urlscan.io logo urlscan.io
SecurityTrails logo

xervermania.s3.eu-central-1.amazonaws.com Open in urlscan Pro
52.219.169.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://valuationconnect.com.smr-machinery.com/
Effective URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e...
Submission: On January 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 15 HTTP transactions. The main IP is 52.219.169.34, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is xervermania.s3.eu-central-1.amazonaws.com.
TLS certificate: Issued by Amazon on December 9th 2021. Valid for: a year.
This is the only time xervermania.s3.eu-central-1.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.51.202.58 48715 (SEFROYEKP...)
1 1 104.40.78.147 8075 (MICROSOFT...)
1 52.219.169.34 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 163.171.128.148 54994 (QUANTILNE...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
15 7
1    185.51.202.58 (Iran, Islamic Republic Of)

ASN48715 (SEFROYEKPARDAZENG-AS Sefroyek Pardaz Engineering Company, IR)
PTR: 185.51.202.58.shahrad.net
valuationconnect.com.smr-machinery.com
1    104.40.78.147 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
fbf2473e82dc43898061f1ce5e8a6d43.svc.dynamics.com
1    52.219.169.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
xervermania.s3.eu-central-1.amazonaws.com
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)
images.benchmarkemail.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
Apex Domain
Subdomains		 Transfer
5 benchmarkemail.com
images.benchmarkemail.com — Cisco Umbrella Rank: 117036
19 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 680
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427
42 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
60 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
13 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
24 KB
1 amazonaws.com
xervermania.s3.eu-central-1.amazonaws.com
26 KB
1 dynamics.com
fbf2473e82dc43898061f1ce5e8a6d43.svc.dynamics.com
676 B
1 smr-machinery.com
valuationconnect.com.smr-machinery.com
1 KB
15 8
Domain Requested by
5 images.benchmarkemail.com xervermania.s3.eu-central-1.amazonaws.com
2 ajax.googleapis.com xervermania.s3.eu-central-1.amazonaws.com
2 cdnjs.cloudflare.com xervermania.s3.eu-central-1.amazonaws.com
2 maxcdn.bootstrapcdn.com xervermania.s3.eu-central-1.amazonaws.com
1 code.jquery.com xervermania.s3.eu-central-1.amazonaws.com
1 stackpath.bootstrapcdn.com xervermania.s3.eu-central-1.amazonaws.com
1 xervermania.s3.eu-central-1.amazonaws.com valuationconnect.com.smr-machinery.com
1 fbf2473e82dc43898061f1ce5e8a6d43.svc.dynamics.com 1 redirects
1 valuationconnect.com.smr-machinery.com
15 9

This site contains no links.

Subject Issuer Validity Valid
*.s3.eu-central-1.amazonaws.com
Amazon		 2021-12-09 -
2022-12-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.benchmarkemail.com
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Frame ID: 478496515E1814E41C44EBF9FB19DCC5
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Outlook

Page URL History Show full URLs

  1. http://valuationconnect.com.smr-machinery.com/ Page URL
  2. https://fbf2473e82dc43898061f1ce5e8a6d43.svc.dynamics.com/t/r/oAnOH78akAPGjAbj8lKKk9h2Q_P1MzkwPEuqrQsFWpE HTTP 302
    https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

7
IPs

4
Countries

185 kB
Transfer

532 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://valuationconnect.com.smr-machinery.com/ Page URL
  2. https://fbf2473e82dc43898061f1ce5e8a6d43.svc.dynamics.com/t/r/oAnOH78akAPGjAbj8lKKk9h2Q_P1MzkwPEuqrQsFWpE HTTP 302
    https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
valuationconnect.com.smr-machinery.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://valuationconnect.com.smr-machinery.com/
Protocol
HTTP/1.1
Server
185.51.202.58 , Iran, Islamic Republic Of, ASN48715 (SEFROYEKPARDAZENG-AS Sefroyek Pardaz Engineering Company, IR),
Reverse DNS
185.51.202.58.shahrad.net
Software
Apache /
Resource Hash
b176b2ca81b07d59382d21c61d4952a055915f35f11be46f93c9994186d224e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 25 Jan 2022 19:31:27 GMT
Server
Apache
Last-Modified
Tue, 25 Jan 2022 06:42:33 GMT
Accept-Ranges
bytes
Content-Length
1088
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
Primary Request owa.htm
xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/
Redirect Chain
  • https://fbf2473e82dc43898061f1ce5e8a6d43.svc.dynamics.com/t/r/oAnOH78akAPGjAbj8lKKk9h2Q_P1MzkwPEuqrQsFWpE
  • https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bq...
25 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Requested by
Host: valuationconnect.com.smr-machinery.com
URL: http://valuationconnect.com.smr-machinery.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.169.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9d2a84da389f96a8b586a748b8c6ddedb5b7238d76b83d0a2164c13744e3df43

