www.ocai-online.com
Open in
urlscan Pro
192.124.249.10
Malicious Activity!
Public Scan
Effective URL: https://www.ocai-online.com/
Submission: On May 04 via manual from US
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 19th 2019. Valid for: a year.
This is the only time www.ocai-online.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10010.sucuri.net
www.ocai-online.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-111.fra2.r.cloudfront.net
code.evidence.io |
ASN13335 (CLOUDFLARENET, US)
apps.elfsight.com | |
static.elfsight.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-167.fra2.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN14061 (DIGITALOCEAN-ASN, US)
api.at.getsocial.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-48-127.compute-1.amazonaws.com
pp.signalayer.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-204-35.compute-1.amazonaws.com
trackcmp.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-42.fra50.r.cloudfront.net
config.evidence.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-96-31.us-east-2.compute.amazonaws.com
api.endorsal.io |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
ndrsl-avatars.s3.us-east-2.amazonaws.com |
Domain | Requested by | |
---|---|---|
29 | www.ocai-online.com |
1 redirects
www.ocai-online.com
|
7 | fonts.gstatic.com |
www.ocai-online.com
fast.b-cdn.net |
4 | ndrsl-avatars.s3.us-east-2.amazonaws.com |
www.ocai-online.com
|
4 | cdn.endorsal.io |
www.ocai-online.com
cdn.endorsal.io |
3 | fast.b-cdn.net |
api.at.getsocial.io
fast.b-cdn.net www.ocai-online.com |
3 | www.google-analytics.com |
1 redirects
www.ocai-online.com
www.google-analytics.com |
3 | fonts.googleapis.com |
www.ocai-online.com
|
2 | api.endorsal.io |
cdn.endorsal.io
|
2 | connect.facebook.net |
www.ocai-online.com
connect.facebook.net |
2 | api.at.getsocial.io |
www.ocai-online.com
fast.b-cdn.net |
2 | js.stripe.com |
www.ocai-online.com
js.stripe.com |
2 | static.elfsight.com |
www.ocai-online.com
static.elfsight.com |
2 | apps.elfsight.com |
1 redirects
static.elfsight.com
|
1 | sdk.snapkit.com |
fast.b-cdn.net
|
1 | config.evidence.io |
code.evidence.io
|
1 | trackcmp.net |
www.ocai-online.com
|
1 | www.google.de |
www.ocai-online.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | data.tooltip.io |
cdn.tooltip.io
|
1 | pp.signalayer.com |
cdn.tooltip.io
|
1 | cdn.tooltip.io |
www.ocai-online.com
|
1 | d10lpsik1i8c69.cloudfront.net |
www.ocai-online.com
|
1 | code.evidence.io |
www.ocai-online.com
|
1 | maxcdn.bootstrapcdn.com |
www.ocai-online.com
|
72 | 25 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ocai-online.com Go Daddy Secure Certificate Authority - G2 |
2019-08-19 - 2020-08-19 |
a year | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
code.evidence.io Amazon |
2019-12-27 - 2021-01-27 |
a year | crt.sh |
elfsight.com CloudFlare Inc ECC CA-2 |
2020-01-04 - 2020-10-09 |
9 months | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2020-02-12 - 2020-06-03 |
4 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
*.tooltip.io Amazon |
2020-04-13 - 2021-05-13 |
a year | crt.sh |
*.endorsal.io Amazon |
2019-09-05 - 2020-10-05 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
api.at.getsocial.io Gandi Standard SSL CA 2 |
2019-12-04 - 2021-01-01 |
a year | crt.sh |
*.signalayer.com Amazon |
2020-02-07 - 2021-03-07 |
a year | crt.sh |
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA |
2020-04-09 - 2022-04-09 |
2 years | crt.sh |
www.google.de GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-04-15 - 2020-07-14 |
3 months | crt.sh |
*.trackcmp.net Amazon |
2020-03-31 - 2021-04-30 |
a year | crt.sh |
sdk.snapkit.com DigiCert SHA2 Secure Server CA |
2018-08-16 - 2020-08-20 |
2 years | crt.sh |
