urlscan.io logo urlscan.io
SecurityTrails logo

primealpha.ml Open in urlscan Pro
130.185.250.34  Public Scan

Go To Rescan Add Verdict Report
URL: http://primealpha.ml/nfl-1.php
Submission: On September 25 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 11 domains to perform 22 HTTP transactions. The main IP is 130.185.250.34, located in Bulgaria and belongs to GLOBALLAYER, NL. The main domain is primealpha.ml.
This is the only time primealpha.ml was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 130.185.250.34 49453 (GLOBALLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
1 198.134.112.242 27257 (WEBAIR-IN...)
1 185.187.81.38 43332 (IDSTRATEG...)
2 185.187.81.35 43332 (IDSTRATEG...)
1 213.196.2.2 7979 (SERVERS)
5 2a00:1450:400... 15169 (GOOGLE)
1 23.111.224.1 7979 (SERVERS)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a03:90c0:999... 199524 (GCORE)
2 198.134.112.244 27257 (WEBAIR-IN...)
1 64.58.116.132 7979 (SERVERS)
22 13
4    130.185.250.34 (Bulgaria)

ASN49453 (GLOBALLAYER, NL)
primealpha.ml
1    2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    198.134.112.242 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
nrrxxpvgtf.com
1    185.187.81.38 (Ukraine)

ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA)
xk6o.amgload.net
2    185.187.81.35 (Ukraine)

ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA)
kz1c.piguiqproxy.com
n7-r1d2.piguiqproxy.com
1    213.196.2.2 (Netherlands)

ASN7979 (SERVERS - Servers.com, Inc., US)
www.bnserving.com
5    2a00:1450:4001:812::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    23.111.224.1 (Phoenix, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)
r.remarketingpixel.com
1    2606:4700:30::6818:60ef (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hdgameslive.com
1    2606:4700:30::6818:61ef (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.hdgameslive.com
1    2a03:90c0:9997::9997 (Austria)

ASN199524 (GCORE, AT)
jsc.mgid.com
2    198.134.112.244 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
www.urldelivery.com
1    64.58.116.132 (Dallas, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)
servicer.mgid.com
Domain Requested by
5 fonts.gstatic.com primealpha.ml
jsc.mgid.com
4 primealpha.ml primealpha.ml
2 www.urldelivery.com www.bnserving.com
1 servicer.mgid.com jsc.mgid.com
1 jsc.mgid.com primealpha.ml
1 www.hdgameslive.com primealpha.ml
1 hdgameslive.com 1 redirects
1 r.remarketingpixel.com www.bnserving.com
1 www.bnserving.com primealpha.ml
1 n7-r1d2.piguiqproxy.com primealpha.ml
1 kz1c.piguiqproxy.com primealpha.ml
1 xk6o.amgload.net primealpha.ml
1 nrrxxpvgtf.com primealpha.ml
1 fonts.googleapis.com primealpha.ml
22 14

This site contains no links.

Subject Issuer Validity Valid
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.mgid.com
COMODO ECC Domain Validation Secure Server CA		 2018-03-30 -
2019-04-28		 a year crt.sh

This page contains 4 frames:

Primary Page: http://primealpha.ml/nfl-1.php
Frame ID: 78705D9F62F7AAE3952598EF0C38AA3D
Requests: 19 HTTP requests in this frame

Frame: http://www.hdgameslive.com/33.php
Frame ID: B900D9E9CB7E5D5338C0BC5CDFB72BA7
Requests: 1 HTTP requests in this frame

Frame: http://jsc.mgid.com/p/r/primealpha.ml.215116.js?t=11882520
Frame ID: 66F8C15BA544E241437F6E7252688562
Requests: 2 HTTP requests in this frame

Frame: http://www.urldelivery.com/watch.1221915461915?key=b66f74699462fb2e9a1a784c96fb88dc&kw=%5B%5D&refer=http%3A%2F%2Fprimealpha.ml%2Fnfl-1.php&tz=0&dev=r&res=4.23&uuid=72f11783-3496-4965-9461-d55e9817a22a%3A2%3A2
Frame ID: DB99F47A5EE7782D1394C1F4F24DAB19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

