urlscan.io logo urlscan.io
SecurityTrails logo

archspeech.pw Open in urlscan Pro
2606:4700:30::681c:1118  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://archspeech.pw/go/index.html
Effective URL: https://archspeech.pw/go/index.html
Submission: On November 16 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 30 HTTP transactions. The main IP is 2606:4700:30::681c:1118, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is archspeech.pw.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 14th 2018. Valid for: a year.
This is the only time archspeech.pw was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
20 2606:4700:30:... 13335 (CLOUDFLAR...)
1 178.79.251.29 22822 (LLNW)
1 216.58.207.66 15169 (GOOGLE)
1 13.32.222.27 16509 (AMAZON-02)
1 93.184.220.100 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 66.117.29.6 15224 (OMNITURE)
2 130.211.18.143 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
30 11
1    2606:4700:30::681c:1018 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
archspeech.pw
20    2606:4700:30::681c:1118 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
archspeech.pw
1    178.79.251.29 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-251-29.lcy.llnw.net
assets.bt.com
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
www.googleadservices.com
1    13.32.222.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-27.fra56.r.cloudfront.net
d3c3cq33003psk.cloudfront.net
1    93.184.220.100 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
a.mobify.com
1    2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    66.117.29.6 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
bt.tt.omtrdc.net
2    130.211.18.143 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 143.18.211.130.bc.googleusercontent.com
opentag-stats.qubit.com
1    2a00:1450:4001:81a::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
21 archspeech.pw 1 redirects archspeech.pw
2 opentag-stats.qubit.com d3c3cq33003psk.cloudfront.net
1 www.google.de archspeech.pw
1 www.google.com archspeech.pw
1 bt.tt.omtrdc.net assets.bt.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 a.mobify.com archspeech.pw
1 d3c3cq33003psk.cloudfront.net archspeech.pw
1 www.googleadservices.com archspeech.pw
1 assets.bt.com archspeech.pw
30 10

This site contains links to these domains. Also see Links.

Domain
www.bt.com
bt.com
www.btplc.com
www.thephonebook.bt.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-11-14 -
2019-11-14		 a year crt.sh
bt.com
DigiCert SHA2 Extended Validation Server CA		 2018-09-07 -
2019-11-06		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.mobify.com
DigiCert SHA2 Secure Server CA		 2017-11-08 -
2020-06-02		 3 years crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-19 -
2020-11-25		 3 years crt.sh
*.qubit.com
Go Daddy Secure Certificate Authority - G2		 2018-07-31 -
2020-07-31		 2 years crt.sh
www.google.com
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://archspeech.pw/go/index.html
Frame ID: 4FFFDE0471495A624DE63208F08989E9
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://archspeech.pw/go/index.html HTTP 301
    https://archspeech.pw/go/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /mobify\.com/i
  • env /^Mobify$/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i

Page Statistics

30
Requests

100 %
HTTPS

45 %
IPv6

10
Domains

10
Subdomains

11
IPs

3
Countries

155 kB
Transfer

602 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://archspeech.pw/go/index.html HTTP 301
    https://archspeech.pw/go/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
archspeech.pw/go/
Redirect Chain
  • http://archspeech.pw/go/index.html
  • https://archspeech.pw/go/index.html
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3997104bbbc54eabc9fbb06af9c6fb1ef7f134dd859c5696e10f404c54ebe47e

Request headers

:method
GET
:authority
archspeech.pw
:scheme
https
:path
/go/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 16 Nov 2018 08:16:57 GMT
content-type
text/html
set-cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217; expires=Sat, 16-Nov-19 08:16:57 GMT; path=/; domain=.archspeech.pw; HttpOnly; Secure
last-modified
Wed, 28 Mar 2018 03:11:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
47a884b59e47c2d8-FRA
content-encoding
gzip

Redirect headers

Date
Fri, 16 Nov 2018 08:16:57 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 16 Nov 2018 09:16:57 GMT
Location
https://archspeech.pw/go/index.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
47a884b563a064bd-FRA
stylesheet.css
archspeech.pw/go/css/ 		218 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/stylesheet.css
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7add7344b5d3313f4e64af7059e016353b18ccc1f5866d13a24649fb9c4f4824

Request headers

:path
/go/css/stylesheet.css
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 03:06:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
47a884b62f6ec2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
bt.cookies.api.js
archspeech.pw/go/css/ 		2 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/bt.cookies.api.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98db84cda3e8d2b72b56e9da066b374765f92f4184fba2fe15b1edc9fb8eb5c2

