t70393.hostnl02.fornex.host
Open in
urlscan Pro
185.18.52.177
Malicious Activity!
Public Scan
Effective URL: http://t70393.hostnl02.fornex.host/Login_Screen.htm
Submission Tags: phishing
Submission: On August 05 via api from US
Summary
This is the only time t70393.hostnl02.fornex.host was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AT&T (Telecommunication)Domain & IP information
ASN49981 (WORLDSTREAM, NL)
PTR: hostnl02-1.fornex.host
t70393.hostnl02.fornex.host |
ASN797 (AMERITECH-AS, US)
PTR: clcontent-da.att.com
signin.att.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-196-126.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com
fast.att.demdex.net |
ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f6.1e100.net
fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 68.89.69.34.bc.googleusercontent.com
att-app.quantummetric.com |
ASN15169 (GOOGLE, US)
PTR: 104.196.69.34.bc.googleusercontent.com
att-sync.quantummetric.com |
ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN49981 (WORLDSTREAM, NL)
PTR: hostnl02.fornex.host
hostnl02.fornex.host |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
att.com
www.att.com signin.att.com metrics.att.com Failed |
641 KB |
8 |
quantummetric.com
cdn.quantummetric.com att-app.quantummetric.com att-sync.quantummetric.com |
67 KB |
6 |
fornex.host
t70393.hostnl02.fornex.host hostnl02.fornex.host |
51 KB |
2 |
adnxs.com
1 redirects
ib.adnxs.com |
867 B |
2 |
inq.com
att.inq.com |
8 KB |
2 |
doubleclick.net
fls.doubleclick.net |
1 KB |
2 |
demdex.net
dpm.demdex.net fast.att.demdex.net |
1 KB |
1 |
googleapis.com
fonts.googleapis.com |
711 B |
1 |
agkn.com
d.agkn.com |
750 B |
1 |
facebook.com
www.facebook.com |
258 B |
1 |
bing.com
bat.bing.com |
298 B |
1 |
facebook.net
connect.facebook.net |
104 KB |
1 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
googleadservices.com
www.googleadservices.com |
12 KB |
1 |
tinyurl.com
1 redirects
tinyurl.com |
774 B |
60 | 15 |
Domain | Requested by | |
---|---|---|
20 | www.att.com |
t70393.hostnl02.fornex.host
www.att.com |
9 | signin.att.com |
t70393.hostnl02.fornex.host
www.att.com |
6 | att-app.quantummetric.com |
cdn.quantummetric.com
|
4 | hostnl02.fornex.host |
t70393.hostnl02.fornex.host
|
2 | ib.adnxs.com | 1 redirects |
2 | att.inq.com |
www.att.com
att.inq.com |
2 | fls.doubleclick.net |
www.att.com
|
2 | t70393.hostnl02.fornex.host |
att.inq.com
|
1 | fonts.googleapis.com |
t70393.hostnl02.fornex.host
|
1 | d.agkn.com | |
1 | www.facebook.com | |
1 | bat.bing.com | |
1 | connect.facebook.net |
www.att.com
|
1 | att-sync.quantummetric.com |
cdn.quantummetric.com
|
1 | www.google-analytics.com |
www.att.com
|
1 | www.googleadservices.com |
www.att.com
|
1 | fast.att.demdex.net |
www.att.com
|
1 | dpm.demdex.net |
www.att.com
|
1 | cdn.quantummetric.com |
t70393.hostnl02.fornex.host
|
1 | tinyurl.com | 1 redirects |
0 | metrics.att.com Failed |
www.att.com
cdn.quantummetric.com |
60 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.att.com |
about.att.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.att.com DigiCert SHA2 Secure Server CA |
2020-01-07 - 2021-02-04 |
a year | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-03-26 - 2020-10-09 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA |
2019-01-28 - 2021-02-13 |
2 years | crt.sh |
*.inq.com GeoTrust RSA CA 2018 |
2019-10-30 - 2021-12-08 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
hostnl02.fornex.host cPanel, Inc. Certification Authority |
2020-01-28 - 2021-01-27 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
http://t70393.hostnl02.fornex.host/Login_Screen.htm
Frame ID: 76322643B437A0057B0A96D1327DD496
Requests: 46 HTTP requests in this frame
Frame:
http://fast.att.demdex.net/dest5.html?d_nsid=0
Frame ID: 678319508444D707F8F8358D2AD340EC
Requests: 1 HTTP requests in this frame
Frame:
https://att-app.quantummetric.com/?T=B&u=http%3A%2F%2Ft70393.hostnl02.fornex.host%2FLogin_Screen.htm&t=1596657682189&v=1596657682211&z=1&S=0&N=0&P=0
Frame ID: 781901691863C7EA19813FB395480F01
Requests: 7 HTTP requests in this frame
Frame:
http://t70393.hostnl02.fornex.host/inqChat.html?IFRAME
Frame ID: 69BF73C1B994D8AC04015A088C341B6B
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://tinyurl.com/y4exfn8g
HTTP 301
http://t70393.hostnl02.fornex.host/Login_Screen.htm Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Legal policy center
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Do not sell my personal info
