urlscan.io logo urlscan.io
SecurityTrails logo

foxnhd.xyz Open in urlscan Pro
103.194.169.88  Public Scan

Go To Rescan Add Verdict Report
URL: http://foxnhd.xyz/fox/fox14.php
Submission: On December 06 via manual from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 8 countries across 17 domains to perform 19 HTTP transactions. The main IP is 103.194.169.88, located in Rotterdam, Netherlands and belongs to HOSTPALACE-EU HostPalace Web Solution Private Limited, NL. The main domain is foxnhd.xyz.
This is the only time foxnhd.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 103.194.169.88 134512 (HOSTPALAC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 193.124.183.237 48666 (AS-MAROSN...)
1 195.181.174.17 60068 (CDN77)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 213.196.2.2 7979 (SERVERS)
1 216.21.13.11 53334 (TUT-AS)
1 35.190.64.167 15169 (GOOGLE)
1 173.239.53.18 27257 (WEBAIR-IN...)
2 2 130.211.54.133 15169 (GOOGLE)
2 2 91.92.196.190 49882 (SKRILL)
1 2 185.91.0.2 200932 (BAH-AS)
1 46.105.201.240 16276 (OVH)
1 51.68.204.117 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
19 17
2    103.194.169.88 (Rotterdam, Netherlands)

ASN134512 (HOSTPALACE-EU HostPalace Web Solution Private Limited, NL)
PTR: hosted-by.hostspicy.com
foxnhd.xyz
1    2a00:1450:4001:825::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
1.bp.blogspot.com
1    2a00:1450:4001:818::2010 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
storage.googleapis.com
1    2604:9e00:1:138::13 (United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
jolic2.com
1    193.124.183.237 (Moscow, Russian Federation)

ASN48666 (AS-MAROSNET Moscow, Russia, RU)
PTR: ih1254818.vds.myihor.ru
nowlive.pro
1    195.181.174.17 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-10.cdn77.com
c1.popads.net
2    2606:4700:20::6819:8d77 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
celeritascdn.com
1    2606:4700:30::6818:7e8c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ufpcdn.com
1    2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
encrypted-tbn0.gstatic.com
1    213.196.2.2 (Netherlands)

ASN7979 (SERVERS - Servers.com, Inc., US)
www.bcloudhost.com
1    216.21.13.11 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
serve.popads.net
1    35.190.64.167 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 167.64.190.35.bc.googleusercontent.com
onclickmega.com
1    173.239.53.18 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.adright.co
2    130.211.54.133 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 133.54.211.130.bc.googleusercontent.com
speednetwork14.adk2x.com
2    91.92.196.190 (Bulgaria)

ASN49882 (SKRILL, GB)
wlbetathome.adsrv.eacdn.com
2    185.91.0.2 (Malta)

ASN200932 (BAH-AS, MT)
www.bet-at-home.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    51.68.204.117 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3128098.ip-51-68-204.eu
s4.histats.com
1    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
c.adsco.re
Domain Requested by
2 www.bet-at-home.com 1 redirects foxnhd.xyz
2 wlbetathome.adsrv.eacdn.com 2 redirects
2 speednetwork14.adk2x.com 2 redirects
2 celeritascdn.com foxnhd.xyz
2 foxnhd.xyz foxnhd.xyz
1 c.adsco.re serve.popads.net
1 s4.histats.com s10.histats.com
1 s10.histats.com foxnhd.xyz
1 xml.adright.co foxnhd.xyz
1 onclickmega.com foxnhd.xyz
1 serve.popads.net c1.popads.net
1 www.bcloudhost.com foxnhd.xyz
1 encrypted-tbn0.gstatic.com foxnhd.xyz
1 ufpcdn.com foxnhd.xyz
1 c1.popads.net foxnhd.xyz
1 nowlive.pro foxnhd.xyz
1 jolic2.com foxnhd.xyz
1 storage.googleapis.com foxnhd.xyz
1 1.bp.blogspot.com foxnhd.xyz
19 19

