darksecdevelopers.github.io Open in urlscan Pro
185.199.109.153  Malicious Activity! Public Scan

URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Submission: On March 06 via api from CA

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 30 HTTP transactions. The main IP is 185.199.109.153, located in United States and belongs to FASTLY, US. The main domain is darksecdevelopers.github.io.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 27th 2018. Valid for: 2 years.
This is the only time darksecdevelopers.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Verizon (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 3 185.199.109.153 54113 (FASTLY)
15 68.232.35.163 15133 (EDGECAST)
3 2600:9000:215... 16509 (AMAZON-02)
2 2.18.232.23 16625 (AKAMAI-AS)
1 162.251.148.152 6461 (ZAYO-6461)
4 192.30.31.89 14153 (EDGECAST-IR)
1 140.108.21.103 33052 (VZUNET)
1 2 52.208.194.150 16509 (AMAZON-02)
30 9
Domain Requested by
15 scache.vzw.com darksecdevelopers.github.io
4 www.verizon.com darksecdevelopers.github.io
3 gateway.answerscloud.com darksecdevelopers.github.io
gateway.answerscloud.com
3 darksecdevelopers.github.io 1 redirects verizon.inq.com
2 verizoncorp.demdex.net 1 redirects darksecdevelopers.github.io
2 assets.adobedtm.com darksecdevelopers.github.io
assets.adobedtm.com
1 collaborateext.verizon.com darksecdevelopers.github.io
1 verizon.inq.com darksecdevelopers.github.io
0 uem.vzw.com Failed scache.vzw.com
30 9

This site contains links to these domains. Also see Links.

Domain
www.verizon.com
www.verizonwireless.com
espanol.verizon.com
myverizonid.verizon.com
Subject Issuer Validity Valid
www.github.com
DigiCert SHA2 High Assurance Server CA
2018-06-27 -
2020-06-20
2 years crt.sh
www.vzw.com
DigiCert Baltimore CA-2 G2
2019-12-09 -
2021-12-13
2 years crt.sh
answerscloud.com
Amazon
2019-10-21 -
2020-11-21
a year crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA
2019-10-22 -
2021-10-01
2 years crt.sh
*.inq.com
GeoTrust RSA CA 2018
2019-10-30 -
2021-12-08
2 years crt.sh
www.verizon.com
DigiCert SHA2 Extended Validation Server CA
2020-02-27 -
2021-11-07
2 years crt.sh
collaborateext.verizon.com
DigiCert Baltimore CA-2 G2
2019-06-26 -
2021-06-29
2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh

This page contains 2 frames:

Primary Page: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Frame ID: 053DD6911D63F8D69EAE404F18AA8CB9
Requests: 29 HTTP requests in this frame

Frame: https://darksecdevelopers.github.io/inqChat.html?IFRAME
Frame ID: 3E613AB84A143F0C3425FC6EAC73893E
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon HTTP 301
    https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^\/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i

Overall confidence: 100%
Detected patterns
  • script /bootstrap[.-]([\d.]*\d)[^\/]*\.js/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^\/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^\/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

30
Requests

97 %
HTTPS

13 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

736 kB
Transfer

1902 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon HTTP 301
    https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://verizoncorp.demdex.net/event?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData HTTP 302
  • https://verizoncorp.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Redirect Chain
  • https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon
  • https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
19 KB
6 KB
Document
General
Full URL
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
284790bb0ab699b863d03cf774beea543810d8d26c8b3730e5e67ec994e29655
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:method
GET
:authority
darksecdevelopers.github.io
:scheme
https
:path
/HiddenEye/WebPages/verizon/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
server
GitHub.com
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31556952
last-modified
Tue, 04 Feb 2020 02:39:16 GMT
etag
W/"5e38d954-4b1a"
access-control-allow-origin
*
expires
Fri, 06 Mar 2020 03:49:38 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
B8A4:3E93:1E4E9C:25600A:5E61C5FA
accept-ranges
bytes
date
Fri, 06 Mar 2020 03:39:38 GMT
via
1.1 varnish
age
0
x-served-by
cache-ams21053-AMS
x-cache
MISS
x-cache-hits
0
x-timer
S1583465979.732767,VS0,VE94
vary
Accept-Encoding
x-fastly-request-id
6196130d72aa4620ec9afd7c464a308ffaaf1e5b
content-length
5724

