urlscan.io logo urlscan.io
SecurityTrails logo

searchkarlo.com Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Submission Tags: https://phish.report @phish_report Search All
Submission: On August 02 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is searchkarlo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 5th 2022. Valid for: a year.
This is the only time searchkarlo.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious1 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
13 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 103.152.79.227 140641 (YOTTA YOT...)
2 2a00:1450:400... 15169 (GOOGLE)
18 5
Apex Domain
Subdomains		 Transfer
13 searchkarlo.com
searchkarlo.com
299 KB
2 gstatic.com
fonts.gstatic.com
63 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
3 KB
1 customerservice-number.net
www.customerservice-number.net
17 KB
18 4
Domain Requested by
13 searchkarlo.com searchkarlo.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com searchkarlo.com
1 www.customerservice-number.net searchkarlo.com
18 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-05 -
2023-09-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
customerservice-number.net
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Frame ID: C53B22803DA3F4EC79B55848277C7F7D
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

(Resolved 2022) Cancel Norton Subscription and Get Refund

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

382 kB
Transfer

1098 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/ 		84 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc8a0ae0e05cd0973debfc8c389fae3ab40ef70b02cacee2802cadd7ccc608b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7f059e09b9581cbe-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 10:25:31 GMT
expires
Wed, 02 Aug 2023 10:25:31 GMT
last-modified
Sat, 29 Jul 2023 15:14:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51aKQSYS9QhMLgyxaGWeBUKQjpiTULAmSyCfXVUhUp7eZVSgLRwq0j02Pas1PzJWEwcrGEksjab%2Fctwfu8qdaYgWoUlcQiVuki3gx8RcB%2FrHo7CIHX56bF%2BVzmh6Qh5zLJi8njBessJL2lPcV5Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
x-turbo-charged-by
LiteSpeed
style.min.css
searchkarlo.com/tech/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://searchkarlo.com/tech/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Jul 2023 21:21:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqV8rFO%2BobE%2FbnUVaikyLj9A69k3QFC%2F6PhSKA4rvtpVvhRznhDuWghkWnDCZ8xieszV7l41f1ZTPkgymMhg3U35B5nbXaZqMcpZ9hQtriaj8iuqHVyrSdLRKpNLiLJSsLiQKfuqI8agWXmbDeg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7f059e0a19c71cbe-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 10:25:31 GMT
classic-themes.min.css
searchkarlo.com/tech/wp-includes/css/ 		291 B
491 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://searchkarlo.com/tech/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Jul 2023 21:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLRwZ5cbb8hLrERWyrYYmeds6xm7sQRVlyPDHAlFMlEkFAoSDP3%2FB8cOjExEosphtoim4sJ%2F%2BraFSQi8sp4vsVEngZPQ6yUK2%2BpfoNLjVyayUKO%2BUJAmD1FM3ka92HOJ%2Beb83K4TdM%2FbRZx%2F%2BIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7f059e0a29c91cbe-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 10:25:31 GMT
chaty-front.min.css
searchkarlo.com/tech/wp-content/plugins/chaty/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://searchkarlo.com/tech/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1656938983
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9adf4ac35592b573fb62557c0c918f5c76f9b5d18353e2b0c2b4956c8fcc405c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 04 Jul 2022 11:30:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxyNGZEfI62BoS4VkpvP7IM3%2FIJrkFksTUlHptVBQ1DTfAPBUluRt0pWDN2UPrUJLePmlFef3VqhHxRhUrQhGpKCvqj1a61I%2Ff80udojxiGFmnzP1CdWVEkSTH%2BX0wkNhYa5KNPeyQ8Qc0%2FkEuc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7f059e0a29ca1cbe-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 10:25:31 GMT
styles.css
searchkarlo.com/tech/wp-content/cache/min/1/tech/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://searchkarlo.com/tech/wp-content/cache/min/1/tech/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=1690628686
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f21490128244f54a38864c301f0c9be49f323f6da36c5f5a6bd02175647ada

