urlscan.io logo urlscan.io
SecurityTrails logo

ketosiookexworks.today Open in urlscan Pro
2606:4700:3035::ac43:b3b6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ketosiookexworks.today/?shiny
Effective URL: https://ketosiookexworks.today/?shiny
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b Search All
Submission: On January 08 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3035::ac43:b3b6, located in United States and belongs to CLOUDFLARENET, US. The main domain is ketosiookexworks.today.
TLS certificate: Issued by GTS CA 1P5 on December 29th 2022. Valid for: 3 months.
This is the only time ketosiookexworks.today was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
14 2606:4700:303... 13335 (CLOUDFLAR...)
3 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
19 3
Apex Domain
Subdomains		 Transfer
15 ketosiookexworks.today
ketosiookexworks.today
4 MB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
2 KB
2 gstatic.com
fonts.gstatic.com
42 KB
19 3
Domain Requested by
15 ketosiookexworks.today 1 redirects ketosiookexworks.today
3 fonts.googleapis.com ketosiookexworks.today
2 fonts.gstatic.com fonts.googleapis.com
19 3

This site contains no links.

Subject Issuer Validity Valid
*.ketosiookexworks.today
GTS CA 1P5		 2022-12-29 -
2023-03-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ketosiookexworks.today/?shiny
Frame ID: 47ED3A82975A7083A875A52E17697FCB
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Main

Page URL History Show full URLs

  1. http://ketosiookexworks.today/?shiny HTTP 301
    https://ketosiookexworks.today/?shiny Page URL

