relatoriocartoes.com Open in urlscan Pro
2a02:4780:27:1088:0:3950:c661:2  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.php Show response relatoriocartoes.com/	23 KB 9 KB	217ms 75ms	Document text/html	2a02:4780:27:1088:0:3950:c661:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:27:1088:0:3950:c661:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/5.2.17 Resource Hash 47a86a210beee57bd38a7b8583d84a8124697003595a8255069b79234c2a0a16 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 8651 content-security-policy upgrade-insecure-requests content-type text/html date Sat, 20 May 2023 00:38:31 GMT platform hostinger server LiteSpeed vary Accept-Encoding x-powered-by PHP/5.2.17
GET H2	200	ruxitagentjs_ICA2NVfhqrux_10215210506134511.js Show response www.particulares.santander.pt/	208 KB 80 KB	255ms 41ms	Script text/javascript	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.particulares.santander.pt/ruxitagentjs_ICA2NVfhqrux_10215210506134511.js Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 982435574a12c27b376099ade89d360dc9dda7c2bf4913022fc69b27366fc7fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Wed, 03 Mar 2010 07:01:40 GMT x-cdn Imperva etag "030893de" content-type text/javascript; charset=utf-8 x-iinfo 7-10306951-0 0CNN RT(1684543111086 42) q(0 -1 -1 2) r(0 -1) cache-control max-age=30146156, public content-length 81120 expires Thu, 02 May 2024 22:34:27 GMT
GET H2	200	login_and_register.css www.particulares.santander.pt/ficheros/modern/css/	44 KB 8 KB	308ms 95ms	Stylesheet text/css	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.particulares.santander.pt/ficheros/modern/css/login_and_register.css?v=1683772339710 Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 948213e5149ae982d063fc29530c0da4d93e69ba9767003eaa510f185ab52c8d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 10:37:48 GMT x-cdn Imperva content-type text/css x-iinfo 7-10306951-10306955 2CNN RT(1684543111086 35) q(0 0 0 1) r(0 0) cache-control max-age=5462, public content-length 7739 expires Sat, 20 May 2023 02:09:33 GMT
GET H2	200	fonts.css www.particulares.santander.pt/ficheros/modern/css/	4 KB 773 B	318ms 105ms	Stylesheet text/css	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.particulares.santander.pt/ficheros/modern/css/fonts.css?v=1683772339710 Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 2f0e67192e014a837002fff61326afa99204d4b19c1b7c3d3a0c95fe4eea32df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 10:37:48 GMT x-cdn Imperva content-type text/css x-iinfo 7-10306951-10306957 2CNN RT(1684543111086 37) q(0 0 0 5) r(0 0) cache-control max-age=5462, public content-length 424 expires Sat, 20 May 2023 02:09:33 GMT
GET H2	200	nbp_jquery.js Show response www.particulares.santander.pt/ficheros/	94 KB 33 KB	340ms 127ms	Script application/x-javascript	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.particulares.santander.pt/ficheros/nbp_jquery.js?v=1683772339710 Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash fdc8960aa91b36d373714561c7f47bd1b2918362de3571b9578b7fd8bb4afab4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 10:37:48 GMT x-cdn Imperva content-type application/x-javascript x-iinfo 7-10306951-10306959 2CNN RT(1684543111086 45) q(0 0 0 -1) r(0 0) cache-control max-age=5462, public content-length 32951 expires Sat, 20 May 2023 02:09:33 GMT
GET H2	404	nbp_guard www.particulares.santander.pt/	0 0	417ms 204ms	Script text/html	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.particulares.santander.pt/nbp_guard Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers
GET H2	200	misc.js Show response www.particulares.santander.pt/ficheros/modern/js/	12 KB 4 KB	352ms 139ms	Script application/x-javascript	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.particulares.santander.pt/ficheros/modern/js/misc.js?v=1683772339710 Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash b3fdf7c9d651f20f160e0700356535b45d565cb28c0aac1a51d1136e78ce398b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 10:37:48 GMT x-cdn Imperva content-type application/x-javascript x-iinfo 7-10306951-10306957 2VNN RT(1684543111086 51) q(0 0 0 -1) r(1 1) U18 cache-control max-age=10800, public content-length 3159 expires Sat, 20 May 2023 03:38:31 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 876 B	200ms 70ms	Script text/javascript	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 069ea633227041fd719d2d1f3a29cbf7dedae7df6b2b4a568ebba2e199af43a1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 556 x-xss-protection 1; mode=block expires Sat, 20 May 2023 00:38:31 GMT
