klarzynski.pl
Open in
urlscan Pro
46.29.20.250
Malicious Activity!
Public Scan
Submission: On May 10 via automatic, source openphish
Summary
This is the only time klarzynski.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Navy Federal Credit Union (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
49 | 46.29.20.250 46.29.20.250 | 197226 (SPRINT-SDC) (SPRINT-SDC) | |
16 | 104.108.34.83 104.108.34.83 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
5 | 162.252.74.14 162.252.74.14 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
2 | 172.217.23.142 172.217.23.142 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
77 | 5 |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-34-83.deploy.static.akamaitechnologies.com
www.navyfederal.org |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
livechat.navyfederal.org |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f14.1e100.net
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
49 |
klarzynski.pl
klarzynski.pl |
392 KB |
21 |
navyfederal.org
www.navyfederal.org livechat.navyfederal.org |
649 KB |
2 |
google-analytics.com
www.google-analytics.com |
17 KB |
77 | 3 |
Domain | Requested by | |
---|---|---|
49 | klarzynski.pl |
klarzynski.pl
|
16 | www.navyfederal.org |
klarzynski.pl
|
5 | livechat.navyfederal.org |
klarzynski.pl
|
2 | www.google-analytics.com |
klarzynski.pl
|
77 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.navyfederal.org |
homecenter.navyfederal.org |
instagram.com |
bit.ly |
blog.navyfederal.org |
Subject Issuer | Validity | Valid |
---|
This page contains 2 frames:
Primary Page:
http://klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/
Frame ID: A84A7C26D415238FFC408264CF943CA0
Requests: 61 HTTP requests in this frame
Frame:
http://klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/universal.htm
Frame ID: 5B6634B4A8AF803B657D3EB219E69DC8
Requests: 16 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
SiteCatalyst (Analytics) Expand
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
- script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
105 Outgoing links
These are links going to different origins than the main page.
Title: Join Now
Search URL Search Domain Scan URL
Title: Sign In
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Branches & ATMs
Search URL Search Domain Scan URL
Title: Become a Member
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Products & Services
Search URL Search Domain Scan URL
Title: Mortgages
Search URL Search Domain Scan URL
Title: Equity
Search URL Search Domain Scan URL
Title: Auto
Search URL Search Domain Scan URL
Title: Motorcycle, Boat & Collateral
Search URL Search Domain Scan URL
Title: More Loans
Search URL Search Domain Scan URL
Title: Checking
Search URL Search Domain Scan URL
Title: Savings
Search URL Search Domain Scan URL
Title: Money Market
Search URL Search Domain Scan URL
Title: Certificates
Search URL Search Domain Scan URL
Title: IRAs
Search URL Search Domain Scan URL
Title: Direct Deposit
Search URL Search Domain Scan URL
Title: Checking Protection Options
Search URL Search Domain Scan URL
Title: Mobile & Scan Deposits
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Debit Cards
Search URL Search Domain Scan URL
Title: Prepaid Cards
Search URL Search Domain Scan URL
Title: GO Prepaid Card
Search URL Search Domain Scan URL
Title: Visa Buxx Prepaid Card
Search URL Search Domain Scan URL
Title: Gift Cards
Search URL Search Domain Scan URL
Title: Account Access
Search URL Search Domain Scan URL
Title: Mobile Banking
Search URL Search Domain Scan URL
Title: iPad�
Search URL Search Domain Scan URL
Title: iPhone�
Search URL Search Domain Scan URL
Title: Android�
Search URL Search Domain Scan URL
Title: Mobile Web
Search URL Search Domain Scan URL
Title: Text Banking
Search URL Search Domain Scan URL
Title: Overview
Search URL Search Domain Scan URL
Title: Membership
Search URL Search Domain Scan URL
Title: Checking & Savings
Search URL Search Domain Scan URL
Title: Loans
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Retirement & Insurance
Search URL Search Domain Scan URL
Title: Convenience
Search URL Search Domain Scan URL
Title: Navy Federal Financial Group
Search URL Search Domain Scan URL
Title: Investments
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: Trust Services
Search URL Search Domain Scan URL
Title: Military Exclusives
Search URL Search Domain Scan URL
Title: Why Choose Navy Federal
Search URL Search Domain Scan URL
Title: Army
Search URL Search Domain Scan URL
Title: Marine Corps
Search URL Search Domain Scan URL
Title: Navy
Search URL Search Domain Scan URL
Title: Air Force
Search URL Search Domain Scan URL
Title: Coast Guard
Search URL Search Domain Scan URL
Title: Convenient Money Management
Search URL Search Domain Scan URL
Title: Special Offers and Discounts
Search URL Search Domain Scan URL
Title: Switch to Navy Federal
Search URL Search Domain Scan URL
Title: Managing Your Money
Search URL Search Domain Scan URL
Title: Home Buying. Simple.