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tinyurl.com/y4exfn8g
HTTP 301
http://t70393.hostnl02.fornex.host/Login_Screen.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- http://www.att.com/scripts/adobe/prod/edmDataManager.js HTTP 307
- https://www.att.com/scripts/adobe/prod/edmDataManager.js
- http://www.att.com/scripts/adobe/prod/edmDataDefinition.js HTTP 307
- https://www.att.com/scripts/adobe/prod/edmDataDefinition.js
- http://www.att.com/scripts/adobe/prod/detm_adobe.js HTTP 307
- https://www.att.com/scripts/adobe/prod/detm_adobe.js
- http://www.att.com/scripts/adobe/prod/marketing.min.js HTTP 307
- https://www.att.com/scripts/adobe/prod/marketing.min.js
- http://www.att.com/scripts/adobe/prod/engage.min.js HTTP 307
- https://www.att.com/scripts/adobe/prod/engage.min.js
- http://ib.adnxs.com/pixie?e=PageView&pi=4744884a-d9b6-4968-84af-f2e434bfe6bd&it=1596657682497&v=0.0.11&u=http%3A%2F%2Ft70393.hostnl02.fornex.host%2FLogin_Screen.htm&st=1596657680999&et=1596657682497&si=0e5rvbc42lpo&ss=1596657680999&if=0 HTTP 301
- https://ib.adnxs.com/pixie?e=PageView&pi=4744884a-d9b6-4968-84af-f2e434bfe6bd&it=1596657682497&v=0.0.11&u=http%3A%2F%2Ft70393.hostnl02.fornex.host%2FLogin_Screen.htm&st=1596657680999&et=1596657682497&si=0e5rvbc42lpo&ss=1596657680999&if=0
60 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login_Screen.htm
t70393.hostnl02.fornex.host/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detm-container-hdr.js
www.att.com/scripts/adobe/prod/ |
97 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quantum-att.js
cdn.quantummetric.com/qscripts/ |
244 KB 66 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
signin.att.com/static/siam/en/halo_c/halo-c-login/ |
155 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ssaf-uc.js
www.att.com/scripts/ssaf_universal_client/prod/ |
97 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edmDataManager.js
www.att.com/scripts/adobe/prod/ |
91 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edmDataDefinition.js
www.att.com/scripts/adobe/prod/ |
109 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detm_adobe.js
www.att.com/scripts/adobe/prod/ |
318 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
signin.att.com/static/siam/en/halo_c/halo-c-login/assets/images/ |
8 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.js
signin.att.com/static/siam/en/halo_c/halo-c-login/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.js
signin.att.com/static/siam/en/halo_c/halo-c-login/ |
45 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
signin.att.com/static/siam/en/halo_c/halo-c-login/ |
445 KB 150 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
signin.att.com/static/siam/en/halo_c/halo-c-login/ |
89 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detm-container-ftr.js
www.att.com/scripts/adobe/prod/ |
486 B 509 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
579 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbox-contents.js
www.att.com/scripts/adobe/prod/ |
107 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edmDataManager.js
www.att.com/scripts/adobe/prod/ Redirect Chain
|
91 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
fast.att.demdex.net/ Frame 6783 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
id
metrics.att.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edmDataDefinition.js
www.att.com/scripts/adobe/prod/ Redirect Chain
|
109 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detm_adobe.js
www.att.com/scripts/adobe/prod/ Redirect Chain
|
318 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json
fls.doubleclick.net/ |
40 B 643 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marketing.min.js
www.att.com/scripts/adobe/prod/ Redirect Chain
|
333 KB 51 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eComm_Universal_AppNexus.js
www.att.com/scripts/adobe/prod/mktg-rules/global/ |
405 B 470 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eComm_Universal_Bing.js
www.att.com/scripts/adobe/prod/mktg-rules/global/ |
625 B 552 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eComm_Universal_Facebook.js
www.att.com/scripts/adobe/prod/mktg-rules/global/ |
682 B 592 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
engage.min.js
www.att.com/scripts/adobe/prod/ Redirect Chain
|
53 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appnexus.js
www.att.com/scripts/adobe/prod/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bing.js
www.att.com/scripts/adobe/prod/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
