URL: https://gelohacker.shop/
Submission: On January 13 via api from US — Scanned from US

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 22 HTTP transactions. The main IP is 198.54.116.159, located in United States and belongs to NAMECHEAP-NET, US. The main domain is gelohacker.shop.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 10th 2024. Valid for: a year.
This is the only time gelohacker.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.116.159 22612 (NAMECHEAP...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 2606:4700:1::... 13335 (CLOUDFLAR...)
1 35.190.41.132 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
22 10
Apex Domain
Subdomains
Transfer
15 jotfor.ms
cdn01.jotfor.ms — Cisco Umbrella Rank: 23776
cdn02.jotfor.ms — Cisco Umbrella Rank: 24396
cdn03.jotfor.ms — Cisco Umbrella Rank: 24619
cdn.jotfor.ms — Cisco Umbrella Rank: 21283
294 KB
3 jotform.com
www.jotform.com — Cisco Umbrella Rank: 25907
files.jotform.com — Cisco Umbrella Rank: 34256
events.jotform.com — Cisco Umbrella Rank: 23704
391 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
92 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 jualan4dgege.com
jualan4dgege.com
56 KB
1 jual4dkiller.com
jual4dkiller.com
491 B
1 gelohacker.shop
gelohacker.shop
11 KB
0 googleapis.com Failed
fonts.googleapis.com Failed
22 8
Domain Requested by
6 cdn03.jotfor.ms 1 redirects gelohacker.shop
cdn03.jotfor.ms
3 cdn.jotfor.ms gelohacker.shop
cdn.jotfor.ms
3 cdn02.jotfor.ms gelohacker.shop
3 cdn01.jotfor.ms gelohacker.shop
2 connect.facebook.net gelohacker.shop
connect.facebook.net
1 www.facebook.com gelohacker.shop
1 jualan4dgege.com gelohacker.shop
1 jual4dkiller.com 1 redirects
1 events.jotform.com gelohacker.shop
1 files.jotform.com gelohacker.shop
1 www.jotform.com 1 redirects
1 gelohacker.shop
0 fonts.googleapis.com Failed client
22 13

This site contains links to these domains. Also see Links.

Domain
jual4dh20.com
Subject Issuer Validity Valid
gelohacker.shop
Sectigo RSA Domain Validation Secure Server CA
2024-01-10 -
2025-01-10
a year crt.sh
jotfor.ms
Cloudflare Inc ECC CA-3
2024-01-11 -
2024-12-31
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-23 -
2024-01-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-09 -
2024-05-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://gelohacker.shop/
Frame ID: C7F5A845D400217CA8B01FCA45DA01C1
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

HACK SLOT ENGINE - JUAL4D

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

22
Requests

82 %
HTTPS

80 %
IPv6

8
Domains

13
Subdomains

10
IPs

1
Countries

842 kB
Transfer

1837 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cdn03.jotfor.ms/stylebuilder/donationBox.css?v=3.3.46556 HTTP 301
  • https://cdn03.jotfor.ms/stylebuilder/static/donationBox.css
Request Chain 14
  • https://www.jotform.com/uploads/2arogake/form_files/technological-cyber-interface-thumb.652e66823d4033.05685651.jpg HTTP 302
  • https://files.jotform.com/jufs/2arogake/form_files/technological-cyber-interface-thumb.652e66823d4033.05685651.jpg?md5=lHFYvlBCCKcaPb80dndVnA&expires=1705173520
Request Chain 18
  • https://jual4dkiller.com/images/logoweb.png HTTP 301
  • https://jualan4dgege.com/images/logoweb.png

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gelohacker.shop/
54 KB
11 KB
Document
General
Full URL
https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server216-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
52b08fdf7b1054184a5b3bab9f4f4700a84da2a3d9a6a8da96b4bd17323f771b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
10629
content-type
text/html
date
Sat, 13 Jan 2024 19:18:29 GMT
last-modified
Wed, 10 Jan 2024 11:45:18 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
formCss.css
cdn01.jotfor.ms/static/
54 KB
14 KB
Stylesheet
General
Full URL
https://cdn01.jotfor.ms/static/formCss.css?3.3.46556
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c1b62238068f9e829044b8faed6bfdc9b0f73448085188b0a2a48873260b55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 17:35:45 GMT
server
cloudflare
age
3230557
etag
W/"6570b0f1-d93a"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
844ffc43390b6aed-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
form-common.css
cdn02.jotfor.ms/themes/CSS/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn02.jotfor.ms/themes/CSS/form-common.css?v=1eb5cfe
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e584e46e2ed27783abb2f33bfc03b11e35b3ac4bf0731081a5d20c2f942047