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
*.bet-at-home.com
DigiCert SHA2 Secure Server CA		 2016-04-28 -
2019-06-26		 3 years crt.sh

This page contains 6 frames:

Primary Page: http://foxnhd.xyz/fox/fox14.php
Frame ID: 65AE5B93B491EEAFDAF22184DCBC6FA8
Requests: 12 HTTP requests in this frame

Frame: http://nowlive.pro/1/104.html?id=104
Frame ID: 86F2FCE4F7AB39BC5037FD5BB81FD15C
Requests: 1 HTTP requests in this frame

Frame: http://foxnhd.xyz/fox/foxad.php
Frame ID: 92559B876F53D66A7B8D67AB2424E7FD
Requests: 3 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: E90D9272ECCE25675C0BEBB528D85192
Requests: 1 HTTP requests in this frame

Frame: http://xml.adright.co/redirect?feed=149001&auth=gNqIKG
Frame ID: 76E4C8511DFBEE734AB7CECB83272D0F
Requests: 1 HTTP requests in this frame

Frame: https://www.bet-at-home.com/de/landingpage/sportfirst/2?siteid=90486
Frame ID: 52A35DB1BD7F2540D7D9815D0D4DD529
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

16 %
HTTPS

37 %
IPv6

17
Domains

19
Subdomains

17
IPs

8
Countries

73 kB
Transfer

135 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://speednetwork14.adk2x.com/imp?p=75992898&ct=html&ap=1303 HTTP 302
  • http://speednetwork14.adk2x.com/ul_cb/imp?p=75992898&ct=html&ap=1303 HTTP 302
  • https://wlbetathome.adsrv.eacdn.com/C.ashx?btag=a_90486b_35147c_&affid=55024&siteid=90486&adid=35147&c=DE_RON HTTP 302
  • https://wlbetathome.adsrv.eacdn.com/C.ashx?btag=a_90486b_35147c_&affid=55024&siteid=90486&adid=35147&c=DE_RON&AutoR=1 HTTP 302
  • https://www.bet-at-home.com/de/landingpage/sportfirst/2?pname=a_90486b_35147c_DE_RON&affid=55024&utm_source=dynamic&utm_campaign=income_access&utm_medium=affiliate&utm_term=55024&utm_content=35147&siteid=90486 HTTP 302
  • https://www.bet-at-home.com/de/landingpage/sportfirst/2?siteid=90486

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fox14.php
foxnhd.xyz/fox/ 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
103.194.169.88 Rotterdam, Netherlands, ASN134512 (HOSTPALACE-EU HostPalace Web Solution Private Limited, NL),
Reverse DNS
hosted-by.hostspicy.com
Software
nginx /
Resource Hash
16630c530ed87061cb1f2fa23c8769673a7ef186c3a9ae6cf641ad76d0e4ea1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
foxnhd.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Thu, 06 Dec 2018 14:14:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Nginx-Cache-Status
EXPIRED
X-Server-Powered-By
Engintron
Content-Encoding
gzip
closeButton.gif
1.bp.blogspot.com/-1CSgNBJaCJ0/VEvBgUPsIeI/AAAAAAAAAxM/CvwQXvX-Vsk/s1600/ 		1013 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.bp.blogspot.com/-1CSgNBJaCJ0/VEvBgUPsIeI/AAAAAAAAAxM/CvwQXvX-Vsk/s1600/closeButton.gif
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
4e9df74a2654e54242ac36f10826cba1261c1f9152da9ff7504b2248c42463ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://foxnhd.xyz/fox/fox14.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 06 Dec 2018 12:31:15 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
6492
ETag
"v314"
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="closeButton.gif"
Timing-Allow-Origin
*
Content-Length
1013
X-XSS-Protection
1; mode=block
Expires
Fri, 07 Dec 2018 08:28:20 GMT
mp.min.js
storage.googleapis.com/wafscr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/wafscr/mp.min.js?type=mp&p=81988386&dev=m&te=Register%20for%20free%20to%20watch&n=3&d=10&t=minute
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8e41bc7f0f9cbbb4bfe5567f5e5c2c41a29bebdf95c26ba6268469d21ed84492

