urlscan.io logo urlscan.io
SecurityTrails logo

netxaca.org Open in urlscan Pro
188.166.241.150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://netxaca.org/coinbase-support/zoom.html
Effective URL: https://netxaca.org/coinbase-support/zoom.html
Submission: On March 11 via api from BY — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 188.166.241.150, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is netxaca.org.
TLS certificate: Issued by R3 on March 9th 2024. Valid for: 3 months.
This is the only time netxaca.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 188.166.241.150 14061 (DIGITALOC...)
8 172.67.171.56 13335 (CLOUDFLAR...)
6 142.251.175.132 15169 (GOOGLE)
15 4
Apex Domain
Subdomains		 Transfer
8 mamankdapur.com
cdn.mamankdapur.com
2 MB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 397
126 KB
2 netxaca.org
netxaca.org
55 KB
15 3
Domain Requested by
8 cdn.mamankdapur.com netxaca.org
6 cdn.ampproject.org netxaca.org
cdn.ampproject.org
2 netxaca.org 1 redirects
15 3

This site contains links to these domains. Also see Links.

Domain
rebrand.ly
dapurboss.com
Subject Issuer Validity Valid
netxaca.org
R3		 2024-03-09 -
2024-06-07		 3 months crt.sh
mamankdapur.com
E1		 2024-01-17 -
2024-04-16		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://netxaca.org/coinbase-support/zoom.html
Frame ID: 35F5E81664C641F277A01EA71A7BA44B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DAPURTOTO : Situs Togel Online Resmi Terpercaya Bet 100 Perak Pasaran Toto Terlengkap Hadiah Terbesar

Page URL History Show full URLs

  1. http://netxaca.org/coinbase-support/zoom.html HTTP 301
    https://netxaca.org/coinbase-support/zoom.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

2505 kB
Transfer

2826 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://netxaca.org/coinbase-support/zoom.html HTTP 301
    https://netxaca.org/coinbase-support/zoom.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zoom.html
netxaca.org/coinbase-support/
Redirect Chain
  • http://netxaca.org/coinbase-support/zoom.html
  • https://netxaca.org/coinbase-support/zoom.html
54 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://netxaca.org/coinbase-support/zoom.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.166.241.150 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f44944fe435bc0e20a207c26bc4b7229b520b347484f1e72f49b38ba97c709c8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Mar 2024 21:20:45 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.41 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
331
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 11 Mar 2024 21:20:45 GMT
Keep-Alive
timeout=5, max=100
Location
https://netxaca.org/coinbase-support/zoom.html
Server
Apache/2.4.41 (Ubuntu)
jackpot-dapurtoto.webp
cdn.mamankdapur.com/DAPURTOTO/DLL/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mamankdapur.com/DAPURTOTO/DLL/jackpot-dapurtoto.webp
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8488b1c30fd6caf33649a68371eee5b69f0695140cf1ea1d5b62ef247c53e437