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
BYPASS
last-modified
Sat, 13 Jan 2024 19:18:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache
jf-trace-id
0e4bbe7efdad5aff
x-form-cache
MISS-APP
cf-ray
844ffc436ba94bd5-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
nova.css
cdn03.jotfor.ms/css/styles/
38 KB
8 KB
Stylesheet
General
Full URL
https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46556
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4527d0acf2bd7e3977c2fbfbef70a07fa15882b507c37550f68448a7922bd2fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Jan 2024 08:20:00 GMT
server
cloudflare
etag
W/"659518b0-96e5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
844ffc433b124bbd-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
cdn.jotfor.ms/fonts/
530 B
405 B
Stylesheet
General
Full URL
https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cf86250b6730f80c6ebf26da28cddac808c18679d4e21df3c2a5e670f36755a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
EXPIRED
last-modified
Sat, 13 Jan 2024 13:20:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
844ffc433cb64bcc-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
566a91c2977cdfcd478b4567.css
cdn01.jotfor.ms/themes/CSS/
12 KB
3 KB
Stylesheet
General
Full URL
https://cdn01.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?v=3.3.46556&themeRevisionID=642aed92326239083fe53f08
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfefadd6a7f0a685795f5daade87e5f2651525c003fa73122c24a635abf763f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
BYPASS
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
jf-trace-id
504fe98b93370620
pragma
no-cache
last-modified
Mon, 03 Apr 2023 15:15:30 GMT
server
cloudflare
etag
W/"125dd41f77e22ec823bbff2570bb2e79"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
844ffc4339086aed-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
payment_feature.css
cdn02.jotfor.ms/css/styles/payment/
22 KB
4 KB
Stylesheet
General
Full URL
https://cdn02.jotfor.ms/css/styles/payment/payment_feature.css?3.3.46556
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45761699ef4c7119922cf67e05a637fa006ad49d945e387a47656628e35ff799

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Mon, 06 Nov 2023 08:33:24 GMT
server
cloudflare
etag
W/"6548a4d4-59bf"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
844ffc436ba64bd5-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
donationBox.css
cdn03.jotfor.ms/stylebuilder/static/
Redirect Chain
  • https://cdn03.jotfor.ms/stylebuilder/donationBox.css?v=3.3.46556
  • https://cdn03.jotfor.ms/stylebuilder/static/donationBox.css
8 KB
2 KB
Stylesheet
General
Full URL
https://cdn03.jotfor.ms/stylebuilder/static/donationBox.css
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf05ad1cf918cafd97e73aae45107559d024437ce62b71f7d4c00e9d02ac8d84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Fri, 12 Jan 2024 12:32:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router
true
jf-trace-id
1a9412b344ee0ae5
cache-control
max-age=86400
x-form-cache
MISS-APP
cf-ray
844ffc43db6f4bbd-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

