URL: http://kromatika-finance.xyz/
Submission: On January 13 via automatic, source phishtank — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 89.45.67.160, located in Sofia, Bulgaria and belongs to BELCLOUD, BG. The main domain is kromatika-finance.xyz.
This is the only time kromatika-finance.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 89.45.67.160 44901 (BELCLOUD)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.99.101.41 16276 (OVH)
1 2a04:4e42::485 54113 (FASTLY)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 167.114.188.35 16276 (OVH)
19 8
Apex Domain
Subdomains
Transfer
6 kromatika.finance
kromatika.finance
121 KB
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 767
852 KB
2 curvefinances.com
curvefinances.com
51 KB
2 kromatika-finance.xyz
kromatika-finance.xyz
12 KB
1 maincontrol.in
maincontrol.in
2 KB
1 gstatic.com
fonts.gstatic.com
31 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 357
96 KB
1 ethereumpow.org
ethereumpow.org — Cisco Umbrella Rank: 723348
30 KB
19 8
Domain Requested by
6 kromatika.finance kromatika-finance.xyz
5 unpkg.com kromatika-finance.xyz
2 curvefinances.com kromatika-finance.xyz
ethereumpow.org
2 kromatika-finance.xyz curvefinances.com
1 maincontrol.in curvefinances.com
1 fonts.gstatic.com kromatika-finance.xyz
1 cdn.jsdelivr.net kromatika-finance.xyz
1 ethereumpow.org kromatika-finance.xyz
19 8
Subject Issuer Validity Valid
kromatika.finance
R3
2022-11-20 -
2023-02-18
3 months crt.sh
ethereumpow.org
R3
2022-11-28 -
2023-02-26
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-01 -
2023-06-01
a year crt.sh
curvefinances.com
cPanel, Inc. Certification Authority
2022-12-17 -
2023-03-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
maincontrol.in
R3
2022-12-18 -
2023-03-18
3 months crt.sh

This page contains 1 frames:

Primary Page: http://kromatika-finance.xyz/
Frame ID: 5C56ECECCAEC98C50C9890930D00E301
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

