x-cache
Hit from cloudfront
p3p
CP="ok"
status
200, 200
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified
Wed, 02 Oct 2019 19:50:11 GMT
server
nginx/1.17.3
etag
W/"d51cbafe92124607c89795169a655312"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
X-Requested-With
x-amz-cf-id
8Ay2TwDoe6ayFO-MdF6qBEml_pKRXxTOhouFFe8gr5nb2GA56C08lw==
expires
Mon, 06 Apr 2020 02:31:28 GMT
bootstrap-3.3.7.min.js
scache.vzw.com/am/js/
36 KB
10 KB
Script
General
Full URL
https://scache.vzw.com/am/js/bootstrap-3.3.7.min.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA2) /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 07:12:14 GMT
server
ECS (amb/6BA2)
age
63072
etag
"90b5-5e6b324e+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
9832
expires
Tue, 07 Apr 2020 00:07:36 GMT
core.js
scache.vzw.com/am/js/
31 KB
5 KB
Script
General
Full URL
https://scache.vzw.com/am/js/core.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB4) /
Resource Hash
5a6de52ac4e8980ba336033113c87e83bb54ab6268cf4ab94726fa53be565103
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 07:12:14 GMT
server
ECS (amb/6BB4)
age
63072
etag
"7c7d-5e6b324e+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
5361
expires
Tue, 07 Apr 2020 00:07:36 GMT
satelliteLib-8df7d93db820b272138ecb04dbe4ed7f5023b893.js
assets.adobedtm.com/10d5272d092923c410feae744225087686012423/
364 KB
100 KB
Script
General
Full URL
https://assets.adobedtm.com/10d5272d092923c410feae744225087686012423/satelliteLib-8df7d93db820b272138ecb04dbe4ed7f5023b893.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8a883b02f89fff7e3a7353cffab76ec75c5b12464cc8c990e1d3e07d5bd0dfd4