date
Sat, 13 Jan 2024 19:18:29 GMT
via
1.1 google
cf-cache-status
EXPIRED
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router
true
jf-trace-id
ce360801102835d2
pragma
no-cache
last-modified
Sat, 13 Jan 2024 19:18:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
/stylebuilder/static/donationBox.css
cache-control
max-age=86400
x-form-cache
MISS-APP
cf-ray
844ffc433b114bbd-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
prototype.forms.js
cdn01.jotfor.ms/static/
127 KB
33 KB
Script
General
Full URL
https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.46556
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fface13ae112a253e99fb74eb69fb02cf6698eee1d8ef55f03fae545680b128e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 23:27:22 GMT
server
cloudflare
age
89649
etag
W/"659dd65a-1fb04"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=315360000
cf-ray
844ffc43390c6aed-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
jotform.forms.js
cdn02.jotfor.ms/static/
614 KB
160 KB
Script
General
Full URL
https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.46556
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fafcbc2db50fd9d9956668bf836a439f117bda057a3e57a9da5fa128d923dcfe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 03 Jan 2024 10:54:45 GMT
server
cloudflare
age
634392
etag
W/"65953cf5-99655"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=315360000
cf-ray
844ffc436bac4bd5-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
validategateways.js
cdn03.jotfor.ms/js/payments/
2 KB
986 B
Script
General
Full URL
https://cdn03.jotfor.ms/js/payments/validategateways.js?v=3.3.46556
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a4f54883416a6344a768b3b87765295850a11d7bbaa8cc4da4f883436804ff2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Thu, 21 Dec 2023 07:50:13 GMT
server
cloudflare
etag
W/"6583ee35-8e4"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
844ffc433b134bbd-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
fbevents.js
connect.facebook.net/en_US/
212 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 13 Jan 2024 19:18:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Enqcz1wnI4ckBm/JF3rIcnhnq/3A03JGPE0fF2yJ88HPz8z0DhsL4S1hSvp4JxdP2mh3hGWCS9TRevKmWwDk5Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/
0
0

control_appointment.css
cdn03.jotfor.ms/stylebuilder/static/
16 KB
4 KB
Stylesheet
General
Full URL
https://cdn03.jotfor.ms/stylebuilder/static/control_appointment.css
Requested by
Host: cdn03.jotfor.ms
URL: https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46556
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de3d2d3d58b3b9e91d2e30f19b4c16084a9ad53c4dd70204d193b811fed896db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46556
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
age
22
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router
true
jf-trace-id
d84b65bf3baf01a1
last-modified
Fri, 12 Jan 2024 12:32:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=86400
x-form-cache
MISS-APP
cf-ray
844ffc43fb8b4bbd-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
control_inline.css
cdn03.jotfor.ms/stylebuilder/static/
37 KB
5 KB
Stylesheet
General
Full URL
https://cdn03.jotfor.ms/stylebuilder/static/control_inline.css
Requested by
Host: cdn03.jotfor.ms
URL: https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46556
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e83d72d90b300e4d57e0ce772db11785add986f15252c4d308ecc41eef1cbe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46556
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:29 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
age
22
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router
true
jf-trace-id
df2a56910a34f559
last-modified
Fri, 12 Jan 2024 12:32:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=86400
x-form-cache
MISS-APP
cf-ray
844ffc43fb8c4bbd-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
technological-cyber-interface-thumb.652e66823d4033.05685651.jpg
files.jotform.com/jufs/2arogake/form_files/
Redirect Chain
  • https://www.jotform.com/uploads/2arogake/form_files/technological-cyber-interface-thumb.652e66823d4033.05685651.jpg
  • https://files.jotform.com/jufs/2arogake/form_files/technological-cyber-interface-thumb.652e66823d4033.05685651.jpg?md5=lHFYvlBCCKcaPb80dndVnA&expires=1705173520
389 KB
390 KB
Image
General
Full URL
https://files.jotform.com/jufs/2arogake/form_files/technological-cyber-interface-thumb.652e66823d4033.05685651.jpg?md5=lHFYvlBCCKcaPb80dndVnA&expires=1705173520
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Server
35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.41.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d3b7a3701673453e8f82663df0ce50dd365cd500780747e24844f7d7ddce11b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:30 GMT
via
1.1 google
access-control-allow-methods
OPTIONS, GET
content-type
application/octet-stream
access-control-allow-origin
*
content-disposition
attachment; filename="technological-cyber-interface-thumb.652e66823d4033.05685651.jpg"
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Sat, 13 Jan 2024 19:18:30 GMT
strict-transport-security
max-age=31536000;
via
1.1 google
cf-cache-status
DYNAMIC
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
jf-trace-id
cc3640eafb3c57b8
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
last-modified
Sat, 13 Jan 2024 19:18:30 GMT
server
cloudflare
content-type
text/html; charset=UTF-8
location
https://files.jotform.com/jufs/2arogake/form_files/technological-cyber-interface-thumb.652e66823d4033.05685651.jpg?md5=lHFYvlBCCKcaPb80dndVnA&expires=1705173520
access-control-allow-origin
*
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
844ffc473d904bd8-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
Coda-ExtraBold.woff2
cdn.jotfor.ms/fonts/Coda/fonts/
30 KB
30 KB
Font
General
Full URL
https://cdn.jotfor.ms/fonts/Coda/fonts/Coda-ExtraBold.woff2
Requested by
Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1918c68d7dfa0efcf188f5169c09578a4fde6a293b773f5875ffae92fbe1fcb