22
Requests

14 %
HTTPS

38 %
IPv6

11
Domains

14
Subdomains

13
IPs

6
Countries

176 kB
Transfer

359 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://hdgameslive.com/33.php HTTP 301
  • http://www.hdgameslive.com/33.php

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set nfl-1.php
primealpha.ml/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
130.185.250.34 , Bulgaria, ASN49453 (GLOBALLAYER, NL),
Reverse DNS
Software
nginx /
Resource Hash
f9007c4791dafd6282ac62a3e790a460a30641d67f018d43669a999c68fabe5a

Request headers

Host
primealpha.ml
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 25 Sep 2018 20:29:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Proxy-Cache
MISS
Set-Cookie
uid=grn6IluqmsJ8TDbeAw2lAg==; expires=Thu, 25-Oct-18 20:29:54 GMT; domain=$host; path=/
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Content-Encoding
gzip
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700|Raleway:400,700,200,300,900,800
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
af6611c862f2a4cf204cd956f033f105925d3336fc02b95291b9aab378231032
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://primealpha.ml/nfl-1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 20:29:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2018 20:29:54 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Sep 2018 20:29:54 GMT
default20.css
primealpha.ml/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://primealpha.ml/default20.css
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
130.185.250.34 , Bulgaria, ASN49453 (GLOBALLAYER, NL),
Reverse DNS
Software
nginx /
Resource Hash
bba96c302f6079bcf05aa12c30536aa3e3dcab2f3423af491a22b6b7d7d31f78

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
primealpha.ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://primealpha.ml/nfl-1.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primealpha.ml/nfl-1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 25 Sep 2018 20:29:54 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Apr 2018 17:21:10 GMT
Server
nginx
ETag
W/"5ad23886-1d85"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Thu, 25 Oct 2018 20:29:54 GMT
3d2c684c2dc7405d1750992021268feb.js
nrrxxpvgtf.com/3d/2c/68/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://nrrxxpvgtf.com/3d/2c/68/3d2c684c2dc7405d1750992021268feb.js
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
198.134.112.242 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash

Request headers

Referer
http://primealpha.ml/nfl-1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 25 Sep 2018 20:29:55 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
z
xk6o.amgload.net/ 		652 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://xk6o.amgload.net/z
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
185.187.81.38 , Ukraine, ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA),
Reverse DNS
Software
nginx /
Resource Hash
c42cbcf3449dc97ccd163bfdae36741032ec739df7004e9d8fb5cdecc2a9c92f

Request headers

Referer
http://primealpha.ml/nfl-1.php
Origin
http://primealpha.ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 25 Sep 2018 20:29:55 GMT
Server
nginx
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check
Cache-Control
no-cache, no-store
X-Check
a25bf5e22d6cfb3f543312f49241d6dd
Connection
keep-alive
Content-Length
652
Expires
Thu, 01 Jan 1970 00:00:01 GMT
z
kz1c.piguiqproxy.com/ 		656 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://kz1c.piguiqproxy.com/z
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
185.187.81.35 , Ukraine, ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA),
Reverse DNS
Software
nginx /
Resource Hash
4910830589ececb40f7f8deb6d0c80cd7fa747e1a5bab8bddc9af59e7d040a1f