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 14:06:47 GMT
server
AkamaiNetStorage
etag
"2a3603ee1d26d3e162b427713b064ab8:1585836407.272712"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Apr 2020 01:07:36 GMT
inqChatLaunch10004593.js
verizon.inq.com/chatskins/launch/
23 KB
7 KB
Script
General
Full URL
https://verizon.inq.com/chatskins/launch/inqChatLaunch10004593.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.251.148.152 El Segundo, United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
TouchCommerce Server /
Resource Hash
1550e57cdb093504ed3ca635a72acf722afba88a2a3ba6d78d7842c5e1e40a20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 03 Apr 2020 18:16:32 GMT
server
TouchCommerce Server
accept-language
bytes
etag
"GVoLKuKSqhy"
content-type
application/javascript
status
200
cache-control
no-cache
date
Mon, 06 Apr 2020 00:07:36 GMT
content-length
6805
x-xss-protection
1; mode=block
expires
Mon, 06 Apr 2020 01:07:36 GMT
commons.js
www.verizon.com/home/ak-cached/2h/javascript/
0
0
Script
General
Full URL
https://www.verizon.com/home/ak-cached/2h/javascript/commons.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:2ab:f9e6:1e84:1c75:ffb8:90cc , United States, ASN14153 (EDGECAST-IR, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
https://www.verizon.com
common.css
www.verizon.com/home/ak-cached/2h/styles/
0
0
Stylesheet
General
Full URL
https://www.verizon.com/home/ak-cached/2h/styles/common.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:2ab:f9e6:1e84:1c75:ffb8:90cc , United States, ASN14153 (EDGECAST-IR, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Access-Control-Allow-Origin
*
omnicode.js
www.verizon.com/includes/javascript/
185 KB
62 KB
Script
General
Full URL
https://www.verizon.com/includes/javascript/omnicode.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:2ab:f9e6:1e84:1c75:ffb8:90cc , United States, ASN14153 (EDGECAST-IR, US),
Reverse DNS
Software
ECD (fcz/0E88) /
Resource Hash
d08a4dd2727313dd694b3c57523e5edaf78cba526246d8d6a2f7bcbe239b8fbe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 00:07:36 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Apr 2020 09:52:49 GMT
Server
ECD (fcz/0E88)
Age
51287
X-frame-options
SAMEORIGIN
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript; charset=UTF-8
Cache-control
public,private,must-revalidate,max-age=3600
x-ec-geoHdr
country_code=DE,region_code=,city=,dma=-1,msa=-1,lat=51.0000,long=9.0000,zip=,continent=EU,timezone=
x-ec-fail
no-zip-code
Accept-Ranges
bytes
Content-Length
62563
Expires
Mon, 06 Apr 2020 01:07:36 GMT
vzlogo_lg.png
www.verizon.com/cs/groups/public/documents/adacct/
9 KB
9 KB
Image
General
Full URL
https://www.verizon.com/cs/groups/public/documents/adacct/vzlogo_lg.png
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:2ab:f9e6:1e84:1c75:ffb8:90cc , United States, ASN14153 (EDGECAST-IR, US),
Reverse DNS
Software
ECD (fcz/0E9F) / Servlet/2.5 JSP/2.1
Resource Hash
5cb0772a4426bc336524e001e8dca6180c969565e1f3d71fde110e220d4dc354
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 00:07:36 GMT
Last-Modified
Fri, 13 Sep 2019 12:53:04 GMT
Server
ECD (fcz/0E9F)
Age
57001
X-Powered-By
Servlet/2.5 JSP/2.1
X-frame-options
SAMEORIGIN
X-Cache
HIT
Content-Type
image/png
X-ORACLE-DMS-ECID
474572fcd8b0b886:698fa333:170e7d1caec:-8000-00000000001b0f5d
Cache-control
public,private,must-revalidate,max-age=3600
x-ec-geoHdr
country_code=DE,region_code=,city=,dma=-1,msa=-1,lat=51.0000,long=9.0000,zip=,continent=EU,timezone=
x-ec-fail
no-zip-code
Accept-Ranges
bytes
Content-Length
8949
Expires
Mon, 06 Apr 2020 01:07:36 GMT
autosuggest.js
scache.vzw.com/search/staticContent/dist/js/
134 KB
47 KB
Script
General
Full URL
https://scache.vzw.com/search/staticContent/dist/js/autosuggest.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B76) /
Resource Hash
898c811f2afdbfe4e2436167a5cbde1d368a896c3043ce35a2b1c6856d3523c4
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Fri, 24 Aug 2018 12:02:58 GMT
server
ECS (amb/6B76)
age
63072
etag
"2168f-5b7ff3f2+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
47903
expires
Tue, 07 Apr 2020 00:07:36 GMT
gtagb-uem.js
scache.vzw.com/am/includes/
42 KB
17 KB
Script
General
Full URL
https://scache.vzw.com/am/includes/gtagb-uem.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B94) /
Resource Hash
a73461b29b02c29b288b013078b6843158fd5bf30317c31c7e6692a34ae1fed0
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 07:12:14 GMT
server
ECS (amb/6B94)
age
3039
etag
"a70a-5e6b324e+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
17384
expires
Tue, 07 Apr 2020 00:07:36 GMT
vztc.js
collaborateext.verizon.com/comm/includes/scripts/
144 KB
144 KB
Script
General
Full URL
https://collaborateext.verizon.com/comm/includes/scripts/vztc.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.108.21.103 , United States, ASN33052 (VZUNET, US),
Reverse DNS
Software
/
Resource Hash
0bbc80827edde7bca095006dd267cefecb4342892bc7f81bbacdc4289821038f

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 00:07:36 GMT
Last-modified
Wed, 25 Mar 2020 15:17:41 GMT
Accept-ranges
bytes
Content-length
146962
Content-type
application/x-javascript
mbox-contents-38b8f99ca10f023c55557c0e31691691b2737750.js
assets.adobedtm.com/10d5272d092923c410feae744225087686012423/
96 KB
33 KB
Script
General
Full URL
https://assets.adobedtm.com/10d5272d092923c410feae744225087686012423/mbox-contents-38b8f99ca10f023c55557c0e31691691b2737750.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/10d5272d092923c410feae744225087686012423/satelliteLib-8df7d93db820b272138ecb04dbe4ed7f5023b893.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bd5f98bef389d790ef967872f6c8652cac2d130c41c6ba63adc44d9a28ccf4ba

