urlscan.io logo urlscan.io
SecurityTrails logo

runelie.net Open in urlscan Pro
45.61.136.109  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://runelie.net/
Submission: On April 06 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 29 HTTP transactions. The main IP is 45.61.136.109, located in Los Angeles, United States and belongs to BLNWX, US. The main domain is runelie.net.
This is the only time runelie.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

IP Address AS Autonomous System
20 45.61.136.109 399629 (BLNWX)
8 62.181.151.235 15790 (FINANZINF...)
1 62.181.151.19 15790 (FINANZINF...)
29 4
Apex Domain
Subdomains		 Transfer
20 runelie.net
runelie.net
3 MB
9 berliner-sparkasse.de
www.berliner-sparkasse.de — Cisco Umbrella Rank: 373272
module.berliner-sparkasse.de — Cisco Umbrella Rank: 593140
746 KB
29 2
Domain Requested by
20 runelie.net runelie.net
8 www.berliner-sparkasse.de runelie.net
1 module.berliner-sparkasse.de runelie.net
29 3
Subject Issuer Validity Valid
www.berliner-sparkasse.de
QuoVadis Europe EV SSL CA G1		 2021-07-06 -
2022-07-01		 a year crt.sh
module.berliner-sparkasse.de
QuoVadis Europe EV SSL CA G1		 2021-07-07 -
2022-07-01		 a year crt.sh

This page contains 1 frames:

Primary Page: http://runelie.net/
Frame ID: 5A2F0716376405EC2B6DE71D2446B13A
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Internet-Filiale - Berliner Sparkasse

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*parbase
  • /etc/clientlibs/

Page Statistics

29
Requests

31 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

4104 kB
Transfer

4146 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
runelie.net/ 		64 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c016ca9bd3f6c9421dbf69dc4c84b69f391259389cf43fe741effbf30526936e

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 06 Apr 2022 13:25:50 GMT
ETag
W/"62489e54-101d4"
Last-Modified
Sat, 02 Apr 2022 19:04:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
runelie.net/etc/clientlibs/myif/master/base/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4ee8c165fb61504359d2c40e08ecdb8486cb2bd1f1c92744f7ed22b35fca5ba5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:50 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:20 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62474084-1644d8"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1459416
internetfiliale.min.0d513efcfee47388aae9120e70bf28ef.js
runelie.net/etc/clientlibs/myif/master/base/ 		428 KB
428 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.0d513efcfee47388aae9120e70bf28ef.js
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e5ac8e759fa4c223873b7994ffca0738022b38286d017b30e8c731931b1f0f0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:50 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:20 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62474084-6af83"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438147
spk-logo-desktop.png
runelie.net/content/dam/myif/berliner-sk/work/bilder/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://runelie.net/content/dam/myif/berliner-sk/work/bilder/logos/spk-logo-desktop.png
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1a507891e1673fb220bf22079e66bf62bba550a0805f488f19794a651d580298

