urlscan.io logo urlscan.io
SecurityTrails logo

www.tekdefense.com Open in urlscan Pro
198.185.159.176  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.tekdefense.com/downloads/malware-samples/
Submission: On June 19 via manual
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 41 HTTP transactions. The main IP is 198.185.159.176, located in United States and belongs to SQUARESPACE - Squarespace, Inc., US. The main domain is www.tekdefense.com.
This is the only time www.tekdefense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 198.185.159.176 53831 (SQUARESPACE)
2 23.210.248.226 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
41 6
34    198.185.159.176 (United States)

ASN53831 (SQUARESPACE - Squarespace, Inc., US)
www.tekdefense.com
2    23.210.248.226 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-226.deploy.static.akamaitechnologies.com
www.paypalobjects.com
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
34 www.tekdefense.com www.tekdefense.com
2 www.google-analytics.com www.tekdefense.com
2 www.paypalobjects.com www.tekdefense.com
1 fonts.gstatic.com ajax.googleapis.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com www.tekdefense.com
41 6
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2018-08-14 -
2020-08-18		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.tekdefense.com/downloads/malware-samples/
Frame ID: 55FDCBA517B13E5D5DBAC8291AE89866
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<input[^>]+_s-xclick/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i
Overall confidence: 100%
Detected patterns
  • script /lightbox.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/yui\/|yui\.yahooapis\.com)/i

Page Statistics

41
Requests

10 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

848 kB
Transfer

869 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 36
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=73207554&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TekDefense%20-%20Downloads&utmhid=762955934&utmr=-&utmp=%2Fdownloads%2Fmalware-samples%2F&utmht=1560970144541&utmac=UA-36587401-1&utmcc=__utma%3D110816000.1954406542.1560970144.1560970144.1560970144.1%3B%2B__utmz%3D110816000.1560970144.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=674631410&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=73207554&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TekDefense%20-%20Downloads&utmhid=762955934&utmr=-&utmp=%2Fdownloads%2Fmalware-samples%2F&utmht=1560970144541&utmac=UA-36587401-1&utmcc=__utma%3D110816000.1954406542.1560970144.1560970144.1560970144.1%3B%2B__utmz%3D110816000.1560970144.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=674631410&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.tekdefense.com/downloads/malware-samples/ 		45 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
676c75279bb56eb0a05a9e490037636231a4e2dc88de324f614f2f5aa42d14e4

Request headers

Host
www.tekdefense.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Set-Cookie
JSESSIONID=7A81E3699B32FCEBDB002CF330F42F24.v5-web019; Path=/; HttpOnly
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Date
Wed, 19 Jun 2019 18:49:02 GMT
x-contextid
JpoFZCIe/UM7t9MoO
x-servedby
v5-web019
x-via
1.1 echo005
server
Squarespace
common.css
www.tekdefense.com/display/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
343a4e7b227443d9a0271fafd164c1ee68e2a10c6673555d88c53a369f228ef8

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
server
Squarespace
x-contextid
UQmYZuuA/6A4QucQQ
Transfer-Encoding
chunked
x-via
1.1 echo018
Cache-Control
max-age=94608000, private
x-servedby
v5-web002
Content-Type
text/css
squarespace-gallery-slideshow.css
www.tekdefense.com/universal/styles/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/styles/squarespace-gallery-slideshow.css?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
bf1a62c3dd9d41a6e07e7d8085d73a6d6f4da10f000578f69f8f31ec7689aaa7

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:14 GMT
server
Squarespace
x-contextid
ByBKuuSY/mUu3J9ne
ETag
W/"4592-1559836094000"
Content-Type
text/css
Cache-Control
private,max-age=94608000
x-servedby
v5-web006
Accept-Ranges
bytes
Content-Length
4592
x-via
1.1 echo015
yahoo-dom-event.js
www.tekdefense.com/universal/yui/yahoo-dom-event/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
6366210ee3e98e8dbeb12ddb208aa5bf84a0e550b1ee7bc108154bed17d5fd86

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
cDnsYNTh/i3CjvSAi
ETag
W/"36989-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web011
Accept-Ranges
bytes
Content-Length
36989
x-via
1.1 echo011
connection_core-min.js
www.tekdefense.com/universal/yui/connection/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/connection/connection_core-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
dc493b884b5c1dd9cc927347a08a650c23ac5db728c6e76f359ea5d44b465eab

