urlscan.io logo urlscan.io
SecurityTrails logo

apps.pubsvs.com Open in urlscan Pro
192.135.136.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin.oxfordclub.com.eu2.cas.ms/
Effective URL: https://apps.pubsvs.com/ErrorPage404.html
Submission Tags: _artro_malware
Submission: On October 12 via api from JP — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 22 HTTP transactions. The main IP is 192.135.136.153, located in United States and belongs to 14WEST-AS, US. The main domain is apps.pubsvs.com.
TLS certificate: Issued by R3 on September 19th 2022. Valid for: 3 months.
This is the only time apps.pubsvs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.157.233.49 8075 (MICROSOFT...)
3 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
2 2 192.135.136.168 11372 (14WEST-AS)
12 192.135.136.153 11372 (14WEST-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
22 5
1    52.157.233.49 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
admin.oxfordclub.com.eu2.cas.ms
3    2a02:26f0:e300::211:9328 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net
2    192.135.136.168 (United States)

ASN11372 (14WEST-AS, US)
admin.oxfordclub.com
12    192.135.136.153 (United States)

ASN11372 (14WEST-AS, US)
apps.pubsvs.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
12 pubsvs.com
apps.pubsvs.com
410 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
40 KB
3 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 79854
44 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
87 KB
2 oxfordclub.com
admin.oxfordclub.com
725 B
1 cas.ms
admin.oxfordclub.com.eu2.cas.ms
893 B
22 6
Domain Requested by
12 apps.pubsvs.com apps.pubsvs.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
apps.pubsvs.com
3 mcasproxy.azureedge.net admin.oxfordclub.com.eu2.cas.ms
mcasproxy.azureedge.net
2 www.googletagmanager.com apps.pubsvs.com
2 admin.oxfordclub.com 2 redirects
1 admin.oxfordclub.com.eu2.cas.ms
22 6

This site contains no links.

Subject Issuer Validity Valid
*.mcas.ms
Microsoft Azure TLS Issuing CA 02		 2022-08-13 -
2023-08-08		 a year crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 01		 2022-07-27 -
2023-07-22		 a year crt.sh
iris.pubsvs.com
R3		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://apps.pubsvs.com/ErrorPage404.html
Frame ID: B4BDE561CC402C1D7D87CE3CBBA85AB8
Requests: 20 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.22.31/html/session-context-restore.html
Frame ID: 854E7BF94DB741CBBED01680CD0BBFC8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 - Not found error

Page URL History Show full URLs

  1. https://admin.oxfordclub.com.eu2.cas.ms/ Page URL
  2. https://admin.oxfordclub.com/ HTTP 302
    https://admin.oxfordclub.com/login HTTP 302
    https://apps.pubsvs.com/login/oc/login Page URL
  3. https://apps.pubsvs.com/ErrorPage404.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

581 kB
Transfer

1251 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin.oxfordclub.com.eu2.cas.ms/ Page URL
  2. https://admin.oxfordclub.com/ HTTP 302
    https://admin.oxfordclub.com/login HTTP 302
    https://apps.pubsvs.com/login/oc/login Page URL
  3. https://apps.pubsvs.com/ErrorPage404.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://admin.oxfordclub.com/ HTTP 302
  • https://admin.oxfordclub.com/login HTTP 302
  • https://apps.pubsvs.com/login/oc/login

