urlscan.io logo urlscan.io
SecurityTrails logo

ads-dsas.site Open in urlscan Pro
2606:4700:3035::ac43:af36  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://adversitingmind.com/
Effective URL: https://ads-dsas.site/
Submission: On June 23 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3035::ac43:af36, located in United States and belongs to CLOUDFLARENET, US. The main domain is ads-dsas.site.
TLS certificate: Issued by E5 on June 13th 2024. Valid for: 3 months.
This is the only time ads-dsas.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 149.56.21.31 16276 (OVH)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
8 2
Apex Domain
Subdomains		 Transfer
7 ads-dsas.site
ads-dsas.site
13 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4311
14 KB
1 adversitingmind.com
adversitingmind.com
403 B
8 3
Domain Requested by
7 ads-dsas.site 1 redirects ads-dsas.site
3 challenges.cloudflare.com 1 redirects ads-dsas.site
challenges.cloudflare.com
1 adversitingmind.com 1 redirects
8 3

This site contains no links.

Subject Issuer Validity Valid
ads-dsas.site
E5		 2024-06-13 -
2024-09-11		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://ads-dsas.site/
Frame ID: A03EA198C5B6A44F4A257A8CD1B7F942
Requests: 5 HTTP requests in this frame

Frame: https://ads-dsas.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: 3E82AFE080B9C54BF9898F13C69E03A3
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uhmyz/0x4AAAAAAAbRScxTwZbmID36/light/normal
Frame ID: 281DFBF97C2AE86FB158DD1625D5DA79
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft

Page URL History Show full URLs

  1. https://adversitingmind.com/ HTTP 303
    https://ads-dsas.site/ Page URL

Page Statistics

8
Requests

75 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

27 kB
Transfer

72 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://adversitingmind.com/ HTTP 303
    https://ads-dsas.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
Request Chain 3
  • https://ads-dsas.site/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://ads-dsas.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ads-dsas.site/
Redirect Chain
  • https://adversitingmind.com/
  • https://ads-dsas.site/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads-dsas.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:af36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5228e53dfd3ff964a41503371f253a9ddca168a851ea446e3534313477073bf1

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8982394e6b81a1d8-YYZ
content-encoding
br
content-type
text/html
date
Sun, 23 Jun 2024 05:54:31 GMT
last-modified
Thu, 13 Jun 2024 15:28:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guEd3wVC3EY3mqDBdNDmRX8ypX4GX6ahOKogGaStgBSDLBp3vMprk%2BTGTicVxbHz0NBgP2QpyswWOBw8aoXlkfhF4kCubvM%2FP18HXO5mjVZYNsTGUlyBfREbH8wT4jvjy6U1HySwu2z%2Fm03f"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 23 Jun 2024 05:54:52 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://ads-dsas.site/
pragma
no-cache
server
LiteSpeed
x-powered-by
PHP/7.1.33
index.css
ads-dsas.site/css/ 		80 B
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads-dsas.site/css/index.css
Requested by
Host: ads-dsas.site
URL: https://ads-dsas.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:af36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21442a858ab2b5328f06053aa746f96462524b4ce437d2fbafb5ec625d4a3a9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads-dsas.site/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 05:54:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 19 Apr 2024 21:10:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"50-6167983fca5b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2FNODx6QRMrbCTz2tmJUAFj%2BOej3Cw5UuRffQ5RX2Z%2BV%2FHMSANvqbaQ8l5xjb1mtiGnMVCvc6HUXiTuy6bywLJ26ZPn5Mh1xM2NSaKTlDrrNeBJ%2F%2F4pGfqsvtTO32qYKz7fO0%2FztzMSitP7l"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89823950ac8aa1d8-YYZ
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
Requested by
Host: ads-dsas.site
URL: https://ads-dsas.site/
Protocol
H3
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf9b58fcf84b6c75c42ba56855fb02e0a990771aa1932c18a0fa73ef640000a

