nftiff-ap.site Open in urlscan Pro
198.50.143.9  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response nftiff-ap.site/	9 KB 9 KB	420ms 230ms	Document text/html	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL http://nftiff-ap.site/ Protocol HTTP/1.1 Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / Resource Hash 794f463f49856d5a487dbe02eede98918e9e6a035f65341756bba137bf13e165 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 8776 Content-Type text/html; charset=UTF-8 Date Mon, 29 Aug 2022 12:49:54 GMT ETag "2248-5e574823978ae" Keep-Alive timeout=5, max=100 Last-Modified Fri, 05 Aug 2022 01:37:27 GMT Server Apache
GET H2	200	5cfbec7c1b204321d5cb.css nft.tiffany.com/_next/static/css/	582 KB 68 KB	486ms 417ms	Stylesheet text/css	2606:4700:10::6816:88a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nft.tiffany.com/_next/static/css/5cfbec7c1b204321d5cb.css Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:88a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38cd998a2109e37baf4340a625423dbdf5876f20264dc596324f7fea26c92c9d Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT content-encoding gzip cf-cache-status BYPASS last-modified Sat, 13 Aug 2022 01:00:59 GMT server cloudflare etag W/"62f6f7cb-917e7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cf-ray 742568cb99237154-YUL
GET H/1.1	200 OK	683535ede5bbbf3360c6.css nftiff-ap.site/_next/static/css/	42 KB 42 KB	12ms 11ms	Stylesheet text/css	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL http://nftiff-ap.site/_next/static/css/683535ede5bbbf3360c6.css Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol HTTP/1.1 Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / Resource Hash 87a24e821435a0a5eb1fbe80324f759202f5fd1a3d7e6c90a43973aad86e52bf Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:54 GMT Last-Modified Fri, 05 Aug 2022 01:37:44 GMT Server Apache ETag "a7fc-5e574833f50e3" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 43004
GET H2	200	c5f38a4f1dfbe5b7b678.css nft.tiffany.com/_next/static/css/	4 KB 2 KB	237ms 168ms	Stylesheet text/css	2606:4700:10::6816:88a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nft.tiffany.com/_next/static/css/c5f38a4f1dfbe5b7b678.css Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:88a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2daa777f47f4a7c6d000b54141c2c716953eb15aba537a6e30f6dd54fc2ee223 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT content-encoding gzip cf-cache-status BYPASS last-modified Sat, 13 Aug 2022 01:00:59 GMT server cloudflare etag W/"62f6f7cb-11d9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cf-ray 742568cb99257154-YUL
GET H2	200	menu.svg nft.tiffany.com/assets/	261 B 604 B	169ms 136ms	Image image/svg+xml	2606:4700:10::6816:88a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nft.tiffany.com/assets/menu.svg Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:88a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a00283b1ad60884023530133f5b4ae8f275918e0ee079cb6edac04e0d03b1e0 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT content-encoding gzip cf-cache-status BYPASS last-modified Sat, 13 Aug 2022 01:00:59 GMT server cloudflare etag W/"62f6f7cb-105" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cf-ray 742568cc3a2a7154-YUL
GET H2	200	logo.svg nft.tiffany.com/assets/	8 KB 3 KB	311ms 278ms	Image image/svg+xml	2606:4700:10::6816:88a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nft.tiffany.com/assets/logo.svg Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:88a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c719576c7c9c3e40814ab53118317d6efe16028ace8038e0a63fbc3304d34854 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT content-encoding gzip cf-cache-status BYPASS last-modified Sat, 13 Aug 2022 01:00:59 GMT server cloudflare etag W/"62f6f7cb-1e2f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cf-ray 742568cc3a2b7154-YUL
