urlscan.io logo urlscan.io
SecurityTrails logo

blackteam.altervista.org Open in urlscan Pro
104.27.152.138  Public Scan

Go To Rescan Add Verdict Report
URL: http://blackteam.altervista.org/blackteam/
Submission: On September 21 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 19 HTTP transactions. The main IP is 104.27.152.138, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is blackteam.altervista.org.
This is the only time blackteam.altervista.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.27.152.138 13335 (CLOUDFLAR...)
3 78.129.205.126 20860 (IOMART-AS)
1 2a01:578:3::3... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 216.58.205.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 9
1    104.27.152.138 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
blackteam.altervista.org
3    78.129.205.126 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: st19.altervista.org
en.ad.altervista.org
st19.altervista.org
1    2a01:578:3::36d9:d19e (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
euasync01.admantx.com
2    2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
pagead2.googlesyndication.com
2    2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
4    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:816::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
4    2a00:1450:4001:820::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
tpc.googlesyndication.com
1    2a00:1450:4001:820::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
amp-error-reporting.appspot.com
Domain Requested by
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
blackteam.altervista.org
3 cdn.ampproject.org securepubads.g.doubleclick.net
2 st19.altervista.org en.ad.altervista.org
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
blackteam.altervista.org
1 amp-error-reporting.appspot.com cdn.ampproject.org
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com en.ad.altervista.org
1 euasync01.admantx.com en.ad.altervista.org
1 en.ad.altervista.org blackteam.altervista.org
1 blackteam.altervista.org
19 12

This site contains no links.

Subject Issuer Validity Valid
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
misc-sni.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.appspot.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://blackteam.altervista.org/blackteam/
Frame ID: 2E258E193B7845EE177EB5BCBD2AA38C
Requests: 12 HTTP requests in this frame

Frame: http://st19.altervista.org/iframe.ad/1517430470/x=0/y=0/f=0/pe=0/av_u=blackteam/avadv=1/expert=ADX_N_other/avadv_cnt=1/ac=circuiti_eng/sz=1600x1200
Frame ID: E830A9666686EBF7760769AC25CFD793
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js
Frame ID: 0A0429B2584073609069E132210F064F
Requests: 5 HTTP requests in this frame

Frame: http://st19.altervista.org/index.html?track=GPTslotRenderEnded&ipc=1517430470&empty=false&track=true&size=300x250
Frame ID: 98DBFC8F5C99ECA2DEF300DBEF460CB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i

Page Statistics

19
Requests

58 %
HTTPS

67 %
IPv6

9
Domains

12
Subdomains

9
IPs

3
Countries

282 kB
Transfer

770 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
blackteam.altervista.org/blackteam/ 		278 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
http://blackteam.altervista.org/blackteam/
Protocol
HTTP/1.1
Server
104.27.152.138 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1e79f4ee1b13733abeb75174e31f02f17ecbd53e3655f75971d2a4e9adc60ff

Request headers

Host
blackteam.altervista.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Sep 2018 12:34:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d21e9894d420bc947051ad392b7da9df81537533255; expires=Sat, 21-Sep-19 12:34:15 GMT; path=/; domain=.blackteam.altervista.org; HttpOnly
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
45dc909c6057236c-FRA
Content-Encoding
gzip
/
en.ad.altervista.org/js.ad/size=300X250/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://en.ad.altervista.org/js.ad/size=300X250/?ref=blackteam.altervista.org%2Fblackteam%2F&r=1537533255164
Requested by
Host: blackteam.altervista.org
URL: http://blackteam.altervista.org/blackteam/
Protocol
HTTP/1.1
Server
78.129.205.126 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
st19.altervista.org
Software
adserver /
Resource Hash
a85be5e71e0b7ba53e34e878bbcaf53acea90c23bb44b4bca549ea82248d24b5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
en.ad.altervista.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://blackteam.altervista.org/blackteam/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Sep 2018 12:34:14 GMT
Cache-Control
no-cache
Server
adserver
Content-Length
11807
Content-Type
application/x-javascript
service
euasync01.admantx.com/admantx/ 		215 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
http://euasync01.admantx.com/admantx/service?request=%7B%20tag%3A%2284_300x250%22%2C%20key%3A%2269abaf6b2f7ca5773c43d4f4659194c6e187d375e984ac967929bcd50f0670bc%22%2Cmethod%3A%22descriptor%22%2Cfilter%3A%22default%22%2Cdecorator%3A%22template.altervista%22%2Ctype%3A%22URL%22%2Cmode%3A%22async%22%2Cbody%3A%22http%3A%2F%2Fblackteam.altervista.org%2Fblackteam%2F%22%2Ccustom1%3A%22%22%7D
Requested by
Host: en.ad.altervista.org
URL: http://en.ad.altervista.org/js.ad/size=300X250/?ref=blackteam.altervista.org%2Fblackteam%2F&r=1537533255164
Protocol
HTTP/1.1
Server
2a01:578:3::36d9:d19e , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f3b380df61d9cf865b1d029722898c8888307a6c40aa3bc2de000c56dd8ed3d4