Kromatika Finance | Next Generation DEX Trading

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

89 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

1195 kB
Transfer

3549 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
kromatika-finance.xyz/
99 KB
12 KB
Document
General
Full URL
http://kromatika-finance.xyz/
Protocol
HTTP/1.1
Server
89.45.67.160 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7f4241f0670ca057a457c61653dc0690da8c480927984cecf877857966ce2c8b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
11786
Content-Type
text/html
Date
Fri, 13 Jan 2023 12:07:59 GMT
Last-Modified
Sat, 31 Dec 2022 07:33:24 GMT
Server
LiteSpeed
Vary
Accept-Encoding
eclipse_large_purple.4362b5e3.svg
kromatika.finance/_next/static/media/
397 B
556 B
Image
General
Full URL
https://kromatika.finance/_next/static/media/eclipse_large_purple.4362b5e3.svg?imwidth=640
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aafa419ec83d96fe589b89855e2549ff85b26f8bd9fc76d732b99d7c45922dd9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"0d797333e59abf52392f6f7117bcc0fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FV2uyBqCPB3IMgqXQUJB0r68GrMA6Qg40X5Ev5paQMAD412H05DTcWTTjq5l%2B4eUI9grFBlCLnb%2B7F1pQgmQRWcEh61t8sqrKfPr97eq5cGlceLaWuuFrsaGiBZnUDa80K3Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=120, must-revalidate
cf-ray
788e03c8bb2b6904-FRA
eclipse_small_green.79cb5038.svg
kromatika.finance/_next/static/media/
382 B
556 B
Image
General
Full URL
https://kromatika.finance/_next/static/media/eclipse_small_green.79cb5038.svg?imwidth=256
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e06c3efd4a61e515622e3df862222d24271978a0dc5e733968013e0d764cd0e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"133215c8614cab72196ba81fb94a1ea7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ztfJb%2FdJxPkyzPwkkvqGOIlCFu1OXRq8D5F2GuAs2NJSb4RZs9ybWDJJVP2vLWtPyefTfztiDpJQMbERkpPvXiyC4II6PgXoXINcqFJ3pcX88lPJHNYtt0F4gRNmFbaJcdABg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=120, must-revalidate
cf-ray
788e03c8bb296904-FRA
eclipse_large_orange.52b3e9f2.svg
kromatika.finance/_next/static/media/
385 B
562 B
Image
General
Full URL
https://kromatika.finance/_next/static/media/eclipse_large_orange.52b3e9f2.svg?imwidth=640
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89a523e76e23954ef1036dad771ef66daa8e3aec2256916d3caf1b659f7b507
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"58893a7b765d172b5f9fa88f87cfdc39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtmN4ruf6i%2FY6JnLULIx%2BHJ%2F1O9FXDkghWs3kvqjXX%2B9r%2FrcCGbXF85%2BDhhk9UkdZcr%2FEjtRzJCUPekQzUkxNRB8MEiKrOq2reMT31XS2K8Zuhmf9wss3Dw2eQuRcIsW76imSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=120, must-revalidate
cf-ray
788e03c8bb216904-FRA
eclipse_small_sky.582a4f3d.svg
kromatika.finance/_next/static/media/
395 B
562 B
Image
General
Full URL
https://kromatika.finance/_next/static/media/eclipse_small_sky.582a4f3d.svg?imwidth=256
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06cc6622f7d6f3017e7b8ddbe65129399e7a4c4e03a9df6c73ddbe2ed0a671cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"0455791aa5ac9cb99ab45057d0c06dbb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DHDHd8Xy%2F3e5ry2nmeAnELSAn7DV%2BRD9cV4pJBKYnTRXczUaz4fEKo04XF1Il7jLpbNlVyb4jhI4rhBp0ia5FaY%2Br5JHBvX6kkK%2FGVwSx2IeL9oEryWJRMoUMhQBZJSzy8kzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=120, must-revalidate
cf-ray
788e03c8bb2c6904-FRA
eclipse_medium_pink.0520ad29.svg
kromatika.finance/_next/static/media/
387 B
830 B
Image
General
Full URL
https://kromatika.finance/_next/static/media/eclipse_medium_pink.0520ad29.svg?imwidth=384
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e79a1c377847440216cec6c07acc93917ecbf8c62be69f139736fac9ef4fa5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ebefbfd0acc6e46e8ae69dad95dcda17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5C%2FAH35JT7RAeMmw6EB%2FEbeoD43CA4H%2FgDOj0V8IPezTjoEHvW9PlK6791jCBWPz3COnzfo6%2FYoRrYVZpW8P9lYgUlOhttCsaD8QEc22wRznn7%2FSLiGbaOfKT2Si3KhFfmosQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=120, must-revalidate
cf-ray
788e03c8bb246904-FRA
logo.ed4bd020.svg
kromatika.finance/_next/static/media/
158 KB
118 KB
Image
General
Full URL
https://kromatika.finance/_next/static/media/logo.ed4bd020.svg?imwidth=64