Request headers

Referer
http://foxnhd.xyz/fox/fox14.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 06 Dec 2018 14:18:56 GMT
age
31
x-guploader-uploadid
AEnB2Ur3lCMapfiqzVVH08sNE1SDZCv-629tmiRi7r-l9PxTz-6jxhDbXlYB-gBuymJbh-1mMZQT-PjQiRg2LX4VuRpF7xl-3A
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
3014
last-modified
Thu, 08 Feb 2018 14:07:14 GMT
server
UploadServer
etag
"04b3d163a5f014f47fe41f79838f339f"
x-goog-hash
crc32c=rt585A==, md5=BLPRY6XwFPR/5B95g48znw==
x-goog-generation
1518098834627333
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
3014
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 06 Dec 2018 15:18:56 GMT
e59b68241a099cfdeed86dd43ea88d88.js
jolic2.com/e5/9b/68/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://jolic2.com/e5/9b/68/e59b68241a099cfdeed86dd43ea88d88.js
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
2604:9e00:1:138::13 , United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash

Request headers

Referer
http://foxnhd.xyz/fox/fox14.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 06 Dec 2018 14:19:10 GMT
Server
nginx/1.15.1
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
104.html
nowlive.pro/1/ Frame 86F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://nowlive.pro/1/104.html?id=104
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
193.124.183.237 Moscow, Russian Federation, ASN48666 (AS-MAROSNET Moscow, Russia, RU),
Reverse DNS
ih1254818.vds.myihor.ru
Software
nginx/1.2.1 /
Resource Hash

Request headers

Host
nowlive.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://foxnhd.xyz/fox/fox14.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://foxnhd.xyz/fox/fox14.php

Response headers

Server
nginx/1.2.1
Date
Thu, 06 Dec 2018 14:18:46 GMT
Content-Type
text/html
Last-Modified
Sat, 25 Aug 2018 18:39:04 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
foxad.php
foxnhd.xyz/fox/ Frame 9255 		1 KB
932 B 		Document
General
Check archive.org
Download Go to
Full URL
http://foxnhd.xyz/fox/foxad.php
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
103.194.169.88 Rotterdam, Netherlands, ASN134512 (HOSTPALACE-EU HostPalace Web Solution Private Limited, NL),
Reverse DNS
hosted-by.hostspicy.com
Software
nginx /
Resource Hash
783ff1d76358e49dc951ef7319c38a75a69abf6bfc354546500f53d17e6e1b17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
foxnhd.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://foxnhd.xyz/fox/fox14.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://foxnhd.xyz/fox/fox14.php

Response headers

Server
nginx
Date
Thu, 06 Dec 2018 14:14:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Nginx-Cache-Status
EXPIRED
X-Server-Powered-By
Engintron
Content-Encoding
gzip
pop.js
c1.popads.net/ 		68 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c1.popads.net/pop.js
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
195.181.174.17 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-10.cdn77.com
Software
CDN77-Turbo /
Resource Hash
fefc31fe8b6a75aa50147bc062e2ed750e20c8d78fb24a02342c17f15f2f261a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://foxnhd.xyz/fox/fox14.php
Origin
http://foxnhd.xyz

Response headers

Date
Thu, 06 Dec 2018 14:19:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Apr 2018 14:16:47 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5ad35ecf-1108b"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Edge-IP
195.181.174.10
Connection
keep-alive
X-Age
339765
Expires
Sun, 22 Apr 2018 14:20:58 GMT
compatibility.js
celeritascdn.com/script/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/compatibility.js
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
2606:4700:20::6819:8d77 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48ef274c0f0973fcf30f5ddc943800f34121134c5389acadc3e4f66c6c2cd7b1