07c06e32-6d9a-4a75-8416-75b6e3c3c0bb
http://t70393.hostnl02.fornex.host/ |
17 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.js
www.att.com/scripts/adobe/prod/ |
118 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json
fls.doubleclick.net/ |
40 B 643 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ATTAleckSans_W_Rg.woff
signin.att.com/static/siam/en/halo_c/halo-c-login/ |
22 KB 23 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ATTAleckSans_W_Md.woff
signin.att.com/static/siam/en/halo_c/halo-c-login/ |
23 KB 24 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
att-app.quantummetric.com/ Frame 7819 |
90 B 433 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
att-sync.quantummetric.com/ Frame 7819 |
0 175 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
s83837909910523
metrics.att.com/b/ss/attglobaldev/1/JS-2.11.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attmonetization.config.js
www.att.com/scripts/adobe/prod/attmonetization/js/ |
23 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keepAlive.js
signin.att.com/static/ciam/en/common/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eComm_bConsumerVisitor_DIR.js
www.att.com/scripts/adobe/prod/mktg-rules/global/ |
18 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inqChatLaunch10004119.js
att.inq.com/chatskins/launch/ |
30 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
128900881029137
connect.facebook.net/signals/config/ |
413 KB 104 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0
bat.bing.com/action/ |
0 298 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixie
ib.adnxs.com/ Redirect Chain
|
42 B 355 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
att-app.quantummetric.com/ Frame 7819 |
28 B 254 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
att-app.quantummetric.com/ Frame 7819 |
0 174 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
att-app.quantummetric.com/ Frame 7819 |
0 174 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resolvePage
att.inq.com/tagserver/launch/ |
33 B 379 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inqChat.html
t70393.hostnl02.fornex.host/ Frame 69BF |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
hostnl02.fornex.host/404/css/ Frame 69BF |
241 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
hostnl02.fornex.host/404/img/ Frame 69BF |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-dark.png
hostnl02.fornex.host/404/img/ Frame 69BF |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.png
hostnl02.fornex.host/404/img/icons/ Frame 69BF |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
d.agkn.com/pixel/8597/ |
43 B 750 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 69BF |
8 KB 711 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
att-app.quantummetric.com/ Frame 7819 |
0 174 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
att-app.quantummetric.com/ Frame 7819 |
0 174 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- metrics.att.com
- URL
- http://metrics.att.com/id?d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=04798983445058234641256766946162935753&ts=1596657680635
- Domain
- metrics.att.com
- URL
- http://metrics.att.com/b/ss/attglobaldev/1/JS-2.11.0/s83837909910523
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AT&T (Telecommunication)382 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| detmScriptLoadType string| mid string| adobe_mc string| href undefined| analytics_app_visitor_id undefined| ts undefined| newurl object| detm_last_link_info function| _3rdPartyChat function| e boolean| disableAudienceManager object| visitor function| isIE object| DataMappingInterface string| detm_tag_notification_key string| legacyModeKey object| scripts object| script string| src function| satelliteDetector function| scriptExecutor string| filesadded boolean| monecontwatched function| loadAdsFile function| injectHtmlTag function| executeMonetizationTagInjection function| injectMonetization function| iterateANConfigObj function| findAccurateConfig object| detmScriptLoaderConfig function| detmScriptLoader object| detmLoader boolean| AllowDelayedLoad object| chatAnalytics function| Visitor object| s_c_il number| s_c_in boolean| detmDisabled object| detmScriptExecutor function| detmDomainMapper object| detmTagControls string| path object| _satellite object| head_ab boolean| pageLoadFired function| targetView function| listAbVariants function| targetPageParams object| targetGlobalSettings function| ab$ function| ABJSFrameworkLibrary