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
eMhszaG4/q2QpfDBd
ETag
W/"7581-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web004
Accept-Ranges
bytes
Content-Length
7581
x-via
1.1 echo132
json-min.js
www.tekdefense.com/universal/yui/json/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/json/json-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
e4778b5e74de16953704058db3fc86b02d8cbf4e18c48b86b17da13e66c08660

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
zgItauT6/AdP58lUa
ETag
W/"4890-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web016
Accept-Ranges
bytes
Content-Length
4890
x-via
1.1 echo009
animation-min.js
www.tekdefense.com/universal/yui/animation/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/animation/animation-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
a80737f8fdf73f43cf3f9e19ce5a248f4d324823a0b9fe3d5b183104c5f0f914

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
JpoFZCIe/OLGXP32p
ETag
W/"13827-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web001
Accept-Ranges
bytes
Content-Length
13827
x-via
1.1 echo005
selector.js
www.tekdefense.com/universal/yui/selector/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/selector/selector.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
b9b49c94efe4f8c5376973cf127a967b31b0b0c5ff78270b4975afc51b23d02b

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
eMhszaG4/4T7pa2h2
ETag
W/"21705-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web005
Accept-Ranges
bytes
Content-Length
21705
x-via
1.1 echo132
element.js
www.tekdefense.com/universal/yui/element/ 		32 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/element/element.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
3f781e1ec8ab4da1b5277fd277a4243d4ea9d2fa38990c507b989870b3e9e39a

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
ByBKuuSY/EPcYbO95
ETag
W/"33056-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web007
Accept-Ranges
bytes
Content-Length
33056
x-via
1.1 echo015
global.js
www.tekdefense.com/universal/scripts/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/global.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
5163153f73bcb9d1a994adee45d155088ce2bfdcc760a3531a31e7e1057599e2

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
zgItauT6/6jN7gUya
ETag
W/"46629-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web018
Accept-Ranges
bytes
Content-Length
46629
x-via
1.1 echo009
lightbox.js
www.tekdefense.com/universal/scripts/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/lightbox.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
141e453c0954d4d72869df1454692b1191eb1f3a14583dba6711f47505cfeb95

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
cDnsYNTh/XDabvIYT
ETag
W/"32767-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web014
Accept-Ranges
bytes
Content-Length
32767
x-via
1.1 echo011
api.js
www.tekdefense.com/universal/scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/api.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
966df6347e0edba690c2156333bdebb32c60f958538064654259678ddfdc4f21

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
JpoFZCIe/ogZ2ZD10
ETag
W/"6752-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web002
Accept-Ranges
bytes
Content-Length
6752
x-via
1.1 echo005
base64.js
www.tekdefense.com/universal/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/base64.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
a275d31e71f53519347ba3027d094b0106d58856342b84f529a69a4cd3259d29

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
ByBKuuSY/V7Z3WpZ7
ETag
W/"1642-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web009
Accept-Ranges
bytes
Content-Length
1642
x-via
1.1 echo015
census.js
www.tekdefense.com/universal/scripts/ 		543 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/census.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
3c46620115be1a968545f16eba340f39e28ea9a5ed4629948639dcb4226a49d1

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:03 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
eMhszaG4/X7sFNihJ
ETag
W/"543-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web006
Accept-Ranges
bytes
Content-Length
543
x-via
1.1 echo132
yahoo-min.js
www.tekdefense.com/universal/yui/yahoo/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/yahoo/yahoo-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
47df390a9b23013b1010534cfc2142ddeafa17cd1e858a1613f9a9575bbe3ddb

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
cDnsYNTh/6z6PrPwk
ETag
W/"6153-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web017
Accept-Ranges
bytes
Content-Length
6153
x-via
1.1 echo011
event-min.js
www.tekdefense.com/universal/yui/event/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/event/event-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
d557f7f21a2311c772e03a2f02b9952b6fa91f5d53a48bd32b0b5a1aa30cc322

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:03 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
JpoFZCIe/8fz4o0ZK
ETag
W/"14509-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web004
Accept-Ranges
bytes
Content-Length
14509
x-via
1.1 echo005
event-mouseenter-min.js
www.tekdefense.com/universal/yui/event-mouseenter/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/event-mouseenter/event-mouseenter-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
766ae4dc020e4eaf40f8314f293a86c8ad6cfa88f9920378113851ee8c4581f9

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
zgItauT6/gyIYCuB4
ETag
W/"1456-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web001
Accept-Ranges
bytes
Content-Length
1456
x-via
1.1 echo009
element-min.js
www.tekdefense.com/universal/yui/element/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/element/element-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
33de387b78bcb6b6db5ede6fb2e3a171f9439c11fc6cf2e2283a75e8f5ac8680