Request headers

Referer
http://primealpha.ml/nfl-1.php
Origin
http://primealpha.ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 25 Sep 2018 20:29:55 GMT
Server
nginx
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check
Cache-Control
no-cache, no-store
X-Check
a25bf5e22d6cfb3f543312f49241d6dd
Connection
keep-alive
Content-Length
656
Expires
Thu, 01 Jan 1970 00:00:01 GMT
f344YmZWUwZQVQVWB1NTBgQAX1JTBlZTB1dTU1IDXwRfUAdWUFQaOx1ACwcSCgkGRFhEBQMWOQMUBQkMRE5EBgcWB0BcGUQBCQ8LCxJAXEBVUwMAVlBfBF8HU1oHBlRSAFUEVl5SBVVTAF9SVFVRBldUAFQCUVZXRE5EEERYUR8bBF9WUFsCVFMGV1cDU1UHUlFQV...
n7-r1d2.piguiqproxy.com/ 		129 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://n7-r1d2.piguiqproxy.com/f344YmZWUwZQVQVWB1NTBgQAX1JTBlZTB1dTU1IDXwRfUAdWUFQaOx1ACwcSCgkGRFhEBQMWOQMUBQkMRE5EBgcWB0BcGUQBCQ8LCxJAXEBVUwMAVlBfBF8HU1oHBlRSAFUEVl5SBVVTAF9SVFVRBldUAFQCUVZXRE5EEERYUR8bBF9WUFsCVFMGV1cDU1UHUlFQVgVUAwFXBwNTBwdRA15VUVpRVV5VV1oEUwAAUQQHVQQDUQAAV-QAEBARVAABRUgBfUVAEAlZTW1dUAwZVV1JTUAcFUQNWV1QDAQcHUVNeB1EDUVVeWldVBFUAWlFTBwAEBFFVAAMAAARVVQQABFIAX1FQAAJRUwRXVgNbV-VRSBlBXBVMDB1dRA1Y
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
185.187.81.35 , Ukraine, ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA),
Reverse DNS
Software
nginx /
Resource Hash
fbff38b1e9134b442d5f2027c585ec11cc4fa7d21c9b835cb28dc744434e6ecb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://primealpha.ml/nfl-1.php
Origin
http://primealpha.ml

Response headers

Date
Tue, 25 Sep 2018 20:29:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2018 12:47:01 GMT
Server
nginx
ETag
"5baa2e45-ccc2"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
Cache-Control
max-age=31536000
X-Meta-Data
{"method":"get_argon","data":{"commit":"31eb029f9e58ad20f7b480c75b90277d16f6d305","r":7}}
X-Check
eaac2652b9f0a4715a4a4bcc7364d4b3
X-Meta-Controller-Version
Argon controller (commit: ff9f8bf9)
Connection
keep-alive
Content-Length
52418
Expires
Wed, 25 Sep 2019 20:29:55 GMT
invoke.js
www.bnserving.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bnserving.com/invoke.js
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
213.196.2.2 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
7a14e2c32c6a42c292a80640d77b95254b03b08756fff2f2602b7396f9203679
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
http://primealpha.ml/nfl-1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 25 Sep 2018 20:29:55 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cookie set bg02.png
primealpha.ml/images/ 		332 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://primealpha.ml/images/bg02.png
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
130.185.250.34 , Bulgaria, ASN49453 (GLOBALLAYER, NL),
Reverse DNS
Software
nginx /
Resource Hash
73e974f411f415006640349ea6d7f7705260c9a0519e8a56129449152f25de42

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
primealpha.ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://primealpha.ml/default20.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primealpha.ml/default20.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 20:29:55 GMT
Connection
keep-alive
Server
nginx
Set-Cookie
uid=grn6IluqmsN8TDbeAw2pAg==; expires=Thu, 25-Oct-18 20:29:55 GMT; domain=$host; path=/
Content-Type
text/html; charset=iso-8859-1
Content-Length
332
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cookie set img02.png
primealpha.ml/images/ 		333 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://primealpha.ml/images/img02.png
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
130.185.250.34 , Bulgaria, ASN49453 (GLOBALLAYER, NL),
Reverse DNS
Software
nginx /
Resource Hash
44c0b282b856e5b8fe2ff49eb3a3e47669708ceb9082f48a62b00b61500eab9e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
primealpha.ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://primealpha.ml/default20.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primealpha.ml/default20.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 20:29:55 GMT
Connection
keep-alive
Server
nginx
Set-Cookie
uid=grn6IluqmsN8TDbeAw2qAg==; expires=Thu, 25-Oct-18 20:29:55 GMT; domain=$host; path=/
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/raleway/v12/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b9eb54a7bc036b92da19d3f8253113bb2f9c2c5405939b50bac3444e5e21f369
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700|Raleway:400,700,200,300,900,800
Origin
http://primealpha.ml

