urlscan.io logo urlscan.io
SecurityTrails logo

www.refstevorq.net Open in urlscan Pro
104.109.69.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://refstevorq.net/gtyd24
Effective URL: https://www.refstevorq.net/gtyd24/
Submission: On October 28 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 17 HTTP transactions. The main IP is 104.109.69.111, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is www.refstevorq.net.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 22nd 2019. Valid for: 7 months.
This is the only time www.refstevorq.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.178.100.28 17035 (NBCUNI-17035)
3 8 104.109.69.111 20940 (AKAMAI-ASN1)
3 184.51.9.85 16625 (AKAMAI-AS)
2 52.30.196.88 16509 (AMAZON-02)
1 184.30.216.237 20940 (AKAMAI-ASN1)
1 151.101.14.110 54113 (FASTLY)
1 162.247.242.19 23467 (NEWRELIC-...)
1 52.30.78.155 16509 (AMAZON-02)
2 52.31.190.58 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
1 66.117.29.4 15224 (OMNITURE)
17 9
1    216.178.100.28 (United States)

ASN17035 (NBCUNI-17035 - NBCUniversal, US)
refstevorq.net
8    104.109.69.111 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-69-111.deploy.static.akamaitechnologies.com
www.refstevorq.net
3    184.51.9.85 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a184-51-9-85.deploy.static.akamaitechnologies.com
assets.adobedtm.com
2    52.30.196.88 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-196-88.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    184.30.216.237 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-30-216-237.deploy.static.akamaitechnologies.com
cdn.tt.omtrdc.net
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
1    52.30.78.155 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-78-155.eu-west-1.compute.amazonaws.com
usanetworks.demdex.net
2    52.31.190.58 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-190-58.eu-west-1.compute.amazonaws.com
nbcume.sc.omtrdc.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    66.117.29.4 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
usanetworks.tt.omtrdc.net
Domain Requested by
8 www.refstevorq.net 3 redirects www.refstevorq.net
3 assets.adobedtm.com www.refstevorq.net
assets.adobedtm.com
2 nbcume.sc.omtrdc.net assets.adobedtm.com
2 dpm.demdex.net assets.adobedtm.com
1 usanetworks.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 usanetworks.demdex.net assets.adobedtm.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.refstevorq.net
1 cdn.tt.omtrdc.net assets.adobedtm.com
1 refstevorq.net 1 redirects
17 11

This site contains links to these domains. Also see Links.

Domain
www.usanetwork.com
www.nbcuniversal.com
Subject Issuer Validity Valid
www.colonytv.com
DigiCert SHA2 Secure Server CA		 2019-10-22 -
2020-06-01		 7 months crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-10-22 -
2021-10-01		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-26 -
2020-11-25		 3 years crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2019-04-23 -
2020-04-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.refstevorq.net/gtyd24/
Frame ID: 9D82365798CE23FC330D1E50D311AEC3
Requests: 16 HTTP requests in this frame

Frame: https://usanetworks.demdex.net/dest5.html?d_nsid=0
Frame ID: 0F68F43F6A25CBB332FB5DCECB159DFA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://refstevorq.net/gtyd24 HTTP 301
    http://www.refstevorq.net/ HTTP 301
    https://www.refstevorq.net/ HTTP 301
    http://www.refstevorq.net/gtyd24/ HTTP 301
    https://www.refstevorq.net/gtyd24/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /\(Amazon\)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • headers server /\(Amazon\)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

9
IPs

4
Countries

110 kB
Transfer

307 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://refstevorq.net/gtyd24 HTTP 301
    http://www.refstevorq.net/ HTTP 301
    https://www.refstevorq.net/ HTTP 301
    http://www.refstevorq.net/gtyd24/ HTTP 301
    https://www.refstevorq.net/gtyd24/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://cm.everesttech.net/cm/dd?d_uuid=42981027969867626664402617467181098282 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XbdPeAAAE91szzx0

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.refstevorq.net/gtyd24/
Redirect Chain
  • http://refstevorq.net/gtyd24
  • http://www.refstevorq.net/
  • https://www.refstevorq.net/
  • http://www.refstevorq.net/gtyd24/
  • https://www.refstevorq.net/gtyd24/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.refstevorq.net/gtyd24/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.69.111 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-111.deploy.static.akamaitechnologies.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash
ff4e2b740cfcbe70342e36ab1faf71ba4f6e2dd856757a46f9574fbe30d2e2b4
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1;mode=block

