urlscan.io logo urlscan.io
SecurityTrails logo

wadialfurat.com Open in urlscan Pro
23.108.96.28  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mnffe.wpengine.com/trgo
Effective URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Submission: On May 04 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 22 HTTP transactions. The main IP is 23.108.96.28, located in Singapore and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is wadialfurat.com.
TLS certificate: Issued by R3 on March 18th 2023. Valid for: 3 months.
This is the only time wadialfurat.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: targobank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 2 35.247.59.148 396982 (GOOGLE-CL...)
2 16 23.108.96.28 59253 (LEASEWEB-...)
2 2a03:90c0:41:... 199524 (GCORE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 7
2    35.247.59.148 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 148.59.247.35.bc.googleusercontent.com
mnffe.wpengine.com
16    23.108.96.28 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: s535.sgp8.mysecurecloudhost.com
wadialfurat.com
2    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.jsdelivr.net
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
16 wadialfurat.com
wadialfurat.com
300 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 200
413 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
41 KB
2 wpengine.com
mnffe.wpengine.com
743 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 708
30 KB
22 7
Domain Requested by
16 wadialfurat.com 2 redirects wadialfurat.com
2 cdnjs.cloudflare.com wadialfurat.com
2 cdn.jsdelivr.net wadialfurat.com
2 mnffe.wpengine.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com wadialfurat.com
1 code.jquery.com wadialfurat.com
22 7

This site contains no links.

Subject Issuer Validity Valid
wadialfurat.com
R3		 2023-03-18 -
2023-06-16		 3 months crt.sh
cdn.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2022-10-01 -
2023-10-20		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Frame ID: B95212002E99EC1206AB06CC4B09EC5B
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Targobank

Page URL History Show full URLs

  1. https://mnffe.wpengine.com/trgo HTTP 301
    http://mnffe.wpengine.com/trgo/ Page URL
  2. https://wadialfurat.com/wp-content/targo/connexion/ HTTP 302
    https://wadialfurat.com/wp-content/targo/connexion/auth/?pwd=targo HTTP 302
    https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

22
Requests

95 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

834 kB
Transfer

2234 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mnffe.wpengine.com/trgo HTTP 301
    http://mnffe.wpengine.com/trgo/ Page URL
  2. https://wadialfurat.com/wp-content/targo/connexion/ HTTP 302
    https://wadialfurat.com/wp-content/targo/connexion/auth/?pwd=targo HTTP 302
    https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://mnffe.wpengine.com/trgo HTTP 301
  • http://mnffe.wpengine.com/trgo/

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mnffe.wpengine.com/trgo/
Redirect Chain
  • https://mnffe.wpengine.com/trgo
  • http://mnffe.wpengine.com/trgo/
141 B
567 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mnffe.wpengine.com/trgo/
Protocol
HTTP/1.1
Server
35.247.59.148 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
148.59.247.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
63fd5870a76a40b3e235b073ca0b71ea79d6bdd3c8307d30a1fc031e997273bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=600, must-revalidate
Connection
keep-alive
Content-Length
141
Content-Type
text/html
Date
Thu, 04 May 2023 09:18:33 GMT
ETag
W/"8d-5faaba4160b0a-gzip"
Keep-Alive
timeout=20
Last-Modified
Tue, 02 May 2023 01:13:02 GMT
Server
nginx
Vary
Accept-Encoding,Cookie
X-Cache
HIT: 1
X-Cache-Group
normal
X-Cacheable
SHORT
X-Powered-By
WP Engine

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
239
content-type
text/html; charset=iso-8859-1
date
Thu, 04 May 2023 09:18:32 GMT
location
http://mnffe.wpengine.com/trgo/
server
nginx
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
non200
Primary Request login.php
wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/
Redirect Chain
  • https://wadialfurat.com/wp-content/targo/connexion/
  • https://wadialfurat.com/wp-content/targo/connexion/auth/?pwd=targo
  • https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
b6d09611f9d0eb7a4ac4c06f43136b3c76d80e06de7e52c831d526f6bcb06503

