nitrojade.com
Open in
urlscan Pro
2606:4700:3031::6815:abc
Public Scan
Submission Tags: phishingrod
Submission: On April 04 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by E1 on February 12th 2024. Valid for: 3 months.
This is the only time nitrojade.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2606:4700:303... 2606:4700:3031::6815:abc | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:80f::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.240.108.76 172.240.108.76 | 7979 (SERVERS-COM) (SERVERS-COM) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::2001 | 15169 (GOOGLE) (GOOGLE) | |
25 | 9 |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
nitrojade.com
nitrojade.com |
263 KB |
6 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 167 |
206 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
66 KB |
1 |
gstatic.com
fonts.gstatic.com |
30 KB |
1 |
topcreativeformat.com
www.topcreativeformat.com — Cisco Umbrella Rank: 90148 |
708 B |
1 |
placehold.co
placehold.co — Cisco Umbrella Rank: 90438 |
2 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38 |
947 B |
0 |
replit.com
Failed
replit.com Failed |
|
25 | 8 |
Domain | Requested by | |
---|---|---|
8 | nitrojade.com |
nitrojade.com
|
4 | pagead2.googlesyndication.com |
nitrojade.com
pagead2.googlesyndication.com |
4 | cdnjs.cloudflare.com |
nitrojade.com
|
2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.topcreativeformat.com |
nitrojade.com
|
1 | placehold.co |
nitrojade.com
|
1 | fonts.googleapis.com |
nitrojade.com
|
0 | replit.com Failed |
nitrojade.com
|
25 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
zatoga.pages.dev |
trivialime.com |
gptzero-bypass.retrospicer.repl.co |
zato.ga |
link-shortener.retrospicer.repl.co |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nitrojade.com E1 |
2024-02-12 - 2024-05-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
placehold.co GTS CA 1P5 |
2024-02-07 - 2024-05-07 |
3 months | crt.sh |
topcreativeformat.com R3 |
2024-03-20 - 2024-06-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://nitrojade.com/
Frame ID: 3F2E53E0A497275C54D7E922741B13BA
Requests: 23 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2384965333596074&output=html&adk=1812271804&adf=3025194257&lmt=1712213851&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnitrojade.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712213851219&bpp=6&bdt=85&idt=93&shv=r20240402&mjsv=m202403280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7081413963782&frm=20&pv=2&ga_vid=1779590458.1712213851&ga_sid=1712213851&ga_hid=1225382290&ga_fc=0&u_tz=120&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44785293%2C44795922%2C95325425%2C31082333%2C95322329&oid=2&pvsid=3598538063206547&tmod=1823793423&uas=0&nvt=1&fsapi=1&fc=1920&brdim=590%2C570%2C590%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=113
Frame ID: 8AEF713A01DF6CA6C6950078A3BB7EF6
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCB3F2D77B434F2DB4E42D75FF86F709
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
NitroJade DevelopmentDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Popper (Miscellaneous) Expand
Detected patterns
- <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Zatoga
Search URL Search Domain Scan URL
Title: Trivialime
Search URL Search Domain Scan URL
Title: SleeperGPT
Search URL Search Domain Scan URL
Title: Visit Zatoga
Search URL Search Domain Scan URL
Title: Visit LinkIt
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://gptzero-bypass.retrospicer.repl.co/media/icons/SleeperGPT-logos.jpeg HTTP 308
- https://replit.com/replid/3198bfc9-6fbd-4b56-a7b4-afd09b52ef7f
- https://link-shortener.retrospicer.repl.co/images/logo.png HTTP 308
- https://replit.com/replid/602f9109-f439-4775-ad8d-0b862f1cd445
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
nitrojade.com/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/css/ |
158 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
nitrojade.com/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 947 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
145 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-text.png
nitrojade.com/icons/ |
80 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
nitrojade.com/icons/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zatoga-logo.png
nitrojade.com/icons/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