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-635"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1589
spk-logo-mobile.png
runelie.net/content/dam/myif/berliner-sk/work/bilder/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://runelie.net/content/dam/myif/berliner-sk/work/bilder/logos/spk-logo-mobile.png
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6307e650c6cd51633ef2e9d9528ef4a163d3b9432f7d5ceb3e7fd2c61fe5a95f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-7d3"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2003
spk-logo-druck.png
runelie.net/content/dam/myif/berliner-sk/work/bilder/logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://runelie.net/content/dam/myif/berliner-sk/work/bilder/logos/spk-logo-druck.png
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
92a47005456ffc3265cfb02b76cfb77edf109347cd59ef3c755aec4ffd4e8e85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-18d5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6357
1647515015852.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_c0e3/teaserref1.epimgref.jpg/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.berliner-sparkasse.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_c0e3/teaserref1.epimgref.jpg/1647515015852.jpg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.181.151.235 Neuss, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE),
Reverse DNS
Software
/
Resource Hash
e3796adb8ea41080c93c80f54c3a4cc306c460929275d96c0892cf78d329bbcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 06 Apr 2022 11:43:58 GMT
X-Frame-Options
DENY
ETag
"6748-5dbfae08365d0"
Vary
User-Agent
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=15, max=100
Content-Length
26440
X-UA-Compatible
IE=edge
1647514868424.png
www.berliner-sparkasse.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_c0e3/teaserref2.epimgref.png/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.berliner-sparkasse.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_c0e3/teaserref2.epimgref.png/1647514868424.png
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.181.151.235 Neuss, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE),
Reverse DNS
Software
/
Resource Hash
4d3ffb3a2f8f02f61ec05d699c232ef210212bec6b835bb0f424b203f4cf047f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 06 Apr 2022 11:58:49 GMT
X-Frame-Options
DENY
ETag
"f11e-5dbfb1598a270"
Vary
User-Agent
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=15, max=100
Content-Length
61726
X-UA-Compatible
IE=edge
1647937496873.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_c0e3/teaserref3.epimgref.jpg/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.berliner-sparkasse.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_c0e3/teaserref3.epimgref.jpg/1647937496873.jpg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.181.151.235 Neuss, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE),
Reverse DNS
Software
/
Resource Hash
9fc079f008c549dc77a0f98417359484d8e6bc9c978bfbff1d22ce6fa032b43d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 06 Apr 2022 11:47:59 GMT
X-Frame-Options
DENY
ETag
"3311-5dbfaeedee02f"
Vary
User-Agent
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=15, max=100
Content-Length
13073
X-UA-Compatible
IE=edge
1593680801301.jpg
runelie.net/content/myif/berliner-sk/work/filiale/de/home/_jcr_content/homepagearea/parsys/imagebox12_a17a/image.img.jpg/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://runelie.net/content/myif/berliner-sk/work/filiale/de/home/_jcr_content/homepagearea/parsys/imagebox12_a17a/image.img.jpg/1593680801301.jpg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cd3c85f5d4d13734160b83bc759dac23bfd35b1cbf5092fc36515105e9321712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-8868"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34920
1593680857084.jpg
runelie.net/content/myif/berliner-sk/work/filiale/de/home/_jcr_content/homepagearea/parsys/imagebox12_f7b8/image.img.jpg/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://runelie.net/content/myif/berliner-sk/work/filiale/de/home/_jcr_content/homepagearea/parsys/imagebox12_f7b8/image.img.jpg/1593680857084.jpg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b3c3d5760bc1dde176b5e85d09ad1acc0d6236f184919340dfb1a14e3a544eb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-e8fe"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59646
wp_kursleiste.js
runelie.net/etc/clientlibs/myif/berliner-sk/sfp/wp_kursleiste/js/ 		175 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://runelie.net/etc/clientlibs/myif/berliner-sk/sfp/wp_kursleiste/js/wp_kursleiste.js
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2c8ad4232288d4f239a40a93ea9b12ee9357b82154a3f1c2acb5437162ae274b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-2bbfc"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
179196
chatbot_linda_link.min.9bfc6871279a843ee09c7d56edc23da4.js
runelie.net/etc/clientlibs/myif/berliner-sk/sfp/ 		486 KB
486 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://runelie.net/etc/clientlibs/myif/berliner-sk/sfp/chatbot_linda_link.min.9bfc6871279a843ee09c7d56edc23da4.js
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ba8f72b8dc32be40379fddb8b5f3eace9e3d556d4496b1be7922371f99d5826f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:23 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62474087-79623"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
497187
1645722457672.png
runelie.net/content/myif/berliner-sk/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_547e/image.img.png/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://runelie.net/content/myif/berliner-sk/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_547e/image.img.png/1645722457672.png
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
25f042d00f4ce4bcff027d7b7e5c3874e48de1393b3c6172f4775b4ced48c3bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-28e7e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
167550
1645722367798.png
runelie.net/content/myif/berliner-sk/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_69a9/image.img.png/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://runelie.net/content/myif/berliner-sk/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_69a9/image.img.png/1645722367798.png
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d86fa09a2f9764c54486f84bb248963c9f074897cc923b794dbad6c661ddff10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-14aa2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84642
1645722435706.png
runelie.net/content/myif/berliner-sk/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award/image.img.png/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://runelie.net/content/myif/berliner-sk/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award/image.img.png/1645722435706.png
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ca7790436b9e9c5b04c082370a2c14ea074233b00056c855a741150ea3b7c648

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-2632f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
156463
tdg
module.berliner-sparkasse.de/if/services/ 		45 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://module.berliner-sparkasse.de/if/services/tdg?hs=e191dc2ba2c9da8ebb3b4c1773caa7e9bb995e9bb13766784bdc090205378204
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.181.151.19 Neuss, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE),
Reverse DNS
Software
/
Resource Hash
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
P3P
CP="{}"
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control
no-store, no-cache=set-cookie
Connection
Keep-Alive
Content-Type
image/gif
Vary
User-Agent
Content-Length
45
Keep-Alive
timeout=15, max=100
X-UA-Compatible
IE=edge
universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js
runelie.net/etc/clientlibs/myif/berliner-sk/sfp/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://runelie.net/etc/clientlibs/myif/berliner-sk/sfp/universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bb484da47d90cf16f6bf52d630db276f794f5c7f300abed00c0e82d46881bbf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:23 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62474087-1350a"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79114
Sparkasse_web_Rg.woff
runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Rg.woff
Requested by
Host: runelie.net
URL: http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Request headers