Redirect headers

status
301
server
GitHub.com
content-type
text/html
strict-transport-security
max-age=31556952
location
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
access-control-allow-origin
*
expires
Fri, 06 Mar 2020 03:49:38 GMT
cache-control
max-age=600
x-proxy-cache
MISS
x-github-request-id
6174:3077:30C7FB:3BF430:5E61C5FA
accept-ranges
bytes
date
Fri, 06 Mar 2020 03:39:38 GMT
via
1.1 varnish
age
0
x-served-by
cache-ams21053-AMS
x-cache
MISS
x-cache-hits
0
x-timer
S1583465979.633517,VS0,VE86
vary
Accept-Encoding
x-fastly-request-id
3bb5efb2fbe254ff8b94dd8263e18bbb4bfab9ee
content-length
162
bootstrap-3.3.7.min.css
scache.vzw.com/am/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://scache.vzw.com/am/css/bootstrap-3.3.7.min.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC8) /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Fri, 14 Feb 2020 21:39:16 GMT
server
ECS (amb/6BC8)
age
74803
etag
"1d970-5e471384+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
19740
expires
Sat, 07 Mar 2020 03:39:38 GMT
less-space.css
scache.vzw.com/am/css/
20 KB
2 KB
Stylesheet
General
Full URL
https://scache.vzw.com/am/css/less-space.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB1) /
Resource Hash
d6fa67395861849e050da5ed40fc7b85cace91cfadb8a1f50e4237d1678bf8ed
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Fri, 14 Feb 2020 21:39:16 GMT
server
ECS (amb/6BB1)
age
73467
etag
"4e0a-5e471384+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
2432
expires
Sat, 07 Mar 2020 03:39:38 GMT
style-2.0.css
scache.vzw.com/am/css/
33 KB
14 KB
Stylesheet
General
Full URL
https://scache.vzw.com/am/css/style-2.0.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7C) /
Resource Hash
eeadb0776b00b95ab33fc549d5529f115a5eb3ea2c70bfba7eb869d5ee2a70ba
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Fri, 14 Feb 2020 21:39:16 GMT
server
ECS (amb/6B7C)
age
74803
etag
"8255-5e471384+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
14473
expires
Sat, 07 Mar 2020 03:39:38 GMT
globalnav-js.css
scache.vzw.com/globalnav/css/
83 KB
15 KB
Stylesheet
General
Full URL
https://scache.vzw.com/globalnav/css/globalnav-js.css?v=3
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8E) /
Resource Hash
6fef0470d1e56c3cc4bbb9040c22bd51410c08986a64ddafca19c1ca7a77336a
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jun 2018 02:13:59 GMT
server
ECS (amb/6B8E)
age
53619
etag
"14a5d-5b1f2c56+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
15366
expires
Sat, 07 Mar 2020 03:39:38 GMT
vzw_jquery19.js
scache.vzw.com/globalnav/scripts/
92 KB
33 KB
Script
General
Full URL
https://scache.vzw.com/globalnav/scripts/vzw_jquery19.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B92) /
Resource Hash
193e607c847e1acebd0f072aabf843ec1570b618dc9ccbc1621567215c3d1ac4
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2015 07:56:52 GMT
server
ECS (amb/6B92)
age
56525
etag
"16fb5-55e7fd44+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
33324
expires
Sat, 07 Mar 2020 03:39:38 GMT
gnav.js
scache.vzw.com/globalnav/
152 KB
33 KB
Script
General
Full URL
https://scache.vzw.com/globalnav/gnav.js?v=3
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBA) /
Resource Hash
a53dc0914a956cacca623b0698a0e06d83e315a0e97439c943007ff2eb1ac900
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Tue, 19 Mar 2019 08:32:34 GMT
server
ECS (amb/6BBA)
age
46682
etag
"26190-5c90a91f+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
34025
expires
Sat, 07 Mar 2020 03:39:38 GMT
omnifooter.css
scache.vzw.com/globalnav/css/
23 KB
4 KB
Stylesheet
General
Full URL
https://scache.vzw.com/globalnav/css/omnifooter.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BAD) /
Resource Hash
e5f02a7f2e1dc57907fe087cbab3814df7dccc8fe7382dfe319b03739258ec7d
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2017 18:16:22 GMT
server
ECS (amb/6BAD)
age
72913
etag
"5a2b-58fa4c76+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
3709
expires
Sat, 07 Mar 2020 03:39:38 GMT
omnifooter.js
scache.vzw.com/globalnav/
10 KB
3 KB
Script
General
Full URL
https://scache.vzw.com/globalnav/omnifooter.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB9) /
Resource Hash
474b188d15887ed18709e11b531f12bd42b79b9e011263cba10020d68ccb5f71
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Wed, 09 May 2018 05:43:03 GMT
server
ECS (amb/6BB9)
age
46682
etag
"29b1-5af28a64+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
2995
expires
Sat, 07 Mar 2020 03:39:38 GMT
gateway.min.js
gateway.answerscloud.com/verizonwireless/production/
83 KB
23 KB
Script
General
Full URL
https://gateway.answerscloud.com/verizonwireless/production/gateway.min.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:9a00:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
00d73329eb01595a1fe9c6e8e48a44323b888182105e720046a603b9311faf95

