occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com Open in urlscan Pro
104.219.251.197  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login Show response occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/	10 KB 4 KB	750ms 181ms	Document text/html	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash b981d936f11b0633c972c10e3a32f417118972075f47802e4c774d7628454873 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 3558 Content-Type text/html; charset=UTF-8 Date Mon, 29 Aug 2022 13:47:05 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.38 (Debian) Vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	86ms 31ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 29 Aug 2022 12:20:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 29 Aug 2022 13:47:05 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 29 Aug 2022 13:47:05 GMT
GET H2	200	css fonts.googleapis.com/	19 KB 937 B	87ms 33ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 39a2610ce2dcf23421e482a8dade1944a9cc327de0dd78bca5c8bcc275b81f5f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 29 Aug 2022 13:47:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 29 Aug 2022 13:47:05 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 29 Aug 2022 13:47:05 GMT
GET H/1.1	200 OK	font.css occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/	66 B 347 B	166ms 162ms	Stylesheet text/css	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/font.css?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash d4327cb0b7e8c7a996ac096cd148fec173ace9be3f170dfbf623e6ef71797896 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "42-5d46c9a2f66d2" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 66
GET H/1.1	200 OK	all.css occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/	67 KB 12 KB	171ms 167ms	Stylesheet text/css	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/all.css?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash f5051614e3aa43f9b52e5735864c05a085b9c254b200d8de0bc3fff35d507c83 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "10af2-5d46c9a2f4792-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 12405
GET H/1.1	200 OK	bootstrap.min.css occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/	141 KB 20 KB	337ms 170ms	Stylesheet text/css	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/bootstrap.min.css?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "235ed-5d46c9a2f66d2-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 20560
GET H/1.1	200 OK	slick.css occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/	2 KB 906 B	337ms 165ms	Stylesheet text/css	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/slick.css?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash fdb6a6a681d09ed849d904d82644df2a21bad946e369531778380a924f7063fd Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "702-5d46c9a2f66d2-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 571
GET H/1.1	200 OK	slick-theme.css occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/	3 KB 1 KB	490ms 163ms	Stylesheet text/css	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/slick-theme.css?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "c49-5d46c9a2f66d2-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 866
GET H/1.1	200 OK	bars-1to10.css occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/	1 KB 807 B	499ms 166ms	Stylesheet text/css	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/bars-1to10.css?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash 77bb6b7154ad1c01089da4e8c708e5e7025a11c4d088630b98a62ad299ba3323 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "574-5d46c9a2f4792-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 471
GET H/1.1	200 OK	alpha.css occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/	29 KB 6 KB	503ms 167ms	Stylesheet text/css	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/alpha.css?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash b0d867de76e908ce2f64ddc118f565327af2e24a8d47ab21ecee7a66a8ad45b0 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Thu, 13 Jan 2022 19:36:59 GMT Server Apache/2.4.38 (Debian) ETag "75cb-5d57bcf5341ae-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 5990
GET H/1.1	200 OK	globe.png occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/	862 B 1 KB	165ms 165ms	Image image/png	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/globe.png?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash 19da7956fc4c60b3baaab187a89d766eac961fd1cec39251aaa2986dfa36a40c Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Last-Modified Thu, 13 Jan 2022 19:03:58 GMT Server Apache/2.4.38 (Debian) ETag "35e-5d57b593dd836" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 862
GET H/1.1	200 OK	fr_FR.png occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/	539 B 823 B	163ms 163ms	Image image/png	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/fr_FR.png?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash fa42026f2a6e8e02e71d9d5b6d27a58196456be460453b7e0ff909c0eeef4242 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "21b-5d46c9a2fb4f2" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 539
GET H/1.1	200 OK	en_US.png occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/	2 KB 2 KB	167ms 166ms	Image image/png	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/en_US.png?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash af68238e46e2b29c8c3ac64bd1a77e2ae0a3328ebde703e52b7f58260dd1815c Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "8b1-5d46c9a2fb4f2" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2225
GET H/1.1	200 OK	nl_NL.png occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/	539 B 823 B	165ms 165ms	Image image/png	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/nl_NL.png?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash 4665091f888bf4b4e32676f5c51d619fc2fb81079f407163587f0c9fb00a6906 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "21b-5d46c9a2fb4f2" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 539
GET H/1.1	200 OK	es_ES.png occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/	8 KB 8 KB	168ms 168ms	Image image/png	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/flags/es_ES.png?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash f4e47749b995a83be7203cda9734bf9f17c9bcfaa654f208705c3b53683d6d38 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "1e4f-5d46c9a2fb4f2" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 7759