*.s3.us-east-2.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-01-31 - 2021-05-27 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.ocai-online.com/
Frame ID: 3F12D3F768E4CE34448A651E88D3E24C
Requests: 71 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Frame ID: 7AF3A2A3F985264A9EFD3CAD85901AE3
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.ocai-online.com/
HTTP 301
https://www.ocai-online.com/ Page URL
Detected technologies
Drupal (CMS) ExpandDetected patterns
- headers expires /19 Nov 1978/i
PHP (Programming Languages) Expand
Detected patterns
- headers expires /19 Nov 1978/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Page Statistics
34 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Positive Culture Academy
Search URL Search Domain Scan URL
Title: Buy Now
Search URL Search Domain Scan URL
Title: Buy Now
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Pinterest
Search URL Search Domain Scan URL
Title: WhatsApp
Search URL Search Domain Scan URL
Title: Tumblr
Search URL Search Domain Scan URL
Title: Linkedin
Search URL Search Domain Scan URL
Title: Reddit
Search URL Search Domain Scan URL
Title: Odnoklassniki
Search URL Search Domain Scan URL
Title: Hacker News
Search URL Search Domain Scan URL
Title: Vkontakte
Search URL Search Domain Scan URL
Title: Buffer
Search URL Search Domain Scan URL
Title: Renren
Search URL Search Domain Scan URL
Title: Weibo
Search URL Search Domain Scan URL
Title: Yummly
Search URL Search Domain Scan URL
Title: Draugiem
Search URL Search Domain Scan URL
Title: Line
Search URL Search Domain Scan URL
Title: Slack
Search URL Search Domain Scan URL
Title: Evernote
Search URL Search Domain Scan URL
Title: Flipboard
Search URL Search Domain Scan URL
Title: Pocket
Search URL Search Domain Scan URL
Title: Telegram
Search URL Search Domain Scan URL
Title: Skype
Search URL Search Domain Scan URL
Title: KakaoStory
Search URL Search Domain Scan URL
Title: Xing
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.ocai-online.com/
HTTP 301
https://www.ocai-online.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://apps.elfsight.com/p/platform.js HTTP 301
- https://static.elfsight.com/platform/platform.js
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1095876708&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ocai-online.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20OCAI%20online&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAAEADQ~&jid=571936116&gjid=34131924&cid=1804905009.1588617447&tid=UA-24270198-6&_gid=414305168.1588617447&_r=1&z=469425197 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24270198-6&cid=1804905009.1588617447&jid=571936116&_gid=414305168.1588617447&gjid=34131924&_v=j81&z=469425197 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24270198-6&cid=1804905009.1588617447&jid=571936116&_v=j81&z=469425197 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24270198-6&cid=1804905009.1588617447&jid=571936116&_v=j81&z=469425197&slf_rd=1&random=643824002
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.ocai-online.com/ Redirect Chain
|
61 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_7Eiz8OXcsLaVsPCDFHsSAizbIE4YFDJkjWsNq7Lho-M.css
www.ocai-online.com/sites/default/files/css/ |
343 B 613 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_QKFhpNlZkcYHBLbynVPSBiPI70r1BtZUzpkUDLabneg.css
www.ocai-online.com/sites/default/files/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_EPDNTXfaGAbsCw9tX0ZmESbvA2jAO-u2GQNOEmVnbEs.css
www.ocai-online.com/sites/default/files/css/ |
271 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
25 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_N64wLwdPJ_8LIg3QEzW3jJtRkd9L8yuFwmC8jUXd34w.css