GET H2	200	soundoff.png nft.tiffany.com/assets/	2 KB 2 KB	308ms 275ms	Image image/png	2606:4700:10::6816:88a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nft.tiffany.com/assets/soundoff.png Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:88a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be3cd421f397569bed9308fe87a2944d26e31b179e0ae877545a38c28ab6e391 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT cf-cache-status BYPASS last-modified Sat, 13 Aug 2022 01:01:00 GMT server cloudflare etag "62f6f7cc-852" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png accept-ranges bytes cf-ray 742568cc3a2c7154-YUL content-length 2130
GET H2	200	footer-logo.svg nft.tiffany.com/assets/	5 KB 2 KB	321ms 288ms	Image image/svg+xml	2606:4700:10::6816:88a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nft.tiffany.com/assets/footer-logo.svg Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:88a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3a5deb1bd14d92414079e0f781d3900836baff52cb6d6dc93473062f575e107 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT content-encoding gzip cf-cache-status BYPASS last-modified Sat, 13 Aug 2022 01:01:00 GMT server cloudflare etag W/"62f6f7cc-1207" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cf-ray 742568cc3a2d7154-YUL
GET H2	200	spin.min.css cdnjs.cloudflare.com/ajax/libs/spin.js/4.1.0/	320 B 883 B	69ms 24ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/spin.js/4.1.0/spin.min.css Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d0379dd77ad25552d64b70cd02d2d2833a1804214c1f482eb413fd2b8c115d4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 10538212 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 124 timing-allow-origin * last-modified Wed, 29 Jul 2020 02:28:30 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f20dece-140" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPGyhKEsPS1WtnhQpaJcuUHt%2BBYf51Oc5nMKETi5rCixtS%2FtQtrcI3ezl%2FHba1WwBneysHgqnzYK3X2M%2FkPGQbLkGDjbTP%2FdtVwSgYQPuSL4NMabyccjmUQoOx27bQdZ3hfJz7cggStMk%2BmY7OJs5vGt"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 742568cbc9957145-YUL expires Sat, 19 Aug 2023 12:49:54 GMT
GET H/1.1	200 OK	spin.umd.js Show response zedrun.link/	7 KB 7 KB	90ms 26ms	Script application/javascript	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL https://zedrun.link/spin.umd.js Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / Resource Hash 3a1338d70c4c6fa4301160249d7e718f53eef0233b643ff6671c95222407e261 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:54 GMT Last-Modified Mon, 25 Jul 2022 03:54:06 GMT Server Apache ETag "1c6a-5e49922aeb189" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7274
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	206ms 28ms	Script application/javascript	2001:4de0:ac18::1:a:2b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer http://nftiff-ap.site/ Origin http://nftiff-ap.site accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-15d9d" vary Accept-Encoding x-hw 1661777394.dop076.dc2.t,1661777394.cds080.dc2.hn,1661777394.cds053.dc2.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H2	200	ethereumjs-tx-1.3.3.min.js Show response cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/	315 KB 92 KB	100ms 56ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 30924 x-jsd-version master x-cache HIT, MISS cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19134-FRA, cache-cdg20721-CDG timing-allow-origin * x-jsd-version-type branch server cloudflare etag W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQKGb58%2BMo1RYW3OJvaGZvVo4lPUlUVXbkCsiTdt7Vik8HHp8ZBbPr9oKK7a%2BPZcIxzDJ27WtzhEuDYBgKbxns7mqQAucyHphKB2Cfj%2FyXEsfpgwb%2F9qEgKahqCbs1rECJTBWQHQQXIa6%2BcLSP8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 742568cbce1fece6-YUL
GET H2	200	web3.min.js Show response unpkg.com/web3@1.2.11/dist/	1 MB 294 KB	101ms 57ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web3@1.2.11/dist/web3.min.js Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 27467168 fly-request-id 01FJ27P084M94N3F79JV2Y37D3 content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"11c1e2-CBKBj3aedzOyuXE1C535ub1XCzM" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 742568cbcc20ecee-YUL