object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate string| AB_LOCATION_CHANGE object| loginJspEnvVars string| loginLanguage boolean| DMviaDM function| AnalyticsNotificationFramework function| edmDataManager function| docReady function| master_ddo object| ddo function| master_dmf function| emptyObject function| $setCacheVar number| $initTimestamp object| bits string| loadOn string| reqKey number| customerMaxDepth boolean| listnerFlag number| ddoCheckEventInterval object| legacy_ddo string| addressBarFullURL string| viewOnlineBill object| legacy_DataMappingInterface function| setMapUrls function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap string| j function| E function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq object| s_att object| s_Integrate_DFA string| v string| gaMeasurementID object| domainName object| linker number| ga_checkOutStep number| ga_pageLoadCount number| loggedIn string| authenticationStatus object| gamktEventTypes object| gamktEventNames object| gamktElements string| gaCustomEvent object| gamarketingANF function| loadMarketingFile object| mktDataEvtType undefined| mktDataEvtName object| mktDataEvtVariable string| mktCustomEvent object| mktVariable function| getCookie function| getQueryVariable function| setCookie function| gtag object| google_tag_manager object| dataLayer object| google_tag_data string| GoogleAnalyticsObject function| ga object| s_3_Integrate_DFA_get_0 object| context object| gaplugins object| gaGlobal object| gaData function| pixie object| uetq function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| qmflate string| attSid function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion string| evtAction string| evtCode string| successFlag string| statusMessage string| errorType string| linkName string| linkPosition string| linkDestinationUrl string| chatInviteType string| chatSessionId string| chatBusinessUnit string| chatAgentGroup string| pageName string| chatState object| chatLaunchedListener object| chatEngagedListener object| c2cStateChanged object| InqRegistry function| UET object| webpackJsonp function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| _ function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__keydownfalse object| __zone_symbol__keyupfalse function| detmExecuteFooter object| __zone_symbol__loadfalse object| __zone_symbol__messagefalse function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| __zone_symbol__DOMContentLoadedfalse object| __zone_symbol__resizefalse object| __zone_symbol__beforeunloadfalse object| __zone_symbol__unloadfalse object| __zone_symbol__orientationchangefalse object| __zone_symbol__scrollfalse object| __zone_symbol__focustrue object| __zone_symbol__blurtrue object| aTmp undefined| accountInFocusType boolean| sameAcctFlag string| metaPN object| aPattern object| val object| detmEventHandler string| tempPageOwnership string| altSegmentType string| liabilityType string| enterpriseType string| companyName string| agreementNumber string| tempABFURL string| tempVS string| temp81 string| tempReferrer string| employeeId string| employeeSegment string| bargainInd object| tempEvent number| aplevt object| internal string| tempPmtArrange string| temp29 string| url string| viewedUIExperience string| wdf object| tempc49 string| result undefined| tempSkuQty undefined| tempSkuPrice undefined| tempSku string| tempPageUrl string| temp88 string| temp_LOB string| temp_devMake string| temp_devModel string| temp_devOS string| temp_devType string| temp_devPIFunc string| temp_devPIFG string| temp61 string| adbPNCheck object| adbTempPLImpObj object| s_i_attglobaldev undefined| comScore number| readerTime number| readerLocation number| callBackTime number| timer number| contentLength boolean| scroller boolean| endContent boolean| didComplete number| pageTimeLoad number| scrollTimeStart number| timeToScroll number| contentTime number| endTime object| gaBase function| sendTrackingEvent function| trackLocation function| trackStart object| appMonetizationFtrUnitsConfig function| refreshTGuardSession function| addPixelImage undefined| cookies undefined| cookie undefined| eqPos undefined| cookieName undefined| host undefined| s undefined| params undefined| _script function| getParentV3LanderConfig function| getOpenerV3LanderConfig function| getV3LanderConfigProperty object| v3LanderConfig object| v3Lander function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: demdex Value: 04894468021084668901230259664161051115 |
|
.fornex.host/ | Name: AMCV_55633F7A534535110A490D44%40AdobeOrg Value: 1994364360%7CMCIDTS%7C18480%7CMCMID%7C04798983445058234641256766946162935753%7CMCAAMLH-1597262480%7C6%7CMCAAMB-1597262480%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1596664880s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.4.0 |
|
.fornex.host/ | Name: _gid Value: GA1.2.1695890818.1596657681 |
|
.fornex.host/ | Name: AMCVS_55633F7A534535110A490D44%40AdobeOrg Value: 1 |
|
.fornex.host/ | Name: _ga Value: GA1.2.293277736.1596657681 |
|
.fornex.host/ | Name: s_cc Value: true |
|
t70393.hostnl02.fornex.host/ | Name: pses Value: {"id":"0e5rvbc42lpo","start":1596657680999,"last":1596657680999} |
|
.fornex.host/ | Name: _gcl_au Value: 1.1.1562794123.1596657681 |
|
.demdex.net/ | Name: dextp Value: 1123-1-1596657680799|22052-1-1596657680900 |
|
.fornex.host/ | Name: s_dfa Value: attglobaldev |
35 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
att-app.quantummetric.com
att-sync.quantummetric.com
att.inq.com
bat.bing.com
cdn.quantummetric.com
connect.facebook.net
d.agkn.com
dpm.demdex.net
fast.att.demdex.net
fls.doubleclick.net
fonts.googleapis.com
hostnl02.fornex.host
ib.adnxs.com
metrics.att.com
signin.att.com
t70393.hostnl02.fornex.host
tinyurl.com
www.att.com
www.facebook.com
www.google-analytics.com
www.googleadservices.com
metrics.att.com
144.160.125.207
172.217.23.162
172.217.23.166
185.18.52.167
185.18.52.177
185.33.221.87
2.16.186.17
206.17.25.188
2600:9000:214f:6600:19:fc2c:a140:93a1
2606:4700:10::6814:8b41
2606:4700:10::6816:34fc
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:81e::200a
2a02:26f0:6c00:187::2db1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.250.196.126
34.69.196.104
34.69.89.68
02024c148d8ecd1daef3a096db5aff643613ccaf050b9c13b2d510f01a26c360
07b3a3d0f02092988f8b70fa51992fa109b23bbc82638fc857dee5ee0e3ad5dc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
178fab8f721f7639665ec6ef300452e94387aee858d14300d1ef5c3d98442a01
181314c7443dc1c1d996056ad02e9bb01d1e38e368e781de09940ae53f9caf73
21714a5ae0b855a565e09b5e4d45765e56d9ddb345eb2b01ec53fd3cdb4216ac
2193b56ce19a88f74435a9ab102448d4f12e7bc997d97cea2868e1478866f9fe
2396fd91c8d9811ea12db7e11ee7fa67990925a3776625fdd0f026a3824f9d92
29aee39a64552ae3c0351b571c4e2334468561e71f6d37965ba13f7875e1fbbe
33a050282e9356be2f2d8538f376fcbc4c7bbc778c4517375b44dad46d48389e
3b68f2ebe753605803684b4e767003805310ad7516ddea0e6019c31f4c99a8be
404242f2c176ef500776c795d03817ee93ec04b15fa756a4a19d8e288a53377f
42c07249df326389a563fb0f780f4c5c914d558c79af8fd17fab8e3c82386972
4e70c82351a077b3b5b7dd6b9183336549c11e496a2356c45e59569fd1d6e9d4
5c2bb4799afe71e3806de817e1e14868d170da40d3bf8df3f59e550fb23a57c1
64697dd950d251e2e82ca5a125f9de74aedb2588b8d8d5e2c81ad6f3f0e0c83c
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
6e6637b17028547b196959ec2665cfce8b313bf36bb24a2c1dbb731fc5f3b49e
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
7c195a0f572829c4425e47703aa9ef841953ea175f67f40c57fa1897054ac633
7fd54badead2e9ca0cb9c38eed210d1ef23375c668afe5b233d2291932aac9af
837b30eb593c95aead65298b13eeac06d5c198f4d9d78838ccde6353a1a77825
846493e411ae00ff67c30aae303eb2f5889bad4747877d41454a165878def0be
8511c2c84544b2f0c6c711d126a9124801020aef724566003a9b1f55a759c743
86fae1dbe7c72c78571fa1aa2d6e13798e3f08f36fae5dc313792d021a7c7412
896c7b882cea6f1c266958546bbbfbaaf21802e23abb54c85995e0b9add23959
8f2bd0a17eb55b38e352473212fa4e8b189b30eadff241548f19c071807bb9c5
a2bde011a261d235a73e8af9b6ce06edf1b501cdfeb7fe31e15e64e98cebb902
b905581673eb16c7cd6329711c2bb7dbbcc5b21413161ebcff7ed17efed2b189
bad02bc8b613a649e7364aee1806ef84854b194d15e05926fa19081e1c36ecf8
ca1fec2c17eb64d59c2d130e06112017823b378c530692fc157b5447147e3fbc
cc636ba71b320c1343ba5ee7bd667f497ac63fc0c4dbe6cc0d1773122e62d74a
ce0e5c622afaff2f99fa38b4d248fe2c33cae724801f896f7cdd9addddcb58f9
ce340e00045f01005937b209564c39e45e45ec1bc60aa13a22f37c2884dde5d9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c4812c9f1b672a7ea3420b10ea389cabb4b50694418965003250c876a2b13b
d48a4204b5fddbb0e3e53fa4d33c1c1bfb6f6583527975af6d001a185050e55c
d50e435ab3b331f214706b96f91e491ddfe94c593bdc484c8a3fb538eb614881
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b08ec5d28a1fc4286e2df384233ed925f880fae52c70d82f5e7837f17736a3
f46f1ad614f2c66662307a1bda0dee7c6cee2d6c467e40e7e560fe555eb094a5
f7a5d8c89304dd7ec2aaca2c9f97a7b71554605f6410f210a2ef027f9512fe59
f812581fdc45af5c663831b50c0c20465677b0c77f43b68ecac22d459a98a299
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955