www.ocai-online.com/sites/default/files/css/ |
180 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
www.ocai-online.com/core/assets/vendor/modernizr/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_tqpOY2NpdCSw1DC3Z57hKPrL5G7FJu370T6vF5KSoeE.js
www.ocai-online.com/sites/default/files/js/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.ocai-online.com/themes/custom/ocai/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
organizational_culture_change_book_by_marcella_bremer.jpg
www.ocai-online.com/sites/default/files/paragraph/books/images/2019-01/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
positive_culture_book_by_marcella_bremer.jpg
www.ocai-online.com/sites/default/files/paragraph/books/images/2019-01/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7-tribal-.jpg
www.ocai-online.com/sites/default/files/styles/blog_image_teaser/public/node/blog/image-teaser/2020-03/ |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8-virtual-call.jpg
www.ocai-online.com/sites/default/files/styles/blog_image_teaser/public/node/blog/image-teaser/2020-03/ |
65 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7-reflection.jpg
www.ocai-online.com/sites/default/files/styles/blog_image_teaser/public/node/blog/image-teaser/2020-03/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6-DISC-color-personalities.jpg
www.ocai-online.com/sites/default/files/styles/blog_image_teaser/public/node/blog/image-teaser/2020-03/ |
60 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5-lonely-600.jpg
www.ocai-online.com/sites/default/files/styles/blog_image_teaser/public/node/blog/image-teaser/2020-02/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4-identity-iceberg.png
www.ocai-online.com/sites/default/files/styles/blog_image_teaser/public/node/blog/image-teaser/2019-12/ |
223 KB 223 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pp_cc_mark_74x46.jpg
www.ocai-online.com/themes/custom/ocai/images/brands/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mastercard.svg
www.ocai-online.com/themes/custom/ocai/images/brands/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa_pos_fc.png
www.ocai-online.com/themes/custom/ocai/images/brands/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
american-express-logo.gif
www.ocai-online.com/themes/custom/ocai/images/brands/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sucuri.png
www.ocai-online.com/themes/custom/ocai/images/brands/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjQ4OX0.6eWONNZo9I6ORD7jqK1vcB8dfmsbeX-Cjw3inmSwo44
code.evidence.io/js/ |
598 KB 188 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
static.elfsight.com/platform/ Redirect Chain
|
46 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_QssuvkBrx8hV2zn_PWuNjJuiZMC0FrEO1oFG9MbdWf0.js
www.ocai-online.com/sites/default/files/js/ |
829 B 819 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v3/ |
165 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_UXTdkJMD1V2Kb-r6Z1N4x_nVkXGMd-ZR1m4zfWAu0Ss.js
www.ocai-online.com/sites/default/files/js/ |
297 KB 73 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w.js
d10lpsik1i8c69.cloudfront.net/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
player.js
cdn.tooltip.io/static/ |
462 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.min.js
cdn.endorsal.io/widgets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 836 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 862 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unnamed.jpg
www.ocai-online.com/themes/custom/ocai/images/ |
115 KB 116 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homesealed-why-choose-us-hero.jpg
www.ocai-online.com/themes/custom/ocai/images/ |
320 KB 321 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partern.png