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 00:07:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 14:06:48 GMT
server
AkamaiNetStorage
etag
"1e8e1736f3283bd00fd51b07142e3e44:1585836408.162944"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
32954
expires
Mon, 06 Apr 2020 01:07:36 GMT
firstevent
verizoncorp.demdex.net/
Redirect Chain
  • https://verizoncorp.demdex.net/event?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData
  • https://verizoncorp.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData
125 B
1 KB
Script
General
Full URL
https://verizoncorp.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.192.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-192-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
693147378fd860df2471f9fc777e6d4797373b202ec2386bc38cb6d1f404a15f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v064-064ae7a69.edge-irl1.demdex.com 5.66.0.20200310121811 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
auYXEiB/SMI=
Vary
Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
125
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
CtL5KVhsTSI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://verizoncorp.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
common.css
www.verizon.com/home/ak-cached/2h/styles/
0
0
Stylesheet
General
Full URL
https://www.verizon.com/home/ak-cached/2h/styles/common.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:2ab:f9e6:1e84:1c75:ffb8:90cc , United States, ASN14153 (EDGECAST-IR, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

tooltip.png
scache.vzw.com/am/images/
6 KB
6 KB
Image
General
Full URL
https://scache.vzw.com/am/images/tooltip.png
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB2) /
Resource Hash
afd720816fec9fb9f21ecd6ee741f83730f9c9ac3ca7b79d530df3f12f99ca9b
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://scache.vzw.com/am/css/style-2.0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 00:07:40 GMT
last-modified
Fri, 13 Mar 2020 07:12:14 GMT
server
ECS (amb/6BB2)
age
58143
etag
"16e9-5e6b324e"
strict-transport-security
max-age=157680000
x-cache
HIT
content-type
image/png; charset=utf-8
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5865
expires
Wed, 06 May 2020 00:07:40 GMT
NHaasGroteskDSW02-75Bd.woff2
scache.vzw.com/am/content/fonts/
42 KB
42 KB
Font
General
Full URL
https://scache.vzw.com/am/content/fonts/NHaasGroteskDSW02-75Bd.woff2
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
b1e45351cfa1020bfa509335485d0c6bae80acf2e91b63398dfe373958906dc5
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://scache.vzw.com/am/css/style-2.0.css
Origin
https://darksecdevelopers.github.io
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 00:07:40 GMT
last-modified
Fri, 13 Mar 2020 07:12:14 GMT
server
ECS (amb/6B74)
age
61105
etag
"a7d0-5e6b324e"
strict-transport-security
max-age=157680000
x-cache
HIT
content-type
application/font-woff2; charset=utf-8
status
200
accept-ranges
bytes
access-control-allow-origin
*
content-length
42960
NeueHaasGroteskText55Roman.woff
scache.vzw.com/am/content/fonts/
43 KB
44 KB
Font
General
Full URL
https://scache.vzw.com/am/content/fonts/NeueHaasGroteskText55Roman.woff
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B79) /
Resource Hash
1f689953c0c5d35f16fa360279c0197c46aa06c0e0b94f074cfcd9273a959197
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://scache.vzw.com/am/css/style-2.0.css
Origin
https://darksecdevelopers.github.io
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 00:07:40 GMT
last-modified
Fri, 13 Mar 2020 07:12:14 GMT
server
ECS (amb/6B79)
age
61105
etag
"ade7-5e6b324e"
strict-transport-security
max-age=157680000
x-cache
HIT
content-type
application/x-font-woff; charset=utf-8
status
200
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-origin
*
content-length
44519
expires
Wed, 06 May 2020 00:07:40 GMT
inqChat.html
darksecdevelopers.github.io/ Frame 8813
9 KB
5 KB
Document
General
Full URL
https://darksecdevelopers.github.io/inqChat.html?IFRAME
Requested by
Host: verizon.inq.com
URL: https://verizon.inq.com/chatskins/launch/inqChatLaunch10004593.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

:method
GET
:authority
darksecdevelopers.github.io
:scheme
https
:path
/inqChat.html?IFRAME
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dtPC=331660466_215h1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/

Response headers

status
404
server
GitHub.com
content-type
text/html; charset=utf-8
etag
W/"5cb0f185-239b"
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
x-github-request-id
33A8:1BD7:145EE:22B27:5E8A66EB
accept-ranges
bytes
date
Mon, 06 Apr 2020 00:07:40 GMT
via
1.1 varnish
age
3041
x-served-by
cache-ams21066-AMS
x-cache
HIT
x-cache-hits
1
x-timer
S1586131660.496417,VS0,VE0
vary
Accept-Encoding
x-fastly-request-id
f108fc1d87cdcfa24cda9ba65077158cb84b7e19
content-length
5142
fs.utils.js
gateway.answerscloud.com/code/19.6.1/
82 KB
25 KB
Script
General
Full URL
https://gateway.answerscloud.com/code/19.6.1/fs.utils.js
Requested by
Host: gateway.answerscloud.com
URL: https://gateway.answerscloud.com/verizonwireless/production/gateway.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:6400:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
43994445c2f8837cb58943f1e99159addedbff22d9602f7edbe0082f28dcb493