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 11:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9QlYsTyyUU08jIjpVwdzrpoweyAlsAbKhT2JZ9vIHOPzZJjsDvAjWlV2XkASdV6kJJU2MnpC7XbrTtgQZVQGGAFAk3KTV%2F6SUhj%2FJxYjHNA%2B4Uex6HSwtXzAmvkcXQaiJN4YeobHmfjz4cCMBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7f059e0a29cb1cbe-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 10:25:31 GMT
theme.css
searchkarlo.com/tech/wp-content/cache/min/1/tech/wp-content/plugins/popup-builder/public/css/ 		70 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://searchkarlo.com/tech/wp-content/cache/min/1/tech/wp-content/plugins/popup-builder/public/css/theme.css?ver=1690628686
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
235147ac6ff6d1b6a7497c021985e492e09173641a7f49e91a063917ff5d7e4b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 11:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYdkNytdjWO3Ym1PMaAsbxHX8ZAimgoql1XIUqp28htmwMev98M62Ram5L29vhTwaZPi8RlEgngqmTvuPG6hc1D1cSmyovV%2Fm2fzMIn1Fij2rZ3uoU%2F1fECgwuuBWdgQn7l%2FT4ICCrapuhW8UZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7f059e0a29cf1cbe-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 10:25:31 GMT
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A+400%2C300%2C600%2C700%2C800%7CRoboto%3A+400%2C100%2C300%2C700&subset=latin%2Clatin-ext&ver=1.0.0
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94f1b9ca18e2dbf5efbf926bc347763289cbe2a51c00849271e61bae045ba69a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 02 Aug 2023 10:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:25:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Aug 2023 10:25:31 GMT
style.css
searchkarlo.com/tech/wp-content/cache/min/1/tech/wp-content/themes/trade/ 		508 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://searchkarlo.com/tech/wp-content/cache/min/1/tech/wp-content/themes/trade/style.css?ver=1690628687
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a2c358ebd0a29308574d00f9f74544ed31f260af320d2423ce18129b8fbee7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 11:04:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fiBVFIf9JbtT%2B1n4uYY5uyiiUgK9CkxuTv%2BO30kZ7wx7prxBIwppq%2BB7ZC8uGU7Qm7qGfqrVTARyXRVYFSwLsbHP40AzdqVv%2FCP9dljhagl7GIYOWKOybd2sw0fhyZlnNp682G9NBl7jip61FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7f059e0a29d11cbe-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 10:25:31 GMT
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15179bcf587735652ddf7a4af0ed500881cb4b4eaf3effce1719c1d3de17f79d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8608116d98a37a89278f448137024cdbdce7117e4196c65b2b444f692608abbd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e15ae41af9f4343ac19095c163cefff6d0bece4892aabe6354df84c07536de29