Request headers

:path
/go/css/bt.cookies.api.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 03:06:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
47a884b62f77c2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
modernizr-2.6.2.min.js
archspeech.pw/go/css/vendor/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/vendor/modernizr-2.6.2.min.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/go/css/vendor/modernizr-2.6.2.min.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b62f78c2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
jquery-1.8.2.min.js
archspeech.pw/go/css/vendor/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/vendor/jquery-1.8.2.min.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/go/css/vendor/jquery-1.8.2.min.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b62f79c2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
jquery.validate.js
archspeech.pw/go/css/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/jquery.validate.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9ee9662c314b3999180fa7bd4dd16ae67af193dbad5862debfa040ed96bd6c

Request headers

:path
/go/css/jquery.validate.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 03:06:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
47a884b62f7ac2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
script.js
archspeech.pw/go/css/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/script.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3f0a8136f4ccc5dc7bc7581f679cf87e49793597db128cf70153d20e486530

Request headers

:path
/go/css/script.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 03:06:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
47a884b62f7bc2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
login.js
archspeech.pw/go/css/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/login.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a542a9b2cdbcfcf2d65c26c79e33ec073ecde630a5ea30e348fe9fc6fc2b6a55

Request headers

:path
/go/css/login.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 03:06:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
47a884b62f7cc2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
login_remember.js
archspeech.pw/go/css/ 		2 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/login_remember.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb5914c06929b81bb9c5844c797f7fc46444fb28d01d7242e650ca8ca1ee797

Request headers

:path
/go/css/login_remember.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 03:06:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
47a884b62f7dc2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
mbox.js
assets.bt.com/v1/btcome/global/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bt.com/v1/btcome/global/js/mbox.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.251.29 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-251-29.lcy.llnw.net
Software
CloudStorage /
Resource Hash
b34e1a28a7954d2dfa27ee6fe149b7010d036f08f503899227fe4ab57ccf1fdd

Request headers

Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 08:16:57 GMT
Content-Encoding
gzip
Age
263
X-Agile-Request-Id
23222fdffefd4d068abea9de055f14af
X-Agile-Brick-Id
480527910
Connection
keep-alive
Content-Length
6143
X-Agile-Checksum
b34e1a28a7954d2dfa27ee6fe149b7010d036f08f503899227fe4ab57ccf1fdd
Last-Modified
Thu, 06 Oct 2016 09:09:19 GMT
Server
CloudStorage
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Accept-Encoding,Accept-Language,Cache-Control
X-Agile-Source
178.79.224.66:1987
conversion.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
c8c41639bd3ff6e53a3059638fcdd9ecec86fb44ce02e2558e54f1ce1175c884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9188
x-xss-protection
1; mode=block
server
cafe
etag
12953853046162613171
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Nov 2018 08:16:57 GMT
opentag-84691-994976.js
d3c3cq33003psk.cloudfront.net/ 		199 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3c3cq33003psk.cloudfront.net/opentag-84691-994976.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efc01c756a1c640b275324800b6606563067a5b0b2bd68587a82f9a7b951e0d3

Request headers

Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 09:41:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Nov 2018 09:40:47 GMT
Server
AmazonS3
Age
81289
ETag
"0ba8584108f519bea3ef4f5c2a107b47"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 617456b5ad99c756ee702b235ecfe148.cloudfront.net (CloudFront)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53174
X-Amz-Cf-Id
StEma4vmMJwxKzHcn632oLqhyJClvRPBUs2AjGSxoRWkUF3VOUXo0w==
logo_102x50.gif
archspeech.pw/go/css/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archspeech.pw/go/css/logo_102x50.gif
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ff70b5bf1afb0cbc3e6458d4126b1b49dd49c06e76b7a169aea5babb6f066d6

Request headers

:path
/go/css/logo_102x50.gif
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 03:10:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
47a884b62f7ec2d8-FRA
content-length
3508
expires
Fri, 16 Nov 2018 12:16:57 GMT
a.js
a.mobify.com/bt/ 		0
151 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mobify.com/bt/a.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.184.220.100 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B2) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
last-modified
Fri, 16 Nov 2018 07:47:18 GMT
server
ECS (fcn/40B2)
x-frame-options
DENY
x-cache
HIT
content-type
text/html; charset=utf-8
status
200
cache-control
public, max-age=1800
accept-ranges
bytes
content-length
0
style_761.css
archspeech.pw/go/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/style_761.css
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
264aefdcb1b227a453714e82c1b34e448213c816e672d0181211c06b1f1a782a