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:16 GMT
server
Squarespace
x-contextid
UQmYZuuA/ufyNXT1K
ETag
W/"9242-1559836096000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web009
Accept-Ranges
bytes
Content-Length
9242
x-via
1.1 echo018
social.js
www.tekdefense.com/universal/scripts/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/social.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
dbdac0b481b218f965804e1ea18a1d49316773fd30dd4aeaf0f55cda574638a0

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
ByBKuuSY/HIopBiRQ
ETag
W/"37458-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web010
Accept-Ranges
bytes
Content-Length
37458
x-via
1.1 echo015
datefmt.js
www.tekdefense.com/universal/scripts/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/datefmt.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
e5dd8953f34fb7086704b874dccacebd022a6d824f6c118ea51814f03ba87bbb

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
cDnsYNTh/mPKicXX1
ETag
W/"11659-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web019
Accept-Ranges
bytes
Content-Length
11659
x-via
1.1 echo011
yui2-yui3-bridge.js
www.tekdefense.com/universal/scripts/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/yui2-yui3-bridge.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
2f9ff181474313a332c97bbee9db56f7bcfdf5c0e02b8129e6d98e2892199588

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:03 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
eMhszaG4/q7xvyB1a
ETag
W/"12027-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web007
Accept-Ranges
bytes
Content-Length
12027
x-via
1.1 echo132
squarespace-gallery-slideshow.js
www.tekdefense.com/universal/scripts/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/squarespace-gallery-slideshow.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
4d3c90227aea70a3733ff1d8c46f42f43323d763764232390d50a9643bdd15c1

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:03 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
zgItauT6/c5ee1jR1
ETag
W/"21566-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=94608000
x-servedby
v5-web006
Accept-Ranges
bytes
Content-Length
21566
x-via
1.1 echo009
cookie-min.js
www.tekdefense.com/universal/scripts/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/cookie-min.js
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
27c757e3c8fd36b0356cf4d8f889ebad92688c23338baaf3abae30736ce21feb

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
JpoFZCIe/uOs16jEh
ETag
W/"4401-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=14400
x-servedby
v5-web005
Accept-Ranges
bytes
Content-Length
4401
x-via
1.1 echo005
eu-cookie-policy.js
www.tekdefense.com/universal/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/eu-cookie-policy.js
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
a291ec1d6fd94c27c3c163fcf50ea118d548c64b38f95bb203958091df19b03b

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:49:02 GMT
server
Squarespace
x-contextid
UQmYZuuA/MkpinbGX
ETag
W/"1682-1559836142000"
Content-Type
text/javascript
Cache-Control
private,max-age=14400
x-servedby
v5-web011
Accept-Ranges
bytes
Content-Length
1682
x-via
1.1 echo018
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jun 2019 18:49:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 May 2018 20:41:52 GMT
server
Apache
strict-transport-security
max-age=31536000
p3p
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
status
200
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-type
image/gif
content-length
2993
expires
Wed, 19 Jun 2019 18:49:02 GMT
pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jun 2019 18:49:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 May 2018 20:41:53 GMT
server
Apache
strict-transport-security
max-age=31536000
p3p
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
status
200
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Wed, 19 Jun 2019 18:49:02 GMT
transparent.png
www.tekdefense.com/universal/images/ 		943 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/transparent.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
6cca495b4e82df5c80074f8ddaf0eb2f9c9f7dbbb56da13e3b31ac3e6fa1f9f8

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:02 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:14 GMT
server
Squarespace
x-contextid
ByBKuuSY/eAk0crV2
ETag
W/"943-1559836094000"
Content-Type
image/png
Cache-Control
private,max-age=14400
x-servedby
v5-web011
Accept-Ranges
bytes
Content-Length
943
x-via
1.1 echo015
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 21:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
1546984
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
5437
X-XSS-Protection
0
Expires
Sun, 31 May 2020 21:05:59 GMT
css
fonts.googleapis.com/ 		2 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Oswald:400
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3c0b01406f6bedc2b27aea0892218d4a5675e423a856080e9c9e30bfc7b61e10
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Jun 2019 18:49:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jun 2019 18:49:03 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Wed, 19 Jun 2019 18:49:03 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v23/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/oswald/v23/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8ac7a1c7f178e27f75575d0147b9d9e0ac51395017e3f9c4b0635dd35bab054b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Oswald:400
Origin
http://www.tekdefense.com