trivialime-icon.png
nitrojade.com/icons/ |
118 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
3198bfc9-6fbd-4b56-a7b4-afd09b52ef7f
replit.com/replid/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
602f9109-f439-4775-ad8d-0b862f1cd445
replit.com/replid/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
white
placehold.co/500x500/lightgreen/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.9.3/umd/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/ |
62 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nitrojade-badge.js
nitrojade.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403280101/ |
405 KB 138 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
www.topcreativeformat.com/b6c5da961306c8f8c6c75322174c5787/ |
0 708 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
pagead2.googlesyndication.com/pagead/ Frame 8AEF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
nitrojade.com/ |
6 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCB3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- replit.com
- URL
- https://replit.com/replid/3198bfc9-6fbd-4b56-a7b4-afd09b52ef7f
- Domain
- replit.com
- URL
- https://replit.com/replid/602f9109-f439-4775-ad8d-0b862f1cd445
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240402&jk=3598538063206547&bg=!BQalBknNAAYQOWS2MDk7ADQBe5WfOHyZzX_Nv-U2Kuw4XU1Ay968S1MKfFLD3RYU6WrzhinxdAzCEKSTtGhLdBIYMiluAgAAADNSAAAAAmgBB34ANexSHqNuoWqLWuQk38Fg3QU3G6QUwHpHUy94LWdUK_E_7otnhvTm9w5SxHv3Tvzh0B62lov-mQKYLamTOEfYbT_CkyvmQd9qBmcUFkBYev6AKGgZZWoFds_KDOobStUq5K0ilGbxDWJ-gjRSuYIGugk-D9hXvegizwxeU2B4X1p89_mYRqJhIB4fgO_AEO7bOagh5pqom3bp0o3Hvik7FQ-tsLzyyxebuvVOmJ5YlvaQxCND-T9lEzGmYJcRYRs9dVxOGS7GnBMSA4GZsGzbqVvgIgSDav4eCEGOAe90FpSp_PrgDCLqyEamzSVxMw7cIzX5b5Kz-vk4IZgntzhoJN5-fGz_Qc6Nst15IoUmYWnARI0c841fUFsuB-Vu2H5VFe4JYpFjcAu8jPeUjGXcFqjm80k11Dw5xv-OqsszyzM7pRoZmq2iwH02sHpaevNXUr8zz7pPyVCHMyxtWhbfVOFAE2aekstkjJx9swV9VkJhoLCL27uCwjJY_jrXmqKzuAkN8QtuYI0_mevsdX7zvNwC0Hy_mtFzzcXDLPEsto2H1GtinynoF1wYml-KIocBdLoANV3wFvgLK3APnlXJ6Ow8PCVd_F36dFkvSCWZ0eHwPPuGkvdtiuP75NQ06bEg3gsG5MtGc7dwO-VaYTHJs2BH-iafh1RvZo4qf6JfaqwAbgfuL6aKV9_Dt-vRHmrLbHkoTypmVRPGE7gFg3OfCBOLYvQ3MgyulEA-BHmc_2oHF__czmnbKAQtgF7vlKaeZi5aXMZyOXnHliEq7hIU987M1zC9GCJ-U6HVNnkehIFqyFPucwNO4DhyeSferZISVb1MxsvUF93BVzpffg5tcBuY6iYICWHxOkcDuZ-euCq_gP-r3SIGRJ5Y9fR8SYsNHsGhnvHw7DxCBcUgyb4yxPPhvmie8HG4UcAOJXCj5omqJZ9oNRruIK4tMMGJtamxFQ
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| atOptions function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery object| Popper object| bootstrap object| GoogleGcLKhOms object| google_image_requests2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.replit.com/ | Name: __cf_bm Value: vmHMUP3SsAmCW_XMpJLwZWtJVIuAevZXCB3kyszUL_A-1712213852-1.0.1.1-BVLQxlv1vxC3xCSOYdNvXy.2tQZmhT69ECxhK1Hervr_CgsV1j56MZ1jDuhuwn.S9aFbzLH4aohGuqIT1mCUNA |
|
.replit.com/ | Name: _cfuvid Value: 0ZO7csbid6y.X_gzX0B3W8bWVAIfpT0mQvqdQYfUirM-1712213852036-0.0.1.1-604800000 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
nitrojade.com
pagead2.googlesyndication.com
placehold.co
replit.com
tpc.googlesyndication.com
www.topcreativeformat.com
pagead2.googlesyndication.com
replit.com
172.240.108.76
2606:4700:3031::6815:abc
2606:4700::6811:190e
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2003
2a06:98c1:3121::3
06c9e8cc1240cfe3dfe6d5c878899d3b7b39961e832d12e0d4ad6b25c555a6ab
31a9fd24cf524f580a887262919063a917fd4f33da70d94b0a101397fddf6376
3cc96479c673d15360bf9fc4f23349d495bef56ba32b60253cad9882d833e50d
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c96fb920d1cab0685bd779c92216eabfad862bbb76132eb67f01eba906d05fd
809ec70cf2b05edac45a0adddb27a279126ec66d32b34dd8de79c23d4bfb1eb8
98a1437f5c3d88f1c878b478cbe9e7571be0f10c79e959fcc2ad16ade1218c19
b62c394d5342b7441edc91773e477ee2deaee65a48e47360c95e894f38453125
bffb6d28544cb70bfb0ba30f7034d0f419541394d063230766c2a506f72f18ef
ccc0ee783158d1ab3ae590ef8c982a827e38e8b82fd121551cdd4c20041fcd1b
cf8106f71284230107f3b2d6af1849b6b2c11da017e99582e9af7c241e6b202b
d1e91f229fda9d551cf2078f035fa1ba6f0d8159579f504dab48051bccf4e9e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88f237b0138697685f3f4a86ca7eaa0785100f5afb8d277d64d0f41dd65f648
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
f27bf21fd2ef497098ef86c1237a6616284edda7a35ef5f91d7f153abbea532f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e