urlscan.io logo urlscan.io
SecurityTrails logo

beqwqgdu.cba.pl Open in urlscan Pro
81.171.31.230  Public Scan

Go To Rescan Add Verdict Report
URL: http://beqwqgdu.cba.pl/
Submission: On March 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 25 HTTP transactions. The main IP is 81.171.31.230, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is beqwqgdu.cba.pl.
This is the only time beqwqgdu.cba.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 81.171.31.230 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 95.211.144.65 60781 (LEASEWEB-...)
1 95.211.187.139 60781 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 5.34.180.223 21100 (ITLDC-NL)
1 2 88.212.201.198 39134 (UNITEDNET)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 95.211.144.68 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
25 10
10    81.171.31.230 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
beqwqgdu.cba.pl
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    95.211.144.65 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: cba.pl
a5.cba.pl
1    95.211.187.139 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
mon.cba.pl
2    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    5.34.180.223 (Dronten, Netherlands)

ASN21100 (ITLDC-NL, UA)
PTR: vds-yashaw-80293.itldc-customer.net
dvg-shop.ru
afff-q2a.asydu123id.ru
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
5    95.211.144.68 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: mail2.cba.pl
www.cba.pl
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
10 beqwqgdu.cba.pl beqwqgdu.cba.pl
5 www.cba.pl mon.cba.pl
2 maxcdn.bootstrapcdn.com mon.cba.pl
2 counter.yadro.ru 1 redirects beqwqgdu.cba.pl
2 fonts.googleapis.com beqwqgdu.cba.pl
mon.cba.pl
1 fonts.gstatic.com
1 afff-q2a.asydu123id.ru beqwqgdu.cba.pl
1 dvg-shop.ru 1 redirects
1 mon.cba.pl beqwqgdu.cba.pl
1 a5.cba.pl beqwqgdu.cba.pl
1 ajax.googleapis.com beqwqgdu.cba.pl
25 11

This site contains links to these domains. Also see Links.

Domain
www.cba.pl
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
mon.cba.pl
Let's Encrypt Authority X3		 2020-02-07 -
2020-05-07		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
www.cba.pl
Let's Encrypt Authority X3		 2020-01-24 -
2020-04-23		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://beqwqgdu.cba.pl/
Frame ID: 3092F6388E3AD4F05A01367FF36B785C
Requests: 24 HTTP requests in this frame

Frame: http://afff-q2a.asydu123id.ru/?q=luar+na+lubre+letra+memoria+da+noite
Frame ID: 550AABF48E9DF6A0003C4EB233869760
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

25
Requests

48 %
HTTPS

40 %
IPv6

7
Domains

11
Subdomains

10
IPs

3
Countries

355 kB
Transfer

595 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • http://dvg-shop.ru/ab45?keyword=luar%20na%20lubre%20letra%20memoria%20da%20noite HTTP 302
  • http://afff-q2a.asydu123id.ru/?q=luar+na+lubre+letra+memoria+da+noite
Request Chain 14
  • http://counter.yadro.ru/hit?t42.6;r;s1600*1200*24;uhttp%3A//beqwqgdu.cba.pl/;0.6049324017368187 HTTP 302
  • http://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//beqwqgdu.cba.pl/;0.6049324017368187

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
beqwqgdu.cba.pl/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
59d0b1c58fd4480bcc4bba739b1588e9b78d12cfb1581eb6595fdb19c703e770

Request headers

Host
beqwqgdu.cba.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 03 Mar 2020 05:58:20 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=50
Vary
Accept-Encoding
X-Host-Ip
80
Access-Control-Allow-Origin
*
Content-Encoding
gzip
bootstrap.min.css
beqwqgdu.cba.pl/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://beqwqgdu.cba.pl/css/bootstrap.min.css
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6008f4cb453d51cb5c7092e265d8a763928612a97bb9155eee0efca69af53546

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Apr 2016 14:46:19 GMT
Server
nginx
ETag
W/"57012cbb-1d9df"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
X-Host-Ip
80
Keep-Alive
timeout=50
Expires
Thu, 05 Mar 2020 05:58:20 GMT
fonts.css
beqwqgdu.cba.pl/css/ 		93 B
463 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://beqwqgdu.cba.pl/css/fonts.css
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b6dc3c050b4cb05bca99cdd7a1cc4fa356cc2052d93dcff592dd533fb9b70193