Response headers

Date
Fri, 31 May 2019 04:40:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 May 2019 18:23:40 GMT
Server
sffe
Age
1692532
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
12556
X-XSS-Protection
0
Expires
Sat, 30 May 2020 04:40:11 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
4287
date
Wed, 19 Jun 2019 17:37:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Wed, 19 Jun 2019 19:37:37 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
bg-wallpaper.png
www.tekdefense.com/universal/images/trials/module-images/ 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/trials/module-images/bg-wallpaper.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
9030e3d39c259d84cf0a9d2cc4f219b239a30551a8f5c1bd65ba755769f06c72

Request headers

Referer
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:03 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:14 GMT
server
Squarespace
x-contextid
UQmYZuuA/StP1KjCa
ETag
W/"371944-1559836094000"
Content-Type
image/png
Cache-Control
private,max-age=14400
x-servedby
v5-web020
Accept-Ranges
bytes
Content-Length
371944
x-via
1.1 echo018
diagonal-noise.png
www.tekdefense.com/layout/images/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/layout/images/diagonal-noise.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:03 GMT
server
Squarespace
x-contextid
ByBKuuSY/0j8s4WWi
x-via
1.1 echo015
Cache-Control
max-age=94608000, private
x-servedby
v5-web016
Content-Type
text/html;charset=UTF-8
Content-Length
0
feed-icon-12x12-orange.png
www.tekdefense.com/universal/images/xml/ 		552 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/xml/feed-icon-12x12-orange.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
98ea718868bb9a520da4777cd8a5ed5c76d123b77aa2e0289ab4bad638439b73

Request headers

Referer
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:03 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:14 GMT
server
Squarespace
x-contextid
JpoFZCIe/BhIvxlG7
ETag
W/"552-1559836094000"
Content-Type
image/png
Cache-Control
private,max-age=14400
x-servedby
v5-web009
Accept-Ranges
bytes
Content-Length
552
x-via
1.1 echo005
file.png
www.tekdefense.com/universal/images/core-resources/icons/blk_ko_18/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/core-resources/icons/blk_ko_18/file.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
5f1f2915a18465f40cd57b3c128372971ba62b3d8f04270ed04ba215fe96a84b

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:03 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:14 GMT
server
Squarespace
x-contextid
zgItauT6/Toest1SI
ETag
W/"2988-1559836094000"
Content-Type
image/png
Cache-Control
private,max-age=14400
x-servedby
v5-web012
Accept-Ranges
bytes
Content-Length
2988
x-via
1.1 echo009
RecordHit
www.tekdefense.com/process/ 		5 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/process/RecordHit?url=%2Fdownloads%2Fmalware-samples%2F&title=TekDefense%20-%20Downloads&viewportInnerHeight=1200&viewportInnerWidth=1585&screenHeight=1200&screenWidth=1600&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&referrer=&pixelRatio=1&event=View
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/connection/connection_core-min.js?CE=75
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
88561e211e862344bd3cc71c03f8ab25d8a79b9bdbaa1e083af7e0603f30f689

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

Date
Wed, 19 Jun 2019 18:49:03 GMT
x-contextid
eMhszaG4/4FJyU1JL
server
Squarespace
x-servedby
v5-web012
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
x-via
1.1 echo132
rest
www.tekdefense.com/api/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/api/rest?version=20100220&responseFormat=json&method=squarespace.rss.getFeed&moduleId=9769432&count=5&rnd=1560970144144
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/connection/connection_core-min.js?CE=75
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
eacfb105775ffbc9f5b1ef2db852bf4112742266f94a67feb809a3637f9cbddb

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

Date
Wed, 19 Jun 2019 18:49:04 GMT
x-contextid
cDnsYNTh/hJDBENoo
server
Squarespace
x-servedby
v5-web006
Content-Type
application/json
Transfer-Encoding
chunked
x-via
1.1 echo011
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=73207554&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TekD...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=73207554&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Tek...
35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=73207554&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TekDefense%20-%20Downloads&utmhid=762955934&utmr=-&utmp=%2Fdownloads%2Fmalware-samples%2F&utmht=1560970144541&utmac=UA-36587401-1&utmcc=__utma%3D110816000.1954406542.1560970144.1560970144.1560970144.1%3B%2B__utmz%3D110816000.1560970144.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=674631410&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jun 2019 18:49:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=73207554&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TekDefense%20-%20Downloads&utmhid=762955934&utmr=-&utmp=%2Fdownloads%2Fmalware-samples%2F&utmht=1560970144541&utmac=UA-36587401-1&utmcc=__utma%3D110816000.1954406542.1560970144.1560970144.1560970144.1%3B%2B__utmz%3D110816000.1560970144.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=674631410&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
overlay-arrow-left.png
www.tekdefense.com/universal/images/ 		507 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/overlay-arrow-left.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
ac3589cfb2021d42d48ae4c2fedb52f1f83348aac4067e5adf2d2b639a095d4b