Request headers

Host
www.refstevorq.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Type
text/html
ETag
"1b23-595efba99a0d0-gzip"
Last-Modified
Mon, 28 Oct 2019 03:02:23 GMT
Server
Apache/2.4.39 (Amazon)
x-frame-options
deny
Content-Length
3195
Expires
Mon, 28 Oct 2019 20:28:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 28 Oct 2019 20:28:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
Strict-Transport-Security
max-age=0
X-XSS-Protection
1;mode=block
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://www.refstevorq.net/gtyd24/
Expires
Mon, 28 Oct 2019 20:28:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 28 Oct 2019 20:28:39 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=0
X-XSS-Protection
1;mode=block
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
style.css
www.refstevorq.net/gtyd24/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refstevorq.net/gtyd24/css/style.css
Requested by
Host: www.refstevorq.net
URL: https://www.refstevorq.net/gtyd24/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.69.111 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-111.deploy.static.akamaitechnologies.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash
1f4b890d236d839e3b3bcad6f9affd62f3ff2cf04d8f33f7cbf2621e4a38211c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1;mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:28:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1198
X-XSS-Protection
1;mode=block
Pragma
no-cache
Last-Modified
Wed, 16 Oct 2019 17:30:11 GMT
Server
Apache/2.4.39 (Amazon)
x-frame-options
deny
ETag
"cc3-5950a73f9b308-gzip"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Expires
Mon, 28 Oct 2019 20:28:40 GMT
satelliteLib-24e397569ca85a58d3963043838c6696e85c5e9a.js
assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/ 		150 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/satelliteLib-24e397569ca85a58d3963043838c6696e85c5e9a.js
Requested by
Host: www.refstevorq.net
URL: https://www.refstevorq.net/gtyd24/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.85 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-51-9-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9400b7302d3a1652bed39b06917661edb819356e0f783b776eb9b66c51c2381c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:28:40 GMT
content-encoding
gzip
last-modified
Wed, 17 Apr 2019 04:23:24 GMT
server
Apache
etag
"9057baf6a8c1f02328c001da9583a3e7:1555475004"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Oct 2019 21:28:40 GMT
main.js
www.refstevorq.net/gtyd24/js/ 		27 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refstevorq.net/gtyd24/js/main.js
Requested by
Host: www.refstevorq.net
URL: https://www.refstevorq.net/gtyd24/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.69.111 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-111.deploy.static.akamaitechnologies.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash
f5f7828ae9456b910c2af41adbe5052ff507b871ff552c6786b62eeaab222291
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1;mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:28:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
47
X-XSS-Protection
1;mode=block
Pragma
no-cache
Last-Modified
Thu, 10 Oct 2019 18:43:49 GMT
Server
Apache/2.4.39 (Amazon)
x-frame-options
deny
ETag
"1b-59492c83b0340"
Strict-Transport-Security
max-age=0
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Expires
Mon, 28 Oct 2019 20:28:40 GMT
id
dpm.demdex.net/ 		370 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E540799D54B3BFA90A4C98A4%40AdobeOrg&d_nsid=0&ts=1572294520094
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/satelliteLib-24e397569ca85a58d3963043838c6696e85c5e9a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.196.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-196-88.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a14d410057b42bcd33c21119f1bcf7827c065581e73708a8d70724175c7da935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v049-01c204641.edge-irl1.demdex.com 5.61.0.20191016142200 3ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
icyDrXt3StM=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.refstevorq.net
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mbox-contents-f0d66682672d85f0ef254de802110100ae05373e.js
assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/mbox-contents-f0d66682672d85f0ef254de802110100ae05373e.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/satelliteLib-24e397569ca85a58d3963043838c6696e85c5e9a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.85 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-51-9-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59b4aedac7cf0076ec64ec68c91f6c30b5a5ca67d8adaf7dbf5e885a9b3d33f1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 28 Oct 2019 20:28:40 GMT
content-encoding
gzip
last-modified
Wed, 17 Apr 2019 04:23:24 GMT
server
Apache
etag
"20fad5fe36721763a0f548612efa4f56:1555475004"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
11556
expires
Mon, 28 Oct 2019 21:28:40 GMT
target.js
cdn.tt.omtrdc.net/cdn/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tt.omtrdc.net/cdn/target.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/mbox-contents-f0d66682672d85f0ef254de802110100ae05373e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.216.237 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-30-216-237.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 28 Oct 2019 20:28:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Oct 2019 05:03:41 GMT
Server
Apache
ETag
"1fcda-aa3e-593d246a6d5b9"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
must-revalidate, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14200
s-code-contents-44a3ac690c3ebbe6fa39b9a0a60f023aaceca5ce.js
assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/s-code-contents-44a3ac690c3ebbe6fa39b9a0a60f023aaceca5ce.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/satelliteLib-24e397569ca85a58d3963043838c6696e85c5e9a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.85 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-51-9-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
465bc3a74236c8538eb003b58933b9806a410a983c36451a1696ed8abe70058a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:28:40 GMT
content-encoding
gzip
last-modified
Wed, 17 Apr 2019 04:23:24 GMT
server
Apache
etag
"d00e12520423f29bc526a065b1fdb970:1555475004"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
13409
expires
Mon, 28 Oct 2019 21:28:40 GMT
file-icon.png
www.refstevorq.net/gtyd24/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refstevorq.net/gtyd24/img/file-icon.png
Requested by
Host: www.refstevorq.net