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 05:26:49 GMT
content-encoding
gzip
age
1622451
x-cache
Hit from cloudfront
p3p
CP="ok"
status
200, 200
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2018 21:09:27 GMT
server
nginx/1.17.3
etag
W/"0de477e141fd5a5359f7874c62e94cc6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
X-Requested-With
x-amz-cf-id
_vJikvBvgdiKGcVBjgXECEmXkuiMT0dstDJfgVI4MFhPeoKrXErEhg==
expires
Wed, 15 Apr 2020 05:26:49 GMT
fs.trigger.js
gateway.answerscloud.com/code/19.6.1/
31 KB
11 KB
Script
General
Full URL
https://gateway.answerscloud.com/code/19.6.1/fs.trigger.js
Requested by
Host: gateway.answerscloud.com
URL: https://gateway.answerscloud.com/verizonwireless/production/gateway.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:6400:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
720186a7882bc4ac1cae89eb53c3f779f4870683d084537d49bbc111390fe82f

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 22:37:26 GMT
content-encoding
gzip
age
2165414
x-cache
Hit from cloudfront
p3p
CP="ok"
status
200, 200
content-length
10438
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2018 21:09:27 GMT
server
nginx/1.17.3
etag
W/"bdf116cb1f83a2523293a1a76b75600e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
X-Requested-With
x-amz-cf-id
TDvdVnSXnly-TxUi2GbLLiOQUeX9ezGQ4kOASD_YYZy8wGu7ujM6ew==
expires
Wed, 08 Apr 2020 22:37:26 GMT
truncated
/ Frame 8813
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96937ccb0471a83a845aaea1aac9b2ffef5cb758a1490120072c9e533a5d4b23

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8813
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dcc8ac11af1ceaac65474436ecd474827fe643dbf82133ef41922a7012dcc9a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
dynaTraceMonitor
uem.vzw.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uem.vzw.com
URL
https://uem.vzw.com:8080/dynaTraceMonitor?dtCookie=null;dtLatC=null;referer=https%3A%2F%2Fdarksecdevelopers.github.io%2FHiddenEye%2FWebPages%2Fverizon%2F

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Verizon (Telecommunication)