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
admin.oxfordclub.com.eu2.cas.ms/ 		1 KB
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.oxfordclub.com.eu2.cas.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.157.233.49 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
a9833946baeafbc58013001b2afbd2cbc2fbf608dc5b0c9110d54824c139deca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 12 Oct 2022 17:26:56 GMT
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
server
openresty
strict-transport-security
max-age=31536000
x-mcas-cache-status
MISS
x-mcas-processing-time
2
x-mcas-request-id
973cc35636032adad032f62fd2698022
x-mcas-upstream-time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.22.31/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.22.31/js/session-context-store-helper.min.js
Requested by
Host: admin.oxfordclub.com.eu2.cas.ms
URL: https://admin.oxfordclub.com.eu2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c4b31737c5fe64db34abea57a13239f3439ba864b7b3831b4872b58e0c6d5fd3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://admin.oxfordclub.com.eu2.cas.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 17:26:56 GMT
last-modified
Mon, 19 Sep 2022 08:26:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Qh6Fmc0rxdbvbMqaLfAfTQ==
etag
0x8DA9A18AF397917
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e3c3226f-e01e-0060-52b6-d38a09000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30363711
x-ms-version
2009-09-19
content-length
4826
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.22.31/html/ Frame 854E 		209 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.22.31/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.22.31/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer
https://admin.oxfordclub.com.eu2.cas.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30355602
content-length
209
content-md5
xcQ/+x+i42xZPwR88wJc4A==
content-type
text/html
date
Wed, 12 Oct 2022 17:26:56 GMT
etag
0x8DA9A18AC8121AD
last-modified
Mon, 19 Sep 2022 08:26:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
debbfd8a-001e-0025-43a3-d35798000000
x-ms-version
2009-09-19
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.22.31/js/ Frame 854E 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.22.31/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.22.31/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
68839f7ff6729a90f2e1b9df9468a7bfdedfe247002ff39d56ff94bc829e7a70

