www.newsdle.com
Open in
urlscan Pro
185.149.109.53
Public Scan
Effective URL: https://www.newsdle.com/schools-competition
Submission Tags: https://phish.report @phish_report Search All
Submission: On March 28 via api from FI — Scanned from GB
Summary
TLS certificate: Issued by R3 on January 28th 2022. Valid for: 3 months.
This is the only time www.newsdle.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN205072 (LAYERSHIFT, GB)
PTR: b9956d35.reverse.layershift.co.uk
www.newsdle.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
newsdle.com
www.newsdle.com |
1 MB |
6 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3152 ka-f.fontawesome.com — Cisco Umbrella Rank: 5770 |
176 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 94 |
499 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 188 |
114 KB |
1 |
reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1926 |
157 B |
1 |
sprintserver.co.uk
ts.k8s.sprintserver.co.uk |
157 B |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 98 |
347 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107 |
1018 B |
1 |
campus-site.com
app8.campus-site.com |
858 B |
1 |
redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1766 |
8 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 333 |
1 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 882 |
30 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 132 |
64 KB |
32 | 13 |
Domain | Requested by | |
---|---|---|
13 | www.newsdle.com |
www.newsdle.com
|
5 | ka-f.fontawesome.com |
kit.fontawesome.com
www.newsdle.com |
2 | www.facebook.com |
www.newsdle.com
|
2 | connect.facebook.net |
www.newsdle.com
connect.facebook.net |
1 | alb.reddit.com |
www.newsdle.com
|
1 | ts.k8s.sprintserver.co.uk |
app8.campus-site.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
www.newsdle.com
|
1 | app8.campus-site.com |
www.newsdle.com
|
1 | www.redditstatic.com |
www.newsdle.com
|
1 | cdnjs.cloudflare.com |
www.newsdle.com
|
1 | kit.fontawesome.com |
www.newsdle.com
|
1 | code.jquery.com |
www.newsdle.com
|
1 | www.googletagmanager.com |
www.newsdle.com
|
32 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
play.google.com |
apps.apple.com |
www.facebook.com |
twitter.com |
www.instagram.com |
www.linkedin.com |
eepurl.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.newsdle.com R3 |
2022-01-28 - 2022-04-28 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-03-17 - 2022-06-09 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-01-05 - 2022-04-05 |
3 months | crt.sh |
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-17 - 2022-08-16 |
6 months | crt.sh |
*.campus-site.com R3 |
2022-03-08 - 2022-06-06 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-03-17 - 2022-06-09 |
3 months | crt.sh |
ts.k8s.sprintserver.co.uk R3 |
2022-02-01 - 2022-05-02 |
3 months | crt.sh |
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-17 - 2022-08-16 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.newsdle.com/schools-competition
Frame ID: 3DB53AF296F1331B6C1A3385E8DF335F
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
Competition | NewsdleDetected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Join Now
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
schools-competition
www.newsdle.com/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
173 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
www.newsdle.com/js/ |
5 MB 895 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc80a7978d.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
www.newsdle.com/css/ |
182 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar.css
www.newsdle.com/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newsdlecolor.css
www.newsdle.com/css/ |
19 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.css
cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newsdle-logo.png
www.newsdle.com/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newsdle-square-clear.png
www.newsdle.com/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
competition22.jpg
www.newsdle.com/img/ |
108 KB 108 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-play.png
www.newsdle.com/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-store.png
www.newsdle.com/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.inview.js
www.newsdle.com/js/ |
2 KB 1007 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.js
www.redditstatic.com/ads/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking.js
app8.campus-site.com/assets/application/js/ |
1 KB 858 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
3 KB 2 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 1018 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 347 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nexa-bold.otf
www.newsdle.com/fonts/ |
30 KB 30 KB |
Font
