urlscan.io logo urlscan.io
SecurityTrails logo

blackstar.com.ua Open in urlscan Pro
194.28.86.171  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contrav...
Effective URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contrav...
Submission: On September 30 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 19 HTTP transactions. The main IP is 194.28.86.171, located in Ukraine and belongs to HOSTPRO-AS, UA. The main domain is blackstar.com.ua.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 3rd 2021. Valid for: 3 months.
This is the only time blackstar.com.ua was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: FR Government (Government)

Domain & IP information

IP Address AS Autonomous System
9 194.28.86.171 196645 (HOSTPRO-AS)
1 185.8.53.118 47957 (ING-AS)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 104.18.11.207 13335 (CLOUDFLAR...)
5 172.67.139.119 13335 (CLOUDFLAR...)
19 7
9    194.28.86.171 (Ukraine)

ASN196645 (HOSTPRO-AS, UA)
PTR: skm293.hostsila.org
blackstar.com.ua
1    185.8.53.118 (France)

ASN47957 (ING-AS, FR)
www.amendes.gouv.fr
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
5    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
Apex Domain
Subdomains		 Transfer
9 blackstar.com.ua
blackstar.com.ua
81 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2181
ka-f.fontawesome.com — Cisco Umbrella Rank: 6366
189 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
35 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1352
15 KB
1 amendes.gouv.fr
www.amendes.gouv.fr
24 KB
19 5
Domain Requested by
9 blackstar.com.ua blackstar.com.ua
5 ka-f.fontawesome.com kit.fontawesome.com
2 cdnjs.cloudflare.com blackstar.com.ua
1 maxcdn.bootstrapcdn.com blackstar.com.ua
1 kit.fontawesome.com blackstar.com.ua
1 www.amendes.gouv.fr blackstar.com.ua
19 6

This site contains links to these domains. Also see Links.

Domain
www.antai.gouv.fr
stationnement.gouv.fr
www.service-public.fr
www.legifrance.gouv.fr
Subject Issuer Validity Valid
blackstar.com.ua
cPanel, Inc. Certification Authority		 2021-11-03 -
2022-02-01		 3 months crt.sh
www.amendes.gouv.fr
Certigna Services CA		 2024-03-21 -
2024-11-18		 8 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
ka-f.fontawesome.com
WE1		 2024-08-29 -
2024-11-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Frame ID: A235696794FA5165F36B313B4072FA82
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Site officiel unique de télépaiement | Amendes.gouv.fr

Page URL History Show full URLs

  1. http://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.a... HTTP 307
    https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

53 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

7
IPs

4
Countries

343 kB
Transfer

615 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f HTTP 307
    https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request contraventions-ratachees.php
blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/
Redirect Chain
  • http://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
  • https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
61 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.28.86.171 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm293.hostsila.org
Software
nginx / PHP/5.4.45
Resource Hash
65d9ef8d1a4075246bc21da92fd0aca2d2c3f9248af8778e6d0c3f877dbefcc0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html
date
Mon, 30 Sep 2024 12:25:44 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
x-powered-by
PHP/5.4.45

Redirect headers

Location
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Non-Authoritative-Reason
HttpsUpgrades
styles.743d51bbe3793bb36c60.css
blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 		17 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.28.86.171 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm293.hostsila.org
Software
nginx /
Resource Hash
413a62a0485dd260416f82190779c18141b1c82cd404471b1545cd1f1ef4bee0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f

Response headers

cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding
gzip
etag
W/"66fa13d6-4583"
pragma
public
expires
Wed, 30 Oct 2024 12:25:44 GMT
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
text/css
last-modified
Mon, 30 Sep 2024 02:58:30 GMT
server
nginx
logo-amendes-gouv.svg
www.amendes.gouv.fr/assets/img/design/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.amendes.gouv.fr/assets/img/design/logo-amendes-gouv.svg
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.8.53.118 , France, ASN47957 (ING-AS, FR),
Reverse DNS
Software
/
Resource Hash
5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
etag
"66bce156-5cbd"
accept-ranges
bytes
content-length
23741
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
image/svg+xml
last-modified
Wed, 14 Aug 2024 16:54:46 GMT
antai.png
blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/img/antai.png
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.28.86.171 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm293.hostsila.org
Software
nginx /
Resource Hash
fc9c98b5761932e0449f75e9293654ec8cc7ca3c0a6a61558a5c3b37ae1986ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f

Response headers

cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
etag
"66fa13d6-4052"
pragma
public
expires
Wed, 30 Oct 2024 12:25:44 GMT
accept-ranges
bytes
content-length
16466
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
image/png
last-modified
Mon, 30 Sep 2024 02:58:30 GMT
server
nginx
45c4af5118.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/45c4af5118.js
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fdeeebf8fec6b920cb35cf5a3f43c68b5d5a48ce37f67239c9c7d8c4258f46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://blackstar.com.ua
Referer
https://blackstar.com.ua/