Request headers

Referer
http://foxnhd.xyz/fox/fox14.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 06 Dec 2018 14:19:27 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-GUploader-UploadID
AEnB2UqXxVkplS83Pu9LMYzG_wKlY53u-tSCRG-8VnbBWQR-sjZVVcmMJAud1PweWGGc464faPbXTLbO10aQRdqIpuoumJX31Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
Last-Modified
Thu, 30 Aug 2018 12:42:19 GMT
Server
cloudflare
ETag
W/"ec4e9e96026bffb8dced48b580c51b24"
Vary
Accept-Encoding
x-goog-hash
crc32c=a9fskw==, md5=7E6elgJr/7jc7Ui1gMUbJA==
x-goog-generation
1535632939378080
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
11626
CF-RAY
484f633b71fbc305-FRA
Expires
Thu, 06 Dec 2018 18:19:27 GMT
Cookie set identify.html
ufpcdn.com/script/ Frame E90D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7e8c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://foxnhd.xyz/fox/fox14.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://foxnhd.xyz/fox/fox14.php

Response headers

Date
Thu, 06 Dec 2018 14:19:28 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dc63e888ebb373a5d87d9251c7dd40c1d1544105967; expires=Fri, 06-Dec-19 14:19:27 GMT; path=/; domain=.ufpcdn.com; HttpOnly
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
Server
cloudflare
CF-RAY
484f633bc064c2b0-FRA
Content-Encoding
gzip
images
encrypted-tbn0.gstatic.com/ Frame 9255 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS3rmhLlJfs6eDeq2n_xpSeDAUcggrXnTwT21vIzYoZU4OFEKSl
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/foxad.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3c9492c846838f95336befccca83912fc19f61241bf665652fc4463f761fb640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://foxnhd.xyz/fox/foxad.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 06 Dec 2018 14:19:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2017 21:51:59 GMT
server
sffe
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9112
x-xss-protection
1; mode=block
expires
Fri, 06 Dec 2019 14:19:28 GMT
invoke.js
www.bcloudhost.com/e12e4f30e271eba42bfe012858fd83ed/ Frame 9255 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bcloudhost.com/e12e4f30e271eba42bfe012858fd83ed/invoke.js
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/foxad.php
Protocol
HTTP/1.1
Server
213.196.2.2 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash

Request headers

Referer
http://foxnhd.xyz/fox/foxad.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 06 Dec 2018 14:19:28 GMT
Server
nginx/1.15.1
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
c
serve.popads.net/ 		344 B
882 B 		Script
General
Check archive.org
Download Go to
Full URL
http://serve.popads.net/c?r=1544105968&v=3&siteId=2950916&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
216.21.13.11 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
f40629c23a836e01b658c453227322256214dd80b716b9e00531ffdbc811285a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://foxnhd.xyz/fox/fox14.php
Origin
http://foxnhd.xyz

Response headers

Pragma
no-cache
Date
Thu, 06 Dec 2018 14:19:28 GMT
Access-Control-Allow-Origin
*
Content-Type
text/javascript;charset=UTF-8
PopAds-EC
GIID
Cache-Control
private, no-store, no-cache, must-revalidate, no-transform, max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
344
suurl.php
onclickmega.com/script/ 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickmega.com/script/suurl.php?r=2149307&cbrandom=0.716563748518454&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
35.190.64.167 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
167.64.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://foxnhd.xyz/fox/fox14.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 06 Dec 2018 14:19:28 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
chrome.js
celeritascdn.com/script/ 		19 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/chrome.js
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
2606:4700:20::6819:8d77 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c5a7b2a3e6f87828b3b9753860d4c5f2ab3b45a8828b73d9456272e3ab5b05

Request headers

Referer
http://foxnhd.xyz/fox/fox14.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 06 Dec 2018 14:19:28 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-GUploader-UploadID
AEnB2Ur7ony6xrY4_O9eXanGf03yL3cv_0VNX7qZaV6PncoSDhZtWL3mW36VMn5wnRiPlGIKtpXZodyNvZIQTIrXLaCM3BX0sQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
Last-Modified
Tue, 27 Nov 2018 10:11:23 GMT
Server
cloudflare
ETag
W/"9d9321d19f2301e6aa1626b33e3244c1"
Vary
Accept-Encoding
x-goog-hash
crc32c=sBm46w==, md5=nZMh0Z8jAeaqFiazPjJEwQ==
x-goog-generation
1543313483225659
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
18971
CF-RAY
484f633cf3ebc305-FRA
Expires
Thu, 06 Dec 2018 18:19:28 GMT
redirect
xml.adright.co/ Frame 76E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xml.adright.co/redirect?feed=149001&auth=gNqIKG
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/foxad.php
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.adright.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://foxnhd.xyz/fox/foxad.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://foxnhd.xyz/fox/foxad.php