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Last-Modified
Sun, 03 Apr 2016 14:46:19 GMT
Server
nginx
ETag
"57012cbb-5d"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Connection
keep-alive
Accept-Ranges
bytes
X-Host-Ip
80
Keep-Alive
timeout=50
Content-Length
93
Expires
Thu, 05 Mar 2020 05:58:20 GMT
ie10-viewport-bug-workaround.css
beqwqgdu.cba.pl/css/ 		518 B
890 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://beqwqgdu.cba.pl/css/ie10-viewport-bug-workaround.css
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
9485950ff928c4d006f35a8fe43e7c0ebdc7bc3e6dfb28d1334507fbd0b318d7

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Last-Modified
Sun, 03 Apr 2016 14:46:19 GMT
Server
nginx
ETag
"57012cbb-206"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Connection
keep-alive
Accept-Ranges
bytes
X-Host-Ip
80
Keep-Alive
timeout=50
Content-Length
518
Expires
Thu, 05 Mar 2020 05:58:20 GMT
styles.css
beqwqgdu.cba.pl/css/ 		0
368 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://beqwqgdu.cba.pl/css/styles.css
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Last-Modified
Sun, 03 Apr 2016 14:46:19 GMT
Server
nginx
ETag
"57012cbb-0"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Connection
keep-alive
Accept-Ranges
bytes
X-Host-Ip
80
Keep-Alive
timeout=50
Content-Length
0
Expires
Thu, 05 Mar 2020 05:58:20 GMT
ggjfo22.js
beqwqgdu.cba.pl/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://beqwqgdu.cba.pl/ggjfo22.js
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7719f4a99429c112d3f964578db9b91165617cbc6532dc15ccd00e7e9a89392a

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Apr 2016 14:46:51 GMT
Server
nginx
ETag
W/"57012cdb-dcc"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
X-Host-Ip
80
Keep-Alive
timeout=50
Expires
Thu, 05 Mar 2020 05:58:20 GMT
img-0254.jpg
beqwqgdu.cba.pl/img534/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://beqwqgdu.cba.pl/img534/img-0254.jpg
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0070ef7a64609545d0b4c1d97c26478472719a8630dc3f3b9a7a6e298f77cad5

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Last-Modified
Sun, 03 Apr 2016 14:47:21 GMT
Server
nginx
ETag
"57012cf9-d4d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Connection
keep-alive
Accept-Ranges
bytes
X-Host-Ip
80
Keep-Alive
timeout=50
Content-Length
3405
Expires
Thu, 05 Mar 2020 05:58:20 GMT
img-1485.jpg
beqwqgdu.cba.pl/img534/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://beqwqgdu.cba.pl/img534/img-1485.jpg
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d0a33944e6ffcbc417e7157d7fbc0a724ae8b2e3c1cb61f2c4a90a8c3ea4078c

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Last-Modified
Sun, 03 Apr 2016 14:48:42 GMT
Server
nginx
ETag
"57012d4a-7dc"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Connection
keep-alive
Accept-Ranges
bytes
X-Host-Ip
80
Keep-Alive
timeout=50
Content-Length
2012
Expires
Thu, 05 Mar 2020 05:58:20 GMT
img-0754.jpg
beqwqgdu.cba.pl/img534/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://beqwqgdu.cba.pl/img534/img-0754.jpg
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
f93f9c7f28eb74c0971a50666365f37b4d7ba8435989cd41b2e4aad06b287c37

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Last-Modified
Sun, 03 Apr 2016 14:47:53 GMT
Server
nginx
ETag
"57012d19-665"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Connection
keep-alive
Accept-Ranges
bytes
X-Host-Ip
80
Keep-Alive
timeout=50
Content-Length
1637
Expires
Thu, 05 Mar 2020 05:58:20 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 04 Feb 2020 07:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2413202
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Feb 2021 07:38:18 GMT
bootstrap.min.js
beqwqgdu.cba.pl/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://beqwqgdu.cba.pl/js/bootstrap.min.js
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
81.171.31.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Apr 2016 14:49:21 GMT
Server
nginx
ETag
W/"57012d71-9004"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
X-Host-Ip
80
Keep-Alive
timeout=50
Expires
Thu, 05 Mar 2020 05:58:20 GMT
r1.js
a5.cba.pl/ 		0
363 B 		Script
General
Check archive.org
Download Go to
Full URL
http://a5.cba.pl/r1.js
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
95.211.144.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
cba.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Mar 2020 05:58:20 GMT
Last-Modified
Fri, 28 Sep 2018 09:48:05 GMT
Server
nginx
ETag
"5badf8d5-0"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=50
Content-Length
0
Expires
Tue, 03 Mar 2020 05:58:19 GMT
cbaen.js
mon.cba.pl/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mon.cba.pl/cbaen.js
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.187.139 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ab5772c11daea04c018b3b8f9db45ff352a9473e6abb2a1889808cc3e90f2021