Page Statistics

19
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

4534 kB
Transfer

4551 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ketosiookexworks.today/?shiny HTTP 301
    https://ketosiookexworks.today/?shiny Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ketosiookexworks.today/
Redirect Chain
  • http://ketosiookexworks.today/?shiny
  • https://ketosiookexworks.today/?shiny
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ketosiookexworks.today/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60d0019eae2911311aacb88d0b9fcd40e9006e9469bf8bb9e116906568d603e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
78685f4e7c8aaff9-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 08 Jan 2023 22:29:30 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyG%2FYYV4j3ZiQlU%2Bq2mRuWOa1eFYphTDlzLvo9GA%2FJrD3sJ8%2BtttR5UpbFEdH0bRszD6ckv7xG2u65yIeffqVwg48SVLYSn2KBHweOOu91L6oevLGnzVjnO020NIANlQ8M5tXzLS%2F5HCw1vCwQiWVKJZudkX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
78685f4e4a642047-NRT
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 08 Jan 2023 22:29:29 GMT
Expires
Sun, 08 Jan 2023 23:29:29 GMT
Location
https://ketosiookexworks.today/?shiny
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRRVRbvMUwRf2cxb9eJNd8qvvwqrd57kmXOCkBWQClaTSjTbtZZ3A%2FnXPaT%2Bht4N5%2BU2F9op2NK8%2FA3SYFlTR4YPVCA4pmRCys8eZwGre%2Fq4Fnl5sqIIoCia6Www7K9utNIe4j8Ie2NSx2xopTsh92Ms5pjJ"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
ketosiookexworks.today/lander/good-nutrition/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ketosiookexworks.today/lander/good-nutrition/style.css
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e61316ab7b459dea8fd413dba2d2377084248c6fac66918a1a8b37ddf6d4db1a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a79b91-1f30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8nXgw%2BFpPUVuEEyuHfzkWK2KhejzvvsUgI5RCy5KxpanPcvYMYpIei%2BaOUKpeFwrtbSNo2PYc9f1aDuixu0NOnM9FoHqjvnfXfcbjHtWuHPXxYijTqqABNwaP1%2FpZ%2FmJ%2BHiPU1foNKOKGByqaZ75Ss7mPOO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
78685f531858aff9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 18 Jan 2023 22:29:31 GMT
logo.png
ketosiookexworks.today/lander/good-nutrition/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/logo.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5375a6cf4c63594710873510879924b5092cc09c24e4272f21c3ff33e2838f0e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2173
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-87d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmO4N%2FguWwlg9tH1opmq%2BPWC6F8raA24wSLtmRP9i5C9Ztql4fNwHM1a8zsT4Cppg5lJBYmqO%2BhSDMOXzvIhpmprGy%2BB2SWoxff2MifBhR8Gnb34AaO4xatsToI%2BAiBblk3LCYTFhr48JUC0FEHl395UzkG6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f531859aff9-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
cosmetologist-doing-face-treatment-applying-face-mask%201.png
ketosiookexworks.today/lander/good-nutrition/images/ 		529 KB
529 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/cosmetologist-doing-face-treatment-applying-face-mask%201.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c94ad3496ed23acb19a622c822da2c6de71166f6b1e1d6da5164e5b4cd7b44e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
541305
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-84279"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSNHvEYgDuurmyavKSwT4AvSMVNc6UVYtipHzCZU1ckgwL%2FnSuMnpmYQZi3VOYPylRTIfBPNwQVtshx9TVUmG406MGnfBEir1aGmJ2LSstIFnWtZroJ3OGVLnvbutiAQkpMp1azp%2Fio8BIlWXBY%2Fmw%2BfWoiH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f533dc825e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
shea-butter-treatment-arrangement%201.png
ketosiookexworks.today/lander/good-nutrition/images/ 		474 KB
474 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/shea-butter-treatment-arrangement%201.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a551d85185694e091095232f3d3815016719b196e7406bf95e471a39e7aff2b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
484947
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-76653"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGx3i4BhcIHS4wOigH150qhZbo1%2BwDGgpmh%2FET7DnS8izs76HaWKR9OogzD20tROUEs0aNY6Xsl1fcNjamK8eIGeS%2B0QBhYwWbasIG7kqyjqFFGuiJYgMsDkOBl8sJeTlCF1WwW9nJ8qTlv%2BaR4wnfnOZ8mw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f533dca25e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
closeup-portrait-beautiful-woman-during-cosmetology-therapy-beauty-salon-professional-dermatology-procedures-lifting-rejuvenation-modern-devices-healthcare.png
ketosiookexworks.today/lander/good-nutrition/images/ 		535 KB
536 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/closeup-portrait-beautiful-woman-during-cosmetology-therapy-beauty-salon-professional-dermatology-procedures-lifting-rejuvenation-modern-devices-healthcare.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d49bbb43492db9ba18cbc6a1064d0207b45919666e05443b798e34c5b540a2d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
548009
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-85ca9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ay6FxxPLy%2FQItbmsQIrLhNpNhDoZ0c3h98vYpU425q4hWEZzhwRri9O0coqU0s8iN5QGGXkupvWzBiOk2IK6IS2ufPce4IammWpYcgTMlxgJTYAJFIOsIjXu9hVM3czJ1CGEgco1GO1R9d%2FGpQn3LFeyMQak"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f533dcb25e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
fb.png
ketosiookexworks.today/lander/good-nutrition/images/ 		616 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/fb.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4173b2eafb33cb4e729c529ec3d4e492e6ffa5aef514324bafaebd34bd1a68d0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
616
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-268"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGkEQ75ClsilXSJvSjHkx5IwkNhqSg1KufvMnIcmHo0DatUEkCy25zkosGI9c7P4oaMHPV63wjB0kvywGW3mqvfYDvPcEYs4FXqLqw46h5vuzkA4YY0RnPj1mCng75pNi56pm4OElr9ZiZgQQnovPTiS%2FZKr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f533dcc25e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
twitter.png
ketosiookexworks.today/lander/good-nutrition/images/ 		658 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/twitter.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7b70b3b825079a3994e2c52b0d9dd6a00e99696e6ac2a942c93cc3a5fbec4a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
658
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-292"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqW19%2BCzb5NX%2Fuyz%2B88K%2FVDDur3DY7MpJhRsYLvtTt6QExP1lMw3MLr4M9DwWVyAZoin9a5%2FkDB8NzPZGz2H%2BrisQm%2Bzo%2Fvny%2F23E1cAM2jMqZungCXt7NztZTZ1oVgh9a9s4RyGmCpXxK6XsD7z4uaJTg%2BJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f533dcd25e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
inst.png
ketosiookexworks.today/lander/good-nutrition/images/ 		677 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/inst.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/?shiny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011ccb0f6920520a6aee0b204f71a571dacc1045668e30695164b9c6ce41962f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
677
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-2a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4EBU464Bf3vMsMbnufLPqTLlTmOq4R9lsrOoKvnNGx%2F1yv3FnFhvArHK8CgizZDH8AdoQ94APz%2FkCF86wvBgF8lP5YSInv8Flyuh6ymekJd9ZZHxbjm3FnUtTBrondtgiPDN%2BswDWydgWyRo%2FusNEviyIC5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f533dce25e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,400&display=swap
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/lander/good-nutrition/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2bc4820584650f5a435f06c457276cc0917c85528f1b245e925378e2d944a810
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Jan 2023 22:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 08 Jan 2023 22:29:31 GMT
css2
fonts.googleapis.com/ 		2 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100&display=swap
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/lander/good-nutrition/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd99482eb437efe387d6dcdefc0371c9a03133083ac792e04497e18624a939d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Jan 2023 22:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 08 Jan 2023 22:29:31 GMT
css2
fonts.googleapis.com/ 		1 KB
515 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Prata&display=swap
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/lander/good-nutrition/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd28ea778fc7c83c8642512c671f55fcb5f073a266cf39e4ab12e4390eb6b77c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Jan 2023 22:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 08 Jan 2023 22:29:31 GMT
bg1.png
ketosiookexworks.today/lander/good-nutrition/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/bg1.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/lander/good-nutrition/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4947cc440177e733ea9f3dd658e7f7bb1b76572412ef67099a9bd733ad6cabea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/lander/good-nutrition/style.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1544501
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-179135"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpxiNLn3lEJo8h9zSNi7q08a7%2B69bdRezLiyDZPHnqsn4A0Fd%2BPXft1QiwACp19V3EV%2BtOCtzlR3z9nUQTsuomLk6DsNF3rSTJdPdRHbnbhbXu%2FHSeV%2FPDJ4bBBZGOy6scYzFha%2BPDCpyqb%2Fuh8KYjfTzHpF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f57891625e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
button.png
ketosiookexworks.today/lander/good-nutrition/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/button.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/lander/good-nutrition/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe93466d2181e8a43fa44a78e33e83c2365a3176786968f7ca9c2eb746cb11fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/lander/good-nutrition/style.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3293
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-cdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F35kGsSYPDns1zzM0oV8DnNHY1PROBO%2FQCASo11E5R36%2BGJppVR6pBp6W1uNj5mMYm20jDTTvywPMggARFqokGBzu%2ByA%2F0c27zAcGf%2Fq53aCyGPkD8vAs1Z3yR4Ii9afr8S9%2FBlbln9WslazW3U41IY55TSG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f57891725e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
bg2.png
ketosiookexworks.today/lander/good-nutrition/images/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/bg2.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/lander/good-nutrition/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cb810689c45245d6d4242b4496a5bc744353eaae4d46a47faf18be208d2243