application/vnd.oasis.opendocument.formula-template |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nexa.otf
www.newsdle.com/fonts/ |
29 KB 30 KB |
Font
application/vnd.oasis.opendocument.formula-template |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
545343933434388
connect.facebook.net/signals/config/ |
307 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
ts.k8s.sprintserver.co.uk/ |
36 B 157 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp.gif
alb.reddit.com/ |
42 B 157 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| fbq function| _fbq function| gtag object| dataLayer function| rdt string| c_id function| $ function| jQuery object| FontAwesomeKitConfig object| google_tag_manager object| google_tag_data object| gaGlobal object| __core-js_shared__ object| core function| setImmediate function| clearImmediate function| _ function| Popper function| axios function| Pusher object| Echo function| Vue function| sprintf function| vsprintf object| is function| moment object| regeneratorRuntime function| io object| app function| onYouTubeIframeAPIReady function| setCookie function| getCookie string| campusBaseURL string| trackingURL object| xmlhttp string| send_data object| configArgs number| pixelRatio number| width number| height object| screenSize boolean| isBetaAdvertiser object| labels9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.newsdle.com/ | Name: XSRF-TOKEN Value: eyJpdiI6Ii8rVkdjQlNqekpQZGtTTjVHNnkxR2c9PSIsInZhbHVlIjoia1NiMVZSeUdPNFRxa05QYmpFUmhNL2dLNmsvKytIeTY5NDdSQ0s1SjFpNGZkU0Z4ekdCd21yanVMOVRDdklwTklLV0d4WUdRRDRLRE94dHN4VStzNGxxczBoczl6bDJLMG8reHgvQUNTOG9xVlAzNXExR2o4MmJ1U2JrdXJqS2siLCJtYWMiOiJlODgwMTYyNmJkNGNmZDMxMTliYzc4NDVjOTBjNWQ2NzlmMjRiNzdiZDdiMGMzMDIzYjI0ZGY5NDYyOGEwMzVhIiwidGFnIjoiIn0%3D |
|
.newsdle.com/ | Name: newsdle_session Value: eyJpdiI6IktjUU5UK2MyZ0ZOVjhHbHgrbTloK1E9PSIsInZhbHVlIjoiUTBTa3JxSDZ4VEtzZENyNzJyb0Ywcm5VVUphQ044cWRldC9nY2FvSXZrM3d6TE43T2MxTUxtZy9tM1J6d0kxSUMzMXhzbUp3WUZ5bjBWc08zbXRWS0ZKQmNDVXVoMWxOaGY1TjBkTWR0ZkxlL05LM2t5UkVBZ3M2a011OHI2WXQiLCJtYWMiOiIxZDJhMjczMDZkZGQ2OGFlMzcxNTY4NGMyMmQyODNlMDlkNjZjMmRjNTM5NzE4M2U4NWVmNDE5NDYwM2Y2MTNiIiwidGFnIjoiIn0%3D |
|
www.newsdle.com/ | Name: SRVGROUP Value: common |
|
.newsdle.com/ | Name: _ga_CKRTGQ2RF3 Value: GS1.1.1648482075.1.0.1648482075.0 |
|
.newsdle.com/ | Name: _ga Value: GA1.1.1599567675.1648482076 |
|
.newsdle.com/ | Name: _rdt_uuid Value: 1648482075800.09e383c7-dc90-4026-99be-8522e7acf810 |
|
.newsdle.com/ | Name: _fbp Value: fb.1.1648482075815.1473481225 |
|
.facebook.com/ | Name: fr Value: 0hEY7NSIfc2lr7BLu..BiQdcb...1.0.BiQdcb. |
|
www.newsdle.com/ | Name: cc_cookie_id Value: c28e5fe4-afe3-43df-b2d8-0c744b5cd97b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alb.reddit.com
app8.campus-site.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
ts.k8s.sprintserver.co.uk
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.newsdle.com
www.redditstatic.com
151.101.1.140
157.245.29.113
185.149.109.53
2001:4de0:ac18::1:a:3a
2606:4700::6810:135e
2606:4700::6812:1734
2a00:1450:4001:809::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::396
2a06:98c1:3120::7
68.183.254.90
01471db127f703a743514a3475f443801b6da4f797c86237f0be921472efbe37
09eeaa61b336d90e9696174fc71a61b4cbe3222738d619e2a249d8d8de8c5a86
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1621b68616ffe054b66116bd73ee8eeb15bb3519111d267bed919ca098dfc5ea
1d899ab4a2f43dd1dbfb20cc50346678afcdf6f85778b875b318ece3cb9e311a
3a52bad7a0dabc0a446ef629c8c77588875a54e62bdb3acbd9938b558bf66b65
3c611b3055608248d521993f3cf8aa7b73735e9b38c3b2cf2363d6d004765441
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
560e2a7c71152e105c471706a438901c07a55d01105af39a4c2804f7f0ef727a
63bd8233c5a345c8c59e1f6485b5d04f8496911d11fe077ac89e05eb38035a54
640a0413526c93f39ea41a50d7ace9f559ec5d69ab954056db236a10a813ff4d
6473c18cd5302d6e3e9e7e97990aa50616ab679726c44c515adeca53ed5edacd
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8e869c11801d33d3c00de3a6bd70c7cd4089ba02c587a0cb3d23a71c3b9d455e
90bd43345a25c06d587921bf910e4f729f3137998cbf901a6e324ce488ccddb6
9220644af8fd680f836a1228383a712d2d4eb3a91e1cede8d62c75d0b755d0cb
a6faae161b945ac93f29e8bb7f642edce7edde1cc8b6fa530e518bfd3687c194
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
c161a8972fd2f4518dec78e82278e00e0d7cff30ac2f2af313a9584bf0e1a2e4
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c6a1eb81f63834acc1b23f80e0c2111a5f2612c4e1ef947bf92e399ccdfb3e0e
dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d
e3841e8949434432ce550165041f75897b54e895b2f079b4dff8b35415af17fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec810f73e9b9799948c2b94de8f5ae8806c456e030804132a6d39ee0dd2213f0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5fa8a0a6b380e41e3c75f15622c014bde1a4b1321dc85a41a2dd72f9675a17a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda