aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
Open in
urlscan Pro
76.76.21.164
Malicious Activity!
Public Scan
Effective URL: https://aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/en-ae/welcome-offer/platinum-charge-card/
Submission: On April 22 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.
This is the only time aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 237.145.178.68.host.secureserver.net
zeematix.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.137.141.34.bc.googleusercontent.com
arabyads.g2afse.com |
ASN16509 (AMAZON-02, US)
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-16-182.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-205-179-13.deploy.static.akamaitechnologies.com
www.aexp-static.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net
14261824.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net |
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f200.1e100.net
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com | |
tr6.snapchat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
vercel.app
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app |
231 KB |
8 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
624 KB |
7 |
aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 13163 |
301 KB |
5 |
snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 892 tr6.snapchat.com — Cisco Umbrella Rank: 1341 |
834 B |
5 |
linkedin.com
4 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 328 www.linkedin.com — Cisco Umbrella Rank: 613 px4.ads.linkedin.com — Cisco Umbrella Rank: 6223 |
3 KB |
5 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 709 |
152 KB |
4 |
datocms-assets.com
www.datocms-assets.com — Cisco Umbrella Rank: 26819 |
462 KB |
4 |
zeematix.com
4 redirects
zeematix.com |
919 B |
2 |
doubleclick.net
1 redirects
14261824.fls.doubleclick.net |
817 B |
2 |
vercel.live
vercel.live — Cisco Umbrella Rank: 115105 |
23 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
70 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404 |
285 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
274 B |
1 |
sc-static.net
sc-static.net — Cisco Umbrella Rank: 1153 |
19 KB |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 781 |
17 KB |
1 |
g2afse.com
1 redirects
arabyads.g2afse.com |
338 B |
1 |
o18.link
1 redirects
visionadsmedia.o18.link |
1 KB |
55 | 17 |
Domain | Requested by | |
---|---|---|
15 | aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
vercel.live |
8 | www.googletagmanager.com |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
www.googletagmanager.com |
7 | www.aexp-static.com |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
|
5 | analytics.tiktok.com |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
analytics.tiktok.com |
4 | tr.snapchat.com |
sc-static.net
|
4 | www.datocms-assets.com |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
|
4 | zeematix.com | 4 redirects |
3 | px.ads.linkedin.com | 3 redirects |
2 | 14261824.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | vercel.live |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
vercel.live |
2 | connect.facebook.net |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
connect.facebook.net |
1 | tr6.snapchat.com |
sc-static.net
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.facebook.com |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
|
1 | sc-static.net |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
|
1 | px4.ads.linkedin.com |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
|
1 | www.linkedin.com | 1 redirects |
1 | snap.licdn.com |
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
|
1 | arabyads.g2afse.com | 1 redirects |
1 | visionadsmedia.o18.link | 1 redirects |
55 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.americanexpress.ae |
app.adjust.com |
www.datocms-assets.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.vercel.app R3 |
2024-04-15 - 2024-07-14 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-31 - 2024-04-30 |
3 months | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-12-13 - 2024-12-12 |
a year | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
*.vercel.live R3 |
2024-02-23 - 2024-05-23 |
3 months | crt.sh |
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2024-03-06 - 2025-03-06 |
a year | crt.sh |
datocms-assets.com GTS CA 1P5 |
2024-04-04 - 2024-07-03 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