Request headers

:path
/go/css/style_761.css
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217; mbox=check#true#1542356278|session#1542356217436-220800#1542358078
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 03:06:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
47a884b72a1dc2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
style_480.css
archspeech.pw/go/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/style_480.css
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63ada3e8c0f3903caf1dd86dbf5165a0112cda7e130ac8aa97c5fefd1943a0d

Request headers

:path
/go/css/style_480.css
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217; mbox=check#true#1542356278|session#1542356217436-220800#1542358078
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 03:06:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
47a884b72a1ec2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
s_code_remote.js
archspeech.pw/static/includes/appsauth/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/static/includes/appsauth/js/s_code_remote.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/static/includes/appsauth/js/s_code_remote.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b6782ec2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
omniture.js
archspeech.pw/static/includes/appsauth/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/static/includes/appsauth/js/omniture.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/static/includes/appsauth/js/omniture.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b6987cc2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
bt.cookies.js
archspeech.pw/static/includes/globalheader/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/static/includes/globalheader/bt.cookies.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/static/includes/globalheader/bt.cookies.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217; mbox=check#true#1542356278|session#1542356217436-220800#1542358078
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b72a1cc2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
jquery-1.8.2.min.js
archspeech.pw/go/css/vendor/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/go/css/vendor/jquery-1.8.2.min.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/go/css/vendor/jquery-1.8.2.min.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b6b8d9c2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/972002336/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972002336/?random=1542356217439&cv=9&fst=1542356217439&num=1&label=Snt7CPDmpwUQoKi-zwM&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Farchspeech.pw%2Fgo%2Findex.html&tiba=My%20BT%3A%20Login%20to%20access%20your%20personal%20details&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
bbbd051cd121836b04f5a0274312b06ec55fee98223e16983f69b7e357630adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1015
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sprite.png
archspeech.pw/static/wa/appsauth/consumer/img/ 		359 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archspeech.pw/static/wa/appsauth/consumer/img/sprite.png
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e9d1ae36e160e79f190f5882e08c68e00fb8edce1df83906587ed91ae24abf

Request headers

:path
/static/wa/appsauth/consumer/img/sprite.png
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217; mbox=check#true#1542356278|session#1542356217436-220800#1542358078
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/css/stylesheet.css
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/css/stylesheet.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b72a1fc2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
truncated
/ 		42 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91d32af051d9ace7282b43d300b85debad94fa8659ee69f3e7616e4e1a7605e2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://archspeech.pw

Response headers

Access-Control-Allow-Origin
*
Content-Type
font/opentype;charset=utf-8
standard
bt.tt.omtrdc.net/m2/bt/mbox/ 		137 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bt.tt.omtrdc.net/m2/bt/mbox/standard?mboxHost=archspeech.pw&mboxSession=1542356217436-220800&mboxPage=1542356217436-220800&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&colorDepth=24&mboxCount=1&mbox=logged_in_not_signed_up&mboxId=0&mboxTime=1542356217462&mboxURL=https%3A%2F%2Farchspeech.pw%2Fgo%2Findex.html&mboxReferrer=&mboxVersion=40
Requested by
Host: assets.bt.com
URL: https://assets.bt.com/v1/btcome/global/js/mbox.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.117.29.6 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
/
Resource Hash
d7b51265f2ebe2cb78e2e47c913f71af468b189099cdc6014201466ea7a3c932