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
lazyload.min.js
searchkarlo.com/tech/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://searchkarlo.com/tech/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 27 Jul 2023 16:43:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZ90aAqukbtWRfHkB6qr0Mlh0e3tsrwoa7mh2YDjWQnJ22OVEdPGZkR%2B3oiO4d%2BfeSWfPf3o78PiivESOpSOy8P1MPXHyJHcIC36oUzperuK6O0%2BFYNuR6x0R1yXYOG%2Fzd0JPEtnYCYGAOdoEug%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7f059e0a49f31cbe-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 10:25:31 GMT
about-bg.jpg
searchkarlo.com/tech/wp-content/themes/trade/images/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://searchkarlo.com/tech/wp-content/themes/trade/images/about-bg.jpg
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1db512317fd27829691eade700b5a8261974923e0dd2d39ed79653372da73a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:32 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2018 08:11:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKmilIGffiyR6kBs0wY%2BhkgniD1CW6GCZ67iNPIENq4K3JCcxXgXZQNqRoKR59l1MqKP6YCD%2Ba45BrdW8TruZtILmdnMkSWFqRFpwP8ZPmzUZKWbqPPRcgU5PBzPOOKB%2BR4tSEJlkqUnVCvjqjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7f059e0a49f81cbe-AMS
alt-svc
h3=":443"; ma=86400
content-length
67930
expires
Fri, 01 Sep 2023 10:25:32 GMT
footer-bg.jpg
searchkarlo.com/tech/wp-content/themes/trade/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://searchkarlo.com/tech/wp-content/themes/trade/images/footer-bg.jpg
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c972f8b729851b3db93fd8bba760ee2ba835a098d5e944a0a87aa5cc2069fb0d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:31 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2018 08:11:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSk4HlgJG3L4hC7wFMC0JmkRO0FZ6s95yVYOUSDcsi91Bn%2B%2B6bzDucUzZKYZuOuHblFDbsigST7Ob2VBtRnqXmDwshCUUBHempykztE%2FtAx3uFYFXzcUO%2BjOUnJNzAV6WkIsn8H9LNW7h%2Fu6IDI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7f059e0a49fd1cbe-AMS
alt-svc
h3=":443"; ma=86400
content-length
12789
expires
Fri, 01 Sep 2023 10:25:31 GMT
chat-icon.png
www.customerservice-number.net/wp-content/uploads/2017/01/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.customerservice-number.net/wp-content/uploads/2017/01/chat-icon.png
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.152.79.227 , India, ASN140641 (YOTTA YOTTA NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
servers.moonnameserver.com
Software
LiteSpeed /
Resource Hash
c5585cd62f0a5621abab7d566b834b14654d62aac1fee4626964981d63e03ef1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:33 GMT
last-modified
Fri, 08 Feb 2019 07:03:55 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
16777
expires
Fri, 01 Sep 2023 10:25:33 GMT
logo-3.png
searchkarlo.com/tech/wp-content/uploads/2021/11/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://searchkarlo.com/tech/wp-content/uploads/2021/11/logo-3.png
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6b35fc49e9f1d23260328f21778388129ec6f0faa6791156da867bb915e964f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:32 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Nov 2021 13:21:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9WEM4APJzTgtevxsITgFgWtisyr3kBDBULMQCDVhpwc2dyaHEgl6qnDH%2Fj5nFBTWQvF8V0o4EvY%2BvRTo%2FqxxAIPvE9vpta46KYZ%2FSeXJOaqyaeIl6wUC0mYj8DYzuheB4AZ1I%2Bmn%2FI7fCuigew%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7f059e0adb6328ac-AMS
alt-svc
h3=":443"; ma=86400
content-length
3494
expires
Fri, 01 Sep 2023 10:25:32 GMT
How-to-Cancel-Norton-Subscription-and-Get-Refund.jpg
searchkarlo.com/tech/wp-content/uploads/2022/02/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://searchkarlo.com/tech/wp-content/uploads/2022/02/How-to-Cancel-Norton-Subscription-and-Get-Refund.jpg
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11dbd63898ff03b49db9112cbacb5cb01516c8ae92a526fbe22fa98b18a4803f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:32 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 10:11:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2Fw2iXx3y8aOPkhb%2BaUYDAhQZ0EWoL3eMc4xtAt3HHz%2FTWD8QIfs7z6XXwhRa5P2b%2Bg4QH0quo%2BCsVXqbQXOX0hcPSIVzjzfr8xIeHJhzBLOiL3A4KKftLWCJoEK%2BzSDYJXg7m1s0N9VZSc9LM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7f059e0adb6528ac-AMS
alt-svc
h3=":443"; ma=86400
content-length
22251
expires
Fri, 01 Sep 2023 10:25:32 GMT
css
fonts.googleapis.com/ 		35 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Work+Sans:100,200,300,400,500,600,700,800,900
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/wp-content/cache/min/1/tech/wp-content/themes/trade/style.css?ver=1690628687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99d67d08452a55535586436121ff723951741ca62655b53b3cfe0233c010e273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://searchkarlo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 02 Aug 2023 10:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:25:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Aug 2023 10:25:31 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A+400%2C300%2C600%2C700%2C800%7CRoboto%3A+400%2C100%2C300%2C700&subset=latin%2Clatin-ext&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://searchkarlo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:08:17 GMT
x-content-type-options
nosniff
age
343034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 11:08:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A+400%2C300%2C600%2C700%2C800%7CRoboto%3A+400%2C100%2C300%2C700&subset=latin%2Clatin-ext&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://searchkarlo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 00:05:03 GMT
x-content-type-options
nosniff
age
382828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 00:05:03 GMT
fontawesome-webfont.woff2
searchkarlo.com/tech/wp-content/themes/trade/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://searchkarlo.com/tech/wp-content/themes/trade/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: searchkarlo.com
URL: https://searchkarlo.com/tech/wp-content/cache/min/1/tech/wp-content/themes/trade/style.css?ver=1690628687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://searchkarlo.com/tech/wp-content/cache/min/1/tech/wp-content/themes/trade/style.css?ver=1690628687
Origin
https://searchkarlo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:25:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
71896
last-modified
Thu, 01 Feb 2018 08:11:10 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZO9AJR5yAIOKcxTTzlUSJOPENyn1kOAnZinlutWFB1o9TP9iy%2BmgvWKyj2A6kzrE13TB4zVXhTk5weysIsXG0nsypJFTcMum%2Buy8mH70yIlV%2BppkmoH%2FLROth2e2tzo2Y%2Bam9WzqzQFBHco8%2BhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7f059e0b6c3328ac-AMS
expires
Thu, 30 Nov 2023 10:25:32 GMT