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.22.31/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 17:26:56 GMT
last-modified
Mon, 19 Sep 2022 08:26:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
KzxKIFELRJDk/nXzWazXbg==
etag
0x8DA9A18AF628189
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e3c3275e-e01e-0060-06b6-d38a09000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30363676
x-ms-version
2009-09-19
content-length
38693
login
apps.pubsvs.com/login/oc/
Redirect Chain
  • https://admin.oxfordclub.com/?
  • https://admin.oxfordclub.com/login
  • https://apps.pubsvs.com/login/oc/login
951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.pubsvs.com/login/oc/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
309b6ed794579b7edf2417769c51556a61890acabbb090c1c2e1c1392580b83d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://admin.oxfordclub.com.eu2.cas.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Length
712
Content-Type
text/html
Date
Wed, 12 Oct 2022 17:26:57 GMT
ETag
"633a186b168ed51:0"
Last-Modified
Tue, 29 Oct 2019 05:05:01 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=63072000; includeSubDomains
TYPE
4
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Content-Length
161
Content-Type
text/html; charset=UTF-8
Date
Wed, 12 Oct 2022 17:26:56 GMT
Location
https://apps.pubsvs.com/login/oc/login
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Powered-By
ASP.NET
app-login.fcaf9386b531dd876cdf.css
apps.pubsvs.com/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.pubsvs.com/app-login.fcaf9386b531dd876cdf.css
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/login/oc/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb73fe56c37b89e9534f16ec2880261602eb657a2858a2dce8f17bed3f49a3be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/login/oc/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 12 Mar 2019 07:58:18 GMT
Server
Microsoft-IIS/10.0
ETag
"9f4ef85aa9d8d41:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
TYPE
4
Content-Length
1957
runtime-login.7d855ca36019e7383c5a.js
apps.pubsvs.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.pubsvs.com/runtime-login.7d855ca36019e7383c5a.js
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/login/oc/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6966658081a1826dc30d9f9f709f87a71b0492303f1d4b0b5cbcabf887420be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/login/oc/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 29 Oct 2019 05:05:01 GMT
Server
Microsoft-IIS/10.0
ETag
"5b13186b168ed51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
TYPE
4
Content-Length
928
vendor-login.7d855ca36019e7383c5a.js
apps.pubsvs.com/ 		643 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.pubsvs.com/vendor-login.7d855ca36019e7383c5a.js
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/login/oc/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fdaf2a08a30c208a5f34fc9c0946c29979d6f1678ae33b7e1476fb9e16ed9ee8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/login/oc/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 29 Oct 2019 05:05:01 GMT
Server
Microsoft-IIS/10.0
ETag
"5b13186b168ed51:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
TYPE
4
app-login.7d855ca36019e7383c5a.js
apps.pubsvs.com/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.pubsvs.com/app-login.7d855ca36019e7383c5a.js
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/login/oc/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
594f4f34689a193c95f42723a21964938533f9c28dd9c24d513d8be68f3c5e3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/login/oc/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 29 Oct 2019 05:05:01 GMT
Server
Microsoft-IIS/10.0
ETag
"5b13186b168ed51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
TYPE
4
Content-Length
22039
gtm.js
www.googletagmanager.com/ 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5C952S8
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/login/oc/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b5b10bb8052a3cedde3049f735010f01ac2d44863d6035f711c957f1e19cb192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:26:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 16:11:09 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Oct 2022 17:26:57 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C952S8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 17:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
660
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 12 Oct 2022 19:15:57 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1397383009&t=pageview&_s=1&dl=https%3A%2F%2Fapps.pubsvs.com%2Flogin%2Foc%2Flogin&dr=https%3A%2F%2Fadmin.oxfordclub.com.eu2.cas.ms%2F&ul=en-us&de=UTF-8&dt=Loading...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1588994701&gjid=575531615&cid=645992997.1665595618&tid=UA-138485934-2&_gid=1159523951.1665595618&_r=1&gtm=2wgaa05C952S8&z=404443505
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.pubsvs.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:26:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://apps.pubsvs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request ErrorPage404.html
apps.pubsvs.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.pubsvs.com/ErrorPage404.html
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/app-login.7d855ca36019e7383c5a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f97eec7b647ba27ea8fb7a5e8634a8a11dec9e78123cd4aca000beff7c49b2ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://apps.pubsvs.com/login/oc/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
998
Content-Type
text/html
Date
Wed, 12 Oct 2022 17:26:58 GMT
ETag
"27345ed3ad84d51:0"
Last-Modified
Thu, 17 Oct 2019 05:43:38 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=63072000; includeSubDomains
TYPE
4
Vary
Accept-Encoding
X-Powered-By
ASP.NET
style.css
apps.pubsvs.com/Content/Styles/error-page/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.pubsvs.com/Content/Styles/error-page/style.css
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/ErrorPage404.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
622b9d01ad171e45c180ef01e9d33df5a1f748c9c6f8fa0f13b453d517c8616e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/ErrorPage404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 30 Oct 2018 11:25:40 GMT
Server
Microsoft-IIS/10.0
ETag
"4ab0d7494370d41:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
TYPE
4
Content-Length
931
img.png
apps.pubsvs.com/Content/images/error-page/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.pubsvs.com/Content/images/error-page/img.png