Request headers

Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 16 Nov 2018 08:16:56 GMT
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache
timing-allow-origin
*
content-length
137
x-request-id
a91b859a-93df-429e-bbf9-b1600d08c07f
ping
opentag-stats.qubit.com/ 		2 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://opentag-stats.qubit.com/ping
Requested by
Host: d3c3cq33003psk.cloudfront.net
URL: https://d3c3cq33003psk.cloudfront.net/opentag-84691-994976.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.18.143 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
143.18.211.130.bc.googleusercontent.com
Software
topNET/2.0.13 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://archspeech.pw/go/index.html
Origin
https://archspeech.pw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
via
1.1 google
server
topNET/2.0.13
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
status
200
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
clear
content-length
2
s_code_remote.js
archspeech.pw/static/includes/appsauth/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/static/includes/appsauth/js/s_code_remote.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/static/includes/appsauth/js/s_code_remote.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217; mbox=check#true#1542356278|session#1542356217436-220800#1542358078; _qst_s=1; _qsst_s=1542356217488; x_qtag_994976=EYXarchspeech.pw*1542356217488*index.html@*a*Qsc*Q*j1*C*B1*C*P1*5-@1-*C*R*Z*a*Idirect*Y*9-*@0-/go/@2-*Y*A@1-*b*E*C*F*Q*@0-/go/@2-*Y*Q__v*z
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b79b20c2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
/
www.google.com/pagead/1p-user-list/972002336/ 		42 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/972002336/?random=1542356217439&cv=9&fst=1542355200000&num=1&label=Snt7CPDmpwUQoKi-zwM&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Farchspeech.pw%2Fgo%2Findex.html&tiba=My%20BT%3A%20Login%20to%20access%20your%20personal%20details&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3382776067&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Nov 2018 08:16:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/972002336/ 		42 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/972002336/?random=1542356217439&cv=9&fst=1542355200000&num=1&label=Snt7CPDmpwUQoKi-zwM&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Farchspeech.pw%2Fgo%2Findex.html&tiba=My%20BT%3A%20Login%20to%20access%20your%20personal%20details&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3382776067&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Nov 2018 08:16:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
omniture.js
archspeech.pw/static/includes/appsauth/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/static/includes/appsauth/js/omniture.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/static/includes/appsauth/js/omniture.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217; mbox=check#true#1542356278|session#1542356217436-220800#1542358078; _qst_s=1; _qsst_s=1542356217488; x_qtag_994976=EYXarchspeech.pw*1542356217488*index.html@*a*Qsc*Q*j1*C*B1*C*P1*5-@1-*C*R*Z*a*Idirect*Y*9-*@0-/go/@2-*Y*A@1-*b*E*C*F*Q*@0-/go/@2-*Y*Q__v*z
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b7bb65c2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
bt.cookies.js
archspeech.pw/static/includes/globalheader/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://archspeech.pw/static/includes/globalheader/bt.cookies.js
Requested by
Host: archspeech.pw
URL: https://archspeech.pw/go/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/static/includes/globalheader/bt.cookies.js
pragma
no-cache
cookie
__cfduid=d442301adbe2f4687517ef13e48645efe1542356217; mbox=check#true#1542356278|session#1542356217436-220800#1542358078; _qst_s=1; _qsst_s=1542356217488; x_qtag_994976=EYXarchspeech.pw*1542356217488*index.html@*a*Qsc*Q*j1*C*B1*C*P1*5-@1-*C*R*Z*a*Idirect*Y*9-*@0-/go/@2-*Y*A@1-*b*E*C*F*Q*@0-/go/@2-*Y*Q__v*z
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
archspeech.pw
referer
https://archspeech.pw/go/index.html
:scheme
https
:method
GET
Referer
https://archspeech.pw/go/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 08:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
47a884b7cb84c2d8-FRA
expires
Fri, 16 Nov 2018 12:16:57 GMT
ping
opentag-stats.qubit.com/ 		2 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://opentag-stats.qubit.com/ping
Requested by
Host: d3c3cq33003psk.cloudfront.net
URL: https://d3c3cq33003psk.cloudfront.net/opentag-84691-994976.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.18.143 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
143.18.211.130.bc.googleusercontent.com
Software
topNET/2.0.13 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://archspeech.pw/go/index.html
Origin
https://archspeech.pw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 16 Nov 2018 08:16:59 GMT
via
1.1 google
server
topNET/2.0.13
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
status
200
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
clear
content-length
2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Mobify object| btCookiesAPI function| omniOnClick function| omniOnError function| GetCookie number| submitcount string| domainName function| checkSubmit function| setRememberMeCookiees function| jsSubmit function| changeBTClickUserName function| allSubmit function| consumerLoginSubmit function| getQueryParameter function| checkLoginSubmit function| setRememberMeCookie function| setUsernameFromCookie function| getUsernameFromCookie string| mboxCopyright number| mboxVersion object| mboxFactories object| mboxFactoryDefault function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxDefine function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth object| google_conversion_id object| google_conversion_label object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_remarketing_for_search object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions string| hashCode string| hash object| hashParam number| c_start string| cUserName object| qubit number| __qubit_uuid_cnt_43567bdfhgtb4vt5yeh978__ object| uv function| opentag_consentGiven object| universal_variable object| uv_listener boolean| ga-disable-UA-35439723-1 string| __pageViewId__ string| s_pageName string| s_channel string| s_server string| s_products string| s_events string| s_hier1 string| s_prop6 string| s_prop9 string| s_prop36 string| s_prop37 string| s_eVar37 string| s_prop38 string| s_eVar38 string| s_account