www.ocai-online.com/themes/custom/ocai/images/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
strategy.jpg
www.ocai-online.com/themes/custom/ocai/images/ |
181 KB 181 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
www.ocai-online.com/themes/custom/ocai/vendor/font-awesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UaGrEBBsBhlBjvfkSpa4r3Owp5eKQtG.woff2
fonts.gstatic.com/s/alegreya/v13/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2
fonts.gstatic.com/s/alegreya/v13/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gs_async.js
api.at.getsocial.io/get/v1/b2642a95/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.google-analytics.com/gtm/ |
66 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbdf18c9-ad85-4893-a7eb-1e629e528bf3
pp.signalayer.com/ |
2 B 259 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbdf18c9-ad85-4893-a7eb-1e629e528bf3.json
data.tooltip.io/player/fetch/ |
321 B 768 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1_gs_lib.js
fast.b-cdn.net/client/2005/04143608/min/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visit
trackcmp.net/ |
0 392 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
config.evidence.io/ |
25 KB 25 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
js.stripe.com/v3/ Frame 7AF3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
apps.elfsight.com/p/boot/ |
989 B 890 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
endorsal-testimonials.min.css
cdn.endorsal.io/widgets/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.min.css
cdn.endorsal.io/widgets/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5eaf16ece4c7ac14c5f8ef9f
api.endorsal.io/render/ |
28 KB 3 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5dee99364264b346343879e7
api.endorsal.io/check/fomo/ |
17 B 283 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
394 KB 115 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_social_buttons.css
fast.b-cdn.net/templates/ |
390 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
create.js
sdk.snapkit.com/js/v1/ |
161 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
api.at.getsocial.io/api/v1/elements/ |
272 B 949 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
backToTop.js
static.elfsight.com/apps/back-to-top/release/0d2a3c11-c82a-4b0d-91e4-33269bec09bb/app/ |
625 KB 218 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getsocial-icons.woff
fast.b-cdn.net/fonts/ |
18 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1588531879329-3903_small.jpg
ndrsl-avatars.s3.us-east-2.amazonaws.com/ |
3 KB 3 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1588531677969-2732_small.jpg
ndrsl-avatars.s3.us-east-2.amazonaws.com/ |
3 KB 4 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1588531621406-5443_small.jpg
ndrsl-avatars.s3.us-east-2.amazonaws.com/ |
3 KB 3 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1588531103300-166_small.jpg
ndrsl-avatars.s3.us-east-2.amazonaws.com/ |
3 KB 3 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carousel.min.js
cdn.endorsal.io/widgets/ |
1 KB 941 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| __lo_site_id object| dataLayer string| GoogleAnalyticsObject function| ga object| Tooltip string| ct_check_js_val object| Modernizr function| $ function| jQuery object| drupalSettings object| Drupal object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Stripe object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| NDRSL object| Outlog object| GSvars object| google_tag_manager object| google_optimize object| overlay object| sidebar object| lsidebar object| rsidebar object| toggleButtons function| calculateTotalValue function| calculateCurrentValue function| initProgressBar