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://valuationconnect.com.smr-machinery.com/

Response headers

x-amz-id-2
jaI5ZiW4ass//e/tCW1zJTvuDFxMv4BZYSixg8jkr+fLInuSvsERVYw51kMmDnrt1ZzrDxtdQhU=
x-amz-request-id
HHH52N7DK28RJT5A
Date
Tue, 25 Jan 2022 19:31:29 GMT
Last-Modified
Tue, 25 Jan 2022 15:57:56 GMT
ETag
"269bf9b2963f89b32173c00895641acb"
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Content-Length
26106

Redirect headers

content-length
0
location
https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-activity-id
ad568185-e46e-4f39-88f6-b2bc9a225336
x-servicefabricrequestid
8be12dbf-b06b-4b91-9d98-c3c7164b4057 a67cb0d1-3c28-4ec3-86c8-87e4eae594c6
x-ms-activity-id
ad568185-e46e-4f39-88f6-b2bc9a225336
api-deprecated
False
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 25 Jan 2022 19:31:28 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
13829698
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1b5bc4b6cfb38ae4760033b230decc40
cf-ray
6d33ec084e2159a1-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1128853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5884
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOkSfAGASw%2BKMG%2BBOrh%2F07NyY%2F6kUTwl1ho3MeyhoUeh4%2BwxHsnHBdCOlFlSQmhjovNPdsZFKKncZybL9Jux%2BnlXMacB1K9G%2FL53GN%2F%2B4eheAh77IVtjEAT7dClUSjew4uF2z%2BWV52gzbHm2EmSEi4K5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d33ec0848310f82-MXP
expires
Sun, 15 Jan 2023 19:31:28 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
23988382
cdn-cachedat
2021-04-23 04:15:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
b1bf32d405dd21a17d58c120f8723860
cf-ray
6d33ec083f06374d-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 11:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 11:54:54 GMT
image9952302.png
images.benchmarkemail.com/client1227621/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.benchmarkemail.com/client1227621/image9952302.png
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4f2bf2a799bf8d1437675581a81dc5c9ca2d02db84101b682324f2accebae4a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 19:31:28 GMT
Via
1.1 google, 1.1 hx172:8 (W), 1.1 PSdgflkfFRA1ox201:9 (W), 1.1 PSdgflkfFRA1vg90:8 (W)
Server
PWS/8.3.1.0.8
Age
36890
X-Ws-Request-Id
61f05010_PSdgflkfFRA1vg90_33418-9129
Access-Control-Allow-Methods
POST, GET, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604812
X-Px
ht PSdgflkfFRA1vg90FRA
Connection
keep-alive
Alt-Svc
clear
Content-Length
2712
image9952309.png
images.benchmarkemail.com/client1227621/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.benchmarkemail.com/client1227621/image9952309.png
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2ed245496ce8959ae09061f98017b8cb9a259442e57fd37606d9d349c97b769a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 19:31:28 GMT
Via
1.1 google, 1.1 PSmglsjLAX2nr164:9 (W), 1.1 PSfgblPAR2rt183:2 (W), 1.1 PSdgflkfFRA1dm92:8 (W)
Server
PWS/8.3.1.0.8
Age
36890
X-Ws-Request-Id
61f05010_PSdgflkfFRA1dm92_6165-34238
Access-Control-Allow-Methods
POST, GET, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604812
X-Px
ht PSdgflkfFRA1dm92FRA
Connection
keep-alive
Alt-Svc
clear
Content-Length
1059
image9952317.png
images.benchmarkemail.com/client1227621/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.benchmarkemail.com/client1227621/image9952317.png
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
db081bd7382b0945eb64402ebfcdd7a41a213c08e7e172fb1f4a676cb3dd7a53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 19:31:28 GMT
Via
1.1 google, 1.1 PSmglsjLAX2nr164:3 (W), 1.1 PSdgflkfFRA1bc200:0 (W), 1.1 PSdgflkfFRA1eq94:12 (W)
Server
PWS/8.3.1.0.8
Age
36890
X-Ws-Request-Id
61f05010_PSdgflkfFRA1bc95_31933-13465
Access-Control-Allow-Methods
POST, GET, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604812
X-Px
ht PSdgflkfFRA1eq94FRA
Connection
keep-alive
Alt-Svc
clear
Content-Length
10512
image9952320.png
images.benchmarkemail.com/client1227621/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.benchmarkemail.com/client1227621/image9952320.png
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c4d298a54b0d4437ee3aec09c9759838765d15683c9c05e860fc1fd2a5d02c8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 19:31:28 GMT
Via
1.1 google, 1.1 hx172:1 (W), 1.1 PSfgblPAR2ff185:0 (W), 1.1 PSdgflkfFRA1dm92:2 (W)
Server
PWS/8.3.1.0.8
Age
36890
X-Ws-Request-Id
61f05010_PSdgflkfFRA1gi91_29550-25303
Access-Control-Allow-Methods
POST, GET, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604812
X-Px
ht PSdgflkfFRA1dm92FRA
Connection
keep-alive
Alt-Svc
clear
Content-Length
1541
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
Origin
https://xervermania.s3.eu-central-1.amazonaws.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:31:28 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-10fdd"
vary
Accept-Encoding
x-hw
1643139088.dop006.ml1.t,1643139088.cds220.ml1.hn,1643139088.cds023.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
23856
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
Origin
https://xervermania.s3.eu-central-1.amazonaws.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5962702
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6157
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OABXlKgBHCAwDyacTdUeQlMFZzpOH9JDhS%2BhK1x98%2B7n%2BGmG44r6xwAL%2BC3ndjd5wrbSUwYiBL4uAYzjYRfQe3wD509aGdijpO9rSDpYhjXWmLWGn9QeGPqVFy9Nzf16mpUtAEtxeVUeWgu9RqDVnmF1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d33ec08bc0e0f52-MXP
expires
Sun, 15 Jan 2023 19:31:28 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
Origin
https://xervermania.s3.eu-central-1.amazonaws.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
age
10250
cdn-cachedat
08/04/2021 00:04:37
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2e7eb66616d545433800696e6bd48d5e
cf-ray
6d33ec08cc0a59c5-MXP
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 13:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 13:50:03 GMT
image9952284.png
images.benchmarkemail.com/client1227621/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.benchmarkemail.com/client1227621/image9952284.png
Requested by
Host: xervermania.s3.eu-central-1.amazonaws.com
URL: https://xervermania.s3.eu-central-1.amazonaws.com/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/fd6dc7fce3c5481ea1e7165eda86e93atqhHGhhqk68GcVlBs89rKKMHd1SwvtzbKTU-bqXfAo9o/owa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2dafb4a88395393877aae77a1546570bd8bf7869a3dd9da75c0c0f80afa36d3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xervermania.s3.eu-central-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 19:31:28 GMT
Via
1.1 google, 1.1 hx172:1 (W), 1.1 PSfgblPAR2gc184:5 (W), 1.1 PSdgflkfFRA1dm92:14 (W)
Server
PWS/8.3.1.0.8
Age
36867
X-Ws-Request-Id
61f05010_PSdgflkfFRA1bc95_29815-2168
Access-Control-Allow-Methods
POST, GET, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604812
X-Px
ht PSdgflkfFRA1dm92FRA
Connection
keep-alive
Alt-Svc
clear
Content-Length
1534