5 Cookies

Domain/Path Name / Value
archspeech.pw/ Name: x_qtag_994976
Value: EYXarchspeech.pw*1542356217488*index.html@*a*Qsc*Q*j1*C*B1*C*P1*5-@1-*C*R*Z*a*Idirect*Y*9-*@0-/go/@2-*Y*A@1-*b*E*C*F*Q*@0-/go/@2-*Y*Q__v*z
archspeech.pw/ Name: _qst_s
Value: 1
archspeech.pw/ Name: _qsst_s
Value: 1542356217488
.archspeech.pw/ Name: mbox
Value: check#true#1542356278|session#1542356217436-220800#1542358078
.archspeech.pw/ Name: __cfduid
Value: d442301adbe2f4687517ef13e48645efe1542356217

4 Console Messages

Source Level URL
Text
console-api log URL: https://d3c3cq33003psk.cloudfront.net/opentag-84691-994976.js(Line 324)
Message:
polling function + support for targeting = true
console-api log URL: https://d3c3cq33003psk.cloudfront.net/opentag-84691-994976.js(Line 324)
Message:
polling true
console-api log URL: https://d3c3cq33003psk.cloudfront.net/opentag-84691-994976.js(Line 300)
Message:
bt_cookie_level
console-api log URL: https://d3c3cq33003psk.cloudfront.net/opentag-84691-994976.js(Line 301)
Message:
null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mobify.com
archspeech.pw
assets.bt.com
bt.tt.omtrdc.net
d3c3cq33003psk.cloudfront.net
googleads.g.doubleclick.net
opentag-stats.qubit.com
www.google.com
www.google.de
www.googleadservices.com
13.32.222.27
130.211.18.143
178.79.251.29
216.58.207.66
2606:4700:30::681c:1018
2606:4700:30::681c:1118
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::2003
2a00:1450:4001:820::2002
66.117.29.6
93.184.220.100
21e9d1ae36e160e79f190f5882e08c68e00fb8edce1df83906587ed91ae24abf
264aefdcb1b227a453714e82c1b34e448213c816e672d0181211c06b1f1a782a
3997104bbbc54eabc9fbb06af9c6fb1ef7f134dd859c5696e10f404c54ebe47e
3e9ee9662c314b3999180fa7bd4dd16ae67af193dbad5862debfa040ed96bd6c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e3f0a8136f4ccc5dc7bc7581f679cf87e49793597db128cf70153d20e486530
6ff70b5bf1afb0cbc3e6458d4126b1b49dd49c06e76b7a169aea5babb6f066d6
7add7344b5d3313f4e64af7059e016353b18ccc1f5866d13a24649fb9c4f4824
7cb5914c06929b81bb9c5844c797f7fc46444fb28d01d7242e650ca8ca1ee797
91d32af051d9ace7282b43d300b85debad94fa8659ee69f3e7616e4e1a7605e2
98db84cda3e8d2b72b56e9da066b374765f92f4184fba2fe15b1edc9fb8eb5c2
a542a9b2cdbcfcf2d65c26c79e33ec073ecde630a5ea30e348fe9fc6fc2b6a55
b34e1a28a7954d2dfa27ee6fe149b7010d036f08f503899227fe4ab57ccf1fdd
b63ada3e8c0f3903caf1dd86dbf5165a0112cda7e130ac8aa97c5fefd1943a0d
bbbd051cd121836b04f5a0274312b06ec55fee98223e16983f69b7e357630adb
c8c41639bd3ff6e53a3059638fcdd9ecec86fb44ce02e2558e54f1ce1175c884
d7b51265f2ebe2cb78e2e47c913f71af468b189099cdc6014201466ea7a3c932
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc01c756a1c640b275324800b6606563067a5b0b2bd68587a82f9a7b951e0d3