GET H2	200	BEYAM5g3ZYkBxnx9bhxi.js Show response www.particulares.santander.pt/ficheros/js/	427 KB 87 KB	351ms 139ms	Script application/x-javascript	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.particulares.santander.pt/ficheros/js/BEYAM5g3ZYkBxnx9bhxi.js?v=1683772339710 Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 0afbafc1a47a0abcf601975e9f95019633769f405ae83219f0b4218346d68ab7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 10:37:48 GMT x-cdn Imperva content-type application/x-javascript x-iinfo 7-10306951-10306963 2VNN RT(1684543111086 48) q(0 0 0 -1) r(0 1) U18 cache-control max-age=10800, public content-length 87617 expires Sat, 20 May 2023 03:38:31 GMT
GET H2	200	nbp_formf.js Show response www.particulares.santander.pt/ficheros/	14 KB 5 KB	350ms 137ms	Script application/x-javascript	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.particulares.santander.pt/ficheros/nbp_formf.js?v=1683772339710 Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash e7042edf7b8066a83b0446588440d2d31325253d7da307ec4078b9204d6a5e13 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 10:37:48 GMT x-cdn Imperva content-type application/x-javascript x-iinfo 7-10306951-10306961 2VNN RT(1684543111086 47) q(0 0 0 -1) r(0 0) U18 cache-control max-age=10800, public content-length 5114 expires Sat, 20 May 2023 03:38:31 GMT
GET H2	200	login-image-0.svg www.particulares.santander.pt/ficheros/modern/images/icons/	14 KB 5 KB	37ms 37ms	Image image/svg+xml	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.particulares.santander.pt/ficheros/modern/images/icons/login-image-0.svg Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 768a38021128a2657d6267b5681dc037f9cd59f7b3b2c42a9c39879811089b16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 10:37:48 GMT x-cdn Imperva etag "420f56fb" content-type image/svg+xml x-iinfo 7-10306951-0 0CNN RT(1684543111086 243) q(0 -1 -1 0) r(0 -1) content-length 4616
GET H2	404	jquery-migrate-3.1.0.js Show response relatoriocartoes.com/ficheros/js/	2 KB 1 KB	52ms 51ms	XHR text/html	2a02:4780:27:1088:0:3950:c661:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://relatoriocartoes.com/ficheros/js/jquery-migrate-3.1.0.js?_=1684543112145 Requested by Host: www.particulares.santander.pt URL: https://www.particulares.santander.pt/ruxitagentjs_ICA2NVfhqrux_10215210506134511.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:27:1088:0:3950:c661:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://relatoriocartoes.com/login.php X-Requested-With XMLHttpRequest accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 x-dtpc -51$343112110_634h2vLKMNOUCIERCFAPTPGIMAUILNKKMROMLC-0 Response headers date Sat, 20 May 2023 00:38:32 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Thu, 06 Apr 2023 16:45:36 GMT server LiteSpeed etag "999-642ef730-6ef30695d986ca5e;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger content-length 912
GET H2	200	recaptcha__es.js Show response www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/	411 KB 412 KB	183ms 60ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__es.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9069c6400e1ef11ddd7015214e6d9576ddcf3edd6b8b3a8b943d61ce8b690e25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://relatoriocartoes.com/ Origin https://relatoriocartoes.com accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 15 May 2023 16:23:44 GMT x-content-type-options nosniff age 375288 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 420907 x-xss-protection 0 last-modified Mon, 15 May 2023 04:00:52 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 14 May 2024 16:23:44 GMT