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://ads-dsas.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 23 Jun 2024 05:54:31 GMT
content-encoding
br
last-modified
Wed, 19 Jun 2024 17:35:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8982395358ddab3e-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 23 Jun 2024 05:54:31 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c7e29c8c8b6e/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
89823952a87aab3e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
ads-dsas.site/assets-hotmail/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads-dsas.site/assets-hotmail/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Requested by
Host: ads-dsas.site
URL: https://ads-dsas.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:af36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads-dsas.site/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 05:54:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 26 Nov 2022 20:44:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e43-5ee65b5eeffc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1qed0mwVcTJAJyrlHgncRIGktT7SHKH94X6IZbLMdW9Uqw98VjNAlQ6ZNHPkF9B06jYq11ByO6SrT5Ycv%2FZZGTyWXzqv7%2BIYtusiFdo3pw%2FgW7Ptva2KRGMOQRhtT%2BY4sTPNWGOz4hrK417"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
89823950ac8ca1d8-YYZ
alt-svc
h3=":443"; ma=86400
main.js
ads-dsas.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame 3E82
Redirect Chain
  • https://ads-dsas.site/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://ads-dsas.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads-dsas.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Protocol
H3
Server
2606:4700:3035::ac43:af36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b4c1628faa7066bc3838cfc26d27ede6a7ec492e0b1753172f2fff843d53729
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 23 Jun 2024 05:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YTUWjJl69FrpxFLE6dDjXlt1BWwJtrKU9kLRcKX88GAJvPC4yvAV21HGRcJPCH4gAUuM%2FAUrqDeFf4ya4pfmx4QxW%2FqFsjUaH854q6uf%2Bzn0vmJZA3ikEGraZ%2BiEDfDGy%2FyLfUz39nFujkWV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
898239552eeea1d8-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 23 Jun 2024 05:54:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxFX3AufsgZsgJkYnOmXab1dzx7IeJCLp3T%2FcS%2BHQTPHufDgFmKrO5Zxh5ZpMdaJOkYKxiHV9kRjAKV5Scypsl5VxbroH%2FO94MaWIoLIhblsYDnJTgfBB%2BJTYmeuGlmBTSm55bIu5JQUPwq%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
cache-control
max-age=300, public
cf-ray
898239548ea2a1d8-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uhmyz/0x4AAAAAAAbRScxTwZbmID36/light/ Frame 281D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uhmyz/0x4AAAAAAAbRScxTwZbmID36/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://ads-dsas.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
898239567db936b3-YYZ
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jun 2024 05:54:32 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
ads-dsas.site/assets-hotmail/images/ 		17 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ads-dsas.site/assets-hotmail/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:af36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2600793f03df90dbf991bba8718eb5a9703b28466a6fe011aed5c889a1104562

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads-dsas.site/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 05:54:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Oct 2023 16:54:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"423e-607b008437d53"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxIiwTymhGfkTL4%2BTLn4vEPdqIJ5KV44FwIvN01AVx07LS4qrSpCcUJD2RMU7zKg%2FXX%2FAUb70dyQ6GU5a5IZaSZGMnbeysZpNI3nx1kYls3Og8jgCvRVMavFSNqCymjtZiXz8LqYmcpQSyKk"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
898239549eaaa1d8-YYZ
alt-svc
h3=":443"; ma=86400
8982394e6b81a1d8
ads-dsas.site/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3E82 		0
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-dsas.site/cdn-cgi/challenge-platform/h/b/jsd/r/8982394e6b81a1d8
Requested by
Host: ads-dsas.site
URL: https://ads-dsas.site/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:af36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 23 Jun 2024 05:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sM5wjZhJK7qN3sKZ4Q%2BaQepGiowFt8fTAOm1p55PBypCfMZTYuUGkDGOW2CF2VMf6Q8XaKcJ35xQJ6TnDzf3fbL4SaUnqxsSu9U1q3QV%2B2%2F%2FqNSHHBcWcSo%2BwiqfBEh08BzSYE9s2OSHpley"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
898239565f6ea1d8-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage function| onloadTurnstileCallback object| turnstile

2 Cookies

Domain/Path Name / Value
adversitingmind.com/ Name: cloakup_session
Value: dbf4991c87c80a929ed9fe277c4d8a35
.ads-dsas.site/ Name: cf_clearance
Value: BMVm3ijObXt4NM2g.S_Ir5GlqFxsc.DKjOVTCyB8nbw-1719122072-1.0.1.1-Pts5Tbs9_z4R7Mo6CAfqfsfe0oTBOEISee66FvhdnHe8yUxNlgVgta3paB4MFYyOc9ZM49J4x2d32O9bHJbWxg