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 01:54:29 GMT
content-encoding
gzip
age
6309
x-cache
Hit from cloudfront
p3p
CP="ok"
status
200, 200
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified
Wed, 02 Oct 2019 19:50:11 GMT
server
nginx/1.17.3
etag
"d51cbafe92124607c89795169a655312"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
X-Requested-With
x-amz-cf-id
TpK-2kQ71eILsOC8sRXyJ7Wwc70pgnOOPpP4ITX-Jpd1hQyL37nj8Q==
expires
Fri, 06 Mar 2020 05:54:29 GMT
bootstrap-3.3.7.min.js
scache.vzw.com/am/js/
36 KB
10 KB
Script
General
Full URL
https://scache.vzw.com/am/js/bootstrap-3.3.7.min.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA2) /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Fri, 14 Feb 2020 21:39:16 GMT
server
ECS (amb/6BA2)
age
73467
etag
"90b5-5e471384+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
9832
expires
Sat, 07 Mar 2020 03:39:38 GMT
core.js
scache.vzw.com/am/js/
31 KB
5 KB
Script
General
Full URL
https://scache.vzw.com/am/js/core.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB4) /
Resource Hash
5a6de52ac4e8980ba336033113c87e83bb54ab6268cf4ab94726fa53be565103
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Fri, 14 Feb 2020 21:39:16 GMT
server
ECS (amb/6BB4)
age
74803
etag
"7c7d-5e471384+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
5361
expires
Sat, 07 Mar 2020 03:39:38 GMT
satelliteLib-8df7d93db820b272138ecb04dbe4ed7f5023b893.js
assets.adobedtm.com/10d5272d092923c410feae744225087686012423/
361 KB
99 KB
Script
General
Full URL
https://assets.adobedtm.com/10d5272d092923c410feae744225087686012423/satelliteLib-8df7d93db820b272138ecb04dbe4ed7f5023b893.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
11deb90d943e24e0c944abd3c74aeddf1b9eca6b50a14c7ce02ee708572cf563

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Thu, 05 Mar 2020 15:51:37 GMT
server
AkamaiNetStorage
etag
"e45f68fe85a5b7ace7e92762c90e57bf:1583423497.482795"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
100930
expires
Fri, 06 Mar 2020 04:39:38 GMT
inqChatLaunch10004593.js
verizon.inq.com/chatskins/launch/
23 KB
7 KB
Script
General
Full URL
https://verizon.inq.com/chatskins/launch/inqChatLaunch10004593.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.251.148.152 El Segundo, United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
TouchCommerce Server /
Resource Hash
e148858d63e594356162a52d84a839906828a6c5e6c417fc67f3119beb3fff5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Mar 2020 17:44:39 GMT
server
TouchCommerce Server
accept-language
bytes
etag
"8pKCMWa1xy9"
content-type
application/javascript
status
200
cache-control
no-cache
date
Fri, 06 Mar 2020 03:39:39 GMT
content-length
6803
x-xss-protection
1; mode=block
expires
Fri, 06 Mar 2020 04:39:39 GMT
commons.js
www.verizon.com/home/ak-cached/2h/javascript/
0
0
Script
General
Full URL
https://www.verizon.com/home/ak-cached/2h/javascript/commons.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.30.31.89 , United States, ASN14153 (EDGECAST-IR, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
common.css
www.verizon.com/home/ak-cached/2h/styles/
0
0
Stylesheet
General
Full URL
https://www.verizon.com/home/ak-cached/2h/styles/common.css
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.30.31.89 , United States, ASN14153 (EDGECAST-IR, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Access-Control-Allow-Origin
*
omnicode.js
www.verizon.com/includes/javascript/
185 KB
62 KB
Script
General
Full URL
https://www.verizon.com/includes/javascript/omnicode.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.30.31.89 , United States, ASN14153 (EDGECAST-IR, US),
Reverse DNS
Software
ECD (viy/A58B) /
Resource Hash
d08a4dd2727313dd694b3c57523e5edaf78cba526246d8d6a2f7bcbe239b8fbe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:39:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Mar 2020 07:47:19 GMT
Server
ECD (viy/A58B)
Age
71541
X-frame-options
SAMEORIGIN
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript; charset=UTF-8
Cache-control
public,private,must-revalidate,max-age=3600
x-ec-geoHdr
country_code=NL,region_code=,city=,dma=-1,msa=-1,lat=52.3824,long=4.8995,zip=,continent=EU,timezone=
x-ec-fail
no-zip-code
Accept-Ranges
bytes
Content-Length
62563
Expires
Fri, 06 Mar 2020 04:39:38 GMT
vzlogo_lg.png
www.verizon.com/cs/groups/public/documents/adacct/
9 KB
9 KB
Image
General
Full URL
https://www.verizon.com/cs/groups/public/documents/adacct/vzlogo_lg.png
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.30.31.89 , United States, ASN14153 (EDGECAST-IR, US),
Reverse DNS
Software
ECD (viy/A58E) / Servlet/2.5 JSP/2.1
Resource Hash
5cb0772a4426bc336524e001e8dca6180c969565e1f3d71fde110e220d4dc354
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 06 Mar 2020 03:39:39 GMT
Last-Modified
Fri, 13 Sep 2019 12:53:04 GMT
Server
ECD (viy/A58E)
Age
43882
X-Powered-By
Servlet/2.5 JSP/2.1
X-frame-options
SAMEORIGIN
X-Cache
HIT
Content-Type
image/png
X-ORACLE-DMS-ECID
cfe7b90cf2cfef5a:2dd71afe:16dae314213:-8000-000000000122f2b0
Cache-control
public,private,must-revalidate,max-age=3600
x-ec-geoHdr
country_code=NL,region_code=,city=,dma=-1,msa=-1,lat=52.3824,long=4.8995,zip=,continent=EU,timezone=
x-ec-fail
no-zip-code
Accept-Ranges
bytes
Content-Length
8949
Expires
Fri, 06 Mar 2020 04:39:39 GMT
autosuggest.js
scache.vzw.com/search/staticContent/dist/js/
134 KB
47 KB
Script
General
Full URL
https://scache.vzw.com/search/staticContent/dist/js/autosuggest.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B76) /
Resource Hash
898c811f2afdbfe4e2436167a5cbde1d368a896c3043ce35a2b1c6856d3523c4
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:39:38 GMT
content-encoding
gzip
last-modified
Fri, 24 Aug 2018 12:02:58 GMT
server
ECS (amb/6B76)
age
73466
etag
"2168f-5b7ff3f2+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
strict-transport-security
max-age=157680000
access-control-allow-origin
*
content-length
47903
expires
Sat, 07 Mar 2020 03:39:38 GMT
gtagb-uem.js
scache.vzw.com/am/includes/
42 KB
42 KB
Script
General
Full URL
https://scache.vzw.com/am/includes/gtagb-uem.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
VZW /
Resource Hash
a73461b29b02c29b288b013078b6843158fd5bf30317c31c7e6692a34ae1fed0
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:39:40 GMT
last-modified
Fri, 14 Feb 2020 21:39:16 GMT
server
VZW
access-control-allow-origin
*
etag
"a70a-5e471384"
strict-transport-security
max-age=157680000
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
42762
expires
Sat, 07 Mar 2020 03:39:40 GMT
vztc.js
collaborateext.verizon.com/comm/includes/scripts/
137 KB
137 KB
Script
General
Full URL
https://collaborateext.verizon.com/comm/includes/scripts/vztc.js
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.108.21.103 , United States, ASN33052 (VZUNET, US),
Reverse DNS
Software
/
Resource Hash
36fc9ba6b4265692a5024908cf35bbd561322966266675a7da8aa064a3fbb4c8