Request headers

Referer
https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Origin
https://gelohacker.shop
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:30 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 06 Nov 2023 05:51:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
844ffc457b864bc0-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
Coda-Regular.woff2
cdn.jotfor.ms/fonts/Coda/fonts/
29 KB
29 KB
Font
General
Full URL
https://cdn.jotfor.ms/fonts/Coda/fonts/Coda-Regular.woff2
Requested by
Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4704066d29e3d616c2e202a0d44f99df71879352b441da1bc588d80f7f733221

Request headers

Referer
https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Origin
https://gelohacker.shop
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:30 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 06 Nov 2023 05:51:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
844ffc457b874bc0-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
events.jotform.com/form/232892976923170/
0
276 B
Image
General
Full URL
https://events.jotform.com/form/232892976923170/?ref=&res=1600x1200&eventID=1705173509982_232892976923170_davO1Hl&loc=https%253A%252F%252Fgelohacker.shop%252F&seenBrandingFooter=1
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:8069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 19:18:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Sat, 13 Jan 2024 14:18:30 GMT
server
cloudflare
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
844ffc473bab4bbb-BUF
access-control-allow-headers
origin, content-type, accept
alt-svc
h3=":443"; ma=86400
expires
Thu, 1 Jan 1970 00:00:00 GMT
logoweb.png
jualan4dgege.com/images/
Redirect Chain
  • https://jual4dkiller.com/images/logoweb.png
  • https://jualan4dgege.com/images/logoweb.png
56 KB
56 KB
Image
General
Full URL
https://jualan4dgege.com/images/logoweb.png
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Server
2606:4700:3033::ac43:b259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39815fca73a6bdc8ebe3e0194b20936b18a49d08fdced6271a32074a9dabd4e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:18:30 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 05:51:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RGsFZmpdkEV5PYPfHYLsM2%2B8QuaLfRbmH%2FPwdlDakfPdnAv%2BVYIUt5R1ORRytDaepot1r3274rdYw7VmVF%2FVFxzWXKeyHuDIebBKHPwEVxP92BObsjkKZFNeG2DrkaNdIJM6%2FPh0g9EigyvVscC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
844ffc48ac514bc1-BUF
alt-svc
h3=":443"; ma=86400
content-length
57034

Redirect headers

date
Sat, 13 Jan 2024 19:18:30 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQwRK%2Fzn5%2FyBNKjbHm8tXfhQ6%2FF721D4k72ivihOcM9%2BzhN8QMTSpf6TDGFwk0hoFOjJVxs%2FaneKY%2FUdBJ3tGYmAce7aOuZlJ8P4VWrfU9cn7yCehPU64UVs7lMPJr%2FAHVd%2F5y%2BmK9eUPW6u%2FD0s"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
http://jualan4dgege.com/images/logoweb.png
cache-control
max-age=14400
cf-ray
844ffc473c984bd3-BUF
alt-svc
h3=":443"; ma=86400
1513110972801467
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1513110972801467?v=2.9.140&r=stable&domain=gelohacker.shop
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50723dddc1308100881f3dcfdae2f41fc55d61f706821d374e022c280e5f8b29
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 13 Jan 2024 19:18:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
7uCxe6SgoqccOuVWZAW2v3D836Nay9jUJQK5WLGIVt+gBg7m/L03WDGZUqIqppVL1jMnMgmZk4cZ/MGwFUoduw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1513110972801467&ev=PageView&dl=https%3A%2F%2Fgelohacker.shop%2F&rl=&if=false&ts=1705173510460&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705173510261.170547600&ler=empty&it=1705173510111&coo=false&cdl=&rqm=GET
Requested by
Host: gelohacker.shop
URL: https://gelohacker.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gelohacker.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 13 Jan 2024 19:18:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Dancing+Script:400,700