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Sep 2018 12:34:15 GMT
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
215
Content-Type
text/plain; charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: en.ad.altervista.org
URL: http://en.ad.altervista.org/js.ad/size=300X250/?ref=blackteam.altervista.org%2Fblackteam%2F&r=1537533255164
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d7922cb1ba572bd14e4dc0f423018e4f35267bda9e20a872dc850e242060087e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Sep 2018 12:34:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"8 / 356 of 1000 / last-modified: 1537489750"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
7872
X-XSS-Protection
1; mode=block
Expires
Fri, 21 Sep 2018 12:34:15 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=blackteam.altervista.org
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 Sep 2018 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=blackteam.altervista.org
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 Sep 2018 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_249.js
securepubads.g.doubleclick.net/gpt/ 		182 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
sffe /
Resource Hash
308b88046da3cb8c99042d803173dee196d6501925fd3c86ccf8f9e2d7f7d04a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 13:39:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
64039
x-xss-protection
1; mode=block
expires
Fri, 21 Sep 2018 12:34:15 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1963059820156232&correlator=785187793787494&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=370204027%2C21062457%2C21062288%2C21062389&vrg=249&guci=1.2.0.0.2.2.0&sc=0&sfv=1-0-29&iu=%2F4758%2Faltervista%2Fcircuiti_eng&sz=300x250&scp=av_group%3D84%26sz%3D300x250%26pos%3Dtop%26tile%3D1%26ADX%3DADX_N_other%26ord%3D6485292333&eri=4&cookie_enabled=1&bc=7&abxe=1&lmt=1537533255&dt=1537533255814&dlt=1537533255160&idt=248&frm=20&biw=1600&bih=1200&oid=3&adx=0&ady=0&adk=2868125754&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fblackteam.altervista.org%2Fblackteam%2F&dssz=7&icsg=170&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=1148556422.1537533256&ga_sid=1537533256&ga_hid=2052353657
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
7e9c4cbf94e17d9fa6109db6dba747ccca1b97e600057cf92bfbfa81e8db0de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://blackteam.altervista.org/blackteam/
Origin
http://blackteam.altervista.org

Response headers

date
Fri, 21 Sep 2018 12:34:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
4465
x-xss-protection
1; mode=block
google-lineitem-id
67948097
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
27981909497
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://blackteam.altervista.org
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_249.js
securepubads.g.doubleclick.net/gpt/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_249.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
sffe /
Resource Hash
f7eeefc1dd6f250f4c4b89a1fef2d0fb85b280042059f1f2ee0d11de20c34e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 13:39:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
19757
x-xss-protection
1; mode=block
expires
Fri, 21 Sep 2018 12:34:15 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Expires
Fri, 13 Sep 2019 20:57:17 GMT
Cache-Control
public, immutable, max-age=31536000
Last-Modified
Mon, 11 Jun 2018 14:38:59 GMT
Content-Type
text/html
sz=1600x1200
st19.altervista.org/iframe.ad/1517430470/x=0/y=0/f=0/pe=0/av_u=blackteam/avadv=1/expert=ADX_N_other/avadv_cnt=1/ac=circuiti_eng/ Frame E830 		0
161 B 		Document
General
Check archive.org
Download Go to
Full URL
http://st19.altervista.org/iframe.ad/1517430470/x=0/y=0/f=0/pe=0/av_u=blackteam/avadv=1/expert=ADX_N_other/avadv_cnt=1/ac=circuiti_eng/sz=1600x1200
Requested by
Host: en.ad.altervista.org
URL: http://en.ad.altervista.org/js.ad/size=300X250/?ref=blackteam.altervista.org%2Fblackteam%2F&r=1537533255164
Protocol
HTTP/1.1
Server
78.129.205.126 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
st19.altervista.org
Software
adserver /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
st19.altervista.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://blackteam.altervista.org/blackteam/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://blackteam.altervista.org/blackteam/