URL: https://www.refstevorq.net/gtyd24/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.69.111 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-111.deploy.static.akamaitechnologies.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash
ab6964e039b18c30a49fe4e88be94c880e29fd5e980bcab72d24d5933cc64a88
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1;mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:28:40 GMT
Strict-Transport-Security
max-age=0
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
4089
X-XSS-Protection
1;mode=block
Pragma
no-cache
Last-Modified
Thu, 10 Oct 2019 18:54:33 GMT
Server
Apache/2.4.39 (Amazon)
ETag
"ff9-59492ee9dac40"
x-frame-options
deny
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Expires
Mon, 28 Oct 2019 20:28:40 GMT
file-download.png
www.refstevorq.net/gtyd24/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refstevorq.net/gtyd24/img/file-download.png
Requested by
Host: www.refstevorq.net
URL: https://www.refstevorq.net/gtyd24/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.69.111 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-69-111.deploy.static.akamaitechnologies.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash
856503ed10e449d4d9a87815a60450145a590d7ba7198e7824e22b368511d877
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1;mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:28:40 GMT
Strict-Transport-Security
max-age=0
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
2085
X-XSS-Protection
1;mode=block
Pragma
no-cache
Last-Modified
Thu, 10 Oct 2019 18:55:05 GMT
Server
Apache/2.4.39 (Amazon)
ETag
"825-59492f085f440"
x-frame-options
deny
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Expires
Mon, 28 Oct 2019 20:28:40 GMT
nr-1130.min.js
js-agent.newrelic.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1130.min.js
Requested by
Host: www.refstevorq.net
URL: https://www.refstevorq.net/gtyd24/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:28:40 GMT
content-encoding
gzip
x-amz-request-id
8174A4BD27442C39
x-cache
HIT
status
200
content-length
9407
x-amz-id-2
okRb4AqloAZZ3+qaWnpqMQYC7hkPpbr/Yrluzst01SO9f1ckk5T9tspUtBHMBazVI7CvXAVZCdo=
x-served-by
cache-fra19161-FRA
last-modified
Tue, 09 Jul 2019 23:52:06 GMT
server
AmazonS3
x-timer
S1572294520.189683,VS0,VE0
etag
"73f8857196b9ef7fd3b302cbc557b8ac"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
12641
4d0ef81f63
bam.nr-data.net/1/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/4d0ef81f63?a=29744958&v=1130.54e767a&to=bgAANhBRDBdVVUZaCVdKNxALHwAIVV5HVA5WCgRNEUQDFkAYQlsW&rst=769&ref=https://www.refstevorq.net/gtyd24/&ap=1&be=723&fe=757&dc=726&perf=%7B%22timing%22:%7B%22of%22:1572294519427,%22n%22:0,%22f%22:577,%22dn%22:577,%22dne%22:577,%22c%22:577,%22ce%22:577,%22rq%22:578,%22rp%22:585,%22rpe%22:585,%22dl%22:587,%22di%22:726,%22ds%22:726,%22de%22:726,%22dc%22:757,%22l%22:757,%22le%22:758%7D,%22navigation%22:%7B%7D%7D&fp=734&fcp=734&at=QkcDQFhLHxk%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
Cookie set dest5.html
usanetworks.demdex.net/ Frame 0F68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usanetworks.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/satelliteLib-24e397569ca85a58d3963043838c6696e85c5e9a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.78.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-78-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
usanetworks.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.refstevorq.net/gtyd24/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=42981027969867626664402617467181098282
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.refstevorq.net/gtyd24/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 23 Oct 2019 16:27:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=42981027969867626664402617467181098282;Path=/;Domain=.demdex.net;Expires=Sat, 25-Apr-2020 20:28:40 GMT;Max-Age=15552000
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
3Jjd4mfjQKk=
Content-Length
2764
Connection
keep-alive
id
nbcume.sc.omtrdc.net/ 		3 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nbcume.sc.omtrdc.net/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=E540799D54B3BFA90A4C98A4%40AdobeOrg&mid=36843380524718523343863443110474952110&ts=1572294520229
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/satelliteLib-24e397569ca85a58d3963043838c6696e85c5e9a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.31.190.58 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-190-58.eu-west-1.compute.amazonaws.com
Software
jag /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Mon, 28 Oct 2019 20:28:40 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-64d5676c7b-rz7ht
vary
Origin
x-c
master-1047.I1d1c81.M0-302
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.refstevorq.net
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript
content-length
3
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=XbdPeAAAE91szzx0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=42981027969867626664402617467181098282
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XbdPeAAAE91szzx0
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XbdPeAAAE91szzx0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.196.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-196-88.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v049-0801532da.edge-irl1.demdex.com 5.61.0.20191016142200 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3bcMmMAYS1I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 28 Oct 2019 20:28:39 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XbdPeAAAE91szzx0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
ajax
usanetworks.tt.omtrdc.net/m2/usanetworks/mbox/ 		247 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usanetworks.tt.omtrdc.net/m2/usanetworks/mbox/ajax?mboxHost=www.refstevorq.net&mboxPage=1572294520117-570480&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=60&colorDepth=24&mboxSession=1572294520117-570480&mboxCount=1&mboxTime=1572298120118&buildDate=2019-04-17%2004%3A23%3A21%20UTC&mbox=target-global-mbox&mboxId=0&mboxMCSDID=407C49078E2C6D73-2DE1B193C862809C&mboxMCGVID=36843380524718523343863443110474952110&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6&mboxURL=https%3A%2F%2Fwww.refstevorq.net%2Fgtyd24%2F&mboxReferrer=&mboxVersion=60
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ed6cf59538a2045d9fe4799a3f70da302c83d5a/mbox-contents-f0d66682672d85f0ef254de802110100ae05373e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.117.29.4 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
/
Resource Hash
86893ed012b90fe4cc2eb5db9e3100a453ce13790ba328bc1c72859add847102