Response headers

Date
Tue, 28 Aug 2018 13:54:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 18:26:12 GMT
Server
sffe
Age
2442950
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13016
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Aug 2019 13:54:05 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/raleway/v12/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1c21dd409e977f176ae963b5510fbdd57669e9861fff9f5d9a46b6fc73f430fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700|Raleway:400,700,200,300,900,800
Origin
http://primealpha.ml

Response headers

Date
Fri, 21 Sep 2018 05:53:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 18:25:45 GMT
Server
sffe
Age
398210
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13160
X-XSS-Protection
1; mode=block
Expires
Sat, 21 Sep 2019 05:53:05 GMT
stats
r.remarketingpixel.com/ 		40 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://r.remarketingpixel.com/stats
Requested by
Host: www.bnserving.com
URL: http://www.bnserving.com/invoke.js
Protocol
HTTP/1.1
Server
23.111.224.1 Phoenix, United States, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
7654f76df514c67722679c43c4493e06e6b43ed1d5ca7968aff0a1f0729c0eef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://primealpha.ml/nfl-1.php
Origin
http://primealpha.ml

Response headers

Date
Tue, 25 Sep 2018 20:29:55 GMT
Server
nginx/1.12.1
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://primealpha.ml
Cache-Control
max-age=0, : no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
40
Expires
Tue, 25 Sep 2018 20:29:55 GMT
33.php
www.hdgameslive.com/ Frame B900
Redirect Chain
  • http://hdgameslive.com/33.php
  • http://www.hdgameslive.com/33.php
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.hdgameslive.com/33.php
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:61ef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash

Request headers

Host
www.hdgameslive.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://primealpha.ml/nfl-1.php
Accept-Encoding
gzip, deflate
Cookie
__cfduid=de85354a1c5101d65262260752dd1ccd11537907395
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://primealpha.ml/nfl-1.php

Response headers

Date
Tue, 25 Sep 2018 20:29:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.3.3
Expires
Wed, 26 Sep 2018 17:36:56 GMT
Cache-Control
max-age=86400
Server
cloudflare
CF-RAY
46003ee653c8647b-FRA
Content-Encoding
gzip

Redirect headers

Date
Tue, 25 Sep 2018 20:29:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de85354a1c5101d65262260752dd1ccd11537907395; expires=Wed, 25-Sep-19 20:29:55 GMT; path=/; domain=.hdgameslive.com; HttpOnly
Location
http://www.hdgameslive.com/33.php
Expires
Wed, 26 Sep 2018 17:36:56 GMT
Cache-Control
max-age=86400
Server
cloudflare
CF-RAY
46003ee6035997b6-FRA
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700|Raleway:400,700,200,300,900,800
Origin
http://primealpha.ml

Response headers

Date
Fri, 31 Aug 2018 16:42:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 21:49:46 GMT
Server
sffe
Age
2173651
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
8892
X-XSS-Protection
1; mode=block
Expires
Sat, 31 Aug 2019 16:42:24 GMT
primealpha.ml.215116.js
jsc.mgid.com/p/r/ Frame 66F8 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://jsc.mgid.com/p/r/primealpha.ml.215116.js?t=11882520
Requested by
Host: primealpha.ml
URL: http://primealpha.ml/nfl-1.php
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
53f3a9fdc8f978fef5ee0927b926907e38961c7683b79cc913fcd70f19e49950

Request headers

Referer
http://primealpha.ml/nfl-1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-ID
nkf-up-gc14
Date
Tue, 25 Sep 2018 20:29:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Aug 2018 07:48:46 GMT
Server
nginx
x-amz-request-id
EFCEB95439DC45E1
ETag
W/"df44b7b2acd8333daaba90c09da850c9"
Transfer-Encoding
chunked
X-Cached-Since
2018-09-25T10:30:33+00:00
Content-Type
text/javascript
Cache-Control
max-age=3600
Cache
STALE
Connection
keep-alive
x-amz-id-2
+tErsyMV+45n4/I6nApjrRR/H1ArdG0PCQVH/+HcbDSlcD3AW9M1Q59DhOllebxnPX2gU75/T/Q=
Expires
Tue, 25 Sep 2018 21:29:55 GMT
watch.1221915461915.js
www.urldelivery.com/ 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.urldelivery.com/watch.1221915461915.js?key=b66f74699462fb2e9a1a784c96fb88dc&kw=%5B%5D&refer=http%3A%2F%2Fprimealpha.ml%2Fnfl-1.php&tz=0&dev=r&res=4.23&uuid=72f11783-3496-4965-9461-d55e9817a22a%3A2%3A2
Requested by
Host: www.bnserving.com
URL: http://www.bnserving.com/invoke.js
Protocol
HTTP/1.1
Server
198.134.112.244 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://primealpha.ml/nfl-1.php
Origin
http://primealpha.ml