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:20:46 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Mar 2024 08:56:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1933
etag
"10652-612d1e5523426"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVoyEYRysrCqRcfo2zS2QfSys%2B3gczLscXzJqod99HLAJYFJGNwYq2%2FMj336QPUbyocsJz%2BhocpQVSiGzELi152WuWv2ATQ3A2KvXsGY30I%2FEB2LITN8CmNc%2BHvq3TWZnQIgSD18"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
862e9720cc6c9fe5-SIN
alt-svc
h3=":443"; ma=86400
content-length
67154
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
d1ca726e11d5b85e441ddc6515ff38ee3624f1e6276e2ca7bfceeab75d313ced
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Mar 2024 21:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73135
x-xss-protection
0
server
sffe
etag
"cd91c03a00c56b46"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Mar 2024 21:20:46 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
7ea533fd7e01c5d5e5e36918152c348f9ec7bc7c8990f079c6e270a747216a57
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Mar 2024 21:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32201
x-xss-protection
0
server
sffe
etag
"bafffe5800bf9ecb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Mar 2024 21:20:46 GMT
amp-anim-0.1.js
cdn.ampproject.org/v0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-anim-0.1.js
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
6e5c241fd7258f5ff5f5925e26d4e25624eb7336290b6e2d1b61e352a241ff13
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Mar 2024 21:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2467
x-xss-protection
0
server
sffe
etag
"c89087186a2988b8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Mar 2024 21:20:46 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
9ce41807c2c5b0440c91ae1cdb3a9027885f98ed3d738a94fafa5e8725f16961
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Mar 2024 21:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11509
x-xss-protection
0
server
sffe
etag
"adc1f2fc93e4b3ab"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Mar 2024 21:20:46 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
logo.gif
cdn.mamankdapur.com/DAPURTOTO/DLL/ 		658 KB
659 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mamankdapur.com/DAPURTOTO/DLL/logo.gif
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1db45dc2bad3981a8fcfafa0ea444f40fa0dc91e44c3a84faaa95b8b3e459d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:20:46 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Mar 2024 08:56:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6808
etag
"a4660-612d1e56d5d40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rb%2FxRO%2FLKI5DACr4uZlC1wW8rbQmxbNLI6qYDirfSiuZdQ%2FUuh3Z4%2B6SZv2X3kqrmldJ0GCkM4wpol3%2FfLDzXotVrTXaPKvpb2CizRHH3dkjAXdXFzYBJOFkEoCYYhjUozxclQAG"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
862e9721bd7c9fe5-SIN
alt-svc
h3=":443"; ma=86400
content-length
673376
promox.webp
cdn.mamankdapur.com/DAPURTOTO/DLL/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mamankdapur.com/DAPURTOTO/DLL/icon/promox.webp
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d488144fdee792e35d1fbefe3b98464ff9aa11e5c4394c26ef5bb417ee4ebb3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:20:46 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Mar 2024 08:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5718
etag
"758-612d1e5c37c0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AX%2F07EU5rtxu4OOPcd6LK45vsvbj5IgjHPe6GLvrm1d9W3e30To%2BIt%2BdMvq%2FrSzC%2BV%2BgnSgS69THOhcBwJ32mqOORkmc336d73qNnR48ZPNqlWwy9yXZZW%2F0jLCzHEENvK%2BtFSVG"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
862e9721bd829fe5-SIN
alt-svc
h3=":443"; ma=86400
content-length
1880
joinx.webp
cdn.mamankdapur.com/DAPURTOTO/DLL/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mamankdapur.com/DAPURTOTO/DLL/icon/joinx.webp
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7334bd1b9279d05d31d3dc12d499b19e157d48ccedaecf1500310bc5a4ea32

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:20:46 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Mar 2024 08:56:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6808
etag
"64a-612d1e5994f36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJ%2FZf9SSrh29s0DrwUGSV7eVXjRICNwwLh2ocUs9bTHWfAAeOOKG3ObOp2ug3Od4aZgmLbUh1EkRqO17K3%2FknQpJHEZhJLBy7A0e4qGgOzKB9uw7LoUwbT7KXtiF8LjglZHd2jqj"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
862e9721bd789fe5-SIN
alt-svc
h3=":443"; ma=86400
content-length
1610
wax.webp
cdn.mamankdapur.com/DAPURTOTO/DLL/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mamankdapur.com/DAPURTOTO/DLL/icon/wax.webp
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a93e508e1f60fb2b8c319a5dbee2e7d5f43cd126718b72288863e1851376396