GET H2	404	login_functions.jsp Show response relatoriocartoes.com/jsp/sanpt/usuarios/	2 KB 941 B	50ms 50ms	XHR text/html	2a02:4780:27:1088:0:3950:c661:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://relatoriocartoes.com/jsp/sanpt/usuarios/login_functions.jsp?_=1684543112146 Requested by Host: www.particulares.santander.pt URL: https://www.particulares.santander.pt/ruxitagentjs_ICA2NVfhqrux_10215210506134511.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:27:1088:0:3950:c661:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://relatoriocartoes.com/login.php X-Requested-With XMLHttpRequest accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 x-dtpc -51$343112110_634h3vLKMNOUCIERCFAPTPGIMAUILNKKMROMLC-0 Response headers date Sat, 20 May 2023 00:38:32 GMT content-encoding br last-modified Thu, 06 Apr 2023 16:45:36 GMT server LiteSpeed etag "999-642ef730-6ef30695d986ca5e;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger content-length 912
GET H2	404	loginForm_novo.jsp Show response relatoriocartoes.com/jsp/sanpt/usuarios/	2 KB 941 B	50ms 49ms	XHR text/html	2a02:4780:27:1088:0:3950:c661:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://relatoriocartoes.com/jsp/sanpt/usuarios/loginForm_novo.jsp?_=1684543112147 Requested by Host: www.particulares.santander.pt URL: https://www.particulares.santander.pt/ruxitagentjs_ICA2NVfhqrux_10215210506134511.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:27:1088:0:3950:c661:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://relatoriocartoes.com/login.php X-Requested-With XMLHttpRequest accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 x-dtpc -51$343112110_634h4vLKMNOUCIERCFAPTPGIMAUILNKKMROMLC-0 Response headers date Sat, 20 May 2023 00:38:32 GMT content-encoding br last-modified Thu, 06 Apr 2023 16:45:36 GMT server LiteSpeed etag "999-642ef730-6ef30695d986ca5e;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger content-length 912
GET H2	200	1588655105.js Show response aae54045.jscrambler.com/cc/	501 KB 132 KB	126ms 45ms	Script application/javascript	2606:4700:10::6816:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aae54045.jscrambler.com/cc/1588655105.js Requested by Host: relatoriocartoes.com URL: https://relatoriocartoes.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea5ecd5adcd76d05513a0903de4082b6a36bf9babd8f1f944fa8dc2be186234c Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:32 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify server cloudflare age 48923 cf-polished origSize=525696 etag W/"80580-6VdXnF5Iqr2opUrmqNln7+1U+ko" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=0, s-maxage=86400, must-revalidate cf-ray 7ca08473fc7a6669-MAD
GET		SantanderTextW05-Regular.woff2 www.particulares.santander.pt/ficheros/modern/fonts/	0 0
GET H2	200	eye-icon_show.svg www.particulares.santander.pt/ficheros/modern/images/icons/	1 KB 622 B	36ms 35ms	Image image/svg+xml	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.particulares.santander.pt/ficheros/modern/images/icons/eye-icon_show.svg Requested by Host: www.particulares.santander.pt URL: https://www.particulares.santander.pt/ficheros/modern/css/login_and_register.css?v=1683772339710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash e2bb4d149101a87f31772cf53ac778f866b4b90367091aae7d13466f974f69ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://www.particulares.santander.pt/ficheros/modern/css/login_and_register.css?v=1683772339710 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:31 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 10:37:48 GMT x-cdn Imperva etag "4214fc2d" content-type image/svg+xml x-iinfo 7-10306951-0 0CNN RT(1684543111086 321) q(0 -1 -1 -1) r(0 -1) content-length 530
GET		SantanderHeadlineW05-Bold.woff2 www.particulares.santander.pt/ficheros/modern/fonts/	0 0
GET		SantanderTextW05-Bold.woff2 www.particulares.santander.pt/ficheros/modern/fonts/	0 0
GET		SantanderTextW05-Regular.woff www.particulares.santander.pt/ficheros/modern/fonts/	0 0
GET		SantanderHeadlineW05-Bold.woff www.particulares.santander.pt/ficheros/modern/fonts/	0 0
GET		SantanderTextW05-Bold.woff www.particulares.santander.pt/ficheros/modern/fonts/	0 0
