URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Submission: On March 24 via automatic, source phishtank

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 24 HTTP transactions. The main IP is 107.180.50.224, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is multi-familyacquisitiongroup.com.
This is the only time multi-familyacquisitiongroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 107.180.50.224 26496 (AS-26496-...)
5 92.122.214.72 20940 (AKAMAI-ASN1)
13 2a02:26f0:122... 20940 (AKAMAI-ASN1)
1 23.37.54.100 20940 (AKAMAI-ASN1)
1 207.46.194.10 8075 (MICROSOFT...)
1 2.20.143.30 20940 (AKAMAI-ASN1)
1 40.127.142.76 8075 (MICROSOFT...)
24 7
Domain Requested by
13 img-s-msn-com.akamaized.net multi-familyacquisitiongroup.com
5 static-hp-eus-s-msn-com.akamaized.net multi-familyacquisitiongroup.com
2 multi-familyacquisitiongroup.com
1 otf.msn.com multi-familyacquisitiongroup.com
1 b.scorecardresearch.com multi-familyacquisitiongroup.com
1 c.msn.com multi-familyacquisitiongroup.com
1 img.s-msn.com multi-familyacquisitiongroup.com
24 7
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Frame ID: 21827.1
Requests: 24 HTTP requests in this frame

Screenshot


Page Statistics

24
Requests

0 %
HTTPS

14 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

204 kB
Transfer

324 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 19
  • http://c.bing.com/c.gif?udc=true&rid=0d4095ef11f04dfc9818fef5d0b60a1f&rnd=636259702577687031&rf=&tp=http%253A%252F%252Fwww.msn.com%252F&di=340&lng=en-us&cv.product=prime&pn=startpage&activityId=0d4...
  • http://c.msn.com/c.gif?udc=true&rid=0d4095ef11f04dfc9818fef5d0b60a1f&rnd=636259702577687031&rf=&tp=http%253A%252F%252Fwww.msn.com%252F&di=340&lng=en-us&cv.product=prime&pn=startpage&activityId=0d40...
Request 20
  • http://b.scorecardresearch.com/p?c1=2&c2=3000001&rn=636259702577687031&c7=http%253A%252F%252Fwww.msn.com%252F&c8=&c9=
  • http://b.scorecardresearch.com/p2?c1=2&c2=3000001&rn=636259702577687031&c7=http%253A%252F%252Fwww.msn.com%252F&c8=&c9=