sc-static.net Amazon RSA 2048 M03 |
2023-12-21 - 2025-01-18 |
a year | crt.sh |
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-21 - 2025-02-20 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/en-ae/welcome-offer/platinum-charge-card/
Frame ID: B3D5E03CF05D71C1B2AA2E47F2AA0E0C
Requests: 54 HTTP requests in this frame
Frame:
https://14261824.fls.doubleclick.net/activityi;dc_pre=CLTph-Kw1oUDFWgCdgYdol8HrQ;src=14261824;type=invmedia;cat=amexw0;ord=4309346906906;npa=1;auiddc=8175258.1713808121;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44h0za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Faeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app%2Fen-ae%2Fwelcome-offer%2Fplatinum-charge-card%2F
Frame ID: 122DBBCB41D46EFF130A1C3DEB1A5182
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i?pid=047cf2e3-dee5-43a4-b301-b6def7298f2a&u_scsid=970e08f6-615e-42cd-958c-cba4393635a2&u_sclid=a6f4beeb-d417-413f-8c14-fe4c264bed27
Frame ID: 503755A613DA88D339153954B84D48B7
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://zeematix.com/adstracksecure/uae
HTTP 307
https://zeematix.com/adstracksecure/uae HTTP 301
https://zeematix.com/adstracksecure/uae/ HTTP 302
https://trackback.gotrackier.com/click?campaign_id=31587&pub_id=163&url_id=1&p1={your-transaction-id}&source=... HTTP 307
http://zeematix.com/adstracksecure/uae HTTP 301
http://zeematix.com/adstracksecure/uae/ HTTP 302
https://visionadsmedia.o18.link/c?o=21109671&m=2088&a=54489&aff_click_id={replace_it}&sub_aff_id={replace_it} HTTP 302
https://arabyads.g2afse.com/click?pid=433&offer_id=21817&sub1=D-21109671-1713808119-34G66G165G133-YEHDV1... HTTP 302
https://aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/en-ae/welcome-offer/platinum-charge-card/ Page URL
Detected technologies
DatoCMS (CMS) ExpandDetected patterns
- <[^>]+https://www\.datocms-assets\.com
Amex Express Checkout (Payment processors) Expand
Detected patterns
- aexp-static\.com
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Apply in 5 minutes via the Amex MENA app
Search URL Search Domain Scan URL
Title: Privacy Policy Notice
Search URL Search Domain Scan URL
Title: click here
Search URL Search Domain Scan URL
Title: Welcome points offer
Search URL Search Domain Scan URL
Title: The Platinum Card® benefits
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://zeematix.com/adstracksecure/uae
HTTP 307
https://zeematix.com/adstracksecure/uae HTTP 301
https://zeematix.com/adstracksecure/uae/ HTTP 302
https://trackback.gotrackier.com/click?campaign_id=31587&pub_id=163&url_id=1&p1={your-transaction-id}&source={your-sub-aff-id} HTTP 307
http://zeematix.com/adstracksecure/uae HTTP 301
http://zeematix.com/adstracksecure/uae/ HTTP 302
https://visionadsmedia.o18.link/c?o=21109671&m=2088&a=54489&aff_click_id={replace_it}&sub_aff_id={replace_it} HTTP 302
https://arabyads.g2afse.com/click?pid=433&offer_id=21817&sub1=D-21109671-1713808119-34G66G165G133-YEHDV1680&sub3=54489&sub8=54489_replace_it HTTP 302
https://aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/en-ae/welcome-offer/platinum-charge-card/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6426225&time=1713808120555&li_adsId=56707ff5-688b-4a4a-9601-dac94814ca18&url=https%3A%2F%2Faeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app%2Fen-ae%2Fwelcome-offer%2Fplatinum-charge-card%2F HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6426225&time=1713808120555&li_adsId=56707ff5-688b-4a4a-9601-dac94814ca18&url=https%3A%2F%2Faeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app%2Fen-ae%2Fwelcome-offer%2Fplatinum-charge-card%2F&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6426225%26time%3D1713808120555%26li_adsId%3D56707ff5-688b-4a4a-9601-dac94814ca18%26url%3Dhttps%253A%252F%252Faeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app%252Fen-ae%252Fwelcome-offer%252Fplatinum-charge-card%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6426225&time=1713808120555&li_adsId=56707ff5-688b-4a4a-9601-dac94814ca18&url=https%3A%2F%2Faeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app%2Fen-ae%2Fwelcome-offer%2Fplatinum-charge-card%2F&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6426225&time=1713808120555&li_adsId=56707ff5-688b-4a4a-9601-dac94814ca18&url=https%3A%2F%2Faeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app%2Fen-ae%2Fwelcome-offer%2Fplatinum-charge-card%2F&cookiesTest=true&liSync=true&e_ipv6=AQJXzHEm8QOgggAAAY8G7J4K2nXs52-KpODymb7IMPjjzdFoMk7kfUrIUO-Uid89lrYfKfI