GET		SantanderHeadlineW05-Bold.ttf www.particulares.santander.pt/ficheros/modern/fonts/	0 0
GET		SantanderTextW05-Regular.ttf www.particulares.santander.pt/ficheros/modern/fonts/	0 0
GET		SantanderTextW05-Bold.ttf www.particulares.santander.pt/ficheros/modern/fonts/	0 0
POST H2	200	xafbbkdbgvt Show response aae54045.jscrambler.com/	448 B 534 B	344ms 275ms	XHR text/plain	2606:4700:10::6816:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aae54045.jscrambler.com/xafbbkdbgvt Requested by Host: www.particulares.santander.pt URL: https://www.particulares.santander.pt/ruxitagentjs_ICA2NVfhqrux_10215210506134511.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0da50ca972f3acf42aead5f0b6968a7ccdeb09915fc423082b5d40f38b5c1fa9 Request headers Referer https://relatoriocartoes.com/ accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 20 May 2023 00:38:32 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare etag W/"1c0-GWWZPobO/Z2aOTWxILUNGOnpZ4k" vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * cf-ray 7ca084769c221a84-MAD
GET H2	200	eye-icon_show.svg www.particulares.santander.pt/ficheros/modern/images/icons/	1 KB 646 B	35ms 35ms	Image image/svg+xml	45.60.197.69 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.particulares.santander.pt/ficheros/modern/images/icons/eye-icon_show.svg Requested by Host: aae54045.jscrambler.com URL: https://aae54045.jscrambler.com/cc/1588655105.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.69 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash e2bb4d149101a87f31772cf53ac778f866b4b90367091aae7d13466f974f69ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://relatoriocartoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 20 May 2023 00:38:33 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 10:37:48 GMT x-cdn Imperva etag "4214fc2d" content-type image/svg+xml x-iinfo 7-10306951-0 0CNN RT(1684543111086 2255) q(0 -1 -1 -1) r(0 -1) content-length 530
POST H3	404	rb_834db520-fedf-40a6-abe8-5ab4dcedd4af Show response relatoriocartoes.com/	2 KB 1 KB	50ms 50ms	XHR text/html	2a02:4780:27:1088:0:3950:c661:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://relatoriocartoes.com/rb_834db520-fedf-40a6-abe8-5ab4dcedd4af?type=js3&sn=v_4_srv_-51_sn_42DBE97NGVBOEQN61H3P3V0T9E27JKIV&svrid=-51&flavor=post&vi=LKMNOUCIERCFAPTPGIMAUILNKKMROMLC-0&modifiedSince=1683746004540&rf=https%3A%2F%2Frelatoriocartoes.com%2Flogin.php&bp=3&app=4d8f58e29f68fe03&crc=1196253432&end=1 Requested by Host: www.particulares.santander.pt URL: https://www.particulares.santander.pt/ruxitagentjs_ICA2NVfhqrux_10215210506134511.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:27:1088:0:3950:c661:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e Request headers Referer https://relatoriocartoes.com/login.php accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 20 May 2023 00:38:34 GMT content-encoding br last-modified Thu, 06 Apr 2023 16:45:36 GMT server LiteSpeed etag "999-642ef730-6ef30695d986ca5e;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 912
POST H3	404	rb_834db520-fedf-40a6-abe8-5ab4dcedd4af Show response relatoriocartoes.com/	2 KB 953 B	51ms 50ms	XHR text/html	2a02:4780:27:1088:0:3950:c661:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://relatoriocartoes.com/rb_834db520-fedf-40a6-abe8-5ab4dcedd4af?type=js3&sn=v_4_srv_-51_sn_42DBE97NGVBOEQN61H3P3V0T9E27JKIV&svrid=-51&flavor=post&vi=LKMNOUCIERCFAPTPGIMAUILNKKMROMLC-0&modifiedSince=1683746004540&rf=https%3A%2F%2Frelatoriocartoes.com%2Flogin.php&bp=3&app=4d8f58e29f68fe03&crc=3923225256&end=1 Requested by Host: www.particulares.santander.pt URL: https://www.particulares.santander.pt/ruxitagentjs_ICA2NVfhqrux_10215210506134511.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:27:1088:0:3950:c661:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e Request headers Referer https://relatoriocartoes.com/login.php accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 20 May 2023 00:38:36 GMT content-encoding br last-modified Thu, 06 Apr 2023 16:45:36 GMT server LiteSpeed etag "999-642ef730-6ef30695d986ca5e;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger content-length 912