Response headers

Pragma
no-cache
Cache-Control
no-cache
Content-Type
text/html
Content-Length
0
Date
Fri, 21 Sep 2018 12:34:15 GMT
Server
adserver
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011809142227020/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011809142227020/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a974db9973ac2b1766eedd50026483b12c2a7955b9a209913201de78115d1ddf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
315197
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7566
x-xss-protection
1; mode=block
last-modified
Sat, 15 Sep 2018 00:45:00 GMT
server
sffe
date
Mon, 17 Sep 2018 21:00:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2019 21:00:59 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011809142227020/ Frame 0A04 		262 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3a3a765973dabc545b40d123d851fc948a629c7c4f5694893e8f596a63beeecb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
314515
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
84906
x-xss-protection
1; mode=block
last-modified
Sat, 15 Sep 2018 00:45:00 GMT
server
sffe
date
Mon, 17 Sep 2018 21:12:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2019 21:12:21 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011809142227020/v0/ Frame 0A04 		117 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011809142227020/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
74cd2a4a115bf7bb7155619565b3bfa6e8b78911abab2a5b7f37586784b7bb7d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
316945
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
38035
x-xss-protection
1; mode=block
last-modified
Sat, 15 Sep 2018 00:45:00 GMT
server
sffe
date
Mon, 17 Sep 2018 20:31:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2019 20:31:51 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 21 Sep 2018 11:44:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
2996
ETag
11408177114345171100
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
26901
X-XSS-Protection
1; mode=block
Expires
Fri, 21 Sep 2018 12:44:20 GMT
index.html
st19.altervista.org/ Frame 98DB 		2 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
http://st19.altervista.org/index.html?track=GPTslotRenderEnded&ipc=1517430470&empty=false&track=true&size=300x250
Requested by
Host: en.ad.altervista.org
URL: http://en.ad.altervista.org/js.ad/size=300X250/?ref=blackteam.altervista.org%2Fblackteam%2F&r=1537533255164
Protocol
HTTP/1.1
Server
78.129.205.126 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
st19.altervista.org
Software
adserver /
Resource Hash
e16f1596201850fd4a63680b27f603cb64e67176159be3d8ed78a4403fdb1700

Request headers

Host
st19.altervista.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://blackteam.altervista.org/blackteam/
Accept-Encoding
gzip, deflate
Cookie
__gads=ID=37ec8fc6d0419b81:T=1537533255:S=ALNI_Mb1hnFhsECWzAFL6iavOWrwr1-sqQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://blackteam.altervista.org/blackteam/