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
Cookie set 2
www.bet-at-home.com/de/landingpage/sportfirst/ Frame 52A3
Redirect Chain
  • http://speednetwork14.adk2x.com/imp?p=75992898&ct=html&ap=1303
  • http://speednetwork14.adk2x.com/ul_cb/imp?p=75992898&ct=html&ap=1303
  • https://wlbetathome.adsrv.eacdn.com/C.ashx?btag=a_90486b_35147c_&affid=55024&siteid=90486&adid=35147&c=DE_RON
  • https://wlbetathome.adsrv.eacdn.com/C.ashx?btag=a_90486b_35147c_&affid=55024&siteid=90486&adid=35147&c=DE_RON&AutoR=1
  • https://www.bet-at-home.com/de/landingpage/sportfirst/2?pname=a_90486b_35147c_DE_RON&affid=55024&utm_source=dynamic&utm_campaign=income_access&utm_medium=affiliate&utm_term=55024&utm_content=35147&...
  • https://www.bet-at-home.com/de/landingpage/sportfirst/2?siteid=90486
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bet-at-home.com/de/landingpage/sportfirst/2?siteid=90486
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/foxad.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.91.0.2 , Malta, ASN200932 (BAH-AS, MT),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Host
www.bet-at-home.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://foxnhd.xyz/fox/foxad.php
Accept-Encoding
gzip, deflate
Cookie
ASP.NET_SessionId=kzri0yvohlw2mumyncvhx4x0; BAHLang=DE; LastVisit=06.12.2018 15:19:29; BAH_IA_BTAG=btag=a_90486b_35147c_DE_RON&affid=55024&referrer=http%3a%2f%2ffoxnhd.xyz%2ffox%2ffoxad.php&createdAt=06.12.2018 15:19:29; dtCookie=A0E0F53AA0918CD7D14DD80F9E9C3481|V2ViQXBwVjJ8MQ; TS01d1e345=0104714772ccfc197e5f8645c2e345cf8d364d2173c8e7f004ae889be37a9027faf6291b688dff84849bf05a9ec1d054681c6590578187b0b8d3a0b6afd033dae73c4f72d9a397a255d8e2c73aca0baf77437ca6d93d3e6d316b4d4550eccb79e971c03b7cf212e622e7d17daee28f103c27baf45c; TS01b769cc=010471477290bf06f4d194dfab7cf3c570edce193ec8e7f004ae889be37a9027faf6291b686915c17ba27736b9618a67394a9568cbc3016a50d6caa99b68b013fb61323f32
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://foxnhd.xyz/fox/foxad.php