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request TLC8Nksa.php
multi-familyacquisitiongroup.com/9EBryofvLaFs/
46 KB
14 KB
Document
General
Full URL
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
107.180.50.224 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-224.ip.secureserver.net
Software
Apache/2.4.25 / PHP/5.4.45
Resource Hash
3ee3d46f70a8d053950f58d937d97b0f84f3520a74d59301a4e8be46c2aea0e7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
multi-familyacquisitiongroup.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Fri, 24 Mar 2017 16:37:36 GMT
Content-Encoding
gzip
Server
Apache/2.4.25
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
14147
finance-css-a1-4e07167e76b3ad99a59c8837479748-c48ec8f9
static-hp-eus-s-msn-com.akamaized.net/en-us/homepage/_sc/css/f5956224-8b551b9/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/bd-e7af34-4e3b0a9b/17-07bcd6-ee5f2b10/a4-817213-7c2439d/8b-d0...
31 KB
5 KB
Stylesheet
General
Full URL
http://static-hp-eus-s-msn-com.akamaized.net/en-us/homepage/_sc/css/f5956224-8b551b9/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/bd-e7af34-4e3b0a9b/17-07bcd6-ee5f2b10/a4-817213-7c2439d/8b-d05ce9-f94d3276/7f-da8f5a-a648eab2/67-fce6a0-63b61fa3/69-19c395-68ddb2ab/6d-d57aff-4534563a/a8-250f65-654638bf/finance-css-44-c23fd96f21721223b0008f5804b173-9ea6310d/finance-css-a1-4e07167e76b3ad99a59c8837479748-c48ec8f9?ver=2.0.6288.350&fdhead=muidflt14cf,muidflt20cf,muidflt51cf,enablebingadus,hpimgldnbbopt,muidflt57cf,muidflt59cf,muidflt258cf&csopd=20170322234836&csopdb=20170314205324
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
92.122.214.72 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-214-72.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2c3768c7bac4752d26418a22be9b67138b52bd8eb2e24d095953c452c8a10e2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
static-hp-eus-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Fri, 24 Mar 2017 16:37:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-S2
2017-03-22T23:50:14
X-Powered-By
ASP.NET
X-Activity-Id
00000000-8562-4601-9876-cf4cafc4f217
X-S1
2017-03-22T23:50:14
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4987
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Wed, 22 Mar 2017 23:50:14 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:be817c76e7924bfa88c6d1161944fb06, rid: 79, sn: eastus-prod-hp, dt: 2017-02-15T08:24:49.6365987Z, bt: 2017-03-20T00:11:56.4679933Z}
X-FRAME-OPTIONS
SAMEORIGIN
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=31389158
Timing-Allow-Origin
*
X-AppVersion
2.0.6288.350
Expires
Thu, 22 Mar 2018 23:50:14 GMT
jquery-1.11.1.min.js
static-hp-eus-s-msn-com.akamaized.net/_h/4c59fa2c/webcore/externalscripts/jquery/
94 KB
33 KB
Script
General
Full URL
http://static-hp-eus-s-msn-com.akamaized.net/_h/4c59fa2c/webcore/externalscripts/jquery/jquery-1.11.1.min.js
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
92.122.214.72 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-214-72.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
static-hp-eus-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Fri, 24 Mar 2017 16:37:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-Activity-Id
00000000-2667-433b-be35-1d8e5d9cafbc
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
33341
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Thu, 21 Jul 2016 00:24:40 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:be817c76e7924bfa88c6d1161944fb06, rid: 119, sn: eastus-hp, dt: 2016-07-20T23:30:43.6683481Z, bt: 2016-07-17T19:29:29.9881707Z}
X-FRAME-OPTIONS
SAMEORIGIN
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=10223178
X-AppVersion
2.0.6042.34999
Expires
Fri, 21 Jul 2017 00:23:54 GMT
c22c7d.gif
static-hp-eus-s-msn-com.akamaized.net/sc/82/
1 KB
1 KB
Image
General
Full URL
http://static-hp-eus-s-msn-com.akamaized.net/sc/82/c22c7d.gif
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
92.122.214.72 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-214-72.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b3060867a6a13b9e66704639db01d42732b8573024645a887cfc84cd54fd3817
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
static-hp-eus-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Fri, 24 Mar 2017 16:37:36 GMT
ETag
"0f64b6b8d9bd21:0"
Last-Modified
Mon, 13 Mar 2017 00:04:44 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=30933635
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1177
X-XSS-Protection
1
a62410.gif
static-hp-eus-s-msn-com.akamaized.net/sc/6a/
1 KB
1 KB
Image
General
Full URL
http://static-hp-eus-s-msn-com.akamaized.net/sc/6a/a62410.gif
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
92.122.214.72 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-214-72.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
49919751c6fb6b4201f8ceb1c780c114eeb6886235a350631027ad56b231455c