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:39:39 GMT
Last-modified
Wed, 04 Mar 2020 15:46:45 GMT
Accept-ranges
bytes
Content-length
139794
Content-type
application/x-javascript
mbox-contents-38b8f99ca10f023c55557c0e31691691b2737750.js
assets.adobedtm.com/10d5272d092923c410feae744225087686012423/
95 KB
32 KB
Script
General
Full URL
https://assets.adobedtm.com/10d5272d092923c410feae744225087686012423/mbox-contents-38b8f99ca10f023c55557c0e31691691b2737750.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/10d5272d092923c410feae744225087686012423/satelliteLib-8df7d93db820b272138ecb04dbe4ed7f5023b893.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bbef389a68ec5da7e4cce63b9fb73e37fa4e657f20cca339c1d740acd8f84c7c

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:39:39 GMT
content-encoding
gzip
last-modified
Fri, 21 Feb 2020 14:12:23 GMT
server
AkamaiNetStorage
etag
"a747a01efbceb01bb565610615ee1f4b:1582294343.722778"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
32496
expires
Fri, 06 Mar 2020 04:39:39 GMT
firstevent
verizoncorp.demdex.net/
Redirect Chain
  • https://verizoncorp.demdex.net/event?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData
  • https://verizoncorp.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData
125 B
1 KB
Script
General
Full URL
https://verizoncorp.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.194.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
05767aa80be504c97fa73a5a017d564c0ac3bc2db42e7663c57b58d36bdb439c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v062-04627ed9d.edge-irl1.demdex.com 5.65.0.20200212140016 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fncEH5GiR8E=
Vary
Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
125
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
oqMpp+w7SVc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://verizoncorp.demdex.net/firstevent?d_stuff=1&d_dst=1&d_rtbd=json&d_cts=1&d_cb=window.parseUmbrellaAAMData
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tooltip.png
scache.vzw.com/am/images/
6 KB
6 KB
Image
General
Full URL
https://scache.vzw.com/am/images/tooltip.png
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB2) /
Resource Hash
afd720816fec9fb9f21ecd6ee741f83730f9c9ac3ca7b79d530df3f12f99ca9b
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://scache.vzw.com/am/css/style-2.0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 06 Mar 2020 03:39:41 GMT
last-modified
Fri, 14 Feb 2020 21:39:16 GMT
server
ECS (amb/6BB2)
age
71587
etag
"16e9-5e471384"
strict-transport-security
max-age=157680000
x-cache
HIT
content-type
image/png; charset=utf-8
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5865
expires
Sun, 05 Apr 2020 03:39:41 GMT
NHaasGroteskDSW02-75Bd.woff2
scache.vzw.com/am/content/fonts/
42 KB
42 KB
Font
General
Full URL
https://scache.vzw.com/am/content/fonts/NHaasGroteskDSW02-75Bd.woff2
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
b1e45351cfa1020bfa509335485d0c6bae80acf2e91b63398dfe373958906dc5
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://scache.vzw.com/am/css/style-2.0.css
Origin
https://darksecdevelopers.github.io
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 03:39:41 GMT
last-modified
Fri, 14 Feb 2020 21:39:16 GMT
server
ECS (amb/6B74)
age
74804
etag
"a7d0-5e471384"
strict-transport-security
max-age=157680000
x-cache
HIT
content-type
application/font-woff2; charset=utf-8
status
200
accept-ranges
bytes
access-control-allow-origin
*
content-length
42960
NeueHaasGroteskText55Roman.woff
scache.vzw.com/am/content/fonts/
43 KB
44 KB
Font
General
Full URL
https://scache.vzw.com/am/content/fonts/NeueHaasGroteskText55Roman.woff
Requested by
Host: darksecdevelopers.github.io
URL: https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B79) /