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| mainLogonDiv boolean| showPlaceholderText string| mainLogonDivClassName function| setPlaceholderText function| showPasswordClick function| Popper object| bootstrap

2 Cookies

Domain/Path Name / Value
fbf2473e82dc43898061f1ce5e8a6d43.svc.dynamics.com/ Name: 79f08280-5c63-4331-b04d-fb6f39afda51
Value: JHnaA-azOjvymdlSmOJjqHSuxHsCsXNFjlr6Qkf0-3Y
fbf2473e82dc43898061f1ce5e8a6d43.svc.dynamics.com/ Name: 319af4c0-e197-4de9-8a9b-fe98c8a2ca04
Value: JHnaA-azOjvymdlSmOJjqHSuxHsCsXNFjlr6Qkf0-3Y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fbf2473e82dc43898061f1ce5e8a6d43.svc.dynamics.com
images.benchmarkemail.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
valuationconnect.com.smr-machinery.com
xervermania.s3.eu-central-1.amazonaws.com
104.40.78.147
163.171.128.148
185.51.202.58
2001:4de0:ac18::1:a:3a
2606:4700::6810:135e
2606:4700::6812:acf
2a00:1450:4001:827::200a
52.219.169.34
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2dafb4a88395393877aae77a1546570bd8bf7869a3dd9da75c0c0f80afa36d3d
2ed245496ce8959ae09061f98017b8cb9a259442e57fd37606d9d349c97b769a
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
4f2bf2a799bf8d1437675581a81dc5c9ca2d02db84101b682324f2accebae4a2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9d2a84da389f96a8b586a748b8c6ddedb5b7238d76b83d0a2164c13744e3df43
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b176b2ca81b07d59382d21c61d4952a055915f35f11be46f93c9994186d224e4
c4d298a54b0d4437ee3aec09c9759838765d15683c9c05e860fc1fd2a5d02c8f
db081bd7382b0945eb64402ebfcdd7a41a213c08e7e172fb1f4a676cb3dd7a53
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c