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/ErrorPage404.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf6c892b65fa1a009ae5e156bff0ea3229785ce66ef829d7a9ec622f4a9cea80
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/ErrorPage404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 21 Aug 2018 12:34:26 GMT
Server
Microsoft-IIS/10.0
ETag
"2069754c4b39d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
TYPE
4
Content-Length
136649
gtm.js
www.googletagmanager.com/ 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5C952S8
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/ErrorPage404.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e55489735dce0595a67f29e03c1c5181987255c2e9feaecd215f93727abb2823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:26:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44052
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 16:11:09 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Oct 2022 17:26:58 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C952S8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 17:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
661
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 12 Oct 2022 19:15:57 GMT
404.png
apps.pubsvs.com/Content/images/error-page/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.pubsvs.com/Content/images/error-page/404.png
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/Content/Styles/error-page/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d2999b7c1458cd5fcc2823687ac19e7c039663a46be8ce5ad936961603882565
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/Content/Styles/error-page/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 21 Aug 2018 12:34:26 GMT
Server
Microsoft-IIS/10.0
ETag
"737724c4b39d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
TYPE
4
Content-Length
22384
mail.png
apps.pubsvs.com/Content/images/error-page/ 		513 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.pubsvs.com/Content/images/error-page/mail.png
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/Content/Styles/error-page/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e01b6f819d5b74f9bdc450b69738f1b2bc954d2984ad8ce2f257febe946697b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/Content/Styles/error-page/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 21 Aug 2018 12:34:26 GMT
Server
Microsoft-IIS/10.0
ETag
"fa4764c4b39d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
TYPE
4
Content-Length
513
home.png
apps.pubsvs.com/Content/images/error-page/ 		289 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.pubsvs.com/Content/images/error-page/home.png
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/Content/Styles/error-page/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
424038e114468315cdce18b065ee4350cf05c61022cebe2502105f53237d2d91
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/Content/Styles/error-page/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 21 Aug 2018 12:34:26 GMT
Server
Microsoft-IIS/10.0
ETag
"ad6e734c4b39d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
TYPE
4
Content-Length
289
back.png
apps.pubsvs.com/Content/images/error-page/ 		211 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apps.pubsvs.com/Content/images/error-page/back.png
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/Content/Styles/error-page/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.153 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c255e573f956df7396f4e52cbe7208cd23c5fc37c772ec31d5e60e0bb000c0ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/Content/Styles/error-page/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:26:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 21 Aug 2018 12:34:26 GMT
Server
Microsoft-IIS/10.0
ETag
"ddd2724c4b39d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
TYPE
4
Content-Length
211
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1974269736&t=pageview&_s=1&dl=https%3A%2F%2Fapps.pubsvs.com%2FErrorPage404.html&ul=en-us&de=UTF-8&dt=404%20-%20Not%20found%20error&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAAAAAI~&jid=&gjid=&cid=645992997.1665595618&tid=UA-138485934-2&_gid=1159523951.1665595618&gtm=2wgaa05C952S8&z=768272503
Requested by
Host: apps.pubsvs.com
URL: https://apps.pubsvs.com/ErrorPage404.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apps.pubsvs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 22:37:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67789
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
admin.oxfordclub.com/ Name: BIGipServerIRIS_PROD_HTTPS_POOL
Value: !YybgqsCGCtVmT7NbyhZUbYl6SkaXWvMQHzHC9c+pIn/yY+s5D3cBSjFgKRZNS8bUoLTtui560Vdbjy0=
apps.pubsvs.com/ Name: BIGipServerIRIS_PROD_HTTPS_POOL
Value: !OLIXVD/UrJkMtydbyhZUbYl6SkaXWlRKPBa1SXUnZH/Z0FiFEpfh/P8bgLQ4xrBZKQ/9VSr4cVJxBis=
.pubsvs.com/ Name: _ga
Value: GA1.2.645992997.1665595618
.pubsvs.com/ Name: _gid
Value: GA1.2.1159523951.1665595618
.pubsvs.com/ Name: _gat_UA-138485934-2
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.oxfordclub.com
admin.oxfordclub.com.eu2.cas.ms
apps.pubsvs.com
mcasproxy.azureedge.net
www.google-analytics.com
www.googletagmanager.com
192.135.136.153
192.135.136.168
2a00:1450:4001:806::2008
2a00:1450:4001:82a::200e
2a02:26f0:e300::211:9328
52.157.233.49
309b6ed794579b7edf2417769c51556a61890acabbb090c1c2e1c1392580b83d
424038e114468315cdce18b065ee4350cf05c61022cebe2502105f53237d2d91
594f4f34689a193c95f42723a21964938533f9c28dd9c24d513d8be68f3c5e3a
5e01b6f819d5b74f9bdc450b69738f1b2bc954d2984ad8ce2f257febe946697b
622b9d01ad171e45c180ef01e9d33df5a1f748c9c6f8fa0f13b453d517c8616e
68839f7ff6729a90f2e1b9df9468a7bfdedfe247002ff39d56ff94bc829e7a70
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
a9833946baeafbc58013001b2afbd2cbc2fbf608dc5b0c9110d54824c139deca
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5b10bb8052a3cedde3049f735010f01ac2d44863d6035f711c957f1e19cb192
bf6c892b65fa1a009ae5e156bff0ea3229785ce66ef829d7a9ec622f4a9cea80
c255e573f956df7396f4e52cbe7208cd23c5fc37c772ec31d5e60e0bb000c0ee
c4b31737c5fe64db34abea57a13239f3439ba864b7b3831b4872b58e0c6d5fd3
cb73fe56c37b89e9534f16ec2880261602eb657a2858a2dce8f17bed3f49a3be
d2999b7c1458cd5fcc2823687ac19e7c039663a46be8ce5ad936961603882565
d6966658081a1826dc30d9f9f709f87a71b0492303f1d4b0b5cbcabf887420be
e55489735dce0595a67f29e03c1c5181987255c2e9feaecd215f93727abb2823
f97eec7b647ba27ea8fb7a5e8634a8a11dec9e78123cd4aca000beff7c49b2ae
fdaf2a08a30c208a5f34fc9c0946c29979d6f1678ae33b7e1476fb9e16ed9ee8