438 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| vzw_gnjq undefined| $ function| jQuery undefined| gn_category undefined| cartStatus undefined| zipDisplay undefined| gnlin_gnLoadTimer undefined| gnlin_gnLoadCtr undefined| gnlin_gnWeatherTimer undefined| gnlin_scu undefined| gnlin_dbconfig undefined| gnlin_asu undefined| gnlin_usu string| gnlin_defRoleFileName string| gnlin_defMyBizRoleFileName string| gnlin_defLOutRoleFileName string| gnlin_curRoleFileName string| gnlin_roleFileName string| gnlin_roleCookieName string| gnlin_servicesCookieName string| gnlin_loggedinCookieName string| gnlin_oneBillCompCookieName string| gnlin_amIDCookieName string| gnlin_alltelCookieName string| gnlin_cartCookieName string| gnlin_greetingCookieName string| gnlin_oneVZ string| gnlin_greetingDefValue string| gnlin_zipCodeCookieName string| gnlin_cityCookieName string| gnlin_stateCookieName string| gnlin_wbCookieName string| gnlin_popLocCookieName string| gnlin_gnExpandCookieName string| gnlin_gnTxtCookieName string| gnlin_gnConfigCookieName string| gnlin_gnMyBizCookieName string| gnlin_gnMlsCookieName boolean| gnlin_isWOReady boolean| gnlin_debug string| gnlin_debugstr object| gnlin_Domain undefined| gnlin_uscTimer string| gnlin_uscTimeOutFlag undefined| gnlin_ascTimer string| gnlin_ascTimeOutFlag number| gnlin_ascTimeOut undefined| gnlin_htmlTimer number| gnlin_htmlTimeOut string| gnlin_htmlTimeOutFlag number| gnlin_gltxtTimeout undefined| gnlin_myac_server number| gnlin_wbcCacheTime number| gnlin_wtooltipZindex object| gnlin_oglobalNavIdZ object| gnlin_oglobalNavIdPos object| gnlin_forcedLogout object| gnlin_popLoc string| gnlin_gnServScrCallEnabled string| gnlin_searchDelay boolean| gnlin_searchDisable boolean| gnlin_chatDisable boolean| gnlin_searchSuggestSaveDisable boolean| gnlin_GN1_ht boolean| gnlin_GN2_ht boolean| gnlin_GN3_ht boolean| gnlin_GN4_ht string| gnlin_SearchEnabled string| gnlin_isSignInFormElClicked boolean| gnlin_overlay number| gnlin_gnOLoadCtr object| gnlin_signInOMsg object| gnlin_singInOSpec boolean| gnlin_responsiveGN string| gnlin_gnNotificationDisabled string| gnlin_glCfgServerUrl string| gnlin_gntypah boolean| gnlin_landingPageApiflag boolean| gnlin_accessManagerHeaderApiflag string| gnLoadMPScript object| gnlin_searchTerms string| gnlin_prevGNVersion string| gnlin_msoCookieName boolean| gnlin_myvzFixedSubMenuWrapper undefined| gnlin_cqc function| render function| launchGlobalNav object| signInDialog function| setGNZIndex function| updateMenuURL function| setGnCartCookie function| updateGnCartCount function| setTraybgColor function| setSliderView function| vgn_hbLink function| highlightMenu function| saveSearchSuggestResp function| populateSearchAutoCompleteInfo function| setCompOBCookie function| IE8_message function| gntopnotification_close undefined| bizmenu_highlight undefined| ie_ua undefined| ie_re undefined| ie_int string| IDToken1Val string| IDToken2Val object| signInGN object| vzgn object| MP object| vzgn_msoList object| vzgn_searchConf object| vzgn_chatConf object| vzgn_storageCartRetrival object| vzgn_r function| onf_hbLink object| App function| acsReady function| $j object| jQuery19104062429192065895 function| areCookiesEnabled function| disableBut object| Core object| Rule object| Message string| blackListFailed object| Validation string| fromVZTsession string| fromVZTparam string| fromVZT string| mode boolean| overlayAfterSubmit string| offerShortLivedPassword boolean| inOverlay boolean| inInline boolean| isOfferShortLivedPassword object| digitalData function| _acsDefine function| _fsDefine function| _acsRequire function| _fsRequire object| FSR object| FSFB function| _acsNormalizeUrl function| _fsNormalizeUrl function| _fsNormalizeAssetUrl function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| _sdi string| custType string| strXp1QS object| elmsXp1 object| elmXp1 object| arrXp1SSV undefined| arrXp1QS undefined| arrTemp object| arrPdcQs object| arrPdcQsTemp undefined| strName undefined| strValue object| targetGlobalSettings function| targetPageParamsAll function| parseUmbrellaAAMData function| sendAAMPixel object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate undefined| cookies undefined| cookie undefined| eqPos undefined| cookieName undefined| host undefined| url undefined| s undefined| params undefined| src undefined| href undefined| query undefined| qs function| getParentV3LanderConfig function| getOpenerV3LanderConfig function| getV3LanderConfigProperty object| v3LanderConfig object| v3Lander string| master_cookie_on string| scbType object| visitor string| currentDomain string| vzRetailHomeHost string| vziobiHost string| vzForums string| vzFiOSVoice string| vzMessageCenter string| vzSignIn string| vzMyVZ string| vzEntertainment string| vzFiOSTV string| vzSmallBiz string| vzRegistrationSEC string| vzShop boolean| vzCustomLt function| removeHttps function| scTrim function| scfObj function| scStrip string| strSCapp string| strSCappname string| strSCbizunit string| strSClineofbiz string| scLHR string| scLH string| scLP string| scLHRnogoto boolean| scIsPrd object| scPS string| sDom string| s_accountglob string| s_accountapp object| scURL boolean| strboolFound object| tmpArr