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Oct 2019 20:28:40 GMT
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache
timing-allow-origin
*
content-length
247
x-request-id
642bc4b7-10ce-4f23-81ea-061879d57b7e
s23398249209812
nbcume.sc.omtrdc.net/b/ss/nbcuusanetworkd/1/JS-2.8.2-D7QN/ 		43 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbcume.sc.omtrdc.net/b/ss/nbcuusanetworkd/1/JS-2.8.2-D7QN/s23398249209812?AQB=1&ndh=1&pf=1&t=28%2F9%2F2019%2021%3A28%3A40%201%20-60&sdid=407C49078E2C6D73-2DE1B193C862809C&D=D%3D&mid=36843380524718523343863443110474952110&aamlh=6&ce=UTF-8&pageName=File%20Share%20%3A%20Home&g=https%3A%2F%2Fwww.refstevorq.net%2Fgtyd24%2F&c.&tve.&did=demdex%20cookie%20not%20set&.tve&.c&server=www.refstevorq.net&events=event6&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=%7C%7Cteskux&h2=miscellaneous%7Cteskux%7Cmiscellaneous%7Cmiscellaneous&h3=www.refstevorq.net%7Cgtyd24&c5=File%20Share%20%3A%20Home&c6=https%3A%2F%2Fwww.refstevorq.net%2Fgtyd24%2F&v9=File%20Share%20%3A%20Home&c10=teskux&v10=teskux&c11=teskux%20%7C%20File%20Share%20%3A%20Home&c12=%20%7C%20teskux&c13=New&c38=100%25&c39=100%25&v43=https%3A%2F%2Fwww.refstevorq.net%2Fgtyd24%2F&c67=Not%20AMP&c75=USANet%7Cv20160224%7C2.8.2%7C3.1.2%7C2019-04-17%2004%3A23%3A21%20UTC&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=E540799D54B3BFA90A4C98A4%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.31.190.58 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-190-58.eu-west-1.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.refstevorq.net/gtyd24/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:28:40 GMT
x-content-type-options
nosniff
x-c
master-1047.I1d1c81.M0-302
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 29 Oct 2019 20:28:40 GMT
server
jag
xserver
anedge-64d5676c7b-559q6
etag
3376476773687459840-4619602453052013012
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 27 Oct 2019 20:28:40 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams string| mboxCopyright object| TNT function| Yd function| se function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxList function| mboxSignaler function| mboxLocatorDefault function| mboxLocatorNode function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mbox function| mboxFactory object| mboxFactories object| mboxFactoryDefault number| mboxVersion function| mboxCreate function| mboxDefine function| mboxUpdate function| mboxVizTargetUrl function| mboxSetCookie function| mboxGetCookie object| _AT function| getSizzleForTarget object| NREUM object| newrelic function| __nr_require object| AdobeTracking function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s string| j object| s_Obj function| s_PPVevent number| s_PPVt string| sprop2 string| sprop3 string| sprop4 string| sprop10 string| h3 boolean| dtm_linkOverride object| _taboola object| s_i_nbcuusanetworkd