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Set-Cookie
LastVisit=06.12.2018 15:19:29; expires=Wed, 30-Dec-2099 23:00:00 GMT; path=/; secure; HttpOnly BAHLang=DE; expires=Wed, 30-Dec-2099 23:00:00 GMT; path=/; secure; HttpOnly TS01d1e345=0104714772ccfc197e5f8645c2e345cf8d364d2173c8e7f004ae889be37a9027faf6291b688dff84849bf05a9ec1d054681c6590578187b0b8d3a0b6afd033dae73c4f72d9a397a255d8e2c73aca0baf77437ca6d93d3e6d316b4d4550eccb79e971c03b7cf212e622e7d17daee28f103c27baf45c; Path=/
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI CUR ADMa DEVa TAIa OUR IND PHY COM NAV"
X-XSS-Protection
1;mode=block
X-Content-Type-Options
nosniff
Date
Thu, 06 Dec 2018 14:19:28 GMT
Connection
Keep-Alive
Content-Length
6653
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Cache-Control
private
Location
https://www.bet-at-home.com/de/landingpage/sportfirst/2?siteid=90486
X-BAH-ClientState
1|Sitzung%20abgelaufen|Ihre%20Sitzung%20ist%20abgelaufen.%20Bitte%20melden%20Sie%20sich%20erneut%20mit%20Ihren%20Daten%20an.
Set-Cookie
ASP.NET_SessionId=kzri0yvohlw2mumyncvhx4x0; path=/; secure; HttpOnly BAHLang=DE; expires=Wed, 30-Dec-2099 23:00:00 GMT; path=/; secure; HttpOnly LastVisit=06.12.2018 15:19:29; expires=Wed, 30-Dec-2099 23:00:00 GMT; path=/; secure; HttpOnly BAH_IA_BTAG=btag=a_90486b_35147c_DE_RON&affid=55024&referrer=http%3a%2f%2ffoxnhd.xyz%2ffox%2ffoxad.php&createdAt=06.12.2018 15:19:29; expires=Mon, 04-Feb-2019 14:19:29 GMT; path=/; secure; HttpOnly dtCookie=A0E0F53AA0918CD7D14DD80F9E9C3481|V2ViQXBwVjJ8MQ; Path=/; Domain=.bet-at-home.com TS01d1e345=0104714772ccfc197e5f8645c2e345cf8d364d2173c8e7f004ae889be37a9027faf6291b688dff84849bf05a9ec1d054681c6590578187b0b8d3a0b6afd033dae73c4f72d9a397a255d8e2c73aca0baf77437ca6d93d3e6d316b4d4550eccb79e971c03b7cf212e622e7d17daee28f103c27baf45c; Path=/ TS01b769cc=010471477290bf06f4d194dfab7cf3c570edce193ec8e7f004ae889be37a9027faf6291b686915c17ba27736b9618a67394a9568cbc3016a50d6caa99b68b013fb61323f32; path=/; domain=.bet-at-home.com
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI CUR ADMa DEVa TAIa OUR IND PHY COM NAV"
X-XSS-Protection
1;mode=block
X-Content-Type-Options
nosniff
Date
Thu, 06 Dec 2018 14:19:28 GMT
Connection
Keep-Alive
Content-Length
185
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: foxnhd.xyz
URL: http://foxnhd.xyz/fox/fox14.php
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
87f617b033bb78d999c23cb6a00e7f59b8838d25250c35bdf9a7b749b204f395

Request headers

Referer
http://foxnhd.xyz/fox/fox14.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 06 Dec 2018 14:15:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Dec 2018 11:34:35 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"565868990"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4746
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4481
0.php
s4.histats.com/stats/ 		53 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?3451427&@f16&@g1&@h1&@i1&@j1544105968254&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-144956912&@b2:0&@b3:1544105968&@a-_0.2.1&@vhttp%3A%2F%2Ffoxnhd.xyz%2Ffox%2Ffox14.php&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
51.68.204.117 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3128098.ip-51-68-204.eu
Software
/
Resource Hash
733f73be5570a31ccadccdd4bbd71fdbc76d65ac3018edd361567ae83e16ee74

Request headers

Referer
http://foxnhd.xyz/fox/fox14.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 06 Dec 2018 14:19:28 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
/
c.adsco.re/ 		5 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: serve.popads.net
URL: http://serve.popads.net/c?r=1544105968&v=3&siteId=2950916&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6bdfcd47d10e9491b11ac64c8000b525b1dfb3d7590668bc4637f05a50f183b

Request headers

Referer
http://foxnhd.xyz/fox/fox14.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 06 Dec 2018 14:19:28 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/plain;charset=UTF-8
Cache-Control
max-age=259200,public,immutable
Connection
keep-alive
CF-RAY
484f633e16ff97c2-FRA
Content-Length
5