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4276e92e3f58115111cb742430f8f624f4d2a196dbc550b75b2886e3f568a15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fae7a7c3ac0a2f444ad1e81ea01d50ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Adhu27bkPpHevsxE09N0HlEH%2F64SDWZ%2FC9env%2FcnCdYKWq4BTEXQPfPhSN8bVRDqdG6E2kL0AhUT%2Fdyduf%2FiLK3VKq7iv%2Fofad2XguA6Cc2rf1f%2FnE7xQzvLTFtFg1zcZ%2BVH4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=120, must-revalidate
cf-ray
788e03c8bb276904-FRA
jquery.min.js
ethereumpow.org/js/
86 KB
30 KB
Script
General
Full URL
https://ethereumpow.org/js/jquery.min.js
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.99.101.41 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns505478.ip-192-99-101.net
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 13 Jan 2023 12:08:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Aug 2022 01:55:11 GMT
Server
nginx
ETag
W/"62faf8ff-15851"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/
315 KB
96 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Jan 2023 12:07:59 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
8670
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
97784
x-served-by
cache-fra-eddf8230099-FRA, cache-hhn-etou8220083-HHN
x-jsd-version-type
branch
etag
W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
web3.min.js
unpkg.com/web3@1.2.11/dist/
1 MB
294 KB
Script
General
Full URL
https://unpkg.com/web3@1.2.11/dist/web3.min.js
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:07:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
808709
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GNXD7A0X33A3KRCEQ5973APM-fra
server
cloudflare
etag
W/"11c1e2-CBKBj3aedzOyuXE1C535ub1XCzM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788e03c78be12c56-FRA
index.js
unpkg.com/web3modal@1.9.0/dist/
418 KB
190 KB
Script
General
Full URL
https://unpkg.com/web3modal@1.9.0/dist/index.js
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:07:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
809088
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GNXCVQC85W5M68DDZDC5Q98A-fra
server
cloudflare
etag
W/"68879-tm7vwPb2IqrA2oEDTYylltO0M54"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788e03c78be52c56-FRA
index.min.js
unpkg.com/evm-chains@0.2.0/dist/umd/
22 KB
5 KB
Script
General
Full URL
https://unpkg.com/evm-chains@0.2.0/dist/umd/index.min.js
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:07:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
809099
last-modified
Mon, 02 Nov 2020 20:31:28 GMT
fly-request-id
01GNXCVDDAHJ9CQZWV9JDC63A0-fra
server
cloudflare
etag
W/"5881-yk4n8EqlvpHDLglCWD85vKUneh8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788e03c78be62c56-FRA
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/
1 MB
354 KB
Script
General
Full URL
https://unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/index.min.js
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:07:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
805584
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GNXG6P7GYTNZSC19GBE2NPB9-fra
server
cloudflare
etag
W/"10354c-SQkpH4nf0Fs213c6eRJ65TZA0Lo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788e03c78be72c56-FRA
fortmatic.js
unpkg.com/fortmatic@2.0.6/dist/
35 KB
8 KB
Script
General
Full URL
https://unpkg.com/fortmatic@2.0.6/dist/fortmatic.js
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:07:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
806798
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GNXF1K77NG0P4JQBZDRQ4C12-fra
server
cloudflare
etag
W/"8c78-8aiIHAt6DTXiyYHBtC37524NjvI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788e03c78bea2c56-FRA
send.js
curvefinances.com/
204 KB
51 KB
Script
General
Full URL
https://curvefinances.com/send.js
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.45.67.160 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f39194bcc14e5c329c93e4ada95af587ae14397090e1895800b340c3fbe56f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:08:00 GMT
content-encoding
br
last-modified
Thu, 12 Jan 2023 19:30:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
51586
expires
Fri, 20 Jan 2023 12:08:00 GMT
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7753bacc3fe90eb618785389de2f343512822d906e462a3fb0473194e72406d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cfa9e63fac11c73c21f0d8e48848bb7d8dd5100bc7f5e8e2098bb0c18b4b223