Resource Hash
1f689953c0c5d35f16fa360279c0197c46aa06c0e0b94f074cfcd9273a959197
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://scache.vzw.com/am/css/style-2.0.css
Origin
https://darksecdevelopers.github.io
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 03:39:41 GMT
last-modified
Fri, 14 Feb 2020 21:39:16 GMT
server
ECS (amb/6B79)
age
74804
etag
"ade7-5e471384"
strict-transport-security
max-age=157680000
x-cache
HIT
content-type
application/x-font-woff; charset=utf-8
status
200
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-origin
*
content-length
44519
expires
Sun, 05 Apr 2020 03:39:41 GMT
fs.utils.js
gateway.answerscloud.com/code/19.6.1/
82 KB
25 KB
Script
General
Full URL
https://gateway.answerscloud.com/code/19.6.1/fs.utils.js
Requested by
Host: gateway.answerscloud.com
URL: https://gateway.answerscloud.com/verizonwireless/production/gateway.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:9a00:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
43994445c2f8837cb58943f1e99159addedbff22d9602f7edbe0082f28dcb493

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 08:07:46 GMT
content-encoding
gzip
age
1539115
x-cache
Hit from cloudfront
p3p
CP="ok"
status
200, 200
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2018 21:09:27 GMT
server
nginx/1.17.3
etag
W/"0de477e141fd5a5359f7874c62e94cc6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
X-Requested-With
x-amz-cf-id
JbI62oaRl_0r3ybLbbFA0ianbUeneyhpPWz5qN8jHeX4ifSFm0CPHw==
expires
Mon, 16 Mar 2020 08:07:46 GMT
fs.trigger.js
gateway.answerscloud.com/code/19.6.1/
31 KB
11 KB
Script
General
Full URL
https://gateway.answerscloud.com/code/19.6.1/fs.trigger.js
Requested by
Host: gateway.answerscloud.com
URL: https://gateway.answerscloud.com/verizonwireless/production/gateway.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:9a00:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
720186a7882bc4ac1cae89eb53c3f779f4870683d084537d49bbc111390fe82f

Request headers

Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 12 Feb 2020 22:28:02 GMT
content-encoding
gzip
age
1919499
x-cache
Hit from cloudfront
p3p
CP="ok"
status
200, 200
content-length
10438
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified
Fri, 23 Feb 2018 21:09:27 GMT
server
nginx/1.17.3
etag
W/"bdf116cb1f83a2523293a1a76b75600e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
X-Requested-With
x-amz-cf-id
8VpkkpiLmdO3FwquLzRoiixDgnvW1lwIwIljX1bkFKxE9pzkC_UhBw==
expires
Wed, 11 Mar 2020 22:28:02 GMT
inqChat.html
darksecdevelopers.github.io/ Frame 3E61
9 KB
5 KB
Document
General
Full URL
https://darksecdevelopers.github.io/inqChat.html?IFRAME
Requested by
Host: verizon.inq.com
URL: https://verizon.inq.com/chatskins/launch/inqChatLaunch10004593.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

:method
GET
:authority
darksecdevelopers.github.io
:scheme
https
:path
/inqChat.html?IFRAME
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dtPC=65981335_946h3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://darksecdevelopers.github.io/HiddenEye/WebPages/verizon/

Response headers

status
404
server
GitHub.com
content-type
text/html; charset=utf-8
etag
W/"5ca3b0e6-239b"
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
x-github-request-id
B966:4739:85EE2:AA929:5E61C5F8
accept-ranges
bytes
date
Fri, 06 Mar 2020 03:39:41 GMT
via
1.1 varnish
age
0
x-served-by
cache-ams21053-AMS
x-cache
MISS
x-cache-hits
0
x-timer
S1583465981.420572,VS0,VE89
vary
Accept-Encoding
x-fastly-request-id
12fd0e0e713d02254f2089362e723dd6744ce874
content-length
5142
dynaTraceMonitor
uem.vzw.com/
0
0

truncated
/ Frame 3E61
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96937ccb0471a83a845aaea1aac9b2ffef5cb758a1490120072c9e533a5d4b23