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 03 Mar 2020 05:58:20 GMT
content-encoding
gzip
last-modified
Mon, 02 Mar 2020 09:59:14 GMT
server
nginx
etag
W/"5e5cd8f2-c39"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
no-cache
x-robots-tag
noindex, nofollow
expires
Tue, 03 Mar 2020 05:58:19 GMT
css
fonts.googleapis.com/ 		2 KB
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd17f8b4769e9f14c46e956ef2de615523df614544a3297328f8ef4dfa8a7e9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 05:58:20 GMT
server
ESF
date
Tue, 03 Mar 2020 05:58:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Mar 2020 05:58:20 GMT
/
afff-q2a.asydu123id.ru/ Frame 550A
Redirect Chain
  • http://dvg-shop.ru/ab45?keyword=luar%20na%20lubre%20letra%20memoria%20da%20noite
  • http://afff-q2a.asydu123id.ru/?q=luar+na+lubre+letra+memoria+da+noite
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://afff-q2a.asydu123id.ru/?q=luar+na+lubre+letra+memoria+da+noite
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/ggjfo22.js
Protocol
HTTP/1.1
Server
5.34.180.223 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
vds-yashaw-80293.itldc-customer.net
Software
nginx / PHP/5.5.9-1ubuntu4.29
Resource Hash

Request headers

Host
afff-q2a.asydu123id.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://beqwqgdu.cba.pl/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
about:blank

Response headers

Server
nginx
Date
Tue, 03 Mar 2020 05:58:20 GMT
Content-Type
text/html
Content-Length
3973
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.5.9-1ubuntu4.29
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 03 Mar 2020 05:58:20 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.5.9-1ubuntu4.29
Expires
Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified
Tue, 03 Mar 2020 05:58:20 GMT
Cache-Control
max-age=0
Pragma
no-cache
LOCATION
http://afff-q2a.asydu123id.ru/?q=luar+na+lubre+letra+memoria+da+noite
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t42.6;r;s1600*1200*24;uhttp%3A//beqwqgdu.cba.pl/;0.6049324017368187
  • http://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//beqwqgdu.cba.pl/;0.6049324017368187
444 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//beqwqgdu.cba.pl/;0.6049324017368187
Requested by
Host: beqwqgdu.cba.pl
URL: http://beqwqgdu.cba.pl/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
0W/0.8c /
Resource Hash
fd4d2a365a8dad1a06d041101943c79d4e6c55791fe35e88b64a53b8835a7395