Referer
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
Origin
http://runelie.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-a200"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41472
pictos-if.woff
runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/ 		139 KB
140 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/pictos-if.woff
Requested by
Host: runelie.net
URL: http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
84798913afc7420e1087ff7c0a0c5b39937ddd430b67bf96561ffbaed9e77b14

Request headers

Referer
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
Origin
http://runelie.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-22d74"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142708
Sparkasse_web_Bd.woff
runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Bd.woff
Requested by
Host: runelie.net
URL: http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002

Request headers

Referer
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
Origin
http://runelie.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-901c"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36892
SparkasseHead_web_Rg.woff
runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/SparkasseHead_web_Rg.woff
Requested by
Host: runelie.net
URL: http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86

Request headers

Referer
http://runelie.net/etc/clientlibs/myif/master/base/internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
Origin
http://runelie.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Last-Modified
Fri, 01 Apr 2022 18:12:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6247407c-7550"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30032
kursleiste
runelie.net/content/myif/berliner-sk/work/filiale/de/home/misc/vps/gate/_jcr_content.bin/wp_infos/ 		564 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://runelie.net/content/myif/berliner-sk/work/filiale/de/home/misc/vps/gate/_jcr_content.bin/wp_infos/kursleiste?INST_ID=0004093&mobile=0
Requested by
Host: runelie.net
URL: http://runelie.net/etc/clientlibs/myif/berliner-sk/sfp/wp_kursleiste/js/wp_kursleiste.js
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Accept
application/json
Referer
http://runelie.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 06 Apr 2022 13:25:51 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b84750cc5a395288fcfd0cf42e3a60d6135e2f14db83fce05e97e5abacc2f9b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
linda.svg
runelie.net/etc/clientlibs/myif/berliner-sk/sfp/chatbot_linda_link/images/ 		564 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://runelie.net/etc/clientlibs/myif/berliner-sk/sfp/chatbot_linda_link/images/linda.svg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Server
45.61.136.109 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
1645793693509.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref1.epimgref.res1920.jpg/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref1.epimgref.res1920.jpg/1645793693509.jpg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.181.151.235 Neuss, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE),
Reverse DNS
Software
/
Resource Hash
ed5eca6b5379ae8ab86f231978a0de040c24604a6bb4822f88a190d16ed41f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 06 Apr 2022 12:41:45 GMT
X-Frame-Options
DENY
ETag
"1f758-5dbfbaf214c89"
Vary
User-Agent
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=15, max=100
Content-Length
128856
X-UA-Compatible
IE=edge
1646396395773.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref2.epimgref.res1920.jpg/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref2.epimgref.res1920.jpg/1646396395773.jpg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.181.151.235 Neuss, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE),
Reverse DNS
Software
/
Resource Hash
605f2c9da07ec25f302dc9094c17557b90e7b1ddf900e9895a24524c2abd8b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 06 Apr 2022 12:53:19 GMT
X-Frame-Options
DENY
ETag
"15783-5dbfbd88c34c7"
Vary
User-Agent
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=15, max=100
Content-Length
87939
X-UA-Compatible
IE=edge
1647010338755.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref3.epimgref.res1920.jpg/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref3.epimgref.res1920.jpg/1647010338755.jpg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.181.151.235 Neuss, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE),
Reverse DNS
Software
/
Resource Hash
6057133b0dee90dced2e0c69b179c803617aa93776aadaf3b9a139b2c4318136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 06 Apr 2022 12:03:04 GMT
X-Frame-Options
DENY
ETag
"2998a-5dbfb24ca3c49"
Vary
User-Agent
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=15, max=100
Content-Length
170378
X-UA-Compatible
IE=edge
1647937519359.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref4.epimgref.res1920.jpg/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref4.epimgref.res1920.jpg/1647937519359.jpg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.181.151.235 Neuss, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE),
Reverse DNS
Software
/
Resource Hash
da963d7fddc419a437fbb155582d6ede79f6046c6f62608ea8106398c3035c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 06 Apr 2022 13:17:23 GMT
X-Frame-Options
DENY
ETag
"a888-5dbfc2e9dc040"
Vary
User-Agent
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=15, max=100
Content-Length
43144
X-UA-Compatible
IE=edge
1647010626353.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref5.epimgref.res1920.jpg/ 		220 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref5.epimgref.res1920.jpg/1647010626353.jpg
Requested by
Host: runelie.net
URL: http://runelie.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.181.151.235 Neuss, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE),
Reverse DNS
Software
/
Resource Hash
869c970c5fe68f73ff9ec79fffe6449049e9ea32e07ffebdae75b8694e0182f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://runelie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 13:25:52 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 06 Apr 2022 11:43:57 GMT
X-Frame-Options
DENY
ETag
"3713c-5dbfae079106f"
Vary
User-Agent
P3P
CP="{}"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=15, max=100
Content-Length
225596
X-UA-Compatible
IE=edge