Search URL Search Domain Scan URL
Title: Finances for Kids & for College
Search URL Search Domain Scan URL
Title: Tax Center
Search URL Search Domain Scan URL
Title: FREE Navy Federal Events
Search URL Search Domain Scan URL
Title: Military Life
Search URL Search Domain Scan URL
Title: Work Life
Search URL Search Domain Scan URL
Title: Family Life
Search URL Search Domain Scan URL
Title: Pick one of our credit cards.Any card. And, enjoy a 2.99% intro APR on balance transfers. Find Out More �
Search URL Search Domain Scan URL
Title: Put no money down with a 5/5 ARM. As low as 2.500%3.280% APR Rates & Details �
Search URL Search Domain Scan URL
Title: Refinance with us and drive awaywith $250! Details �
Search URL Search Domain Scan URL
Title: (?)
Search URL Search Domain Scan URL
Title: Forgot Password?
Search URL Search Domain Scan URL
Title: Become a member
Search URL Search Domain Scan URL
Title: Need a New Debit Card? Get one on the spot through our Instant Issuance service at any branch.
Search URL Search Domain Scan URL
Title: An IRA Certificate for Every Flavor of Saver Save more with our IRA certificate specials.
Search URL Search Domain Scan URL
Title: Control Spending with the GO Prepaid Card. The GO Prepaid card is the perfect solution for easy budgeting.
Search URL Search Domain Scan URL
Title: iPhone�
Search URL Search Domain Scan URL
Title: iPad�
Search URL Search Domain Scan URL
Title: Android�
Search URL Search Domain Scan URL
Title: Find a Branch or ATM Near You
Search URL Search Domain Scan URL
Title: Mortgages
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Certificates
Search URL Search Domain Scan URL
Title: Checking
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: http://bit.ly/1yLh3cJ
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Newsroom
Search URL Search Domain Scan URL
Title: Videos
Search URL Search Domain Scan URL
Title: FAQs
Search URL Search Domain Scan URL
Title: Forms
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Navy Federal Blog
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Federally Insured by NCUA
Search URL Search Domain Scan URL
Title: Web Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Browser Support
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Title: Important Information About Opening a New Account
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 40- http://www.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=180649019&utmhn=klarzynski.pl&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Navy%20Federal%20Credit%20Union%20%7C%20Armed%20Forces%20Loans%2C%20Insurance%2C%20and%20Banking&utmhid=662089737&utmr=-&utmp=%2Fmodules%2Fcomment%2Fjam%2Fentlog-federalcredittdk%2F&utmht=1525944402841&utmac=UA-18022610-1&utmcc=__utma%3D1.2109608227.1525944403.1525944403.1525944403.1%3B%2B__utmz%3D1.1525944403.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1339124240&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
- https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=180649019&utmhn=klarzynski.pl&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Navy%20Federal%20Credit%20Union%20%7C%20Armed%20Forces%20Loans%2C%20Insurance%2C%20and%20Banking&utmhid=662089737&utmr=-&utmp=%2Fmodules%2Fcomment%2Fjam%2Fentlog-federalcredittdk%2F&utmht=1525944402841&utmac=UA-18022610-1&utmcc=__utma%3D1.2109608227.1525944403.1525944403.1525944403.1%3B%2B__utmz%3D1.1525944403.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1339124240&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
- http://www.google-analytics.com/ga.js HTTP 307
- https://www.google-analytics.com/ga.js
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/ |
45 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
262 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.10.3.custom.min.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
66 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.ui.touch-punch.min.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.getUrlParam.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slider.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajx_inlineExpand.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nfo_aa.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebox.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tooltip.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainNav.css
www.navyfederal.org/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
www.navyfederal.org/css/ |
43 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nfo.css