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _pop object| adcashMacros object| zoneSett object| urls object| _0x6e62 function| acPrefetch object| CTABPu object| _0xa0cb function| ufpAttach object| CTAMAT object| adcashUfp function| s3EE object| leca object| Base64 string| popns object| BJPPopAds object| detectZoom object| PopAds object| _pao object| _0x5000 object| Cnac object| stamat function| NqPnfu6827992945118555 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| mnr object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
www.bet-at-home.com/ Name: TS01d1e345
Value: 0104714772ccfc197e5f8645c2e345cf8d364d2173c8e7f004ae889be37a9027faf6291b688dff84849bf05a9ec1d054681c6590578187b0b8d3a0b6afd033dae73c4f72d9a397a255d8e2c73aca0baf77437ca6d93d3e6d316b4d4550eccb79e971c03b7cf212e622e7d17daee28f103c27baf45c
www.bet-at-home.com/ Name: LastVisit
Value: 06.12.2018 15:19:29
.bet-at-home.com/ Name: dtCookie
Value: A0E0F53AA0918CD7D14DD80F9E9C3481|V2ViQXBwVjJ8MQ
.bet-at-home.com/ Name: TS01b769cc
Value: 010471477290bf06f4d194dfab7cf3c570edce193ec8e7f004ae889be37a9027faf6291b686915c17ba27736b9618a67394a9568cbc3016a50d6caa99b68b013fb61323f32
www.bet-at-home.com/ Name: BAHLang
Value: DE
www.bet-at-home.com/ Name: BAH_IA_BTAG
Value: btag=a_90486b_35147c_DE_RON&affid=55024&referrer=http%3a%2f%2ffoxnhd.xyz%2ffox%2ffoxad.php&createdAt=06.12.2018 15:19:29
www.bet-at-home.com/ Name: ASP.NET_SessionId
Value: kzri0yvohlw2mumyncvhx4x0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
c.adsco.re
c1.popads.net
celeritascdn.com
encrypted-tbn0.gstatic.com
foxnhd.xyz
jolic2.com
nowlive.pro
onclickmega.com
s10.histats.com
s4.histats.com
serve.popads.net
speednetwork14.adk2x.com
storage.googleapis.com
ufpcdn.com
wlbetathome.adsrv.eacdn.com
www.bcloudhost.com
www.bet-at-home.com
xml.adright.co
103.194.169.88
130.211.54.133
173.239.53.18
185.91.0.2
193.124.183.237
195.181.174.17
213.196.2.2
216.21.13.11
2604:9e00:1:138::13
2606:4700:20::6819:8d77
2606:4700:30::6818:7e8c
2606:4700::6811:a6ba
2a00:1450:4001:818::2010
2a00:1450:4001:81f::200e
2a00:1450:4001:825::2001
35.190.64.167
46.105.201.240
51.68.204.117
91.92.196.190
01c5a7b2a3e6f87828b3b9753860d4c5f2ab3b45a8828b73d9456272e3ab5b05
16630c530ed87061cb1f2fa23c8769673a7ef186c3a9ae6cf641ad76d0e4ea1a
3c9492c846838f95336befccca83912fc19f61241bf665652fc4463f761fb640
48ef274c0f0973fcf30f5ddc943800f34121134c5389acadc3e4f66c6c2cd7b1
4e9df74a2654e54242ac36f10826cba1261c1f9152da9ff7504b2248c42463ad
733f73be5570a31ccadccdd4bbd71fdbc76d65ac3018edd361567ae83e16ee74
783ff1d76358e49dc951ef7319c38a75a69abf6bfc354546500f53d17e6e1b17
87f617b033bb78d999c23cb6a00e7f59b8838d25250c35bdf9a7b749b204f395
8e41bc7f0f9cbbb4bfe5567f5e5c2c41a29bebdf95c26ba6268469d21ed84492
a6bdfcd47d10e9491b11ac64c8000b525b1dfb3d7590668bc4637f05a50f183b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f40629c23a836e01b658c453227322256214dd80b716b9e00531ffdbc811285a
fefc31fe8b6a75aa50147bc062e2ed750e20c8d78fb24a02342c17f15f2f261a