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
static-hp-eus-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Fri, 24 Mar 2017 16:37:36 GMT
ETag
"0f64b6b8d9bd21:0"
Last-Modified
Mon, 13 Mar 2017 00:04:44 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=31266794
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1258
X-XSS-Protection
1
a49b8d.gif
static-hp-eus-s-msn-com.akamaized.net/sc/57/
1 KB
1 KB
Image
General
Full URL
http://static-hp-eus-s-msn-com.akamaized.net/sc/57/a49b8d.gif
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
92.122.214.72 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-214-72.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d816ead505f592fc7d2a606c28dd2b68c427dd6b6aab87bfea9ffe18bc332fad
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
static-hp-eus-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Fri, 24 Mar 2017 16:37:36 GMT
ETag
"0f64b6b8d9bd21:0"
Last-Modified
Mon, 13 Mar 2017 00:04:44 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=31266217
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1125
X-XSS-Protection
1
BB8MIjP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
997 B
997 B
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB8MIjP.img?m=6&o=true&u=true&n=true&w=40&h=40
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d501ffe2d57c1292c455ae09d1a3220994b8b867a2f519993031f5136ab1627c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BB8MIjP
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
5766
X-Powered-By
ASP.NET
X-ActivityId
1feb35e5-8654-4e30-98cd-584aab342d9c
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
997
Timing-Allow-Origin
*
Last-Modified
Thu, 23 Mar 2017 19:43:18 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=356695
X-Instance
Resizer.Web_IN_5
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB8MIjP?m=6&o=true&u=true&n=true&w=40&h=40
Expires
Tue, 28 Mar 2017 19:42:31 GMT
BByG5aG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
8 KB
8 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByG5aG.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=1879&y=421
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2d0c76c670d567d808980ac93c4258eb8ae5141bb3f371d086224f996928cda8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByG5aG
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
268654
X-Powered-By
ASP.NET
X-ActivityId
c3f383fa-c75c-4d45-b91f-08f45581c756
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
8153
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 16:16:16 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=430760
X-Instance
Resizer.Web_IN_14
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByG5aG?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=1879&y=421
Expires
Wed, 29 Mar 2017 16:16:56 GMT
BByBsJ1.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
9 KB
9 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByBsJ1.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=924&y=294
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fe5d5cdf0116ff06d67b65cdc20eac70dd8cfd17956d51bba7338f25d7a29d3e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByBsJ1
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
1539804
X-Powered-By
ASP.NET
X-ActivityId
90730682-0f02-449c-a705-b24fe66e379f
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
8811
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 15:55:11 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=429462
X-Instance
Resizer.Web_IN_3
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByBsJ1?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=924&y=294
Expires
Wed, 29 Mar 2017 15:55:18 GMT
AAootEY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
9 KB
9 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAootEY.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=492&y=186
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bfe268eb9d237114e110007e4fe60a0f86db23e3a9f3ea2e788ccb229102e63b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:AAootEY
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
218907
X-Powered-By
ASP.NET
X-ActivityId
c4bd9689-e010-44d1-8d17-fb59c3b85089
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
9534
Timing-Allow-Origin
*
Last-Modified
Thu, 23 Mar 2017 07:21:49 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=312279
X-Instance
Resizer.Web_IN_25
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAootEY?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=492&y=186
Expires
Tue, 28 Mar 2017 07:22:15 GMT
AAgGU6s.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
11 KB
11 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAgGU6s.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=1211&y=631
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b4703c33c0c2e9468e2b473dc6a7eab9fa0f5ecd62aaa4aac6126b0b9b614633