7 Cookies

Domain/Path Name / Value
.refstevorq.net/ Name: mbox
Value: check#true#1572294581|session#1572294520117-570480#1572296381
.refstevorq.net/ Name: AMCV_E540799D54B3BFA90A4C98A4%40AdobeOrg
Value: -330454231%7CMCIDTS%7C18198%7CvVersion%7C3.1.2
www.refstevorq.net/ Name: _sdsat_session_count
Value: 1
www.refstevorq.net/ Name: _sdsat_pages_viewed
Value: 1
www.refstevorq.net/ Name: _sdsat_traffic_source
Value:
www.refstevorq.net/ Name: _sdsat_lt_pages_viewed
Value: 1
www.refstevorq.net/ Name: _sdsat_landing_page
Value: https://www.refstevorq.net/gtyd24/|1572294520090

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.refstevorq.net/gtyd24/js/main.js(Line 1)
Message:
File share.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bam.nr-data.net
cdn.tt.omtrdc.net
cm.everesttech.net
dpm.demdex.net
js-agent.newrelic.com
nbcume.sc.omtrdc.net
refstevorq.net
usanetworks.demdex.net
usanetworks.tt.omtrdc.net
www.refstevorq.net
104.109.69.111
151.101.14.110
162.247.242.19
184.30.216.237
184.51.9.85
216.178.100.28
52.30.196.88
52.30.78.155
52.31.190.58
66.117.28.86
66.117.29.4
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
1f4b890d236d839e3b3bcad6f9affd62f3ff2cf04d8f33f7cbf2621e4a38211c
465bc3a74236c8538eb003b58933b9806a410a983c36451a1696ed8abe70058a
59b4aedac7cf0076ec64ec68c91f6c30b5a5ca67d8adaf7dbf5e885a9b3d33f1
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d
856503ed10e449d4d9a87815a60450145a590d7ba7198e7824e22b368511d877
86893ed012b90fe4cc2eb5db9e3100a453ce13790ba328bc1c72859add847102
9400b7302d3a1652bed39b06917661edb819356e0f783b776eb9b66c51c2381c
a14d410057b42bcd33c21119f1bcf7827c065581e73708a8d70724175c7da935
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ab6964e039b18c30a49fe4e88be94c880e29fd5e980bcab72d24d5933cc64a88
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5f7828ae9456b910c2af41adbe5052ff507b871ff552c6786b62eeaab222291
ff4e2b740cfcbe70342e36ab1faf71ba4f6e2dd856757a46f9574fbe30d2e2b4