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:20:46 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Mar 2024 08:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6808
etag
"5be-612d1e5c88cec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtCxA%2Fpk8ITDbPLtomK4zujRC54Lw2CmDRdME4bdA8%2BKaWEcGlpDeBjB87qaGPDVoJLszEkPKS6j38QUjZwB1t8AnBzk38b3gCZTeiIIHEW2T0CmxHNXdDmQr2IrKbyhcLphjwB6"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
862e9721bd7b9fe5-SIN
alt-svc
h3=":443"; ma=86400
content-length
1470
livechatx.webp
cdn.mamankdapur.com/DAPURTOTO/DLL/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mamankdapur.com/DAPURTOTO/DLL/icon/livechatx.webp
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
841043780ef8f241fc953351b9d4ccf3d8912a11462d6cd546f29911a5fa510a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:20:46 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Mar 2024 08:56:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5739
etag
"5d6-612d1e5a2b574"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCm2ec2PIFxPvcyE6lHJyNhHsgOYejLCFFeOUGbO7R9Avv0YwaNy2x00TH9wXI7gSz2ueJQdQ19FneeZOswIPs9OkEI0bGeeQcxID9%2BcgBbJgiIveAp3lU2NFspO1yAerA5Dgjsn"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
862e9721bd7f9fe5-SIN
alt-svc
h3=":443"; ma=86400
content-length
1494
promosi.gif
cdn.mamankdapur.com/DAPURTOTO/DLL/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mamankdapur.com/DAPURTOTO/DLL/promosi.gif
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6b02574b67c6fd71f31bb3df89bca91e7e5db8f113a3215a5c73a417427120f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:20:46 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Mar 2024 08:56:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1933
etag
"170079-612d1e57b575d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44wBQ1XI0kQmgfo8paxHMSyJl8T1ZcKJspZE7uQOlceZf0Z8dY%2BLNTwwfjR%2B%2FMk3B9fwWeOxiRGJNNgCK1IEMH%2FsYVtuj4uBOx%2FfVHPc5fykdpd9B7Bf8sxy4F%2F9beL75ejYFOgx"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
862e9721bd869fe5-SIN
alt-svc
h3=":443"; ma=86400
content-length
1507449
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012402231941000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402231941000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
4834ab8622f4ad0546fa0a08a3b5e72f8f3bd703bb1e6238c2b14aa02b838eb9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://netxaca.org/
Origin
https://netxaca.org
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Mar 2024 13:50:51 GMT
age
26996
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"459060a7c7670829"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Mar 2025 13:50:51 GMT
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-loader-0.1.js
cdn.ampproject.org/rtv/012402231941000/v0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402231941000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
667cc75196e1217f107399610857f6b17fb655367566cdad1411f13351df57c1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://netxaca.org/
Origin
https://netxaca.org
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Mar 2024 14:03:32 GMT
age
26235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3947
x-xss-protection
0
server
sffe
etag
"96d416c5baf5a1d0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Mar 2025 14:03:32 GMT
bukti-jp-dapurtoto-1m.webp
cdn.mamankdapur.com/DAPURTOTO/DLL/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mamankdapur.com/DAPURTOTO/DLL/bukti-jp-dapurtoto-1m.webp
Requested by
Host: netxaca.org
URL: https://netxaca.org/coinbase-support/zoom.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
478cd9888bb5c12e5a7b6a11be9b25e3b45b848b635e4e64a1c625dc2ad9849f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://netxaca.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:20:46 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Mar 2024 08:56:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1704
etag
"1d620-612d1e5224a92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3PYpc3HIGEW6LB1BIem3mEz%2F%2FrS8a8t04xpdwcBclHWpZS6cCTjjHq1y2Q57m2tYFbWzZBNl78yXF7Bhnf0xQjoOxFufRioGqvzOjYH2s%2BTEBwpuCGLbSGxIYkENPg4%2Bv55gwXt"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
862e97221e609fe5-SIN
alt-svc
h3=":443"; ma=86400
content-length
120352

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://netxaca.org/coinbase-support/zoom.html
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://netxaca.org/coinbase-support/zoom.html
Message:
The resource https://cdn.mamankdapur.com/DAPURTOTO/DLL/jackpot-dapurtoto.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
cdn.mamankdapur.com
netxaca.org
142.251.175.132
172.67.171.56
188.166.241.150
2a93e508e1f60fb2b8c319a5dbee2e7d5f43cd126718b72288863e1851376396
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
478cd9888bb5c12e5a7b6a11be9b25e3b45b848b635e4e64a1c625dc2ad9849f
4834ab8622f4ad0546fa0a08a3b5e72f8f3bd703bb1e6238c2b14aa02b838eb9
4d488144fdee792e35d1fbefe3b98464ff9aa11e5c4394c26ef5bb417ee4ebb3
5c1db45dc2bad3981a8fcfafa0ea444f40fa0dc91e44c3a84faaa95b8b3e459d
667cc75196e1217f107399610857f6b17fb655367566cdad1411f13351df57c1
6e5c241fd7258f5ff5f5925e26d4e25624eb7336290b6e2d1b61e352a241ff13
7ea533fd7e01c5d5e5e36918152c348f9ec7bc7c8990f079c6e270a747216a57
841043780ef8f241fc953351b9d4ccf3d8912a11462d6cd546f29911a5fa510a
8488b1c30fd6caf33649a68371eee5b69f0695140cf1ea1d5b62ef247c53e437
9ce41807c2c5b0440c91ae1cdb3a9027885f98ed3d738a94fafa5e8725f16961
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
cd7334bd1b9279d05d31d3dc12d499b19e157d48ccedaecf1500310bc5a4ea32
d1ca726e11d5b85e441ddc6515ff38ee3624f1e6276e2ca7bfceeab75d313ced
e6b02574b67c6fd71f31bb3df89bca91e7e5db8f113a3215a5c73a417427120f
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f44944fe435bc0e20a207c26bc4b7229b520b347484f1e72f49b38ba97c709c8
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457