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3E61
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dcc8ac11af1ceaac65474436ecd474827fe643dbf82133ef41922a7012dcc9a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uem.vzw.com
URL
https://uem.vzw.com:8080/dynaTraceMonitor?dtCookie=null;dtLatC=null;referer=https%3A%2F%2Fdarksecdevelopers.github.io%2FHiddenEye%2FWebPages%2Fverizon%2F

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Verizon (Telecommunication)

431 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| vzw_gnjq undefined| $ function| jQuery undefined| gn_category undefined| cartStatus undefined| zipDisplay undefined| gnlin_gnLoadTimer undefined| gnlin_gnLoadCtr undefined| gnlin_gnWeatherTimer undefined| gnlin_scu undefined| gnlin_dbconfig undefined| gnlin_asu undefined| gnlin_usu string| gnlin_defRoleFileName string| gnlin_defMyBizRoleFileName string| gnlin_defLOutRoleFileName string| gnlin_curRoleFileName string| gnlin_roleFileName string| gnlin_roleCookieName string| gnlin_servicesCookieName string| gnlin_loggedinCookieName string| gnlin_oneBillCompCookieName string| gnlin_amIDCookieName string| gnlin_alltelCookieName string| gnlin_cartCookieName string| gnlin_greetingCookieName string| gnlin_oneVZ string| gnlin_greetingDefValue string| gnlin_zipCodeCookieName string| gnlin_cityCookieName string| gnlin_stateCookieName string| gnlin_wbCookieName string| gnlin_popLocCookieName string| gnlin_gnExpandCookieName string| gnlin_gnTxtCookieName string| gnlin_gnConfigCookieName string| gnlin_gnMyBizCookieName string| gnlin_gnMlsCookieName boolean| gnlin_isWOReady boolean| gnlin_debug string| gnlin_debugstr object| gnlin_Domain undefined| gnlin_uscTimer string| gnlin_uscTimeOutFlag undefined| gnlin_ascTimer string| gnlin_ascTimeOutFlag number| gnlin_ascTimeOut undefined| gnlin_htmlTimer number| gnlin_htmlTimeOut string| gnlin_htmlTimeOutFlag number| gnlin_gltxtTimeout undefined| gnlin_myac_server number| gnlin_wbcCacheTime number| gnlin_wtooltipZindex object| gnlin_oglobalNavIdZ object| gnlin_oglobalNavIdPos object| gnlin_forcedLogout object| gnlin_popLoc string| gnlin_gnServScrCallEnabled string| gnlin_searchDelay boolean| gnlin_searchDisable boolean| gnlin_chatDisable boolean| gnlin_searchSuggestSaveDisable boolean| gnlin_GN1_ht boolean| gnlin_GN2_ht boolean| gnlin_GN3_ht boolean| gnlin_GN4_ht string| gnlin_SearchEnabled string| gnlin_isSignInFormElClicked boolean| gnlin_overlay number| gnlin_gnOLoadCtr object| gnlin_signInOMsg object| gnlin_singInOSpec boolean| gnlin_responsiveGN string| gnlin_gnNotificationDisabled string| gnlin_glCfgServerUrl string| gnlin_gntypah boolean| gnlin_landingPageApiflag boolean| gnlin_accessManagerHeaderApiflag string| gnLoadMPScript object| gnlin_searchTerms string| gnlin_prevGNVersion string| gnlin_msoCookieName boolean| gnlin_myvzFixedSubMenuWrapper undefined| gnlin_cqc function| render function| launchGlobalNav object| signInDialog function| setGNZIndex function| updateMenuURL function| setGnCartCookie function| updateGnCartCount function| setTraybgColor function| setSliderView function| vgn_hbLink function| highlightMenu function| saveSearchSuggestResp function| populateSearchAutoCompleteInfo function| setCompOBCookie function| IE8_message function| gntopnotification_close undefined| bizmenu_highlight undefined| ie_ua undefined| ie_re undefined| ie_int string| IDToken1Val string| IDToken2Val object| signInGN object| vzgn object| MP object| vzgn_msoList object| vzgn_searchConf object| vzgn_chatConf object| vzgn_storageCartRetrival object| vzgn_r function| onf_hbLink object| App function| acsReady function| $j object| jQuery19101570884022064225 function| areCookiesEnabled function| disableBut object| Core object| Rule object| Message string| blackListFailed object| Validation string| fromVZTsession string| fromVZTparam string| fromVZT string| mode boolean| overlayAfterSubmit string| offerShortLivedPassword boolean| inOverlay boolean| inInline boolean| isOfferShortLivedPassword object| digitalData function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| _sdi function| _acsDefine function| _fsDefine function| _acsRequire function| _fsRequire object| FSR object| FSFB function| _acsNormalizeUrl function| _fsNormalizeUrl function| _fsNormalizeAssetUrl undefined| cookies undefined| cookie undefined| eqPos undefined| cookieName undefined| host undefined| url undefined| s undefined| params undefined| src undefined| href undefined| query undefined| qs function| getParentV3LanderConfig function| getOpenerV3LanderConfig function| getV3LanderConfigProperty object| v3LanderConfig object| v3Lander string| master_cookie_on string| scbType string| custType string| strXp1QS object| elmsXp1 object| elmXp1 object| arrXp1SSV undefined| arrXp1QS undefined| arrTemp object| arrPdcQs object| targetGlobalSettings function| targetPageParamsAll function| parseUmbrellaAAMData function| sendAAMPixel object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| visitor string| currentDomain string| vzRetailHomeHost string| vziobiHost string| vzForums string| vzFiOSVoice string| vzMessageCenter string| vzSignIn string| vzMyVZ string| vzEntertainment string| vzFiOSTV string| vzSmallBiz string| vzRegistrationSEC string| vzShop boolean| vzCustomLt function| removeHttps function| scTrim function| scfObj function| scStrip string| strSCapp string| strSCappname