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq object| favicon boolean| isDarkMode object| Prototype object| Abstract object| Try object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Ajax function| $ object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ undefined| Sizzle function| Selector object| __result function| _alert function| rand object| JotForm function| getMD5 function| getQuerystring function| onProductImageClicked function| createNewComponent function| isIframeEmbedForm function| isIframeEmbedFormPure function| callIframeHeightCaller function| newDefaultThemeHandler function| setEncryptedValue function| IsValidJsonString function| hasExludedEncryptWidgets function| getFieldsToEncrypt function| setUnencryptedValueToForm function| appendHiddenInput function| trackExecution function| trackSubmitSource function| unencryptPaymentField function| shouldSubmitFormAfterEncrypt function| addEncryptionKeyToForm function| attachScrollToCaptcha function| Calendar function| handlePopupUI function| requestAnimFrame object| Protoplus function| calculateTimeToSubmit function| testSubmitFunction function| fbAsyncInit object| _popupCalendar object| ValidatePaymentGateways object| all_spc string| charSet

6 Cookies

Domain/Path Name / Value
.jotfor.ms/ Name: userReferer
Value: https%3A%2F%2Fgelohacker.shop%2F
.jotfor.ms/ Name: guest
Value: guest_faf9556835a2ac5c
.gelohacker.shop/ Name: _fbp
Value: fb.1.1705173510261.170547600
.jotform.com/ Name: JOTFORM_SESSION
Value: 859ce61d-23af-279d-285a-70e5e7d9
.jotform.com/ Name: userReferer
Value: https%3A%2F%2Fgelohacker.shop%2F
.jotform.com/ Name: guest
Value: guest_450d7dcdc5be9d1a

1 Console Messages

Source Level URL
Text
security error URL: https://gelohacker.shop/(Line 80)
Message:
Mixed Content: The page at 'https://gelohacker.shop/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Dancing+Script:400,700'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jotfor.ms
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
connect.facebook.net
events.jotform.com
files.jotform.com
fonts.googleapis.com
gelohacker.shop
jual4dkiller.com
jualan4dgege.com
www.facebook.com
www.jotform.com
fonts.googleapis.com
198.54.116.159
2606:4700:10::6816:4851
2606:4700:10::6816:4951
2606:4700:10::ac43:76b
2606:4700:1::6813:8069
2606:4700:3033::ac43:b259
2606:4700:3035::6815:5091
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
35.190.41.132
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
38e584e46e2ed27783abb2f33bfc03b11e35b3ac4bf0731081a5d20c2f942047
39815fca73a6bdc8ebe3e0194b20936b18a49d08fdced6271a32074a9dabd4e7
4527d0acf2bd7e3977c2fbfbef70a07fa15882b507c37550f68448a7922bd2fe
45761699ef4c7119922cf67e05a637fa006ad49d945e387a47656628e35ff799
4704066d29e3d616c2e202a0d44f99df71879352b441da1bc588d80f7f733221
50723dddc1308100881f3dcfdae2f41fc55d61f706821d374e022c280e5f8b29
52b08fdf7b1054184a5b3bab9f4f4700a84da2a3d9a6a8da96b4bd17323f771b
69c1b62238068f9e829044b8faed6bfdc9b0f73448085188b0a2a48873260b55
7a4f54883416a6344a768b3b87765295850a11d7bbaa8cc4da4f883436804ff2
9cf86250b6730f80c6ebf26da28cddac808c18679d4e21df3c2a5e670f36755a
bf05ad1cf918cafd97e73aae45107559d024437ce62b71f7d4c00e9d02ac8d84
bfefadd6a7f0a685795f5daade87e5f2651525c003fa73122c24a635abf763f1
d3b7a3701673453e8f82663df0ce50dd365cd500780747e24844f7d7ddce11b9
de3d2d3d58b3b9e91d2e30f19b4c16084a9ad53c4dd70204d193b811fed896db
e0e83d72d90b300e4d57e0ce772db11785add986f15252c4d308ecc41eef1cbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1918c68d7dfa0efcf188f5169c09578a4fde6a293b773f5875ffae92fbe1fcb
fafcbc2db50fd9d9956668bf836a439f117bda057a3e57a9da5fa128d923dcfe
fface13ae112a253e99fb74eb69fb02cf6698eee1d8ef55f03fae545680b128e