Response headers

access-control-max-age
3000
x-request-id
F_oAcYbxIRcxtAJZXt2B
cache-control
max-age=60, public, stale-while-revalidate=30
content-encoding
gzip
cf-cache-status
REVALIDATED
access-control-allow-methods
GET, OPTIONS
cf-ray
8cb432862d0b8f31-FRA
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
text/javascript
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
server
cloudflare
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/jquery.min.js
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-164ce"
age
883533
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=unR%2BSMLwlZj1Slqikv0%2FHBF2Bmq3h%2BEi%2BVHt3DDzOpCzpzlJybkeAEqqRYR3ccFgePDdn33IMaLFKh0%2FCvFv14tSI7%2BE7VSUJ2BVtlcjAhO79i3ZBdiZ8oqnu4Psq%2Fr%2B8O6PLiGP"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 12:25:44 GMT
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb43285ea779c10-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
28293
server
cloudflare
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec2-5a1e"
age
893602
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFLpPLEH1mnb3AczQK9SkTOjWYguUCStQ4sLJD5rxyMwCA%2Fxrhp4Cv3WZxDOn3oysnRiryA%2F74s4iaOZsSGVpyQU9Vi9CCYXn3zWR%2F2S9ghtjm5SPz6ai6KZ79bXgD4uf726pMw5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 12:25:44 GMT
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:46 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb43285da729c10-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6638
server
cloudflare
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
age
3050799
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 12:25:44 GMT
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
cdn-cache
HIT
cdn-cachedat
04/02/2024 02:05:57
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a967b59a6cabd01382e5ef5d1f5fad65
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8cb43285ebcb9b86-FRA
access-control-allow-origin
*
cdn-edgestorageid
1067
server
cloudflare
cdn-requestcountrycode
US
bg-intro.9630b0c4c57c3d72d3ec.jpg
blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/bg-intro.9630b0c4c57c3d72d3ec.jpg
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.28.86.171 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm293.hostsila.org
Software
nginx /
Resource Hash
a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
etag
"66fa13d6-9f08"
pragma
public
expires
Wed, 30 Oct 2024 12:25:44 GMT
accept-ranges
bytes
content-length
40712
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
image/jpeg
last-modified
Mon, 30 Sep 2024 02:58:30 GMT
server
nginx
banner.f9855031892baad8a497.svg
blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/banner.f9855031892baad8a497.svg
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.28.86.171 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm293.hostsila.org
Software
nginx /
Resource Hash
7e9f3dfeca57ef07d745b277027de295bab063f6fbab867b10dc6cd519a0a262

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

content-encoding
gzip
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
image/svg+xml
last-modified
Mon, 30 Sep 2024 02:58:30 GMT
server
nginx
free.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		94 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=45c4af5118
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/45c4af5118.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"4ca760f49cd8a14911c81e6c14328874"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DgACnT875QrxFFHKaPuE1cB2LoovspyxMtBTU63UHjN0yDCWaEqbnu1AFsUXezFrCuZ1vgH5Zc77KR0Cf4ZiRnpof7ybpseH6OLnxkdyvZ1W31Knwr6Y%2FjSxijFe%2BPdBzKgf2zPxlA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
DIuyri1ek8WsFrfIVENxHRObli0eH487CpbDVWYoAXYxu2-LCFfIdA==
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:40 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cf-ray
8cb43287b8523a6e-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
server
cloudflare
x-amz-server-side-encryption
AES256
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=45c4af5118
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/45c4af5118.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"5e5b0d8c7be5919570a305b6bc229a36"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c8WHwZvmZBhniYkXCM65Skb8iO6JxYSlp%2FPwTg9I8ZvrcQQHRNPnTty8AlKpcTFHWrVidwlcwZa7F7Wlgy3BZmQjoRTX6g2mvXFZcs6kj8FKRKrqKdv%2BruH%2BFPXBvykKupzOJZuZJA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
DE5XQBjKVGqs7QXxzGALf1TDPVCfiHO6zYD2NQUXUMZTnWQGtL96Dw==
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cf-ray
8cb43287b8553a6e-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
server
cloudflare
x-amz-server-side-encryption
AES256
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		823 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=45c4af5118
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/45c4af5118.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/