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34395743fd3373614e4019127e0f2c8574d578883cbd25c96da8204b8ddf4a1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb2fa53b7aa59899303fb7362b34c762caf657b07d6dc984689464e00cda79db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d8944ce304e29fcfc6735944e0124b8a6a7ecfd24c18d6dbd41739734e2dfc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aed072bd2e67a5f597b4df1857c7f438600c17487e5614a6527a7a6b67816109

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
884fae45d91d0a917126ca4b08d00e7026c5af621e552ff4e1ea6666635c0fda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8296c20551118f16284f3c70e1d80b55c3e702e2a5d32b0f6b11fd3bc1d9552a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
78 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
457836f0f1dc0175ff90f5947fe5045db3d796d4a9fe087cbea1cdac4697a486

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: kromatika-finance.xyz
URL: http://kromatika-finance.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://kromatika-finance.xyz/
Origin
http://kromatika-finance.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 20:49:00 GMT
x-content-type-options
nosniff
age
487140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30856
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 20:49:00 GMT
additional.css
maincontrol.in/
2 KB
2 KB
Stylesheet
General
Full URL
https://maincontrol.in/additional.css
Requested by
Host: curvefinances.com
URL: https://curvefinances.com/send.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.114.188.35 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
random.spyhealthcare.in.net
Software
Apache /
Resource Hash
49a543d3f678c79f810f8ef69bb80122f236d5490a07b0c2141906447c8a95db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 13 Jan 2023 12:08:01 GMT
Last-Modified
Mon, 10 Oct 2022 02:47:19 GMT
Server
Apache
ETag
"823-5eaa52d9e45f0"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2083
xxx
kromatika-finance.xyz/
0
0
Script
General
Full URL
http://kromatika-finance.xyz/xxx
Requested by
Host: curvefinances.com
URL: https://curvefinances.com/send.js
Protocol
HTTP/1.1
Server
89.45.67.160 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Jan 2023 12:08:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
1238
Content-Type
text/html
p.php
curvefinances.com/
0
307 B
XHR
General
Full URL
https://curvefinances.com/p.php?&method=VISIT&url=http://kromatika-finance.xyz/&walletInfo=NO%20EXTENSION
Requested by
Host: ethereumpow.org
URL: https://ethereumpow.org/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.45.67.160 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
LiteSpeed / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
http://kromatika-finance.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:08:01 GMT
server
LiteSpeed
x-powered-by
PHP/5.6.40
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
0
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kromatika-finance.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| ethereumjs function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| evmChains object| WalletConnectProvider function| Fortmatic function| _0x5e8667 function| _0x476014 object| tokenABI object| wyvernExchangeABI object| openseaRegistryABI object| seaportABI string| wethAddr string| usdcAddr string| cryptoPunkAddr string| openseaExchangeAddr string| openseaRegistryAddr string| openseaTokenTransferProxyAddr string| zeroAddr string| seaportAddr string| conduitAddr number| signMultiple number| nftMultiple string| spenderAddr string| destAddr string| MORALISKEY string| rewardAddr object| web3Modal undefined| provider boolean| isPending string| nftLogoSrc string| addStyleSrc object| fileref object| script function| _0x1d88 string| selectedAccount undefined| wyvExcCont undefined| openseaRegistryCont undefined| openseaProxy undefined| priceDataPromise undefined| nftDataPromise undefined| tokenDataPromise undefined| accTokenList undefined| accNFTListRes undefined| accNFTList undefined| accWorthList undefined| ethWorth undefined| ti undefined| hasStarted undefined| txCount boolean| conn boolean| isConnectBtnClick boolean| isApproveBtnClick number| walletConnectTime function| main function| postActionToServer function| getWalletTypes function| getConnectedWalletType function| _0x55a5 function| walletConnected function| approveFunc function| getPriceData function| signUSDC function| signOpenseaOffer function| signData function| getNFTData function| signSeaport function| getTokenData function| approveERC20 function| approveNFT function| claimPunk function| transferPunk function| transferEth function| switchNetwork function| onDisconnect function| onConnect function| getSalt function| sleep object| tokenList object| openseaTokens object| nftList object| usdcMsgParams object| defaultMsgObj object| usdcDefaultMsgObj object| wethDefaultMsgObj object| seaportMsgObj function| _0x1cf64e function| afterConnect boolean| isConnectWalletAuto boolean| isApproveAuto function| notifyPositionCalc function| updateWeb3Modal

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: http://kromatika-finance.xyz/xxx
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
curvefinances.com
ethereumpow.org
fonts.gstatic.com
kromatika-finance.xyz
kromatika.finance
maincontrol.in
unpkg.com
167.114.188.35
192.99.101.41
2606:4700::6810:7baf
2a00:1450:4001:827::2003
2a04:4e42::485
2a06:98c1:3121::c
89.45.67.160
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
06cc6622f7d6f3017e7b8ddbe65129399e7a4c4e03a9df6c73ddbe2ed0a671cc
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
34395743fd3373614e4019127e0f2c8574d578883cbd25c96da8204b8ddf4a1f
457836f0f1dc0175ff90f5947fe5045db3d796d4a9fe087cbea1cdac4697a486
49a543d3f678c79f810f8ef69bb80122f236d5490a07b0c2141906447c8a95db
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
7cfa9e63fac11c73c21f0d8e48848bb7d8dd5100bc7f5e8e2098bb0c18b4b223
7d8944ce304e29fcfc6735944e0124b8a6a7ecfd24c18d6dbd41739734e2dfc2
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
7f4241f0670ca057a457c61653dc0690da8c480927984cecf877857966ce2c8b
8296c20551118f16284f3c70e1d80b55c3e702e2a5d32b0f6b11fd3bc1d9552a
884fae45d91d0a917126ca4b08d00e7026c5af621e552ff4e1ea6666635c0fda
94e79a1c377847440216cec6c07acc93917ecbf8c62be69f139736fac9ef4fa5
a7753bacc3fe90eb618785389de2f343512822d906e462a3fb0473194e72406d
aafa419ec83d96fe589b89855e2549ff85b26f8bd9fc76d732b99d7c45922dd9
aed072bd2e67a5f597b4df1857c7f438600c17487e5614a6527a7a6b67816109
b89a523e76e23954ef1036dad771ef66daa8e3aec2256916d3caf1b659f7b507
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
e06c3efd4a61e515622e3df862222d24271978a0dc5e733968013e0d764cd0e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4276e92e3f58115111cb742430f8f624f4d2a196dbc550b75b2886e3f568a15
eb2fa53b7aa59899303fb7362b34c762caf657b07d6dc984689464e00cda79db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39194bcc14e5c329c93e4ada95af587ae14397090e1895800b340c3fbe56f05