www.navyfederal.org/css/ |
40 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chat.css
www.navyfederal.org/css/ |
268 B 588 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chat-slide.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
209 B 586 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mtagconfig.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nfo-hp-20150102.css
www.navyfederal.org/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ga.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
40 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deploy.asp
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
2 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mTag.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
17 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
livechat.navyfederal.org/hc/26902491/ |
105 B 456 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nfculogo.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_nav_div.jpg
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instant-inssuance-226.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ira-cert-2-226.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
goprepaid-226.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
member_story.jpg
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
40 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MobileHand2_SOS.jpg
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
osl-finances.jpg
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
capsLockDetect.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cycle2.min.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cycle2.swipe.min.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
1 KB 986 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footerlogo_lg.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ncua-logo.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EHLlogo.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
573 B 948 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s_code.js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
42 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
modal-close.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
livechat.navyfederal.org/hc/26902491/ |
4 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
__utm.gif
www.google-analytics.com/r/ Redirect Chain
|
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
universal.htm
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
108 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nfo_bg_120414.png
www.navyfederal.org/images/ |
48 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_search.png
www.navyfederal.org/images/buttons/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-sign-in-lock.png
www.navyfederal.org/images/icons/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
auto_refi_141215_962x355.jpg
www.navyfederal.org/images/homepage-banners/ |
203 KB 204 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ARM_Jan14.jpg
www.navyfederal.org/images/homepage-banners/ |
89 KB 90 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
creditCard_standingoffer-962x355.jpg
www.navyfederal.org/images/homepage-banners/ |
222 KB 222 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu_background_img.png
www.navyfederal.org/images/structure/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search.png
www.navyfederal.org/images/structure/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
joinInfo_bg.png
www.navyfederal.org/images/structure/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
6M2RKly85u67vSsXH0-zqvesZW2xOQ-xsNqO47m55DA.woff
www.navyfederal.org/nfoaa/fonts/gudea/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Z6xYy_2MlN1cUISkeodEPA.woff
www.navyfederal.org/nfoaa/fonts/gudea/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer_bg.jpg
www.navyfederal.org/images/structure/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_icons_gray.png
www.navyfederal.org/images/structure/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ga.js
www.google-analytics.com/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
modal-close.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/nfcu_images/modal_images/ |
21 KB 21 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
loader_large.gif
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/nfcu_images/modal_images/ |
21 KB 21 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