function| initPlayers object| d number| ctTimeMs boolean| ctMouseEventTimerFlag string| ctMouseData number| ctMouseDataCounter function| ctSetCookie number| ctMouseReadInterval number| ctMouseWriteDataInterval function| ctMouseStopData function| ctFunctionMouseMove function| ctKeyStopStopListening function| ctFunctionFirstKey function| Swiper function| WOW string| trackcmp_email object| trackcmp object| trackcmp_s undefined| trackcmp_h object| eapps object| progressElement boolean| EvidenceLoaded object| wow object| FB object| GS object| GSUtils object| GSu function| snapKitInit object| scCGSHMRCache function| eappsBackToTop object| Signalayer function| NDRSLsetupCarousels16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.ocai-online.com/ | Name: gs_fpvss Value: hTueCr##90893249 |
|
www.ocai-online.com/ | Name: gs_session Value: #5eb0646b#hTueCrjQdR |
|
www.ocai-online.com/ | Name: ct_timezone Value: 2 |
|
www.ocai-online.com/ | Name: ct_fkp_timestamp Value: 0 |
|
www.ocai-online.com/ | Name: _sl_ping_marker Value: initial |
|
www.ocai-online.com/ | Name: ct_check_js Value: 05597ffc10f00ccca46bc15ce908263d |
|
.www.ocai-online.com/ | Name: __stripe_sid Value: 2d967660-37b6-4fbf-a759-781133043c48 |
|
www.ocai-online.com/ | Name: ct_ps_timestamp Value: 1588617447 |
|
www.ocai-online.com/ | Name: apbct_cookies_test Value: %7B%22cookies_names%22%3A%5B%22apbct_timestamp%22%5D%2C%22check_value%22%3A%2209e822cbd643e9ff33e136b1cbe305ed%22%7D |
|
.ocai-online.com/ | Name: _gat Value: 1 |
|
www.ocai-online.com/ | Name: ct_pointer_data Value: %5D |
|
.ocai-online.com/ | Name: _ga Value: GA1.2.1804905009.1588617447 |
|
.www.ocai-online.com/ | Name: __stripe_mid Value: a26c8ef8-f657-4615-a957-b3745a7c7b6d |
|
.www.ocai-online.com/ | Name: SSESS2d2abf23f701afcbd4bd34cc071bf2f3 Value: rMe5bx5wQ-93DStrnZJFWy6pp_nG0RNNeRLr8w4RreI |
|
.ocai-online.com/ | Name: _gid Value: GA1.2.414305168.1588617447 |
|
www.ocai-online.com/ | Name: apbct_timestamp Value: 1588617445 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
X-Content-Type-Options | nosniff nosniff nosniff |
X-Frame-Options | SAMEORIGIN SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.at.getsocial.io
api.endorsal.io
apps.elfsight.com
cdn.endorsal.io
cdn.tooltip.io
code.evidence.io
config.evidence.io
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
data.tooltip.io
fast.b-cdn.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
maxcdn.bootstrapcdn.com
ndrsl-avatars.s3.us-east-2.amazonaws.com
pp.signalayer.com
sdk.snapkit.com
static.elfsight.com
stats.g.doubleclick.net
trackcmp.net
www.google-analytics.com
www.google.com
www.google.de
www.ocai-online.com
13.225.78.167
13.225.87.111
143.204.97.42
151.101.112.176
18.235.204.35
192.124.249.10
2001:4de0:ac19::1:b:1a
2600:9000:20eb:3400:f:37bd:d4c0:93a1
2600:9000:20eb:d200:6:36e8:9f00:93a1
2600:9000:20eb:da00:11:9d6f:eec0:93a1
2600:9000:21f3:2e00:14:4dac:ddc0:93a1
2606:4700:20::681a:76b
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:819::2004
2a00:1450:4001:820::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9c
2a00:f48:2000:1023::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:b0c0:3:d0::21:f001
3.19.96.31
3.210.48.127
52.219.104.251
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
0b9c00b775fe64b2a8d26281a276519533c3f7602bc2507997b38b4c51fbef17
106182d216293e2e4b8b0af755e38e357e920464320ef4dec04fb40824f9d5d1
10f0cd4d77da1806ec0b0f6d5f46661126ef0368c03bebb619034e1265676c4b
128f465ce476ddda9cb9fa6da55982a8c6e7e132659cada4944b21038685eb94
1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a
20ecdde5a4ff58abc56e8c62377b67e9940e7dc7990b2498f2b5e533e72edf91
221f58b0863f9beed8e25c05a2d414f178c2ca592a88fafa676f129df61e8ef4
23f182f06cb814bbe650941de3861e5c4cf5caa6f0167009da38ff9254d33483