object| arrURL string| s_account object| arSCValid object| arSAcc string| scbErrType string| scbErrAccount boolean| scBoolAccOK object| s_837 function| s_doPlugins object| s_YTO function| onYouTubePlayerReady function| s_YTp function| s_YTisa function| s_YTism function| s_YTgk function| onYouTubePlayerAPIReady function| s_YTdi function| s_YTei function| s_YTut function| s_YTdv function| s_YTv function| AppMeasurement_Module_Media function| AppMeasurement_Module_Integrate function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_AudienceManagement function| scPageView function| scLinkTrack function| scLinkTrackID string| scType number| j number| x number| s_objectID number| s_giq function| DIL boolean| residentialBusiness function| processJsonpResponse function| typeAheadJQ string| searchItem object| autoSuggest boolean| timerMark string| gomez_brumPagename string| bypassBrum string| bypassUEM undefined| gomez object| dT_ string| downloadSpeed string| uploadSpeed function| isChatInProgress function| isAgentChatInProgress function| isBotChatInProgress object| chatLib object| pendingCalls string| jsLibNameTC string| jsLibPathTC string| jsLibName string| jsLibPath string| jqLibName string| jqLibPath string| clientLogServletName string| clientLogServletPath string| inqSiteID object| tcData number| jscheckstatus object| tcHostConfig object| dotComHostConfig object| chatHostConfig function| getdotcomGlobalSessionId function| checkLoginStatus function| checkLoginStatusTC function| setCustomerInfo function| setExtraCustomerInfo object| inqSalesProducts object| inqSalesQuantities object| inqSalesPrices object| inqClientOrderNum object| inqSalesProductTypes object| inqOrderType object| totalAvailable object| inqOtherInfo function| chatOrderSubmissionDetails function| callChatOrderConf function| readTCCookieInfo function| verifyy function| reInit function| LaunchTCCustomEvent function| triggerMachineLearning function| triggerChatOnOfferDeclined function| launchChatOnOfferDeclined function| refreshTCChat function| reInitTestPage boolean| isInitDone function| reInitTCSubmitOrderDetails function| init function| getChatData function| stopTCSSOTimer function| stopTCSSOTimerRefresh function| startTCSSOTimer function| captureCustJourney function| createTCCookie function| deleteCookie function| createTCCookieTime object| session object| chatLaunchedListener object| chatClosedListener object| c2cDisplayed object| c2cClickedListener object| agentListener object| c2cStateChanged object| chatStatusListener object| saleLandingListener object| saleQualifiedListener function| sendCustomEventChat object| soldListener object| surveyLaunchListener object| chatEngagedListener object| InqRegistry function| firePendingCalls function| resetSiteCatParams function| getHost function| updateSalesQualificationDetails function| limitGetUrl function| setAgentInfo function| triggerTouchCommerce function| setTouchCommerceChatLibIfEnabled object| paramsMappingConfig object| tcParamsMap function| getTCParamName function| makeOneWayRequest function| makeAjaxRequest function| callSACData function| saveUserInfoDataTC function| getLogStatus function| updateLoginStatus function| logDetails object| chatEventListeners function| initializeJQuery function| loadJQueryIfNotAvailable function| loadTouchCommerceChatLib function| getHostTC function| getDotComHostTC function| initializeChatLib function| startTCEventListeners object| asappHostConfig object| asappHostURLConfig object| asappSSOIdConfig object| ssoCookieIdforASAPP object| encrCustIdforASAPP object| globalSessionIdforASAPP object| userInfoforASAPP boolean| loadASAPPComplete boolean| isSubAccount function| getHostASAPP function| getASAPPSSOId function| getHostASAPPURL boolean| ASAPPchatLibValue function| setASAPPChatLibIfEnabled function| isVendorChatInProgress function| loadASAPPChatLib number| chatIVRAttempt boolean| loadASAPPDefault function| reCheckIVRParam function| startASAPPListeners number| adobetargetLoadCount function| displayRAPChat function| checkAdobeTargetLoadCount function| decideAndLoadChatVendor number| countvztc function| displayChatBotVZTC function| enableChatVZTC function| receiveMessageVZTC function| disableChatOnSupportPages function| triggerASAPP_IVR function| triggerASAPP_SP function| triggerASAPP function| ASAPPSSOLoginWidget function| contextProviderHandler_IVR function| contextProviderHandler object| userInfoCookie object| ssoCookieIdIVR object| walletExists object| IVRrestriction string| uniquerandomId function| retrieveInfoASAPP function| getASAPPLogStatus function| makeASAPPAjaxRequest function| sendASAPPDataPass number| asappContactusTimer function| initiateChat function| launchASAPPContactusChat function| callASAPPCompensationFlow function| registerListenerEvents function| onASAPPChatLaunched function| onASAPPBotInteractive function| onASAPPAgentAssigned function| onASAPPAgentInteractive function| onASAPPChatClosed function| ASAPPcallSiteCatalyst function| launchChatForSpeedTestResults string| strDom string| strPath function| dtmGetQSnocase number| dtmCancelOmnicodeFn function| diyEventTag function| fsReady object| __fsJSONPCBr function| __fsJSONPCB function| __acsReady__ function| __fsReady__