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.particulares.santander.pt

URL

https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.woff2

Domain

www.particulares.santander.pt

URL

https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.woff2

Domain

www.particulares.santander.pt

URL

https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.woff2

Domain

www.particulares.santander.pt

URL

https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.woff

Domain

www.particulares.santander.pt

URL

https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.woff

Domain

www.particulares.santander.pt

URL

https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.woff

Domain

www.particulares.santander.pt

URL

https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.ttf

Domain

www.particulares.santander.pt

URL

https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.ttf

Domain

www.particulares.santander.pt

URL

https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dT_ object| dtrum function| $ function| jQuery function| initializeSelectionFields function| iframeResize function| createPopup function| fadeOutElement function| fadeInElement function| addLoginLoadingOverlay object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _0x1d7a function| _0x3c13 function| _0x1df497 function| SessionToken2 object| setupDatepickerOpts function| setupDatepickerShow function| execute boolean| procesando function| initFocus function| setFocusDown function| setFocusPress function| setFocus function| setInitialFocus function| getKey function| getStringFormByName function| getFormByName function| getFormulario function| ejecutarAccion function| cambioPagina function| ejecutarAccionEnOtraUF function| ejecutarUnaAccionEnOtraUF function| operar2Params function| validaValorImporte function| UntoNdp function| importeJS_to_importePT function| importePT_to_importeJS function| teclaEsNumero function| teclaEsNumeroOrArrows function| checkDosDecimales function| checkDecimales function| exportToPdf function| exportToExcel function| expPriv function| formPopin function| showDialog function| goSetHeight function| addExtraIframeHeight function| resizeIframe function| iFrameReload function| checkIFrameReload function| getPageHeight function| isIEBrowser function| _hideSelect function| _showSelect function| isDefined function| showPopin function| showPopinNBP function| closePopin function| MM_openBrWindow function| printWindow function| getObject function| set_placeholder_iframe_load function| initialize function| initializePage function| cleanResponse function| utaglink function| utagview object| NBP function| updateQuiosque undefined| fingerprintID string| _NBP_JUID string| ua object| dataLayer object| autos function| collapsable function| z800 object| recaptcha

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.relatoriocartoes.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-51_sn_42DBE97NGVBOEQN61H3P3V0T9E27JKIV
			.relatoriocartoes.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 16845431121159J9RJK32BCQ2UITM7P858APVRDI25RVK
			.relatoriocartoes.com/	1969-12-31 23:59:59	Name: dtSa Value: -
			.relatoriocartoes.com/	1969-12-31 23:59:59	Name: dtLatC Value: 71
			.santander.pt/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_5_sn_5D479D4CF7B33AB8B7764C9D73F240DF_perc_100000_ol_0_mul_1_app-3A4d8f58e29f68fe03_1
			www.particulares.santander.pt/	1969-12-31 23:59:59	Name: Particulares01_JSESSIONID Value: 0001JrogOgN1aiAzs5gP7yUTWhI:clnbpnode10
			.particulares.santander.pt/	1970-01-20 20:41:10	Name: visid_incap_2833896 Value: 23kLRoKqS9WbN7papgR2NIcWaGQAAAAAQUIPAAAAAAArtcYxF9qL8mCqnr1EBBaJ
			.particulares.santander.pt/	1969-12-31 23:59:59	Name: incap_ses_509_2833896 Value: 42TrdL+e9TA+bgX7+VUQB4cWaGQAAAAAjoxke9CwlL9JqGPcTS4YfQ==
			.relatoriocartoes.com/	1969-12-31 23:59:59	Name: rxvt Value: 1684544913108|1684543112116
			.relatoriocartoes.com/	1969-12-31 23:59:59	Name: dtPC Value: -51$343112110_634h-vLKMNOUCIERCFAPTPGIMAUILNKKMROMLC-0