Request headers

Referer
http://mnffe.wpengine.com/trgo/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 04 May 2023 09:18:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding,User-Agent,Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 May 2023 09:18:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
vB65nL/login.php?id=66271200
pragma
no-cache
server
LiteSpeed
vary
User-Agent,Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
am3-up-gc88, fr5-hw-edge-gc34
date
Thu, 04 May 2023 09:18:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
x-jsd-version
5.0.2
x-cached-since
2023-04-28T12:25:42+00:00, 2023-04-28T12:25:44+00:00
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be, nginx-be
x-jsd-version-type
version
server
nginx
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cache
HIT, HIT
timing-allow-origin
*
helpers.css
wadialfurat.com/wp-content/targo/connexion/auth/media/css/ 		41 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/css/helpers.css
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
br
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2890
expires
Fri, 03 May 2024 09:18:36 GMT
style.css
wadialfurat.com/wp-content/targo/connexion/auth/media/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/css/style.css
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
ff6ea37c69b573c241611d7f7d816d90603404a2bde4f999d0affe2874d22291

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
br
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
1994
expires
Fri, 03 May 2024 09:18:36 GMT
logo.png
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/logo.png
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
afe879c83aee1d47f4ad129add2c686986197a18e2305715868ed7e538592ad3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
4640
expires
Fri, 01 Sep 2023 09:18:36 GMT
remember.png
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		647 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/remember.png
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
968c1cdae939740f818d979168c2e847b9cc59c90bcdbb495fc5385eb72f8390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
647
expires
Fri, 01 Sep 2023 09:18:36 GMT
check.svg
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		614 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/check.svg
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
5a33fcbf0f406c9e9e767d66a1f43462b8391ffb8e8aaf8de53248a1510e37aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
br
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
358
expires
Fri, 01 Sep 2023 09:18:36 GMT
right.svg
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		622 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/right.svg
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
29091caa6f2374957c15476e14ef16bedead97eac46bf90fa6c55f371331fe99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
br
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
296
expires
Fri, 01 Sep 2023 09:18:36 GMT
footer-logo.png
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/footer-logo.png
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
9ca07cfe33a9de4a4f3bfcc9316fb85b84c52477ca36390201df492aec3007a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
1652
expires
Fri, 01 Sep 2023 09:18:36 GMT
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
gzip
last-modified
Fri, 26 Aug 2022 17:36:05 GMT
server
nginx
etag
W/"63090485-15e40"
vary
Accept-Encoding
x-hw
1683191916.dop148.fr8.t,1683191916.cds242.fr8.hn,1683191916.cds258.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30957
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
am3-up-gc88, fr5-hw-edge-gc34
date
Thu, 04 May 2023 09:18:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
x-jsd-version
5.0.2
x-cached-since
2023-04-28T12:25:43+00:00, 2023-04-28T12:25:44+00:00
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be, nginx-be
x-jsd-version-type
version
server
nginx
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cache
HIT, HIT
timing-allow-origin
*
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/ 		1 MB
410 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2472579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
418541
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"630e6e62-662ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jPfEGtWP8MyT48Jh8lsUwKX9EXfHTiAcQ80%2BLLbNY7KFClnRBBuRVy%2FLoqVwhehYQeiELbwkfiBiP6AI670uYzlAwbZIF%2BNMAfDiiSjoUceN%2F4JMTYj4NdoVg6tE9zf1vjAEPAj2mjKoRMpu6b9sSo2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1fa8454dc730d8-FRA
expires
Tue, 23 Apr 2024 09:18:36 GMT
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
531847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3074
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-2087"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK%2BYQ6AWYiWxmm10tGJ03k%2FqkvI%2B9JWBU%2B5fvxNlLIEogZ2%2BLxO0qKLTpc0ol35MeaiPIyy3pQMvCiAqHsznguo3a%2F2UwHN14tXPX5%2Bs6d1ZJrv2qmyWJegAxMjq5iCZUY6mAf151AR4QtVjsGGq7LF7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1fa8455dcb30d8-FRA
expires
Tue, 23 Apr 2024 09:18:36 GMT
js.js
wadialfurat.com/wp-content/targo/connexion/auth/media/js/ 		453 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/js/js.js
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
c430f66f08a3053fe6e78e13c43f1c368d9b0a979abcd1a2fe6f2a2bd3a6808b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
br
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
143
expires
Fri, 03 May 2024 09:18:36 GMT
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600;700&display=swap
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/media/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc8a7d8daf07a71f36790082b17d066deb4c275a073e4a1ebc58b988f52d10a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 May 2023 07:25:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 May 2023 09:18:36 GMT
hand.svg
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/hand.svg
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/media/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
38fe38eba411d3098e3ebb5709178ce9f1fc56e1a3567fcaa18cb5a2395c23f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/media/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
br
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
2052
expires
Fri, 01 Sep 2023 09:18:36 GMT
tt.svg
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		1 KB
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/tt.svg
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/media/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
cfefc3d1e1fd30433488f4faf720e638f0567faeee99cec325f7fb726f40db66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/media/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
content-encoding
br
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent,Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
581
expires
Fri, 01 Sep 2023 09:18:36 GMT
img1.jpg
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/img1.jpg
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
45f2967a362f767a414c279f114b8f6bd293f3ab07d3753fe9abdd4080408c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
75529
expires
Fri, 01 Sep 2023 09:18:36 GMT
img2.jpg
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/img2.jpg
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
bbd961c93397bc450f406fc284d8dfe569c39a5cdcbb04c6c847d6e57de60c47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
179517
expires
Fri, 01 Sep 2023 09:18:36 GMT
img3.jpg
wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wadialfurat.com/wp-content/targo/connexion/auth/media/imgs/img3.jpg
Requested by
Host: wadialfurat.com
URL: https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.108.96.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
s535.sgp8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
64cd2352fc23c91fe8c05fd696ec62486e5383ca1fe8b67a7aa896a3c624434f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wadialfurat.com/wp-content/targo/connexion/auth/vB65nL/login.php?id=66271200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:36 GMT
last-modified
Wed, 29 Mar 2023 20:33:08 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
32159
expires
Fri, 01 Sep 2023 09:18:36 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wadialfurat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:26:21 GMT
x-content-type-options
nosniff
age
143535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 17:26:21 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: targobank (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery number| uidEvent object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| $jscomp boolean| loaded