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	73ms 23ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 13:24:00 GMT content-encoding gzip x-content-type-options nosniff age 1385 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30399 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 29 Aug 2023 13:24:00 GMT
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/	21 KB 7 KB	80ms 32ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 13:47:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 410807 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6646 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-520c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dK9qaqvAZ439B6dfr1VrtHyJ9AixUNniitDDWTlGSZOrZiHKEZB91r2tykGFKpYdufEId34DNTA81%2FCOAFrq3PEHeEDxYaUmRF8b0TMYaYjrp0Q%2FIXRBdYC0oED4qutdcdNvr0mcLylNWcHma5Tm6MsB"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 7425bc8e09758fd1-FRA expires Sat, 19 Aug 2023 13:47:05 GMT
GET H/1.1	200 OK	bootstrap.min.js Show response occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/js/	48 KB 13 KB	341ms 172ms	Script application/javascript	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/js/bootstrap.min.js?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "bf30-5d46c9a2fe3d2-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 13105
GET H/1.1	200 OK	slick.min.js Show response occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/js/	43 KB 11 KB	179ms 172ms	Script application/javascript	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/js/slick.min.js?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash 357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "ab69-5d46c9a2ff372-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10753
GET H/1.1	200 OK	script.js Show response occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/js/	1 KB 790 B	163ms 163ms	Script application/javascript	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/js/script.js?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash dd0a4c9ae947b91964ed8b3769becf9f0a8d589e87a7a6b8552989f8066ae653 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "4d0-5d46c9a2ff372-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 441
GET H/1.1	200 OK	vjax.js Show response occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/v2ay/js/	4 KB 1 KB	163ms 163ms	Script application/javascript	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/v2ay/js/vjax.js?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash a3b739106e813938f89ca300d1216041303129dea915b367aa033718f3239333 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "f8f-5d46c9a2f4792-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1121
GET H/1.1	200 OK	jquery.barrating.min.js Show response occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/js/	6 KB 2 KB	167ms 167ms	Script application/javascript	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/js/jquery.barrating.min.js?v1 Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash be45c3fb00e05c40b8fa885bc5bae425a0a130d7e640642af7f691cae05281a6 Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Content-Encoding gzip Last-Modified Fri, 31 Dec 2021 08:03:11 GMT Server Apache/2.4.38 (Debian) ETag "16c2-5d46c9a2ff372-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2088
GET H/1.1	200 OK	bg-login-left.png occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/	3 MB 3 MB	288ms 163ms	Image image/png	104.219.251.197 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/img/bg-login-left.png Requested by Host: occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com URL: https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/alpha.css?v1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.219.251.197 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS nc-ph-1307-51.web-hosting.com Software Apache/2.4.38 (Debian) / Resource Hash 780fdf66f2d1c078a2deb795547a43a2293d622589c669769917eb76d3d5cc9c Request headers accept-language de-DE,de;q=0.9 Referer https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/www/css/alpha.css?v1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 13:47:05 GMT Last-Modified Thu, 13 Jan 2022 19:05:40 GMT Server Apache/2.4.38 (Debian) ETag "29f654-5d57b5f53669b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2750036
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 31 KB	72ms 23ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 03:24:20 GMT x-content-type-options nosniff age 382965 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 25 Aug 2023 03:24:20 GMT

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| Popper object| bootstrap function| changeLang

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com/	1969-12-31 23:59:59	Name: alphabank Value: l9qni75pao9ogivnejdj6q92cu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
occxpng.1e-gjolians82741qj7msc-1-3dbtwdnfgq.com
104.219.251.197
2606:4700::6811:190e
2a00:1450:4001:808::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19da7956fc4c60b3baaab187a89d766eac961fd1cec39251aaa2986dfa36a40c
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
39a2610ce2dcf23421e482a8dade1944a9cc327de0dd78bca5c8bcc275b81f5f
4665091f888bf4b4e32676f5c51d619fc2fb81079f407163587f0c9fb00a6906
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
77bb6b7154ad1c01089da4e8c708e5e7025a11c4d088630b98a62ad299ba3323
780fdf66f2d1c078a2deb795547a43a2293d622589c669769917eb76d3d5cc9c
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
a3b739106e813938f89ca300d1216041303129dea915b367aa033718f3239333
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af68238e46e2b29c8c3ac64bd1a77e2ae0a3328ebde703e52b7f58260dd1815c
b0d867de76e908ce2f64ddc118f565327af2e24a8d47ab21ecee7a66a8ad45b0
b981d936f11b0633c972c10e3a32f417118972075f47802e4c774d7628454873
be45c3fb00e05c40b8fa885bc5bae425a0a130d7e640642af7f691cae05281a6
d4327cb0b7e8c7a996ac096cd148fec173ace9be3f170dfbf623e6ef71797896
dd0a4c9ae947b91964ed8b3769becf9f0a8d589e87a7a6b8552989f8066ae653
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f4e47749b995a83be7203cda9734bf9f17c9bcfaa654f208705c3b53683d6d38
f5051614e3aa43f9b52e5735864c05a085b9c254b200d8de0bc3fff35d507c83
fa42026f2a6e8e02e71d9d5b6d27a58196456be460453b7e0ff909c0eeef4242
fdb6a6a681d09ed849d904d82644df2a21bad946e369531778380a924f7063fd