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:04 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:14 GMT
server
Squarespace
x-contextid
UQmYZuuA/H4XkIg2P
ETag
W/"507-1559836094000"
Content-Type
image/png
Cache-Control
private,max-age=14400
x-servedby
v5-web004
Accept-Ranges
bytes
Content-Length
507
x-via
1.1 echo018
overlay-arrow-right.png
www.tekdefense.com/universal/images/ 		500 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/overlay-arrow-right.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
88033e8da0a1bcaa8cf968786caed4f1b6b540efafab9feed5f4b8c0f49cbb63

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:04 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:14 GMT
server
Squarespace
x-contextid
cDnsYNTh/001X1Hio
ETag
W/"500-1559836094000"
Content-Type
image/png
Cache-Control
private,max-age=14400
x-servedby
v5-web009
Accept-Ranges
bytes
Content-Length
500
x-via
1.1 echo011
loading.gif
www.tekdefense.com/universal/images/manager/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/manager/loading.gif
Protocol
HTTP/1.1
Security
, ,
Server
198.185.159.176 , United States, ASN53831 (SQUARESPACE - Squarespace, Inc., US),
Reverse DNS
Software
Squarespace /
Resource Hash
3ef4d4bdf2429f59661ebad5645f104dd285c84d35dfa265715662d08bb13bfc

Request headers

Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 19 Jun 2019 18:49:04 GMT
Last-Modified
Thu, 06 Jun 2019 15:48:14 GMT
server
Squarespace
x-contextid
eMhszaG4/5EV95KsE
ETag
W/"1248-1559836094000"
Content-Type
image/gif
Cache-Control
private,max-age=14400
x-servedby
v5-web015
Accept-Ranges
bytes
Content-Length
1248
x-via
1.1 echo132

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| WebFontConfig object| YAHOO object| D object| E object| Class function| bind function| ql_nt function| ql_csat function| ql_sifs function| ql_sfs function| openWindow function| getOpenerWindow function| closeWindow function| scrollToElement function| isVisible function| hideObject function| showObject function| noop function| smartSubmit function| smartLocation function| setCookie function| delCookie function| getCookie function| addEvent function| getWindowScroll function| toggleContentElement function| isDefined function| isLetter function| isDigit function| StringTokenizer function| showFullImage function| showPackedPosts object| Static object| Squarespace string| property function| showImage object| SSLightbox object| Connect object| WebFont object| Base64 number| FLICKR_SIZE_THUMBNAIL number| FLICKR_SIZE_SQUARE number| FLICKR_SIZE_SMALL number| FLICKR_SIZE_MEDIUM string| FLICKR_URL_THUMBNAIL string| FLICKR_URL_SQUARE string| FLICKR_URL_SMALL string| FLICKR_URL_MEDIUM function| addDateFormat function| fillDateFormatBox function| DateFormat function| _DateFormat_format function| _DateFormat_setStyle function| _DateFormat_consume function| _DateFormat_formatNumber function| _DateFormat_formatEra function| _DateFormat_formatMonth function| _DateFormat_formatWeekday function| _DateFormat_formatAMPM function| _DateFormat_formatTimezone function| _DateFormat_formatMillis function| _DateFormat_formatYear function| _DFSymbol function| _DFSymbol_format function| Locale function| _Locale_toString function| copy object| tmp function| YUI object| Y object| rssWidget9769432 object| _gaq string| key object| _gat object| gaGlobal

9 Cookies

Domain/Path Name / Value
.tekdefense.com/ Name: __utmc
Value: 110816000
.tekdefense.com/ Name: __utmb
Value: 110816000.1.10.1560970144
www.tekdefense.com/ Name: JSESSIONID
Value: 547EBE14A4F13D3F83B7D5E37943E38A.v5-web006
.tekdefense.com/ Name: ss_cpvisit
Value: 1560970144239
.tekdefense.com/ Name: __utma
Value: 110816000.1954406542.1560970144.1560970144.1560970144.1
.tekdefense.com/ Name: __utmt
Value: 1
.tekdefense.com/ Name: __utmz
Value: 110816000.1560970144.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.tekdefense.com/ Name: ss_cvisit
Value: 1560970144239
.tekdefense.com/ Name: ss_cid
Value: 3b6de9cf-dd47-49bb-8aae-c4c71cfb3427