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:AAgGU6s
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
618126
X-Powered-By
ASP.NET
X-ActivityId
f1d27516-4938-4e70-87a3-62076f12734a
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
11622
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 14:01:29 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=422633
X-Instance
Resizer.Web_IN_0
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAgGU6s?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=1211&y=631
Expires
Wed, 29 Mar 2017 14:01:29 GMT
AA8W2KT.img
img.s-msn.com/tenant/amp/entityid/
8 KB
8 KB
Image
General
Full URL
http://img.s-msn.com/tenant/amp/entityid/AA8W2KT.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=1118&y=817
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
23.37.54.100 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-37-54-100.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
993d60abed1cc26346f1df88f73ee193584629271755957cb4372c15b7efc43a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img.s-msn.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:AA8W2KT
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
345955
X-Powered-By
ASP.NET
X-ActivityId
12924282-ddaa-49f6-86d9-adc47092303b
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
8060
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 14:13:48 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=423392
X-Instance
Resizer.Web_IN_8
Content-Location
http://img.s-msn.com/tenant/amp/entityid/AA8W2KT?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=1118&y=817
Expires
Wed, 29 Mar 2017 14:14:08 GMT
BByCsLO.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
10 KB
10 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByCsLO.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=563&y=232
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6b359c09f8de3439308dc8ef3d4cf8b2e6d611d7fcd34be2737512ad6e761447

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByCsLO
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
77005
X-Powered-By
ASP.NET
X-ActivityId
c964c67a-d62b-4538-8823-b28a368f00eb
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
10270
Timing-Allow-Origin
*
Last-Modified
Thu, 23 Mar 2017 17:54:45 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=350256
X-Instance
Resizer.Web_IN_12
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByCsLO?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=563&y=232
Expires
Tue, 28 Mar 2017 17:55:12 GMT
BByHAd9.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
10 KB
10 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByHAd9.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=529&y=646
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a0211b35cff927d75a07635d7a535c058b7ebe7e88eff5aa3a990a934e05efe1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByHAd9
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
73237
X-Powered-By
ASP.NET
X-ActivityId
3284a251-9629-4d15-936e-d4f2e0b30e48
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
9999
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 16:32:55 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=431734
X-Instance
Resizer.Web_IN_6
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByHAd9?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=529&y=646
Expires
Wed, 29 Mar 2017 16:33:10 GMT
BByGwnQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
9 KB
9 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByGwnQ.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=1270&y=851
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0259f9d9e09865722deeeeb3ad812b8f738b4478a2ba2f6096bae770216da8a5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByGwnQ
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
370218
X-Powered-By
ASP.NET
X-ActivityId
a206079c-acf4-48be-9383-6f167e44eed6
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
8959
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 16:28:50 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=431492
X-Instance
Resizer.Web_IN_0
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByGwnQ?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=1270&y=851
Expires
Wed, 29 Mar 2017 16:29:08 GMT
BByANy7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
9 KB
9 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByANy7.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=365&y=176
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
84677786bb2b4f814659bdd233597e8eeb28f0d115b27f13ef3834f36ad282c5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByANy7
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
152915
X-Powered-By
ASP.NET
X-ActivityId
eecb706e-1f7a-4003-8147-a34a0af897d0
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
8962
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 01:45:05 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=378466
X-Instance
Resizer.Web_IN_3
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByANy7?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=365&y=176
Expires
Wed, 29 Mar 2017 01:45:22 GMT
BByE1ep.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
7 KB
7 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByE1ep.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=547&y=312
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1e1bc4cec2a240f6037fed355e4d053b7e5312d6e580aa3a7fdcf1ac284b0c08