Response headers

access-control-max-age
3000
content-encoding
br
cf-cache-status
MISS
etag
W/"8972ae5004bc634ffa6641be3960e78a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W33V1jmJF%2FaV2X2aNgKZszcqIBXt8QY8fh3xdAo1hZi%2BNrMnOIe7yzyeCE9kp6pAp5gCHQM5eO8c6bfA06cfkp56MSW8oOHoZYpPTmlOEywJkiPCeSoXBSn2c8OEc%2Fq3JCFJTMvv5w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
6wqCwPAz25JAMmcH_UxFfPkacSJqvdLvcDAldm5RxMREJZQwnWmqRg==
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cf-ray
8cb43287b8563a6e-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
server
cloudflare
x-amz-server-side-encryption
AES256
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=45c4af5118
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/45c4af5118.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"a5a0c9048efb7cb5df90023064d09ba4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1IN9ss%2FaJtH6SVkOPlv7ImVluFifYeoA8rzihGn3mzWKhfhivnFPnc6U9diSqncI2o7GCIEKf0Y7J3NhW8zFLtUcU9hLVaqLfA3MtO%2FCVuI%2B6NH2JJ9agjh6Q%2BD5SXpnnaQXGVEBA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
YowKy8x9Py4kP87vMKQqNmhY3c_QboIQ3ofudSoDrUyCJUk3pv7dZg==
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cf-ray
8cb43287b8573a6e-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
server
cloudflare
x-amz-server-side-encryption
AES256
lock.d72c3b80536f448a52ed.svg
blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/lock.d72c3b80536f448a52ed.svg
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.28.86.171 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm293.hostsila.org
Software
nginx / PHP/5.4.45
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

content-length
0
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
text/html
x-powered-by
PHP/5.4.45
server
nginx
moyen-app.e6b1c8e9e8920b4b6aa6.svg
blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/moyen-app.e6b1c8e9e8920b4b6aa6.svg
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.28.86.171 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm293.hostsila.org
Software
nginx / PHP/5.4.45
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

content-length
0
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
text/html
x-powered-by
PHP/5.4.45
server
nginx
moyen-tel.980753f2b4b0302466cb.svg
blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/moyen-tel.980753f2b4b0302466cb.svg
Requested by
Host: blackstar.com.ua
URL: https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.28.86.171 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm293.hostsila.org
Software
nginx / PHP/5.4.45
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

content-length
0
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
text/html
x-powered-by
PHP/5.4.45
server
nginx
truncated
/ 		312 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
favicon.ico
blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.28.86.171 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm293.hostsila.org
Software
nginx /
Resource Hash
dd57f113a2eaa7ba3e6b1c507d22910ecd42437f9fef9577cfb8f4719cde59aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blackstar.com.ua/wp-content/themes/twentynineteen/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/contraventions-ratachees.php??enc=099536542ccf7e7e690e40d3d9149938558d890f

Response headers

cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
etag
"66fa13d6-8be"
pragma
public
expires
Wed, 30 Oct 2024 12:25:44 GMT
accept-ranges
bytes
content-length
2238
date
Mon, 30 Sep 2024 12:25:44 GMT
content-type
image/x-icon
last-modified
Mon, 30 Sep 2024 02:58:30 GMT
server
nginx
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ 		154 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://blackstar.com.ua
Referer
https://blackstar.com.ua/

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"76cf3ff0dbd23dd4504e2089f0df4acb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5lDPURpTYcLsw531tMBd91p2Srs5Y%2B823S59%2BwpEU%2FtjHLQOSNAG3%2BSUNUyFjk3cc6Jvk7YBUj%2BnB3xrU2d6h4MPJ%2BpAfEu72KrhERcrgQncFLLsru9nQoRMBgYOIVodxGRgELPjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
YO50rifyfeexUiEAqHv70H5D47Xv19RuV39_46MNm6vcGdVGmCj8vQ==
date
Mon, 30 Sep 2024 12:25:45 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:08 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cf-ray
8cb4328859323a6e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
157192
x-amz-cf-pop
FRA56-C2
server
cloudflare
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: FR Government (Government)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| checkValue function| date_reformat_dd object| FontAwesomeKitConfig function| $ function| jQuery object| bootstrap

1 Cookies

Domain/Path Name / Value
blackstar.com.ua/ Name: PHPSESSID
Value: 7vd85gbnlee26evo7t2ntk1kt4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blackstar.com.ua
cdnjs.cloudflare.com
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
www.amendes.gouv.fr
104.17.25.14
104.18.11.207
172.67.139.119
185.8.53.118
194.28.86.171
2606:4700:4400::ac40:93bc
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2
413a62a0485dd260416f82190779c18141b1c82cd404471b1545cd1f1ef4bee0
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d
65d9ef8d1a4075246bc21da92fd0aca2d2c3f9248af8778e6d0c3f877dbefcc0
7e9f3dfeca57ef07d745b277027de295bab063f6fbab867b10dc6cd519a0a262
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3
d7fdeeebf8fec6b920cb35cf5a3f43c68b5d5a48ce37f67239c9c7d8c4258f46
dd57f113a2eaa7ba3e6b1c507d22910ecd42437f9fef9577cfb8f4719cde59aa
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221
fc9c98b5761932e0449f75e9293654ec8cc7ca3c0a6a61558a5c3b37ae1986ce