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.particulares.santander.pt/nbp_guard Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://relatoriocartoes.com/ficheros/js/jquery-migrate-3.1.0.js?_=1684543112145 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://relatoriocartoes.com/jsp/sanpt/usuarios/login_functions.jsp?_=1684543112146 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://relatoriocartoes.com/jsp/sanpt/usuarios/loginForm_novo.jsp?_=1684543112147 Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://relatoriocartoes.com/login.php Message: [.WebGL-0x1eac01a75500]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
javascript	error	URL: https://relatoriocartoes.com/login.php Message: Access to font at 'https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.woff2' from origin 'https://relatoriocartoes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://relatoriocartoes.com/login.php Message: Access to font at 'https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.woff2' from origin 'https://relatoriocartoes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://relatoriocartoes.com/login.php Message: Access to font at 'https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.woff2' from origin 'https://relatoriocartoes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://relatoriocartoes.com/login.php Message: Access to font at 'https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.woff' from origin 'https://relatoriocartoes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://relatoriocartoes.com/login.php Message: Access to font at 'https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.woff' from origin 'https://relatoriocartoes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://relatoriocartoes.com/login.php Message: Access to font at 'https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.woff' from origin 'https://relatoriocartoes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://relatoriocartoes.com/login.php Message: Access to font at 'https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.ttf' from origin 'https://relatoriocartoes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://relatoriocartoes.com/login.php Message: Access to font at 'https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.ttf' from origin 'https://relatoriocartoes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://relatoriocartoes.com/login.php Message: Access to font at 'https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.ttf' from origin 'https://relatoriocartoes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://relatoriocartoes.com/rb_834db520-fedf-40a6-abe8-5ab4dcedd4af?type=js3&sn=v_4_srv_-51_sn_42DBE97NGVBOEQN61H3P3V0T9E27JKIV&svrid=-51&flavor=post&vi=LKMNOUCIERCFAPTPGIMAUILNKKMROMLC-0&modifiedSince=1683746004540&rf=https%3A%2F%2Frelatoriocartoes.com%2Flogin.php&bp=3&app=4d8f58e29f68fe03&crc=1196253432&end=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://relatoriocartoes.com/rb_834db520-fedf-40a6-abe8-5ab4dcedd4af?type=js3&sn=v_4_srv_-51_sn_42DBE97NGVBOEQN61H3P3V0T9E27JKIV&svrid=-51&flavor=post&vi=LKMNOUCIERCFAPTPGIMAUILNKKMROMLC-0&modifiedSince=1683746004540&rf=https%3A%2F%2Frelatoriocartoes.com%2Flogin.php&bp=3&app=4d8f58e29f68fe03&crc=3923225256&end=1 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aae54045.jscrambler.com
relatoriocartoes.com
www.google.com
www.gstatic.com
www.particulares.santander.pt
www.particulares.santander.pt
2606:4700:10::6816:1e82
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a02:4780:27:1088:0:3950:c661:2
45.60.197.69
069ea633227041fd719d2d1f3a29cbf7dedae7df6b2b4a568ebba2e199af43a1
0afbafc1a47a0abcf601975e9f95019633769f405ae83219f0b4218346d68ab7
0da50ca972f3acf42aead5f0b6968a7ccdeb09915fc423082b5d40f38b5c1fa9
2f0e67192e014a837002fff61326afa99204d4b19c1b7c3d3a0c95fe4eea32df
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
47a86a210beee57bd38a7b8583d84a8124697003595a8255069b79234c2a0a16
768a38021128a2657d6267b5681dc037f9cd59f7b3b2c42a9c39879811089b16
9069c6400e1ef11ddd7015214e6d9576ddcf3edd6b8b3a8b943d61ce8b690e25
948213e5149ae982d063fc29530c0da4d93e69ba9767003eaa510f185ab52c8d
982435574a12c27b376099ade89d360dc9dda7c2bf4913022fc69b27366fc7fa
b3fdf7c9d651f20f160e0700356535b45d565cb28c0aac1a51d1136e78ce398b
e2bb4d149101a87f31772cf53ac778f866b4b90367091aae7d13466f974f69ed
e7042edf7b8066a83b0446588440d2d31325253d7da307ec4078b9204d6a5e13
ea5ecd5adcd76d05513a0903de4082b6a36bf9babd8f1f944fa8dc2be186234c
fdc8960aa91b36d373714561c7f47bd1b2918362de3571b9578b7fd8bb4afab4