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByE1ep
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
153160
X-Powered-By
ASP.NET
X-ActivityId
3aa4762c-7fee-4dfa-8d81-ef68af7f200c
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
7527
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 15:58:21 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=429568
X-Instance
Resizer.Web_IN_15
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByE1ep?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=547&y=312
Expires
Wed, 29 Mar 2017 15:57:04 GMT
BByzQtb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
7 KB
7 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByzQtb.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bf5544b50b86133760c508d8adeeb1d9d1ec33f768374571ff93ab7c7a774059

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByzQtb
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
2861479
X-Powered-By
ASP.NET
X-ActivityId
4bff661b-9e68-4ba6-822e-e157676203e6
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
7666
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 12:03:41 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=415582
X-Instance
Resizer.Web_IN_15
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByzQtb?h=194&w=300&m=6&q=60&u=t&o=t&l=f
Expires
Wed, 29 Mar 2017 12:03:58 GMT
BByE71z.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
7 KB
7 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByE71z.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=316&y=142
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0dd0b20af77bffc234eb56019d8abc577700a8cbe729d3c9935e88b2fed89ee4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByE71z
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
50196
X-Powered-By
ASP.NET
X-ActivityId
9141ae2d-bdc1-4504-990e-2ab20878154a
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
6925
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 15:36:28 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=428324
X-Instance
Resizer.Web_IN_11
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByE71z?h=194&w=300&m=6&q=60&u=t&o=t&l=f&x=316&y=142
Expires
Wed, 29 Mar 2017 15:36:20 GMT
BByEhHi.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/
45 KB
45 KB
Image
General
Full URL
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByEhHi.img?h=194&w=300&m=6&q=60&u=t&o=t&l=f
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2a02:26f0:122::215:f638 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
59163b1acd80876135c581c91398f69c144810eaeb2b3165564655c581635bf9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
img-s-msn-com.akamaized.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:BByEhHi
Date
Fri, 24 Mar 2017 16:37:36 GMT
X-AspNet-Version
4.0.30319
X-Source-Length
324958
X-Powered-By
ASP.NET
X-ActivityId
576168c8-6ad1-412a-8f69-5667e204bec2
Connection
keep-alive
X-Deployment
68f6ab156f7e407e880340c4a37e4c02
Content-Length
45623
Timing-Allow-Origin
*
Last-Modified
Fri, 24 Mar 2017 07:05:49 GMT
Server
Microsoft-IIS/8.5
X-Datacenter
northeu
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=397675
X-Instance
Resizer.Web_IN_13
Content-Location
http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BByEhHi?h=194&w=300&m=6&q=60&u=t&o=t&l=f
Expires
Wed, 29 Mar 2017 07:05:31 GMT
Cookie set c.gif
c.msn.com/
Redirect Chain
  • http://c.bing.com/c.gif?udc=true&rid=0d4095ef11f04dfc9818fef5d0b60a1f&rnd=636259702577687031&rf=&tp=http%253A%252F%252Fwww.msn.com%252F&di=340&lng=en-us&cv.product=prime&pn=startpage&activityId=0d4...
  • http://c.msn.com/c.gif?udc=true&rid=0d4095ef11f04dfc9818fef5d0b60a1f&rnd=636259702577687031&rf=&tp=http%253A%252F%252Fwww.msn.com%252F&di=340&lng=en-us&cv.product=prime&pn=startpage&activityId=0d40...
42 B
42 B
Image
General
Full URL
http://c.msn.com/c.gif?udc=true&rid=0d4095ef11f04dfc9818fef5d0b60a1f&rnd=636259702577687031&rf=&tp=http%253A%252F%252Fwww.msn.com%252F&di=340&lng=en-us&cv.product=prime&pn=startpage&activityId=0d4095ef11f04dfc9818fef5d0b60a1f&d.dgk=downlevel.pc&d.imd=0&st.dpt=&st.sdpt=&subcvs=homepage&ctsa=mr&CtsSyncId=D02EA393851543A3B4D0D61BE0801697&MUID=1DF752C2B0D56B490D74588DB4D5691A
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
207.46.194.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
msnbot-207-46-194-10.search.msn.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
c.msn.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Cookie
SM=T; MUID=05C187533A006FB529D18D1C3E006D2C
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Mar 2017 16:37:36 GMT
ETag
"6213c344329cd21:0"
Last-Modified
Mon, 13 Mar 2017 19:44:46 GMT
Server
Microsoft-IIS/8.5
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private, no-cache, proxy-revalidate, no-store
Set-Cookie
SM=C; domain=c.msn.com; path=/; MUID=1DF752C2B0D56B490D74588DB4D5691A; domain=.msn.com; expires=Wed, 18-Apr-2018 16:37:36 GMT; path=/; MR=0; domain=c.msn.com; expires=Wed, 20-Sep-2017 16:37:36 GMT; path=/; ANONCHK=0; domain=c.msn.com; expires=Fri, 24-Mar-2017 16:47:36 GMT; path=/;
Accept-Ranges
bytes
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 24 Mar 2017 16:37:35 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location