Response headers

Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Content-Type
text/html
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: jsc.mgid.com
URL: http://jsc.mgid.com/p/r/primealpha.ml.215116.js?t=11882520
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://primealpha.ml/nfl-1.php
Origin
http://primealpha.ml

Response headers

date
Fri, 31 Aug 2018 15:57:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:08:16 GMT
server
sffe
age
2176343
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16224
x-xss-protection
1; mode=block
expires
Sat, 31 Aug 2019 15:57:32 GMT
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: jsc.mgid.com
URL: http://jsc.mgid.com/p/r/primealpha.ml.215116.js?t=11882520
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://primealpha.ml/nfl-1.php
Origin
http://primealpha.ml

Response headers

date
Fri, 21 Sep 2018 06:43:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:06:58 GMT
server
sffe
age
395211
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
15556
x-xss-protection
1; mode=block
expires
Sat, 21 Sep 2019 06:43:04 GMT
1
servicer.mgid.com/215116/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/215116/1?w=1585&h=190&cols=4&pv=5&cbuster=1537907395514291540565&ref=&lu=http%3A%2F%2Fprimealpha.ml%2Fnfl-1.php&pageView=1&pvid=166126c8bba9b3df9f6
Requested by
Host: jsc.mgid.com
URL: http://jsc.mgid.com/p/r/primealpha.ml.215116.js?t=11882520
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
64.58.116.132 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://primealpha.ml/nfl-1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
cache-control
max-age=0, no-store, no-cache, must-revalidate
content-type
text/html
truncated
/ 		507 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
watch.1221915461915
www.urldelivery.com/ Frame DB99 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.urldelivery.com/watch.1221915461915?key=b66f74699462fb2e9a1a784c96fb88dc&kw=%5B%5D&refer=http%3A%2F%2Fprimealpha.ml%2Fnfl-1.php&tz=0&dev=r&res=4.23&uuid=72f11783-3496-4965-9461-d55e9817a22a%3A2%3A2
Requested by
Host: www.bnserving.com
URL: http://www.bnserving.com/invoke.js
Protocol
HTTP/1.1
Server
198.134.112.244 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Host
www.urldelivery.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://primealpha.ml/nfl-1.php
Accept-Encoding
gzip, deflate
Cookie
u_pl=14012136
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://primealpha.ml/nfl-1.php

Response headers

Server
nginx/1.12.1
Date
Tue, 25 Sep 2018 20:29:55 GMT
Content-Type
text/html
Content-Length
103
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0; includeSubdomains
a97028be-ab2e-4f57-9734-6d4e24d9ebcb
http://primealpha.ml/ Frame 66F8 		706 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://primealpha.ml/a97028be-ab2e-4f57-9734-6d4e24d9ebcb
Requested by
Host: jsc.mgid.com
URL: http://jsc.mgid.com/p/r/primealpha.ml.215116.js?t=11882520
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56bd4b2a34228f0d8e6256492f34cc7ce3f8b350e99cc05149cbdf3b73401ed5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
706

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| mzs__2051 object| LieDetector object| atAsyncContainers function| LoadCriteoAllPlaces function| ProcessCriteo object| onClickExcludes function| MarketGidLoadGoods215116 function| MarketGidCReject215116 function| AdskeeperLoadGoods215116 function| AdskeeperCReject215116 function| IdealMediaLoadGoods215116 function| IdealMediaCReject215116 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| _mgPageView319551