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Mar 2020 05:58:20 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
Close
Content-Type
image/gif
Content-Length
444
Expires
Sun, 03 Mar 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Mar 2020 05:58:20 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
http://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//beqwqgdu.cba.pl/;0.6049324017368187
Cache-control
no-cache
Content-Type
text/html
Content-Length
32
Expires
Sun, 03 Mar 2019 21:00:00 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: mon.cba.pl
URL: https://mon.cba.pl/cbaen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 03 Mar 2020 05:58:27 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin
*
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
css
fonts.googleapis.com/ 		5 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: mon.cba.pl
URL: https://mon.cba.pl/cbaen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 05:58:27 GMT
server
ESF
date
Tue, 03 Mar 2020 05:58:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Mar 2020 05:58:27 GMT
main.css
www.cba.pl/regions/cba/css/ 		24 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cba.pl/regions/cba/css/main.css
Requested by
Host: mon.cba.pl
URL: https://mon.cba.pl/cbaen.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.144.68 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
mail2.cba.pl
Software
nginx /
Resource Hash
6dcf8acdee8d59f2eef77d350701dfbd505a6018ce4785efbc7b49de5dacf04e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 03 Mar 2020 05:58:27 GMT
content-encoding
gzip
last-modified
Fri, 28 Feb 2020 09:17:59 GMT
server
nginx
etag
W/"5e58dac7-5f8d"
vary
Accept-Encoding
content-type
text/css
status
200
strict-transport-security
max-age=0
style.css
www.cba.pl/regions/cba/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cba.pl/regions/cba/css/style.css
Requested by
Host: mon.cba.pl
URL: https://mon.cba.pl/cbaen.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.144.68 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
mail2.cba.pl
Software
nginx /
Resource Hash
9a54f517893e63615f55cae3a04beb950090ff99278c227da2b0ffc90d43c0c0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 03 Mar 2020 05:58:27 GMT
content-encoding
gzip
last-modified
Fri, 28 Feb 2020 09:17:59 GMT
server
nginx
etag
W/"5e58dac7-11e0"
vary
Accept-Encoding
content-type
text/css
status
200
strict-transport-security
max-age=0
cba-pl.png
www.cba.pl/regions/cba/img/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cba.pl/regions/cba/img/cba-pl.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.144.68 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
mail2.cba.pl
Software
nginx /
Resource Hash
f73ba24e1a99cfd73e672eb2e31d0e78a2026ab82cdadb35257036b2ff4246b9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 03 Mar 2020 05:58:27 GMT
last-modified
Fri, 28 Feb 2020 09:17:59 GMT
server
nginx
etag
"5e58dac7-5e22"
strict-transport-security
max-age=0
content-type
image/png
status
200
accept-ranges
bytes
content-length
24098
alert-icon.svg
www.cba.pl/regions/cba/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cba.pl/regions/cba/img/alert-icon.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.144.68 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
mail2.cba.pl
Software
nginx /
Resource Hash
6a0bbe23bc53e0502d0c79043b6dbfa473ba0688c42f6fe27c1c7295b015db86
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://beqwqgdu.cba.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 03 Mar 2020 05:58:27 GMT
last-modified
Fri, 28 Feb 2020 09:17:59 GMT
server
nginx
etag
"5e58dac7-d93"
strict-transport-security
max-age=0
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
3475
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://beqwqgdu.cba.pl
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Mar 2020 05:58:27 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin
*
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
main-bg.jpg
www.cba.pl/regions/cba/img/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cba.pl/regions/cba/img/main-bg.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.144.68 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
mail2.cba.pl
Software
nginx /
Resource Hash
e2f76ac499ee50071508bb5412646edf4c623a4b0d333b8f5042b26893c40dc7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.cba.pl/regions/cba/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 03 Mar 2020 05:58:27 GMT
last-modified
Fri, 28 Feb 2020 09:17:59 GMT
server
nginx
etag
"5e58dac7-252ad"
strict-transport-security
max-age=0
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
152237
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,700
Origin
http://beqwqgdu.cba.pl
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
421881
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 26 Feb 2021 08:47:06 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| keyword object| isgoogle object| splashpage function| $ function| jQuery object| jQuery111301269456482540765 function| getCookie function| setCookie number| timeout

2 Cookies

Domain/Path Name / Value
.asydu123id.ru/ Name: _ym_d
Value: 1583215101
.asydu123id.ru/ Name: _ym_uid
Value: 1583215101109445842

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a5.cba.pl
afff-q2a.asydu123id.ru
ajax.googleapis.com
beqwqgdu.cba.pl
counter.yadro.ru
dvg-shop.ru
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mon.cba.pl
www.cba.pl
2001:4de0:ac19::1:b:3a
2a00:1450:4001:818::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::200a
5.34.180.223
81.171.31.230
88.212.201.198
95.211.144.65
95.211.144.68
95.211.187.139
0070ef7a64609545d0b4c1d97c26478472719a8630dc3f3b9a7a6e298f77cad5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
59d0b1c58fd4480bcc4bba739b1588e9b78d12cfb1581eb6595fdb19c703e770
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6008f4cb453d51cb5c7092e265d8a763928612a97bb9155eee0efca69af53546
6a0bbe23bc53e0502d0c79043b6dbfa473ba0688c42f6fe27c1c7295b015db86
6dcf8acdee8d59f2eef77d350701dfbd505a6018ce4785efbc7b49de5dacf04e
7719f4a99429c112d3f964578db9b91165617cbc6532dc15ccd00e7e9a89392a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
9485950ff928c4d006f35a8fe43e7c0ebdc7bc3e6dfb28d1334507fbd0b318d7
9a54f517893e63615f55cae3a04beb950090ff99278c227da2b0ffc90d43c0c0
ab5772c11daea04c018b3b8f9db45ff352a9473e6abb2a1889808cc3e90f2021
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b6dc3c050b4cb05bca99cdd7a1cc4fa356cc2052d93dcff592dd533fb9b70193
bd17f8b4769e9f14c46e956ef2de615523df614544a3297328f8ef4dfa8a7e9e
d0a33944e6ffcbc417e7157d7fbc0a724ae8b2e3c1cb61f2c4a90a8c3ea4078c
d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0
e2f76ac499ee50071508bb5412646edf4c623a4b0d333b8f5042b26893c40dc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f73ba24e1a99cfd73e672eb2e31d0e78a2026ab82cdadb35257036b2ff4246b9
f93f9c7f28eb74c0971a50666365f37b4d7ba8435989cd41b2e4aad06b287c37
fd4d2a365a8dad1a06d041101943c79d4e6c55791fe35e88b64a53b8835a7395