urlscan.io logo urlscan.io
SecurityTrails logo

www.rt.norsamedya.com Open in urlscan Pro
45.195.25.8  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.rt.norsamedya.com/
Submission: On February 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 45.195.25.8, located in Mauritius and belongs to ODEAWEB, TR. The main domain is www.rt.norsamedya.com.
TLS certificate: Issued by R3 on February 23rd 2024. Valid for: 3 months.
This is the only time www.rt.norsamedya.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 45.195.25.8 211871 (ODEAWEB)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
27 5
20    45.195.25.8 (Mauritius)

ASN211871 (ODEAWEB, TR)
www.rt.norsamedya.com
2    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:4700::6811:490e (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
2    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
20 norsamedya.com
www.rt.norsamedya.com
279 KB
2 gstatic.com
fonts.gstatic.com
53 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1082
72 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
1 cloudflare.com
ajax.cloudflare.com — Cisco Umbrella Rank: 3420
2 KB
27 5
Domain Requested by
20 www.rt.norsamedya.com www.rt.norsamedya.com
2 fonts.gstatic.com fonts.googleapis.com
2 maxcdn.bootstrapcdn.com www.rt.norsamedya.com
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com www.rt.norsamedya.com
1 ajax.cloudflare.com www.rt.norsamedya.com
27 5

This site contains no links.

Subject Issuer Validity Valid
www.rt.norsamedya.com
R3		 2024-02-23 -
2024-05-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
ajax.cloudflare.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-08-01 -
2024-08-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.rt.norsamedya.com/
Frame ID: B39FFAF9DC492D7BDD7E8CE7410FA95C
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Agario, Agar.io, Agario Oyna, Agar.io Oyna

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

408 kB
Transfer

768 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rt.norsamedya.com/ 		33 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
b7bb3a3af86d4bffa9041d9ec6c213edb40021b06f244ef76daef938f99c4d3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 24 Feb 2024 12:02:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding
css
fonts.googleapis.com/ 		2 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:700
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19ecffaafd554d7521fd35071f9edc308828683a02a4ea483ebb4be1aa343d60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Feb 2024 12:02:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 11:01:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Feb 2024 12:02:07 GMT
bootstrap.min.css
www.rt.norsamedya.com/css/ 		124 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/css/bootstrap.min.css
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
f5f5f02583f5efc070bffe8fcbc9141d0e11d371f18151b4f6a13d58c62761c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:05 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2018 11:57:44 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16634
expires
Sat, 02 Mar 2024 12:02:05 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
878
age
7047835
cdn-cachedat
09/04/2022 07:29:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"4fbd15cb6047af93373f4f895639c8bf"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
47801fb9004b8a2e3075babab36b33e8
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
85a78eca69739ab4-MIA
cdn-requestpullsuccess
True
glyphicons-social.css
www.rt.norsamedya.com/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/css/glyphicons-social.css
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
f300281e2ff7598f90aac695827c0af152f43d5e6dd0e81eb2861f6f0048c996

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:05 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2018 11:57:44 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1285
expires
Sat, 02 Mar 2024 12:02:05 GMT
styles.css
www.rt.norsamedya.com/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/css/styles.css
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
28f28ffc64b58d0fa29fca6f33bdf04d259cbed6beecd819f94ca8cf2c2fcb58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:05 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2018 11:57:44 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2264
expires
Sat, 02 Mar 2024 12:02:05 GMT
animate.css
www.rt.norsamedya.com/css/ 		74 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/css/animate.css
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
213e86422cd9a5571a335fcbfe6222340615bd912b3207f07b07f51865971bf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:05 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2018 11:57:44 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3564
expires
Sat, 02 Mar 2024 12:02:05 GMT
platform.js
www.rt.norsamedya.com/apis.google.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/apis.google.com/js/platform.js
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 12:02:05 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
jquery.js
www.rt.norsamedya.com/js/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/js/jquery.js
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
ad3d536fa262c9352db0c48fedcdf8c34ba2f0e41ae3b933d4f58ea5320c8009