42 B 408 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beacon
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 409 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
activity;src=1379696;dcnet=4155;boom=94105;sz=1x1
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
42 B 408 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
g240
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 409 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tre
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 409 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adsct
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 409 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adsct(1)
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 409 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.php
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 309 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 409 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel(1)
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
42 B 408 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.png
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 416 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seg
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 409 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
5 B 370 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tre(1)
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
43 B 409 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
13770-94778-3840-0
klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/ Frame 5B66 |
49 B 415 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deploy.asp
livechat.navyfederal.org/visitor/addons/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mTag.js
livechat.navyfederal.org/hcp/html/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
livechat.navyfederal.org/hc/26902491/ |
4 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- klarzynski.pl
- URL
- http://klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/css
- Domain
- klarzynski.pl
- URL
- http://klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/modal-close.png
- Domain
- klarzynski.pl
- URL
- http://klarzynski.pl/modules/comment/jam/entlog-federalcredittdk/img/css
- Domain
- www.navyfederal.org
- URL
- https://www.navyfederal.org/nfoaa/fonts/gudea/6M2RKly85u67vSsXH0-zqvesZW2xOQ-xsNqO47m55DA.woff
- Domain
- www.navyfederal.org
- URL
- https://www.navyfederal.org/nfoaa/fonts/gudea/Z6xYy_2MlN1cUISkeodEPA.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Navy Federal Credit Union (Government)97 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| nsSearchData object| nsCurrency string| enablepersist string| collapseprevious string| contractsymbol string| expandsymbol function| getElementbyClass function| sweeptoggle function| contractcontent function| expandcontent function| revivecontent function| revivestatus function| get_cookie function| getselectedItem function| saveswitchstate function| do_onload function| win function| selfinit boolean| isNN function| autoTab function| checkNumber function| showLogin object| tooltip string| csstype string| mac_externalcss string| pc_externalcss boolean| mactest function| createWindow function| showModal function| closeModal function| overlay function| restore function| current_top_domain object| _gaq string| lpUnit object| lpMTagConfig function| lpAddMonitorTag function| lpAddVars function| onloadEMT function| lpTrimSpaces function| lpSendData string| lpLanguage function| hcArrayStorage function| lpRequest function| lpConnectionLibrary object| lpJSLib object| lpConnLib function| lpMonitorTag object| lpLazy object| lpMTag function| lpJSLibrary object| lpOpenPlatformNS object| lpMTagDebug object| _gat object| gaGlobal function| setAACookie function| makeRandomValue function| createCookie function| getCookie function| formatAA function| zipMap function| closeCapsLock function| contPasswd function| passReEnter function| submitform function| mySetCookie function| myGetCookie function| showPopupOnce function| hidePopupSession object| capslock object| isMobile object| d number| yr string| s_account object| s function| s_doPlugins string| s_code undefined| s_objectID function| s_gi function| s_giqf string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq object| jQuery191028904058799279775 string| uniqueidn object| ccollect object| statecollect6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
klarzynski.pl/ | Name: PHPSESSID Value: 0hb4mqu1gio77mrc8m2ov5leo6 |