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| IF6 function| getQueryParamValue string| IF6_lightbox_closeicon_text function| overlayShow function| overlayClose function| focusBankingFormularElement function| toggleClassInRows function| SLURI function| moveBContent object| ifLoginHeaderTimer function| refreshClientTimeout function| refreshServerTimeout undefined| startCountdownLayer function| showCountdownLayer function| updateHeaderLoginIfPresent function| tick function| setSessionTimeout function| countdownShow function| callBreakHtml object| nbfDatePicker object| nbfTanInput function| selectListBoxItem function| editTeaserRef function| pagenav_statistics_send function| pagenav_statistics function| pagenav_scroll function| pagenav_scroll_window function| $ function| jQuery object| myif object| IF object| elements object| Kursleiste object| chatbot_linda_link object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill boolean| bcarouselAttached

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: http://runelie.net/content/myif/berliner-sk/work/filiale/de/home/misc/vps/gate/_jcr_content.bin/wp_infos/kursleiste?INST_ID=0004093&mobile=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://runelie.net/etc/clientlibs/myif/berliner-sk/sfp/chatbot_linda_link/images/linda.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

module.berliner-sparkasse.de
runelie.net
www.berliner-sparkasse.de
45.61.136.109
62.181.151.19
62.181.151.235
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
1a507891e1673fb220bf22079e66bf62bba550a0805f488f19794a651d580298
25f042d00f4ce4bcff027d7b7e5c3874e48de1393b3c6172f4775b4ced48c3bc
2c8ad4232288d4f239a40a93ea9b12ee9357b82154a3f1c2acb5437162ae274b
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
4d3ffb3a2f8f02f61ec05d699c232ef210212bec6b835bb0f424b203f4cf047f
4ee8c165fb61504359d2c40e08ecdb8486cb2bd1f1c92744f7ed22b35fca5ba5
6057133b0dee90dced2e0c69b179c803617aa93776aadaf3b9a139b2c4318136
605f2c9da07ec25f302dc9094c17557b90e7b1ddf900e9895a24524c2abd8b35
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
6307e650c6cd51633ef2e9d9528ef4a163d3b9432f7d5ceb3e7fd2c61fe5a95f
84798913afc7420e1087ff7c0a0c5b39937ddd430b67bf96561ffbaed9e77b14
869c970c5fe68f73ff9ec79fffe6449049e9ea32e07ffebdae75b8694e0182f3
92a47005456ffc3265cfb02b76cfb77edf109347cd59ef3c755aec4ffd4e8e85
9fc079f008c549dc77a0f98417359484d8e6bc9c978bfbff1d22ce6fa032b43d
b3c3d5760bc1dde176b5e85d09ad1acc0d6236f184919340dfb1a14e3a544eb6
b84750cc5a395288fcfd0cf42e3a60d6135e2f14db83fce05e97e5abacc2f9b4
ba8f72b8dc32be40379fddb8b5f3eace9e3d556d4496b1be7922371f99d5826f
bb484da47d90cf16f6bf52d630db276f794f5c7f300abed00c0e82d46881bbf3
c016ca9bd3f6c9421dbf69dc4c84b69f391259389cf43fe741effbf30526936e
ca7790436b9e9c5b04c082370a2c14ea074233b00056c855a741150ea3b7c648
cd3c85f5d4d13734160b83bc759dac23bfd35b1cbf5092fc36515105e9321712
d86fa09a2f9764c54486f84bb248963c9f074897cc923b794dbad6c661ddff10
da963d7fddc419a437fbb155582d6ede79f6046c6f62608ea8106398c3035c91
e3796adb8ea41080c93c80f54c3a4cc306c460929275d96c0892cf78d329bbcd
e5ac8e759fa4c223873b7994ffca0738022b38286d017b30e8c731931b1f0f0d
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86
ed5eca6b5379ae8ab86f231978a0de040c24604a6bb4822f88a190d16ed41f08