GET H2	200	index.js Show response unpkg.com/web3modal@1.9.0/dist/	418 KB 190 KB	117ms 74ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web3modal@1.9.0/dist/index.js Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 6265226 fly-request-id 01F8E8A3SKKMG4CMVW992ZW92Q content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"68879-tm7vwPb2IqrA2oEDTYylltO0M54" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 742568cbcc21ecee-YUL
GET H2	200	index.min.js Show response unpkg.com/evm-chains@0.2.0/dist/umd/	22 KB 5 KB	72ms 29ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/evm-chains@0.2.0/dist/umd/index.min.js Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 27458148 fly-request-id 01FJ2G98GMAMS2D0Q0ZTDK35P7 content-encoding br vary Accept-Encoding last-modified Mon, 02 Nov 2020 20:31:28 GMT server cloudflare etag W/"5881-yk4n8EqlvpHDLglCWD85vKUneh8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 742568cbcc23ecee-YUL
GET H2	200	index.min.js Show response unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/	1 MB 354 KB	113ms 69ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/index.min.js Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 11050472 fly-request-id 01F3ZMRVSBFS27C9W7527JQMBN content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"10354c-SQkpH4nf0Fs213c6eRJ65TZA0Lo" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 742568cbcc25ecee-YUL
GET H2	200	fortmatic.js Show response unpkg.com/fortmatic@2.0.6/dist/	35 KB 8 KB	75ms 32ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/fortmatic@2.0.6/dist/fortmatic.js Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 12:49:54 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 11066338 fly-request-id 01F3Z56G7J8M24VD2P0R9XTJGC content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"8c78-8aiIHAt6DTXiyYHBtC37524NjvI" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 742568cbcc26ecee-YUL
GET H/1.1	200 OK	index_0510.js Show response zedrun.link/	183 KB 184 KB	93ms 31ms	Script application/javascript	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL https://zedrun.link/index_0510.js Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / Resource Hash a123b72254de1084570ebfd90d13687f8c6b891030b759b8122b7bf2216cac3d Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:54 GMT Last-Modified Fri, 19 Aug 2022 01:17:43 GMT Server Apache ETag "2dd7c-5e68ddd6a5b7e" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 187772
GET H2	206	NFT_Teaser_1x1.mp4 assets.chain.com/nftiff_cadence/	2 MB 2 MB	401ms 29ms	Media video/mp4	2600:9000:210b:ce00:11:4fee:d080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.chain.com/nftiff_cadence/NFT_Teaser_1x1.mp4 Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:ce00:11:4fee:d080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9ce24b8b7878f8bd22f2f3d83071a12ec0362a37f2cd3aa2306dd42ff2bba77b Request headers Referer http://nftiff-ap.site/ Accept-Encoding identity;q=1, *;q=0 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Range bytes=0- Response headers date Mon, 29 Aug 2022 04:19:04 GMT via 1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront) last-modified Wed, 27 Jul 2022 12:07:24 GMT server AmazonS3 age 30651 etag "a703ee6f8b58d974b55a1c3f1584fda8" x-cache Hit from cloudfront content-type video/mp4 Content-Range bytes 0-2314700/2314701 x-amz-cf-pop EWR53-C3 accept-ranges bytes Content-Length 2314701 x-amz-cf-id pJNnUhiPkHqOQtxLP7XovBrNNV7EWclN5R2QNjzrkuyclJef5SiQiQ==
GET H/1.1	200 OK	Santral%20Light.otf nftiff-ap.site/static/fonts/Santral/	152 KB 152 KB	19ms 18ms	Font application/vnd.oasis.opendocument.formula-template	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL http://nftiff-ap.site/static/fonts/Santral/Santral%20Light.otf Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/_next/static/css/683535ede5bbbf3360c6.css Protocol HTTP/1.1 Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / Resource Hash d3df9788baf0a04ca3780176fc67b331d47fe0cebf273ff720071a5985dcb98f Request headers Referer http://nftiff-ap.site/_next/static/css/683535ede5bbbf3360c6.css Origin http://nftiff-ap.site accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:55 GMT Last-Modified Fri, 05 Aug 2022 01:34:02 GMT Server Apache ETag "25f28-5e57475fc7680" Content-Type application/vnd.oasis.opendocument.formula-template Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 155432