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:05 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2018 11:58:24 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
27494
expires
Sat, 02 Mar 2024 12:02:05 GMT
bootstrap.min.js
www.rt.norsamedya.com/js/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/js/bootstrap.min.js
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
cea2998e1be4a6d7d6ceb58658e7c3025f20b96ef3c13966289ce15d18f24bb5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:05 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2018 11:58:28 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8157
expires
Sat, 02 Mar 2024 12:02:05 GMT
language.js
www.rt.norsamedya.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/js/language.js
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
0c0d9f46ae568af327a16bda81ae6c66540d85cafe6cf4f64e223a0da08ec65c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:05 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2018 11:58:20 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1329
expires
Sat, 02 Mar 2024 12:02:05 GMT
logo.png
www.rt.norsamedya.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rt.norsamedya.com/logo.png
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
4e05ff9302b97cadcd7065ca75898d286d851e0fd5dbc6e4e03573d910c6eb23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Feb 2024 12:02:05 GMT
cache-control
public, max-age=604800
last-modified
Tue, 16 Jan 2018 11:57:38 GMT
accept-ranges
bytes
content-length
21301
expires
Sat, 02 Mar 2024 12:02:05 GMT
tr.png
www.rt.norsamedya.com/img/ 		398 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rt.norsamedya.com/img/tr.png
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
7d21d74c819f7760c99c62bb42d3114f431b9087b0dd5547c2610e118b461ab9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Feb 2024 12:02:05 GMT
cache-control
public, max-age=604800
last-modified
Tue, 16 Jan 2018 11:58:10 GMT
accept-ranges
bytes
content-length
398
expires
Sat, 02 Mar 2024 12:02:05 GMT
en.png
www.rt.norsamedya.com/img/ 		811 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rt.norsamedya.com/img/en.png
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
158d4d01a80ef0fbdb71a95981bcd0011ee5798923cec60a8ca3304621c77d34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Feb 2024 12:02:05 GMT
cache-control
public, max-age=604800
last-modified
Tue, 16 Jan 2018 11:58:18 GMT
accept-ranges
bytes
content-length
811
expires
Sat, 02 Mar 2024 12:02:05 GMT
Vector2.js
www.rt.norsamedya.com/js/ 		4 KB
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/js/Vector2.js
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
9d0da0e701f913a5e1cf255f30ba3fd45cc627e28fd64510ba03dedda04ef9ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:05 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2018 11:58:28 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
775
expires
Sat, 02 Mar 2024 12:02:05 GMT
core.js
www.rt.norsamedya.com/js/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/js/core.js
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
0af0be1d3dbf0adc769eb8565ce8a0a4386578fd25aee25ecc9bff33e332c280

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:05 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2018 11:58:26 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9804
expires
Sat, 02 Mar 2024 12:02:05 GMT
cloudflare.min.js
ajax.cloudflare.com/cdn-cgi/nexp/dok3v=088620b277/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=088620b277/cloudflare.min.js
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:490e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d1744b3148a4b7265a9d2006eb1f6b72fda68490c398e380cb0692aeb8c5e5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:07 GMT
strict-transport-security
max-age=15780000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2024 15:59:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"65d4cc77-c37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IJ8OdJHSF5ykuxp4kd5ESc7V2BX4mLs0FTJ6hF2fmlKF0baJWu%2FSkp4VLCae3BkLkTvVQezYt6Js6PawXptiKm5Ft2RW8fWqz%2FOwmPOCCvqo8lwOuNEwPS8BBNuEvowT8NhgoRGTc7ZkV5%2BcMRVRPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
85a78ecabbfa74ae-MIA
expires
Mon, 26 Feb 2024 12:02:07 GMT
css
fonts.googleapis.com/ 		2 KB
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Feb 2024 12:02:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 11:06:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Feb 2024 12:02:07 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rt.norsamedya.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:00:42 GMT
x-content-type-options
nosniff
age
190885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2025 07:00:42 GMT
analytics.js
www.rt.norsamedya.com/www.google-analytics.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/www.google-analytics.com/analytics.js
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 12:02:05 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
708
content-type
text/html
sl.php
www.rt.norsamedya.com/ 		708 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/sl.php
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/js/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.rt.norsamedya.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 12:02:05 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
cherrybomb.png
www.rt.norsamedya.com/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rt.norsamedya.com/cherrybomb.png
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
3e2a5d04cd77819ac52412877cec8e97b6c81df2f29dbc26e8d455bc530efb96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Feb 2024 12:02:05 GMT
cache-control
public, max-age=604800
last-modified
Tue, 16 Jan 2018 11:57:42 GMT
accept-ranges
bytes
content-length
180738
expires
Sat, 02 Mar 2024 12:02:05 GMT
split.png
www.rt.norsamedya.com/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rt.norsamedya.com/split.png
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 12:02:05 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
feed.png
www.rt.norsamedya.com/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rt.norsamedya.com/feed.png
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rt.norsamedya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 12:02:05 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://www.rt.norsamedya.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
976
age
87322
cdn-cachedat
10/31/2023 19:08:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ae6c40bfb9ac5d6517a0ff956d02d6a4
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
85a78ece382e4c24-MIA
cdn-requestpullsuccess
True
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rt.norsamedya.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:39:06 GMT
x-content-type-options
nosniff
age
188581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2025 07:39:06 GMT
info
www.rt.norsamedya.com/ 		708 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rt.norsamedya.com/info
Requested by
Host: www.rt.norsamedya.com
URL: https://www.rt.norsamedya.com/js/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.195.25.8 , Mauritius, ASN211871 (ODEAWEB, TR),
Reverse DNS
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.rt.norsamedya.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 12:02:06 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CloudFlare function| $ function| jQuery function| parseString string| i18n_lang object| i18n_dict object| i18n number| refreshId function| cikis function| davetkabul function| davetred function| reister function| klanolustur function| davetklan function| cikisklan function| login string| GoogleAnalyticsObject function| ga function| Vector2 object| Vector2Const object| Bomb_img boolean| isSpectating function| setNick function| setRegion function| setSkins function| setNames function| setDarkTheme function| setColors function| setShowMass function| setSmooth function| setChatHide function| spectate function| setServer function| setAcid number| ABGroup function| connect function| getScreenshot function| closeAndPlay function| clearProcess function| shareProcess object| _0x97c2