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on August 2nd 2023, 10:27:20 am UTC — From Australia

Threats: Phishing Scam Brand Impersonation
Comment: Norton Refund Scam website for UK USA and Canada

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| href object| chaty_settings object| wpcf7 object| trade_script object| wpcf7_recaptcha object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| wprRemoveCPCSS function| LazyLoad

0 Cookies

2 Console Messages

Source Level URL
Text
rendering warning URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/(Line 418)
Message:
The specified value "Your Number" cannot be parsed, or is out of range.
security warning URL: https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/
Message:
Mixed Content: The page at 'https://searchkarlo.com/tech/how-to-cancel-norton-subscription-and-get-refund/' was loaded over HTTPS, but requested an insecure element 'http://www.customerservice-number.net/wp-content/uploads/2017/01/chat-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
searchkarlo.com
www.customerservice-number.net
103.152.79.227
2a00:1450:4001:80b::200a
2a00:1450:4001:82b::2003
2a06:98c1:3120::3
11dbd63898ff03b49db9112cbacb5cb01516c8ae92a526fbe22fa98b18a4803f
15179bcf587735652ddf7a4af0ed500881cb4b4eaf3effce1719c1d3de17f79d
235147ac6ff6d1b6a7497c021985e492e09173641a7f49e91a063917ff5d7e4b
6b1db512317fd27829691eade700b5a8261974923e0dd2d39ed79653372da73a
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7fc8a0ae0e05cd0973debfc8c389fae3ab40ef70b02cacee2802cadd7ccc608b
8608116d98a37a89278f448137024cdbdce7117e4196c65b2b444f692608abbd
88f21490128244f54a38864c301f0c9be49f323f6da36c5f5a6bd02175647ada
94f1b9ca18e2dbf5efbf926bc347763289cbe2a51c00849271e61bae045ba69a
99d67d08452a55535586436121ff723951741ca62655b53b3cfe0233c010e273
9adf4ac35592b573fb62557c0c918f5c76f9b5d18353e2b0c2b4956c8fcc405c
a6b35fc49e9f1d23260328f21778388129ec6f0faa6791156da867bb915e964f
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
c5585cd62f0a5621abab7d566b834b14654d62aac1fee4626964981d63e03ef1
c972f8b729851b3db93fd8bba760ee2ba835a098d5e944a0a87aa5cc2069fb0d
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e15ae41af9f4343ac19095c163cefff6d0bece4892aabe6354df84c07536de29
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5a2c358ebd0a29308574d00f9f74544ed31f260af320d2423ce18129b8fbee7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860