1 Cookies

Domain/Path Name / Value
wadialfurat.com/ Name: PHPSESSID
Value: 99e09b5cbf57c623484e491ada170d7d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
mnffe.wpengine.com
wadialfurat.com
2001:4de0:ac18::1:a:3b
23.108.96.28
2606:4700::6811:180e
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a03:90c0:41:2801::62
35.247.59.148
1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615
29091caa6f2374957c15476e14ef16bedead97eac46bf90fa6c55f371331fe99
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
38fe38eba411d3098e3ebb5709178ce9f1fc56e1a3567fcaa18cb5a2395c23f5
45f2967a362f767a414c279f114b8f6bd293f3ab07d3753fe9abdd4080408c1a
5a33fcbf0f406c9e9e767d66a1f43462b8391ffb8e8aaf8de53248a1510e37aa
63fd5870a76a40b3e235b073ca0b71ea79d6bdd3c8307d30a1fc031e997273bd
64cd2352fc23c91fe8c05fd696ec62486e5383ca1fe8b67a7aa896a3c624434f
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
968c1cdae939740f818d979168c2e847b9cc59c90bcdbb495fc5385eb72f8390
9ca07cfe33a9de4a4f3bfcc9316fb85b84c52477ca36390201df492aec3007a7
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
afe879c83aee1d47f4ad129add2c686986197a18e2305715868ed7e538592ad3
b6d09611f9d0eb7a4ac4c06f43136b3c76d80e06de7e52c831d526f6bcb06503
bbd961c93397bc450f406fc284d8dfe569c39a5cdcbb04c6c847d6e57de60c47
c430f66f08a3053fe6e78e13c43f1c368d9b0a979abcd1a2fe6f2a2bd3a6808b
cc8a7d8daf07a71f36790082b17d066deb4c275a073e4a1ebc58b988f52d10a8
cfefc3d1e1fd30433488f4faf720e638f0567faeee99cec325f7fb726f40db66
ff6ea37c69b573c241611d7f7d816d90603404a2bde4f999d0affe2874d22291