1 Cookies

Domain/Path Name / Value
www.rt.norsamedya.com/ Name: PHPSESSID
Value: 78otijE9p_H76-BjruZd6n-Qd5VmkfZdSUQSULksd8zTmJ-9JH4gw9dUvmGP_ReG

7 Console Messages

Source Level URL
Text
network error URL: https://www.rt.norsamedya.com/apis.google.com/js/platform.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.rt.norsamedya.com/www.google-analytics.com/analytics.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.rt.norsamedya.com/sl.php
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.rt.norsamedya.com/split.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.rt.norsamedya.com/feed.png
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.rt.norsamedya.com/js/core.js(Line 113)
Message:
Mixed Content: The page at 'https://www.rt.norsamedya.com/' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://194.31.59.216:1501/'. This request has been blocked; this endpoint must be available over WSS.
network error URL: https://www.rt.norsamedya.com/info
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
www.rt.norsamedya.com
2606:4700::6811:490e
2606:4700::6812:bcf
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
45.195.25.8
0af0be1d3dbf0adc769eb8565ce8a0a4386578fd25aee25ecc9bff33e332c280
0c0d9f46ae568af327a16bda81ae6c66540d85cafe6cf4f64e223a0da08ec65c
158d4d01a80ef0fbdb71a95981bcd0011ee5798923cec60a8ca3304621c77d34
19ecffaafd554d7521fd35071f9edc308828683a02a4ea483ebb4be1aa343d60
213e86422cd9a5571a335fcbfe6222340615bd912b3207f07b07f51865971bf2
28f28ffc64b58d0fa29fca6f33bdf04d259cbed6beecd819f94ca8cf2c2fcb58
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3e2a5d04cd77819ac52412877cec8e97b6c81df2f29dbc26e8d455bc530efb96
4e05ff9302b97cadcd7065ca75898d286d851e0fd5dbc6e4e03573d910c6eb23
79d1744b3148a4b7265a9d2006eb1f6b72fda68490c398e380cb0692aeb8c5e5
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7d21d74c819f7760c99c62bb42d3114f431b9087b0dd5547c2610e118b461ab9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9d0da0e701f913a5e1cf255f30ba3fd45cc627e28fd64510ba03dedda04ef9ed
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
ad3d536fa262c9352db0c48fedcdf8c34ba2f0e41ae3b933d4f58ea5320c8009
b7bb3a3af86d4bffa9041d9ec6c213edb40021b06f244ef76daef938f99c4d3e
cea2998e1be4a6d7d6ceb58658e7c3025f20b96ef3c13966289ce15d18f24bb5
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
f300281e2ff7598f90aac695827c0af152f43d5e6dd0e81eb2861f6f0048c996
f5f5f02583f5efc070bffe8fcbc9141d0e11d371f18151b4f6a13d58c62761c4
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995