1 Cookies

Domain/Path Name / Value
darksecdevelopers.github.io/ Name: dtPC
Value: 331660466_215h1

1 Console Messages

Source Level URL
Text
console-api warning URL: https://assets.adobedtm.com/10d5272d092923c410feae744225087686012423/mbox-contents-38b8f99ca10f023c55557c0e31691691b2737750.js(Line 176)
Message:
AT: [page-init] Adobe Target content delivery is disabled. Ensure that you can save cookies to your current domain, there is no "mboxDisable" cookie and there is no "mboxDisable" parameter in query string.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
collaborateext.verizon.com
darksecdevelopers.github.io
gateway.answerscloud.com
scache.vzw.com
uem.vzw.com
verizon.inq.com
verizoncorp.demdex.net
www.verizon.com
uem.vzw.com
140.108.21.103
162.251.148.152
185.199.110.153
2.18.232.23
2600:9000:2156:6400:1b:22c5:8c40:93a1
2606:2800:2ab:f9e6:1e84:1c75:ffb8:90cc
34.249.192.36
68.232.35.163
00d73329eb01595a1fe9c6e8e48a44323b888182105e720046a603b9311faf95
0bbc80827edde7bca095006dd267cefecb4342892bc7f81bbacdc4289821038f
0dcc8ac11af1ceaac65474436ecd474827fe643dbf82133ef41922a7012dcc9a
1550e57cdb093504ed3ca635a72acf722afba88a2a3ba6d78d7842c5e1e40a20
193e607c847e1acebd0f072aabf843ec1570b618dc9ccbc1621567215c3d1ac4
1f689953c0c5d35f16fa360279c0197c46aa06c0e0b94f074cfcd9273a959197
43994445c2f8837cb58943f1e99159addedbff22d9602f7edbe0082f28dcb493
474b188d15887ed18709e11b531f12bd42b79b9e011263cba10020d68ccb5f71
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a6de52ac4e8980ba336033113c87e83bb54ab6268cf4ab94726fa53be565103
5cb0772a4426bc336524e001e8dca6180c969565e1f3d71fde110e220d4dc354
693147378fd860df2471f9fc777e6d4797373b202ec2386bc38cb6d1f404a15f
6fef0470d1e56c3cc4bbb9040c22bd51410c08986a64ddafca19c1ca7a77336a
70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3
720186a7882bc4ac1cae89eb53c3f779f4870683d084537d49bbc111390fe82f
898c811f2afdbfe4e2436167a5cbde1d368a896c3043ce35a2b1c6856d3523c4
8a883b02f89fff7e3a7353cffab76ec75c5b12464cc8c990e1d3e07d5bd0dfd4
96937ccb0471a83a845aaea1aac9b2ffef5cb758a1490120072c9e533a5d4b23
a53dc0914a956cacca623b0698a0e06d83e315a0e97439c943007ff2eb1ac900
a73461b29b02c29b288b013078b6843158fd5bf30317c31c7e6692a34ae1fed0
ae4d1c7f619a2092d4bece9b9d41f1798b9cf98795bec5fb98efe833506368e9
afd720816fec9fb9f21ecd6ee741f83730f9c9ac3ca7b79d530df3f12f99ca9b
b1e45351cfa1020bfa509335485d0c6bae80acf2e91b63398dfe373958906dc5
bd5f98bef389d790ef967872f6c8652cac2d130c41c6ba63adc44d9a28ccf4ba
d08a4dd2727313dd694b3c57523e5edaf78cba526246d8d6a2f7bcbe239b8fbe
d6fa67395861849e050da5ed40fc7b85cace91cfadb8a1f50e4237d1678bf8ed
e5f02a7f2e1dc57907fe087cbab3814df7dccc8fe7382dfe319b03739258ec7d
eeadb0776b00b95ab33fc549d5529f115a5eb3ea2c70bfba7eb869d5ee2a70ba
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c