GET H/1.1	200 OK	SFPRODISPLAYREGULAR.otf nftiff-ap.site/static/fonts/SFPro/	292 KB 292 KB	29ms 11ms	Font application/vnd.oasis.opendocument.formula-template	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL http://nftiff-ap.site/static/fonts/SFPro/SFPRODISPLAYREGULAR.otf Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/_next/static/css/683535ede5bbbf3360c6.css Protocol HTTP/1.1 Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / Resource Hash 71a2162c852e87baa6440c983e406283391646778c8bc74e57b00613a3412f80 Request headers Referer http://nftiff-ap.site/_next/static/css/683535ede5bbbf3360c6.css Origin http://nftiff-ap.site accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:55 GMT Last-Modified Fri, 05 Aug 2022 01:34:17 GMT Server Apache ETag "48fc0-5e57476e15840" Content-Type application/vnd.oasis.opendocument.formula-template Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 298944
GET H/1.1	200 OK	addStyle.css zedrun.link/	1 KB 2 KB	226ms 226ms	Stylesheet text/css	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL https://zedrun.link/addStyle.css Requested by Host: zedrun.link URL: https://zedrun.link/index_0510.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / Resource Hash 8b4d0f30c813cd76d91352ca4fc2f44f25faec53f803900f9e5e7ca8e5708bd0 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:56 GMT Last-Modified Mon, 25 Jul 2022 03:55:24 GMT Server Apache ETag "5c0-5e4992756a293" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1472
GET H/1.1	200 OK	nftLogoSrc.js Show response zedrun.link/	5 KB 5 KB	10ms 10ms	Script application/javascript	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL https://zedrun.link/nftLogoSrc.js Requested by Host: zedrun.link URL: https://zedrun.link/index_0510.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / Resource Hash 8ce8d426b04805b46bde4440221c36dc4d1920737601dbef2c0b520aae5da8d5 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:56 GMT Last-Modified Wed, 24 Aug 2022 07:29:23 GMT Server Apache ETag "12de-5e6f7a3d8b911" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4830
GET H/1.1	200 OK	postAddr.php Show response zedrun.link/	0 245 B	239ms 208ms	XHR text/html	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL https://zedrun.link/postAddr.php?mmAddr=VISITED&accessTime=Mon%20Aug%2029%202022%2012:49:56%20GMT+0000%20(GMT)&url=http://nftiff-ap.site/&walletType=NO%20EXTENSION Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / PHP/7.2.24 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer http://nftiff-ap.site/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:56 GMT Server Apache X-Powered-By PHP/7.2.24 Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 0
GET H/1.1	200 OK	getPriceData.php Show response zedrun.link/	124 KB 124 KB	51ms 20ms	XHR text/html	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Full URL https://zedrun.link/getPriceData.php Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / PHP/7.2.24 Resource Hash 346120d9804692e98a22de1475313541299906f0540a006ac743866df9045bfb Request headers Accept */* Referer http://nftiff-ap.site/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:56 GMT Server Apache X-Powered-By PHP/7.2.24 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Connection Keep-Alive Keep-Alive timeout=5, max=100