- https://14261824.fls.doubleclick.net/activityi;src=14261824;type=invmedia;cat=amexw0;ord=4309346906906;npa=1;auiddc=8175258.1713808121;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44h0za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Faeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app%2Fen-ae%2Fwelcome-offer%2Fplatinum-charge-card%2F HTTP 302
- https://14261824.fls.doubleclick.net/activityi;dc_pre=CLTph-Kw1oUDFWgCdgYdol8HrQ;src=14261824;type=invmedia;cat=amexw0;ord=4309346906906;npa=1;auiddc=8175258.1713808121;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44h0za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Faeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app%2Fen-ae%2Fwelcome-offer%2Fplatinum-charge-card%2F
55 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/en-ae/welcome-offer/platinum-charge-card/ Redirect Chain
|
33 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
245 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
194 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ns.html
www.googletagmanager.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
208 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71045b2afc0ba12f.css
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/css/ |
366 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-e81585bb9a6b8f4d.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/chunks/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-92a422f151f77ddb.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/chunks/ |
138 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-cf34e2ba9b91794d.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/chunks/ |
107 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-119aa876ae80b1d9.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/chunks/pages/ |
124 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1850-b301fed7eb719b59.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/chunks/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1664-ce46c9679c0c815c.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/chunks/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
755-7b36580efd0a327c.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/chunks/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9555-e2b245ff0f602306.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/chunks/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%5Bslug%5D-237dc72561a06c85.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/chunks/pages/%5Blanguage_country%5D/welcome-offer/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/ClNZgcwGC2S8ftZBhR_uE/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/_next/static/ClNZgcwGC2S8ftZBhR_uE/ |
2 KB 599 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
48 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
172 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feedback.js
vercel.live/_next-live/feedback/ |
70 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/logos/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-line-white.svg
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.28.0/package/dist/img/logos/ |
2 KB 888 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1684306543-platinum-credit-card.webp
www.datocms-assets.com/93849/ |
94 KB 94 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1684306263-web-platinum-card.webp
www.datocms-assets.com/93849/ |
89 KB 90 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1694700180-marketingcampaign-plat-charge-hero-v3.png
www.datocms-assets.com/93849/ |
277 KB 278 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
203 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/ |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/ |
37 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/ |
55 KB 56 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/ |
68 KB 68 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 481 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
661834412697175
connect.facebook.net/signals/config/ |
56 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
245 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CLTph-Kw1oUDFWgCdgYdol8HrQ;src=14261824;type=invmedia;cat=amexw0;ord=4309346906906;npa=1;auiddc=8175258.1713808121;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome...