string| strSCbizunit string| strSClineofbiz string| scLHR string| scLH string| scLP string| scLHRnogoto boolean| scIsPrd object| scPS string| sDom string| s_accountglob string| s_accountapp object| scURL boolean| strboolFound object| tmpArr object| arrURL string| s_account object| arSCValid object| arSAcc string| scbErrType string| scbErrAccount boolean| scBoolAccOK object| s_837 function| s_doPlugins object| s_YTO function| onYouTubePlayerReady function| s_YTp function| s_YTisa function| s_YTism function| s_YTgk function| onYouTubePlayerAPIReady function| s_YTdi function| s_YTei function| s_YTut function| s_YTdv function| s_YTv function| AppMeasurement_Module_Media function| AppMeasurement_Module_Integrate function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_AudienceManagement function| scPageView function| scLinkTrack function| scLinkTrackID string| scType number| j number| x number| s_objectID number| s_giq function| DIL boolean| residentialBusiness function| processJsonpResponse function| typeAheadJQ string| searchItem object| autoSuggest boolean| timerMark string| gomez_brumPagename string| bypassBrum string| bypassUEM undefined| gomez object| dT_ string| downloadSpeed string| uploadSpeed function| isChatInProgress function| isAgentChatInProgress function| isBotChatInProgress object| chatLib object| pendingCalls string| jsLibNameTC string| jsLibPathTC string| jsLibName string| jsLibPath string| jqLibName string| jqLibPath string| clientLogServletName string| clientLogServletPath string| inqSiteID object| tcData number| jscheckstatus object| tcHostConfig object| dotComHostConfig object| chatHostConfig function| getdotcomGlobalSessionId function| checkLoginStatus function| checkLoginStatusTC function| setCustomerInfo function| setExtraCustomerInfo object| inqSalesProducts object| inqSalesQuantities object| inqSalesPrices object| inqClientOrderNum object| inqSalesProductTypes object| inqOrderType object| totalAvailable object| inqOtherInfo function| chatOrderSubmissionDetails function| callChatOrderConf function| readTCCookieInfo function| verifyy function| reInit function| LaunchTCCustomEvent function| triggerMachineLearning function| triggerChatOnOfferDeclined function| launchChatOnOfferDeclined function| refreshTCChat function| reInitTestPage boolean| isInitDone function| reInitTCSubmitOrderDetails function| init function| getChatData function| stopTCSSOTimer function| stopTCSSOTimerRefresh function| startTCSSOTimer function| captureCustJourney function| createTCCookie function| deleteCookie function| createTCCookieTime object| session object| chatLaunchedListener object| chatClosedListener object| c2cDisplayed object| c2cClickedListener object| agentListener object| c2cStateChanged object| chatStatusListener object| saleLandingListener object| saleQualifiedListener function| sendCustomEventChat object| soldListener object| surveyLaunchListener object| chatEngagedListener object| InqRegistry function| firePendingCalls function| resetSiteCatParams function| getHost function| updateSalesQualificationDetails function| limitGetUrl function| setAgentInfo function| triggerTouchCommerce function| setTouchCommerceChatLibIfEnabled object| paramsMappingConfig object| tcParamsMap function| getTCParamName function| makeOneWayRequest function| makeAjaxRequest function| callSACData function| saveUserInfoDataTC function| getLogStatus function| updateLoginStatus function| logDetails object| chatEventListeners function| initializeJQuery function| loadJQueryIfNotAvailable function| loadTouchCommerceChatLib function| getHostTC function| getDotComHostTC function| initializeChatLib function| startTCEventListeners object| asappHostConfig object| asappHostURLConfig object| asappSSOIdConfig object| ssoCookieIdforASAPP object| encrCustIdforASAPP object| globalSessionIdforASAPP object| userInfoforASAPP boolean| loadASAPPComplete boolean| isSubAccount function| getHostASAPP function| getASAPPSSOId function| getHostASAPPURL boolean| ASAPPchatLibValue function| setASAPPChatLibIfEnabled function| isVendorChatInProgress function| loadASAPPChatLib number| chatIVRAttempt boolean| loadASAPPDefault function| reCheckIVRParam function| startASAPPListeners number| adobetargetLoadCount function| displayRAPChat function| checkAdobeTargetLoadCount function| decideAndLoadChatVendor function| disableChatOnSupportPages function| triggerASAPP_IVR function| triggerASAPP_SP function| triggerASAPP function| ASAPPSSOLoginWidget function| contextProviderHandler_IVR function| contextProviderHandler object| userInfoCookie object| ssoCookieIdIVR object| walletExists object| IVRrestriction string| uniquerandomId function| retrieveInfoASAPP function| getASAPPLogStatus function| makeASAPPAjaxRequest function| sendASAPPDataPass number| asappContactusTimer function| initiateChat function| launchASAPPContactusChat function| callASAPPCompensationFlow function| registerListenerEvents function| onASAPPChatLaunched function| onASAPPBotInteractive function| onASAPPAgentAssigned function| onASAPPAgentInteractive function| onASAPPChatClosed function| ASAPPcallSiteCatalyst function| launchChatForSpeedTestResults string| strDom string| strPath function| dtmGetQSnocase number| dtmCancelOmnicodeFn function| diyEventTag function| fsReady object| __fsJSONPCBr function| __fsJSONPCB function| __acsReady__ function| __fsReady__