http://c.msn.com/c.gif?udc=true&rid=0d4095ef11f04dfc9818fef5d0b60a1f&rnd=636259702577687031&rf=&tp=http%253A%252F%252Fwww.msn.com%252F&di=340&lng=en-us&cv.product=prime&pn=startpage&activityId=0d4095ef11f04dfc9818fef5d0b60a1f&d.dgk=downlevel.pc&d.imd=0&st.dpt=&st.sdpt=&subcvs=homepage&ctsa=mr&CtsSyncId=D02EA393851543A3B4D0D61BE0801697&MUID=1DF752C2B0D56B490D74588DB4D5691A
Cache-Control
private, no-cache, proxy-revalidate, no-store
Set-Cookie
MUID=1DF752C2B0D56B490D74588DB4D5691A; domain=.bing.com; expires=Wed, 18-Apr-2018 16:37:36 GMT; path=/; MR=0; domain=c.bing.com; expires=Wed, 20-Sep-2017 16:37:36 GMT; path=/; SRM_B=1DF752C2B0D56B490D74588DB4D5691A; domain=c.bing.com; expires=Wed, 18-Apr-2018 16:37:36 GMT; path=/; SRM_M=1DF752C2B0D56B490D74588DB4D5691A; domain=c.bing.com; expires=Wed, 18-Apr-2018 16:37:36 GMT; path=/;
Content-Length
0
p2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/p?c1=2&c2=3000001&rn=636259702577687031&c7=http%253A%252F%252Fwww.msn.com%252F&c8=&c9=
  • http://b.scorecardresearch.com/p2?c1=2&c2=3000001&rn=636259702577687031&c7=http%253A%252F%252Fwww.msn.com%252F&c8=&c9=
43 B
43 B
Image
General
Full URL
http://b.scorecardresearch.com/p2?c1=2&c2=3000001&rn=636259702577687031&c7=http%253A%252F%252Fwww.msn.com%252F&c8=&c9=
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
2.20.143.30 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
b.scorecardresearch.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Cookie
UID=11C2aa20a14326a9b3456cg1490373456; UIDR=1490373456
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Mar 2017 16:37:36 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Mar 2017 16:37:36 GMT
Location
http://b.scorecardresearch.com/p2?c1=2&c2=3000001&rn=636259702577687031&c7=http%253A%252F%252Fwww.msn.com%252F&c8=&c9=
Set-Cookie
UID=11C2aa20a14326a9b3456cg1490373456; expires=Thu, 14-Mar-2019 16:37:36 GMT; path=/; domain=.scorecardresearch.com UIDR=1490373456; expires=Thu, 14-Mar-2019 16:37:36 GMT; path=/; domain=.scorecardresearch.com
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
c.gif
otf.msn.com/
42 B
42 B
Image
General
Full URL
http://otf.msn.com/c.gif?js=0&evt=impr&di=340&pi=&ps=&su=http%253A%252F%252Fwww.msn.com%252F&pageid=startpage&mkt=en-us&pn=startpage&pp=False&cv.product=prime&cv.partner=&cv.publcat=&st.dpt=&st.sdpt=&dv.Title1=&cts=636259702577687031&rf=&rid=0d4095ef11f04dfc9818fef5d0b60a1f&cvs=Browser&subcvs=homepage&cv.entityId=&cv.entitySrc=&provid=&ar=0&d.dgk=downlevel.pc&d.imd=0&cv.parentId=&isCorePV=&pgIdx=&pgTot=&activityId=0d4095ef11f04dfc9818fef5d0b60a1f
Requested by
Host: multi-familyacquisitiongroup.com
URL: http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Protocol
HTTP/1.1
Server
40.127.142.76 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
otf.msn.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Mar 2017 16:37:36 GMT
Last-Modified
Thu, 16 Mar 2017 23:53:19 GMT
Server
Microsoft-IIS/8.5
ETag
"2bdf317db09ed21:0"
Access-Control-Max-Age
21600
Access-Control-Allow-Methods
POST, GET, OPTIONS, HEAD
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
S
AMPUDCNEUP90
Access-Control-Allow-Headers
Content-Type
Content-Length
42
Expires
-1
favicon.ico
multi-familyacquisitiongroup.com/
0
0
Other
General
Full URL
http://multi-familyacquisitiongroup.com/favicon.ico
Protocol
HTTP/1.1
Server
107.180.50.224 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-224.ip.secureserver.net
Software
Apache/2.4.25 / PHP/5.4.45
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
multi-familyacquisitiongroup.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
Connection
keep-alive
Cache-Control
no-cache
Referer
http://multi-familyacquisitiongroup.com/9EBryofvLaFs/TLC8Nksa.php?id=abuse@heltektefirma.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Fri, 24 Mar 2017 16:37:36 GMT
Server
Apache/2.4.25
X-Powered-By
PHP/5.4.45
Vary
User-Agent
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.scorecardresearch.com
c.msn.com
img-s-msn-com.akamaized.net
img.s-msn.com
multi-familyacquisitiongroup.com
otf.msn.com
static-hp-eus-s-msn-com.akamaized.net
107.180.50.224
2.20.143.30
207.46.194.10
23.37.54.100
2a02:26f0:122::215:f638
40.127.142.76
92.122.214.72
0259f9d9e09865722deeeeb3ad812b8f738b4478a2ba2f6096bae770216da8a5
0dd0b20af77bffc234eb56019d8abc577700a8cbe729d3c9935e88b2fed89ee4
1e1bc4cec2a240f6037fed355e4d053b7e5312d6e580aa3a7fdcf1ac284b0c08
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2c3768c7bac4752d26418a22be9b67138b52bd8eb2e24d095953c452c8a10e2d
2d0c76c670d567d808980ac93c4258eb8ae5141bb3f371d086224f996928cda8
3ee3d46f70a8d053950f58d937d97b0f84f3520a74d59301a4e8be46c2aea0e7
49919751c6fb6b4201f8ceb1c780c114eeb6886235a350631027ad56b231455c
59163b1acd80876135c581c91398f69c144810eaeb2b3165564655c581635bf9
6b359c09f8de3439308dc8ef3d4cf8b2e6d611d7fcd34be2737512ad6e761447
84677786bb2b4f814659bdd233597e8eeb28f0d115b27f13ef3834f36ad282c5
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
993d60abed1cc26346f1df88f73ee193584629271755957cb4372c15b7efc43a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0211b35cff927d75a07635d7a535c058b7ebe7e88eff5aa3a990a934e05efe1
b3060867a6a13b9e66704639db01d42732b8573024645a887cfc84cd54fd3817
b4703c33c0c2e9468e2b473dc6a7eab9fa0f5ecd62aaa4aac6126b0b9b614633
bf5544b50b86133760c508d8adeeb1d9d1ec33f768374571ff93ab7c7a774059
bfe268eb9d237114e110007e4fe60a0f86db23e3a9f3ea2e788ccb229102e63b
d501ffe2d57c1292c455ae09d1a3220994b8b867a2f519993031f5136ab1627c
d816ead505f592fc7d2a606c28dd2b68c427dd6b6aab87bfea9ffe18bc332fad
fe5d5cdf0116ff06d67b65cdc20eac70dd8cfd17956d51bba7338f25d7a29d3e