2acb61baa707500bc0994c32dde6830612cbfb4598f825776eebabaca82475bc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31d1b58414b9701aa9e612b85c0157b08cc11d58bf174d86065366083c4ced6b
323be42a6b17d113530a0e3c843f784caee680090fbd53fff08a74f4df9513fc
33126232c967c751aff9d42da6f57fd7e2e951ed2b301bd68e4543a8a21c9a54
36581f6777ff712e40d8577c4fd97578b3b3cb736f83c2471e59804e505f9b45
37ae302f074f27ff0b220dd01335b78c9b5191df4bf32b85c260bc8d45dddf8c
392924315335d51f07caec6d23eb09dfb0cb5a087c893a416e97145b3dd48327
3a2c7425c25583ee40e0fc055fe56f4d8975c26ab9b417e668d1dc4c05ac31a7
40a161a4d95991c60704b6f29d53d20623c8ef4af506d654ce99140cb69b9de8
42cb2ebe406bc7c855db39ff3d6b8d8c9ba264c0b416b10ed68146f4c6dd59fd
46229ed1e881dd358878eaa2df2aa6055dc3261e4de359321a5e71cfce9309c3
5174dd909303d55d8a6feafa675378c7f9d591718c77e651d66e337d602ed12b
52c126351ba2f6fa50883a25ef478bb1adbeefdac3bc1aee5cad6a6d75b0921c
540caf365075576b1bdde96df24d7373cbca45c2edf2dfefdd7baf4544a64d0e
5476ee7ddcc29797fe186cb10f587c38ed6a69466111dd87c3f3d50537ad08ba
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ae16aaddfedb6f39075a404a4d1503f55674505a23ce630ba8517a892c31704
5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6351107e606a15b6825562afd73efda3bb7fbc67c6d3ed4fb0c7c3d23ef539c0
636c07c06e545e8810f20788c37e38a83a036fdb8fd491120f441c1e0e3431f4
6596dfb3a7c892032b3b0c5ed69f742a390c3f64206cd7fe6949b9aa44708925
6e5d55616ba9d4ca6fe9efe1b155d667dd4467d395f70252d748b24a5b1d973b
76977e5985ea05ef1637f617af73c776fc2bcc12f2da9b238a0e95216ed18067
8298dbc2b2b67914067179672c3324bd4c42efa1f3a65386547b41c1bd01e4ae
871147d7c55ceaf1e5d8df6985d71324aa83244b79d15b12767e5cc908fc75c6
8897993c29c4a5abce7ca3442e85bb051cdb8ae6599488a9864feb8a36ade769
88dd77abc66d318b07f71b5f34ca8f6f3ad76fa42b99e0c93a508cf23cc8747e
8c385eb13f2d6d2ad0c2233f1f634398eac2f52ede8cc1eec9cd5c57ca79d606
997423be26d1eae9efbfc2098141a06f626749dc4a89fc40c15d567a662856a3
99b30082af66eec0874fa2f5c17c2e7e385c394b62f6ee92dc7dfb910c7ec703
9bf0aa6e42d11ac2ce356fb7e47dd811d632aaa93345f5fbbe56cff8c6c9a273
9d8d66a7236d158205e46d0a8fa57596dcfdd37a69334e568de115c90677968a
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6235b9af2b3eb5340d21e9010316d61cd3319ac94af47fe7a50715535dd571e
ac1ffea457a350389af71c95982aa482dcf471aa4f107a04121091c6ec74ac66
ac24873145d2c58c721db396e49e9b14f41717a073c6727c98ca86762d1a175a
b2b3fcf294b91db2f29b11b71b0c521dd6a45969fc4f77638363c2414d818b5f
b3848067cb09392ef7856677b55958a60ca8e6d2cbfe852f192c42ab724d7ff0
b6aa4e6363697424b0d430b7679ee128facbe46ec526edfbd13eaf179292a1e1
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bf42905532a3c3ff813b18cfee56d147ad16dfb4a870578cc2a2e0d4e3ff48e7
cd8f07b8ecb499dca7b70ebd7aef530872a3a41f401ec317a6f7f2c3b39fff1b
ceed7c1ac3b4b8026d086d386a2cb21f64309dda8d0a2b36817861bbc82e0dc0
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
d59a04c63de767732de4b3435bd9ae21a4633cd673890413e1c905794a9f34ba
d6a87910d91bc382c97fd98b264d689ece25245b44231d4e3429ad0b54294ece
d6aaef945f0e21d4ef024b527e5f83159ec0f746f8e080e2e29d0cd6f6a32e5d
da86754fdbd7824ab53f885c54fed72a70681ffb046989b3cfd445c350eecca1
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42cb19a7eb94f07e2bee2b68242c0cab49fb3f8312aa7b6d3d5e366493eb38a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec48b3f0e5dcb0b695b0f083147b12022cdb204e181432648d6b0dabb2e1a3e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bf2f8385ac005fd305235b749e64b58f185b64dd03bb1d6649423efd1538d9
f16b95af8d7749ee61d925a201f1624bc432d4c12dddf8d58f898f94e60b6d60
f192008805f90e16a000a44d23c01a69e819f2a97eabd007d2d3be7e8591c7b8
fcb62a431f65912ac843c1c67fd54893235fcc138fd9312a188780b570b13bf9
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305