1 Cookies

Domain/Path Name / Value
darksecdevelopers.github.io/ Name: dtPC
Value: 65981335_946h3

1 Console Messages

Source Level URL
Text
console-api warning URL: https://assets.adobedtm.com/10d5272d092923c410feae744225087686012423/mbox-contents-38b8f99ca10f023c55557c0e31691691b2737750.js(Line 155)
Message:
AT: [page-init] Adobe Target content delivery is disabled. Ensure that you can save cookies to your current domain, there is no "mboxDisable" cookie and there is no "mboxDisable" parameter in query string.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
collaborateext.verizon.com
darksecdevelopers.github.io
gateway.answerscloud.com
scache.vzw.com
uem.vzw.com
verizon.inq.com
verizoncorp.demdex.net
www.verizon.com
uem.vzw.com
140.108.21.103
162.251.148.152
185.199.109.153
192.30.31.89
2.18.232.23
2600:9000:2156:9a00:1b:22c5:8c40:93a1
52.208.194.150
68.232.35.163
00d73329eb01595a1fe9c6e8e48a44323b888182105e720046a603b9311faf95
05767aa80be504c97fa73a5a017d564c0ac3bc2db42e7663c57b58d36bdb439c
0dcc8ac11af1ceaac65474436ecd474827fe643dbf82133ef41922a7012dcc9a
11deb90d943e24e0c944abd3c74aeddf1b9eca6b50a14c7ce02ee708572cf563
193e607c847e1acebd0f072aabf843ec1570b618dc9ccbc1621567215c3d1ac4
1f689953c0c5d35f16fa360279c0197c46aa06c0e0b94f074cfcd9273a959197
284790bb0ab699b863d03cf774beea543810d8d26c8b3730e5e67ec994e29655
36fc9ba6b4265692a5024908cf35bbd561322966266675a7da8aa064a3fbb4c8
43994445c2f8837cb58943f1e99159addedbff22d9602f7edbe0082f28dcb493
474b188d15887ed18709e11b531f12bd42b79b9e011263cba10020d68ccb5f71
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a6de52ac4e8980ba336033113c87e83bb54ab6268cf4ab94726fa53be565103
5cb0772a4426bc336524e001e8dca6180c969565e1f3d71fde110e220d4dc354
6fef0470d1e56c3cc4bbb9040c22bd51410c08986a64ddafca19c1ca7a77336a
70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3
720186a7882bc4ac1cae89eb53c3f779f4870683d084537d49bbc111390fe82f
898c811f2afdbfe4e2436167a5cbde1d368a896c3043ce35a2b1c6856d3523c4
96937ccb0471a83a845aaea1aac9b2ffef5cb758a1490120072c9e533a5d4b23
a53dc0914a956cacca623b0698a0e06d83e315a0e97439c943007ff2eb1ac900
a73461b29b02c29b288b013078b6843158fd5bf30317c31c7e6692a34ae1fed0
afd720816fec9fb9f21ecd6ee741f83730f9c9ac3ca7b79d530df3f12f99ca9b
b1e45351cfa1020bfa509335485d0c6bae80acf2e91b63398dfe373958906dc5
bbef389a68ec5da7e4cce63b9fb73e37fa4e657f20cca339c1d740acd8f84c7c
d08a4dd2727313dd694b3c57523e5edaf78cba526246d8d6a2f7bcbe239b8fbe
d6fa67395861849e050da5ed40fc7b85cace91cfadb8a1f50e4237d1678bf8ed
e148858d63e594356162a52d84a839906828a6c5e6c417fc67f3119beb3fff5f
e5f02a7f2e1dc57907fe087cbab3814df7dccc8fe7382dfe319b03739258ec7d
eeadb0776b00b95ab33fc549d5529f115a5eb3ea2c70bfba7eb869d5ee2a70ba
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c