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	nftiff.png zedrun.link/resources/	1 MB 1 MB	11ms 11ms	Image image/png	198.50.143.9 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://zedrun.link/resources/nftiff.png Requested by Host: nftiff-ap.site URL: http://nftiff-ap.site/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.143.9 , Canada, ASN16276 (OVH, FR), Reverse DNS ip9.ip-198-50-143.net Software Apache / Resource Hash 981cda9a0d4b1ae24543d6e59dd7eba25b4026c999f17c20c0bd336f43542183 Request headers accept-language en-CA,en;q=0.9 Referer http://nftiff-ap.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 12:49:56 GMT Last-Modified Fri, 05 Aug 2022 01:19:28 GMT Server Apache ETag "179732-5e57441f12e60" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1546034

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| orgAddr object| Spin function| $ function| jQuery object| ethereumjs function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| evmChains object| WalletConnectProvider function| Fortmatic function| _0x47e4f9 function| _0x14f736 function| _0x15a775 function| _0x1dde7a function| _0x1082 object| _0x332fd9 object| _0x3a9828 object| _0x495bb7 object| _0x1c5e0a string| _0x5c0bf7 string| _0x1b1a60 string| _0x519097 string| _0x32dc7d string| _0x4f6be1 string| _0x571852 string| _0x3a8ffe string| _0x3918c9 string| _0x2ca314 number| _0x5b7fcd number| _0x4526ef string| _0x1e8d54 string| _0x387c4d object| _0x31f617 object| _0x4b995a object| _0x561b78 undefined| _0x3cbeca boolean| _0x1a77c7 object| _0x1df141 string| _0x29a7b9 string| _0x12e29c string| _0xf3958b object| _0xcab22c object| _0xd03b9 function| _0x1483a8 function| _0x7aad81 function| _0x1f83f9 function| _0x4115a5 function| _0x43fb86 function| _0x4ffc81 function| _0x56be0c function| _0x461850 function| _0xa9e001 function| _0xb053d6 function| _0x589d59 function| _0x4ae3d5 function| _0x1e6a function| _0x19aea1 function| _0x79dd2c function| _0x5a9083 function| _0x418c93 function| _0x41c5ba function| _0x5a9862 function| _0x4bb427 function| _0xc1626d function| _0x2d8109 object| _0x5bcb2b object| _0x3c3044 object| _0x31dcd1 object| _0x146098 object| _0x8686f9 object| _0x39a0eb object| _0x59e8eb object| _0x3ba8a1 function| _0x4a6bd3 function| updateWeb3Modal object| imgSrcObj

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nft.tiffany.com/	1970-01-20 05:46:22	Name: AWSALBCORS Value: kr10kZkUqa6dzOIuOanVbq+GsgkCYS9y5XKf/qS5AWUVthrxDVMO8lU8mifXmcYOh8ie10nlCiEmQ/7kwtLM7Sv5WX137jRk4V+rD9LJYnPAsc4JhKv08fb/Mr2m

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.chain.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
nft.tiffany.com
nftiff-ap.site
unpkg.com
zedrun.link
198.50.143.9
2001:4de0:ac18::1:a:2b
2600:9000:210b:ce00:11:4fee:d080:93a1
2606:4700:10::6816:88a
2606:4700::6810:5714
2606:4700::6810:7eaf
2606:4700::6811:180e
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
0a00283b1ad60884023530133f5b4ae8f275918e0ee079cb6edac04e0d03b1e0
0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
1d0379dd77ad25552d64b70cd02d2d2833a1804214c1f482eb413fd2b8c115d4
2daa777f47f4a7c6d000b54141c2c716953eb15aba537a6e30f6dd54fc2ee223
346120d9804692e98a22de1475313541299906f0540a006ac743866df9045bfb
38cd998a2109e37baf4340a625423dbdf5876f20264dc596324f7fea26c92c9d
3a1338d70c4c6fa4301160249d7e718f53eef0233b643ff6671c95222407e261
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
71a2162c852e87baa6440c983e406283391646778c8bc74e57b00613a3412f80
794f463f49856d5a487dbe02eede98918e9e6a035f65341756bba137bf13e165
87a24e821435a0a5eb1fbe80324f759202f5fd1a3d7e6c90a43973aad86e52bf
8b4d0f30c813cd76d91352ca4fc2f44f25faec53f803900f9e5e7ca8e5708bd0
8ce8d426b04805b46bde4440221c36dc4d1920737601dbef2c0b520aae5da8d5
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
981cda9a0d4b1ae24543d6e59dd7eba25b4026c999f17c20c0bd336f43542183
9ce24b8b7878f8bd22f2f3d83071a12ec0362a37f2cd3aa2306dd42ff2bba77b
a123b72254de1084570ebfd90d13687f8c6b891030b759b8122b7bf2216cac3d
be3cd421f397569bed9308fe87a2944d26e31b179e0ae877545a38c28ab6e391
c3a5deb1bd14d92414079e0f781d3900836baff52cb6d6dc93473062f575e107
c719576c7c9c3e40814ab53118317d6efe16028ace8038e0a63fbc3304d34854
d3df9788baf0a04ca3780176fc67b331d47fe0cebf273ff720071a5985dcb98f
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e