14261824.fls.doubleclick.net/ Frame 122D Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
208 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tick
vercel.live/api/event/ |
0 67 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
290 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
44 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
194 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MTIyYzc3NzllMA.js
analytics.tiktok.com/i18n/pixel/static/ |
411 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 285 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
047cf2e3-dee5-43a4-b301-b6def7298f2a.js
tr.snapchat.com/config/app/ |
175 B 475 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame 5037 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_c26a2.js
analytics.tiktok.com/i18n/pixel/static/ |
139 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 703 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ |
0 270 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
act
analytics.tiktok.com/api/v2/pixel/ |
0 702 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr6.snapchat.com/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ |
0 44 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1678195648-dls-logo-bluebox-alt.svg
www.datocms-assets.com/93849/ |
597 B 689 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls.min.js
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/website-assets/assets/scripts/ |
118 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-icons.min.js
www.aexp-static.com/akamai/one/statics/@americanexpress/dls-icons/0.5.0/package/dist/browser/ |
362 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.googletagmanager.com
- URL
- https://www.googletagmanager.com/ns.html?id=GTM-TJXRCLXK
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| TiktokAnalyticsObject object| ttq object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST boolean| _already_called_lintrk object| google_tag_manager object| google_tag_data function| snaptr object| r function| onYouTubeIframeAPIReady object| gaGlobal object| _scPxHelper object| _scPxTeller object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| ORIBILI function| webpackHotUpdate object| DLS function| disconnectDlsIconObserver24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sc-static.net/scevent.min.js | Name: X-AB Value: 8f3b6f3e5b9c4d7fa8458de40f6b2991 |
|
visionadsmedia.o18.link/ | Name: MJEXMDK2NZF8MMEWMTO0YTA6MTMZODO5MZO6MW Value: 1713808119.8102 |
|
visionadsmedia.o18.link/ | Name: 21109671 Value: D-21109671-1713808119-34G66G165G133-YEHDV1680 |
|
visionadsmedia.o18.link/ | Name: ____global_tid Value: D-21109671-1713808119-34G66G165G133-YEHDV1680 |
|
arabyads.g2afse.com/ | Name: afclick Value: 6626a2f829305300013c77ea |
|
arabyads.g2afse.com/ | Name: afoffers Value: {"21817":1713808120} |
|
.aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/ | Name: _gcl_au Value: 1.1.8175258.1713808121 |
|
.tiktok.com/ | Name: _ttp Value: 2fSx8RhSbDe2I7YNqSXnkftcdZW |
|
.aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/ | Name: _fbp Value: fb.2.1713808120727.208533551 |
|
.linkedin.com/ | Name: li_sugr Value: ed4574f9-92cc-453b-9929-ce4ebc556bc5 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&cb796cdd-c627-4c48-83ab-1ecfe0fe2a34" |
|
.linkedin.com/ | Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3377:u=1:x=1:i=1713808120:t=1713894520:v=2:sig=AQHknYWVZZLeukozHxICm7-JUBQId3yw" |
|
.aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/ | Name: _ga_TJLPBXF5GF Value: GS1.1.1713808120.1.0.1713808120.0.0.0 |
|
.aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/ | Name: _ga Value: GA1.1.104677691.1713808121 |
|
.aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/ | Name: _scid Value: 4075782a-0558-4ac8-b7cd-c11702e5fec2 |
|
.aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/ | Name: _scid_r Value: 4075782a-0558-4ac8-b7cd-c11702e5fec2 |
|
.aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/ | Name: _tt_enable_cookie Value: 1 |
|
.aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app/ | Name: _ttp Value: TUCaPT-7pFmLCaRxrtEeA_Cni1n |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQJYhbmqO7YpXQAAAY8G7JyF-wFPy3lCJ8VpdQN802YwayDQ9Rw3zx_VrPelAHwA_lBrBvBNTymY1g |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQIV9mOSGEhvDwAAAY8G7JyFjzWZdW4CXemmaZ3GVuEFr2NFkRim8ewHTUBMLR_D4NNXuwwim4rPRq4-7n6qTg |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&202404221748412977225c-d56d-44d1-89ad-fa8fd5bfe3eaAQFM2qHMNFqdps4fThcKCZi9jWcR9N6d" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE3MTM4MDgxMjE7MjswMjFW7GUU7f5cWBUhFv1Ue1DPcARtAr61IA22Q3GtGuqJ/Q== |
37 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
14261824.fls.doubleclick.net
aeme-website-v2-nqlbydo1x-ahmed-hazeems-projects.vercel.app
analytics.tiktok.com
arabyads.g2afse.com
connect.facebook.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
sc-static.net
snap.licdn.com
tr.snapchat.com
tr6.snapchat.com
vercel.live
visionadsmedia.o18.link
www.aexp-static.com
www.datocms-assets.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
zeematix.com
www.googletagmanager.com
13.107.42.14
143.204.207.250
172.217.16.200
2.16.16.182
2001:4860:4802:32::36
216.58.212.166
23.205.179.13
2606:4700:20::ac43:4b95
2606:4700:4400::6812:297e
2620:1ec:21::14
2a00:1450:4001:806::2008
2a02:26f0:7100::1720:ee39
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.141.137.168
35.190.43.134
68.178.145.237
76.76.21.164
76.76.21.93
0022a61693980f69433893a7783da8d89bddf596710258fe6e5a08b11b83fdd7
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
075a5a389d098b1607a93d1c0cdc33be27638367606373cf6473fe7b65e3daa3
08b007ab08bcc989ba86f2b63ab9e2fed3a5497be0717a1fb3c20edc7aec91fc
0e48a58fbfdff6b760fe6297402ef391ad4a3c7c59cda0e20d21189f2f8e0dd0
1a583983fe534444b8921a880bdb003ea2cee4a1ec25e75f9c79a21ab71ca58a
21fa3cbfb790c5fd4ebc5d68c5518bf842a5ec17775491d6d2bc569f9dd02f44
2215dd8d13e389a7590f75e61d7df645c57c850507e8f0fa666238eacc0897fc
29653cf655df984eee259080f3070a84e439e90366e8fd3c151ee86160061747
3530f9432334e47cf7e84f8e0ce64f80d45d7329f44f691a3eb30977a4bbf052
35d926e5ab102b87b66b115ba6bf93af14406f62758915a5d85542a8488055c5
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
494cc7db7fd675db730a7cffe90d541c8c69bc6332ee7e11f99a5af45112df54
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
5f9dce7d30bbd144cf26b5d3edf84e430d50eb4d6c4a619719c27d4b20652ac0
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
72eec299c2191d2fca70aea70e6b33ff2404ef7d36b3d47893e72f04a1319b62
80c6b5dc835b4ce37c83bb537470ec4722c16623754ce2534cb65807f8721a25
8167adb1f8881fa5c5e5ef3a743d4da2ea607838a87d36acf51d84cff08df826
8a2194f1fba9be56722e6575c2b426427769bac68a9c94904756d29ef906276e
9014f58072922a035472a96b3a4090df52e1d94c82ebe68bf9a04adf416984ca
9551b6fc5a6ed3140bf098785e902c642878367c1caf348d996c8eba73d5c5bf
99ab023f1492312ba5ad1c275e787593eb7304af95339c873fbe3ee0381b4940
9b06a7038f888b83bbf870b3a4dfd8636e85c03dca816798fb30b8a1c2735135
a54234f412b9bfdc07fcbd75a6e3e22c0f89f89f861ea0e6e6a96c7048834c41
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
b24330656ca3a97e15f1bea198fb85dabe9ee7d7e860fb31a7ad9400802a180a
b7bc0f19c27e757c306a97df6d07b853de7ccbcdaafcfd3282d5b89b184cd3ca
b991d6bcc69567051213e46c772a8910437445ab997abd75a73181fc65ce25aa
c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252
c20753657d7c78b8f038f77778d2aceedf1f5b88390fe9b652449e792d0a7d05
c6d599b4d42b301dd108089b7afe793a6a277c0271b060df225d99a5f6a72eaf
ca96c3e534644dbbb70cb2b85637dd407e2a42360075d6262440c4bd2baa5c01
d50088fda8038876815d6ebac85575df7885e0dd1c99e26baa0ef3b7893821cc
d6a98367a6f730a63c7861ec7482ba1161df437b82e6a8a5559fea5b542a3d06
df57d01d63bff3c00a33282ff3c4a6fd30b33fadea19358b7fcc28678aae5386
dfd35932a4cc6a2285c77aab076a8846a946f01b60548917a2e273241fa6242e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51b3a3863ccd2ca6f4ed63cccc3ab38efe618aa503be5eeb1e357a7f13be09e
ef7807fca6568d3d4708eb3d46ef30fc06c4460dfba7af6b93e1897da2abf5f8
f0692dfc4b4ee7e14cb2ee314e86e4d76cef7159d9843a14e445ba7c3146d31e
fd0940e851d3ee71185f321172086a86a6f7e2d8a6e2dd8488849b047da4d735