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
www.paypalobjects.com
www.tekdefense.com
198.185.159.176
23.210.248.226
2a00:1450:4001:817::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::200e
2a00:1450:4001:820::200a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
141e453c0954d4d72869df1454692b1191eb1f3a14583dba6711f47505cfeb95
27c757e3c8fd36b0356cf4d8f889ebad92688c23338baaf3abae30736ce21feb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f9ff181474313a332c97bbee9db56f7bcfdf5c0e02b8129e6d98e2892199588
33de387b78bcb6b6db5ede6fb2e3a171f9439c11fc6cf2e2283a75e8f5ac8680
343a4e7b227443d9a0271fafd164c1ee68e2a10c6673555d88c53a369f228ef8
3c0b01406f6bedc2b27aea0892218d4a5675e423a856080e9c9e30bfc7b61e10
3c46620115be1a968545f16eba340f39e28ea9a5ed4629948639dcb4226a49d1
3ef4d4bdf2429f59661ebad5645f104dd285c84d35dfa265715662d08bb13bfc
3f781e1ec8ab4da1b5277fd277a4243d4ea9d2fa38990c507b989870b3e9e39a
47df390a9b23013b1010534cfc2142ddeafa17cd1e858a1613f9a9575bbe3ddb
4d3c90227aea70a3733ff1d8c46f42f43323d763764232390d50a9643bdd15c1
5163153f73bcb9d1a994adee45d155088ce2bfdcc760a3531a31e7e1057599e2
5f1f2915a18465f40cd57b3c128372971ba62b3d8f04270ed04ba215fe96a84b
6366210ee3e98e8dbeb12ddb208aa5bf84a0e550b1ee7bc108154bed17d5fd86
676c75279bb56eb0a05a9e490037636231a4e2dc88de324f614f2f5aa42d14e4
6cca495b4e82df5c80074f8ddaf0eb2f9c9f7dbbb56da13e3b31ac3e6fa1f9f8
766ae4dc020e4eaf40f8314f293a86c8ad6cfa88f9920378113851ee8c4581f9
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88033e8da0a1bcaa8cf968786caed4f1b6b540efafab9feed5f4b8c0f49cbb63
88561e211e862344bd3cc71c03f8ab25d8a79b9bdbaa1e083af7e0603f30f689
8ac7a1c7f178e27f75575d0147b9d9e0ac51395017e3f9c4b0635dd35bab054b
9030e3d39c259d84cf0a9d2cc4f219b239a30551a8f5c1bd65ba755769f06c72
966df6347e0edba690c2156333bdebb32c60f958538064654259678ddfdc4f21
98ea718868bb9a520da4777cd8a5ed5c76d123b77aa2e0289ab4bad638439b73
a275d31e71f53519347ba3027d094b0106d58856342b84f529a69a4cd3259d29
a291ec1d6fd94c27c3c163fcf50ea118d548c64b38f95bb203958091df19b03b
a80737f8fdf73f43cf3f9e19ce5a248f4d324823a0b9fe3d5b183104c5f0f914
ac3589cfb2021d42d48ae4c2fedb52f1f83348aac4067e5adf2d2b639a095d4b
b9b49c94efe4f8c5376973cf127a967b31b0b0c5ff78270b4975afc51b23d02b
bf1a62c3dd9d41a6e07e7d8085d73a6d6f4da10f000578f69f8f31ec7689aaa7
d557f7f21a2311c772e03a2f02b9952b6fa91f5d53a48bd32b0b5a1aa30cc322
dbdac0b481b218f965804e1ea18a1d49316773fd30dd4aeaf0f55cda574638a0
dc493b884b5c1dd9cc927347a08a650c23ac5db728c6e76f359ea5d44b465eab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4778b5e74de16953704058db3fc86b02d8cbf4e18c48b86b17da13e66c08660
e5dd8953f34fb7086704b874dccacebd022a6d824f6c118ea51814f03ba87bbb
eacfb105775ffbc9f5b1ef2db852bf4112742266f94a67feb809a3637f9cbddb
fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3