|
klarzynski.pl/ | Name: __utmb Value: 1.1.10.1525944403 |
|
klarzynski.pl/ | Name: __utmc Value: 1 |
|
klarzynski.pl/ | Name: __utmz Value: 1.1525944403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
klarzynski.pl/ | Name: __utmt Value: 1 |
|
klarzynski.pl/ | Name: __utma Value: 1.2109608227.1525944403.1525944403.1525944403.1 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
klarzynski.pl
livechat.navyfederal.org
www.google-analytics.com
www.navyfederal.org
klarzynski.pl
www.navyfederal.org
104.108.34.83
162.252.74.14
172.217.23.142
46.29.20.250
044d248bf7cd48af933653d41e183ab081ff55c6578ddfed39e1b76cda0efc60
08c608820a905c93140711b06cded5ece3e2f275d9945e73c66b1949da11d9bf
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1617cecfba7eee4d4da3e8a91af63a81465cc755f5328a673c91b027ed3bfd13
170eb086c7986b6163c34427e01bfcc67825a3f186b32a038b20511407fdade7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ce1d5ff6744bbe05702ab38c4f6823875f13f81094a366b58dfc0a925b55cd4
255ae4aad2bd01151507909bdca06bc06ae60a847790a8f813315239975e6152
29bb9169b9b326d0857ab7574de04a3868e9fff3e78874a1ad466551dc2e8656
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30b037b7b932c9bca0506ed12a50501d1662f0bc86f3bc30eaf41863c1f8cecb
334530d1ec896e40f14f0a5b2550c8a240178a97437a17da70eea4e59e668836
340e405e1df8a8e38b72f10c3e309f3dbc3db51efe63642c341c824dd75f5912
3b088ebf105a60420e2f90aa64ba9d905f3197fd9f7794f2ff92d01b44ef8da7
3d1d5964ff8919f9d039bfdfff959aa8c4ee511909a245259ba653f2b0d4a754
41e26c8502de5c64800065388c7b4bd88fa54616a75b5a16780ca8a2976c085b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
46be11172676a14ad786a16450133813f7f83efe99b70851455cb33455d8b1c2
46bfd02b88034d4004563407be34a65ec63ed6520ae17decac90500d68cef7e3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
53a8d9abdc8f4a21578b32a203708fe5ed67140176c099e0a0cd182e3a8fee35
542e58c920ea633b7aca9956ed9d865dd7a5b338841e9130bca24971c201deb1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5586e527ad8c65b23cbe85a920f29f24e7ef08a3baf3683e96ce663cc03af872
593cc2265f8c954a1eb98215561e42d03722878fdd14f51b8622df17c779f401
5a7e54fbc97213c7e72c607aaabe9d32b9285e01dc5ec8f9e0fa72b98a18f6cc
5c69a7b45d0a27e669dd0f0351fbefd2bb5d40c8d513e7799dc3729bc440d50d
5ec81cd8d85af655073894a9b521461c2b994843e58a0b0545cd29dd23fa3169
6156cd378c88770223c94a5f6a7f61a57a357ec9fbdd0d68ae784d8a1973f01f
6332259ca835aece7660bc4284274a2a9deeb904b88f78fb46e8478013241d84
648e8bbb6388bce48e2ae62585040075d8f8484ec301ecd576275e186636f5c4
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
6a73b603cc54741559c09b2185dd7a91804e6ec4a08df8e0dd58e7579cfc14e3
6cd36c9d3cb32f3902e562891cfc1728b440aaaabd020af376d6a7614075e7b9
6f77cadc5bac4a1103d1b9bd600562f47e26db21404e7a904f6ec1d0f11bcb78
74cd77bdfc464e1dc69c120c5d3d5b6a226f07e71136ae9c93f5ef61bf57d164
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
7c0a311e396aac929543d445b732dee320da1ed20257a91684e90262e6ed805b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d4f074897ac592782eab28daed2e45e72457e85873dd4a8a16e4dbec26a85a9
92f4978e4e4b6191ad795a0e287930a016fef0ce6af4fbb6d3696d5e723e5003
95f54f4bc6bc712586fec29d056d2d98911e4321818637cdf3f2a5bd34bafae3
98a0bc2cc25f4c6b1d3814dd6d034aae98a2dfe341de72e085919216ec9e147d
98a154949f988eb6ba60269500c8a4557b47d0f52a4f45cc5c82eaa04ca0945a
9e9e5cbce102116cdcc2d8de1cd982ba7313b99aa90d5c145f84d340eaf82732
a22c3eab6aea6f83f7222fe0d2a88a5471e4180430005b8dc3f8ea1e6f2751b2
a6d57c3617c4fc348fe355578d78028daec8fa3e879db0ebc2196f31403b87be
a7cf767b3f45bc833d2402ee9531584f22c9e5613145d46167874dea3b306862
aa85ffd7c659833cd30bb89dc7efe4ba30575af0e39e3bd640957598226ce1b6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf6237996722f5b8b5fb8adcbf3cdf2f9eb9e84eea679cdaa39d716e17b0345
b01e33d324987c6ae8a5bc64c9ea3e554128be1db3c9269ba24e42bfc4d06b85
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a512c1e970cbc1083f4204102dd4d33dd1ddeb5e30d8b405ff6bb93e3e0464
b56c923aa7d0b3cfa18e3bfbeb01c9915b035a7a20b1ade268d7fb6351351639
c41b77a374ec8e7f5ef0bac400d2d1afa2dfab43f8de93af353f0e5b29cf8b16
cc9a6c0d5711657cfefc91c8a205cd8500ba10472e1bd179fc38213bb5125f2c
cf8bb428d40df9eb7d4f399443cbaacc8bc1bdd598a8828788748ba6fba1be8d
d14e15e5a3fb423ab0c6ce46106066cc8ce20098d494b5ccc69a4809f5378ea6
dc886534446c3ea7359ec228d3d2652128dfa97ff24e42d7c3b293323160f854
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dacc64bd6a1d7968e33b882b6d91cbdaa74152bcb847d088bceed2b5c3c73e
fd2e7377926e0c4b8e14059621b92d95f14e5cf5b9b243cfa9cd20b151f12b75