15 Cookies

Domain/Path Name / Value
ufpcdn.com/ Name: adcashufpv3
Value: 15173008817216569291004738559
.buybtconline.info/ Name: __cfduid
Value: dfe734300cf06207f217a53861703c76f1537907395
www.hdgameslive.com/ Name: c_ref_1926653
Value: http%3A%2F%2Fprimealpha.ml%2Fnfl-1.php
www.urldelivery.com/ Name: u_pl
Value: 14012136
www.hdgameslive.com/ Name: HstCns1926653
Value: 1
.ufpcdn.com/ Name: __cfduid
Value: d16bd28e3177619cd58c0d101627f9b161537907395
www.hdgameslive.com/ Name: HstCmu1926653
Value: 1537907395684
primealpha.ml/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22ODN3NVJp5%22%7D%2C%22C215116%22%3A%7B%22page%22%3A1%2C%22time%22%3A1537907395497%7D%7D
www.hdgameslive.com/ Name: HstCla1926653
Value: 1537907395684
www.hdgameslive.com/ Name: HstCnv1926653
Value: 1
www.hdgameslive.com/ Name: HstCfa1926653
Value: 1537907395684
www.hdgameslive.com/ Name: HstPn1926653
Value: 1
.primealpha.ml/ Name: 494668b4c0ef4d25bda4e75c27de2817
Value: 72f11783-3496-4965-9461-d55e9817a22a%3A2%3A2
.hdgameslive.com/ Name: __cfduid
Value: de85354a1c5101d65262260752dd1ccd11537907395
www.hdgameslive.com/ Name: HstPt1926653
Value: 1

4 Console Messages

Source Level URL
Text
console-api log URL: http://www.bnserving.com/invoke.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: http://www.bnserving.com/invoke.js(Line 1)
Message:
console.clear
console-api log URL: http://www.bnserving.com/invoke.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: http://www.bnserving.com/invoke.js(Line 1)
Message:
console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hdgameslive.com
jsc.mgid.com
kz1c.piguiqproxy.com
n7-r1d2.piguiqproxy.com
nrrxxpvgtf.com
primealpha.ml
r.remarketingpixel.com
servicer.mgid.com
www.bnserving.com
www.hdgameslive.com
www.urldelivery.com
xk6o.amgload.net
130.185.250.34
185.187.81.35
185.187.81.38
198.134.112.242
198.134.112.244
213.196.2.2
23.111.224.1
2606:4700:30::6818:60ef
2606:4700:30::6818:61ef
2a00:1450:4001:812::2003
2a00:1450:4001:817::200a
2a03:90c0:9997::9997
64.58.116.132
1c21dd409e977f176ae963b5510fbdd57669e9861fff9f5d9a46b6fc73f430fa
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60
44c0b282b856e5b8fe2ff49eb3a3e47669708ceb9082f48a62b00b61500eab9e
4910830589ececb40f7f8deb6d0c80cd7fa747e1a5bab8bddc9af59e7d040a1f
53f3a9fdc8f978fef5ee0927b926907e38961c7683b79cc913fcd70f19e49950
56bd4b2a34228f0d8e6256492f34cc7ce3f8b350e99cc05149cbdf3b73401ed5
73e974f411f415006640349ea6d7f7705260c9a0519e8a56129449152f25de42
7654f76df514c67722679c43c4493e06e6b43ed1d5ca7968aff0a1f0729c0eef
7a14e2c32c6a42c292a80640d77b95254b03b08756fff2f2602b7396f9203679
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
af6611c862f2a4cf204cd956f033f105925d3336fc02b95291b9aab378231032
b9eb54a7bc036b92da19d3f8253113bb2f9c2c5405939b50bac3444e5e21f369
bba96c302f6079bcf05aa12c30536aa3e3dcab2f3423af491a22b6b7d7d31f78
c42cbcf3449dc97ccd163bfdae36741032ec739df7004e9d8fb5cdecc2a9c92f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9007c4791dafd6282ac62a3e790a460a30641d67f018d43669a999c68fabe5a
fbff38b1e9134b442d5f2027c585ec11cc4fa7d21c9b835cb28dc744434e6ecb