Response headers

Content-Type
text/html
Accept-Ranges
bytes
ETag
"2227160037"
Last-Modified
Thu, 21 Feb 2013 10:47:31 GMT
Content-Length
2
Date
Fri, 21 Sep 2018 12:34:15 GMT
Server
adserver
8286953937050804271
tpc.googlesyndication.com/simgad/ Frame 0A04 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8286953937050804271
Requested by
Host: blackteam.altervista.org
URL: http://blackteam.altervista.org/blackteam/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce8b447669207855cc9f469cda04633a3ac4a7e5bb4fa303b72f727f762ff74a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:58:33 GMT
x-content-type-options
nosniff
age
16543
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
19019
x-xss-protection
1; mode=block
last-modified
Mon, 14 Oct 2013 09:11:44 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2019 07:58:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0A04 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvp1Iu_ytIQ_800RZNF8Ks1ykm6kafGNcIrunOT_Jum7WyOvUhzWE919vau2D65ovEjHf7d5MRA4qCZfj1XNLlFQZOTCSu2UClDi0qB7UARaxSzhbc65tXk635LwszHjKjKKZUoL9O096JZ0_x85m8x5ddlKK0pO51AHP-vAvAZVn3l9PvOM_JtSlLdo1poRQQz7wDBqD5j1zVqn5gza0Y1lxB9CDx5tPfeY-t3QnWPdaiazQ-TnSRriZaIJ3sSStFkxRFmmHrKIQ&sai=AMfl-YRemoXh8J0r3seRgODfpJyH3NKS1wLWpjNo53nFWvAijHXueF3mWCawGmm3LKyXP6kMzid9wbOVk8T8JwMq2DpDxaeJ1AvyExkbsnaD&sig=Cg0ArKJSzBo9HskYpyVJEAE&adurl=
Requested by
Host: blackteam.altervista.org
URL: http://blackteam.altervista.org/blackteam/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://blackteam.altervista.org/blackteam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 Sep 2018 12:34:16 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 21 Sep 2018 12:34:16 GMT
r
amp-error-reporting.appspot.com/ Frame 0A04 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
http://blackteam.altervista.org/blackteam/
Origin
http://blackteam.altervista.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Sep 2018 12:34:17 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| avadv number| av_adsense_flag object| googletag object| av_post object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming object| closure_memoize_cache_ undefined| google_measure_js_timing string| ADX_label string| ADX_lemmas string| ADX_people string| ADX_companies string| ADX_places string| ADX_categories boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

0 Cookies

3 Console Messages

Source Level URL
Text
console-api info URL: http://en.ad.altervista.org/js.ad/size=300X250/?ref=blackteam.altervista.org%2Fblackteam%2F&r=1537533255164(Line 259)
Message:
avadv#%d: %s %s %dx%d
console-api info URL: https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js(Line 538)
Message:
Powered by AMP ⚡ HTML – Version 1809142227020
console-api error URL: https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js(Line 96)
Message:
localStorage not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
amp-error-reporting.appspot.com
blackteam.altervista.org
cdn.ampproject.org
en.ad.altervista.org
euasync01.admantx.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
st19.altervista.org
tpc.googlesyndication.com
www.googletagservices.com
104.27.152.138
216.58.205.226
2a00:1450:4001:816::2001
2a00:1450:4001:817::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2001
2a00:1450:4001:820::2014
2a01:578:3::36d9:d19e
78.129.205.126
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
308b88046da3cb8c99042d803173dee196d6501925fd3c86ccf8f9e2d7f7d04a
3a3a765973dabc545b40d123d851fc948a629c7c4f5694893e8f596a63beeecb
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
74cd2a4a115bf7bb7155619565b3bfa6e8b78911abab2a5b7f37586784b7bb7d
7e9c4cbf94e17d9fa6109db6dba747ccca1b97e600057cf92bfbfa81e8db0de0
a1e79f4ee1b13733abeb75174e31f02f17ecbd53e3655f75971d2a4e9adc60ff
a85be5e71e0b7ba53e34e878bbcaf53acea90c23bb44b4bca549ea82248d24b5
a974db9973ac2b1766eedd50026483b12c2a7955b9a209913201de78115d1ddf
ce8b447669207855cc9f469cda04633a3ac4a7e5bb4fa303b72f727f762ff74a
d7922cb1ba572bd14e4dc0f423018e4f35267bda9e20a872dc850e242060087e
e16f1596201850fd4a63680b27f603cb64e67176159be3d8ed78a4403fdb1700
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3b380df61d9cf865b1d029722898c8888307a6c40aa3bc2de000c56dd8ed3d4
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
f7eeefc1dd6f250f4c4b89a1fef2d0fb85b280042059f1f2ee0d11de20c34e98