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/lander/good-nutrition/style.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27692
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-6c2c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egdMT4o2iNj%2Fr34HsbnM%2BblmpdRExdO23vn%2BYqXGDFOX6dSKDePI6A30qmntHSnhUsi9JYH6cbPASlYDzwwhO7Jbe0Qmp6O58DZo3obm8XZuW2CFK4MO0zyOjHVk%2FOwCW5QbAOjLqeIaYsFXkT9sOHpcTzFk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f57891825e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
bg4.png
ketosiookexworks.today/lander/good-nutrition/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/bg4.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/lander/good-nutrition/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ebf49839ac2f8506fe10090bd546c5d5e0a9948b5aac4300170de3518cdc42e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/lander/good-nutrition/style.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1406543
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-15764f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivL4Oy8AqrW3OswnZ1sQmQwKyWUAgkAI4SG63BczFe721Iz8%2Fq1uhE9dpg9LmYaiQ%2Fxtp90n23Bk7qnV5vyEF5Idgh2UHb86BwHUgWdVjcifoeNRxGO9whNxl1JfM02SegEt5G6i7Qn%2FyNlvTJ%2F5eQ6rGG1P"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f57891925e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
bg3.png
ketosiookexworks.today/lander/good-nutrition/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketosiookexworks.today/lander/good-nutrition/images/bg3.png
Requested by
Host: ketosiookexworks.today
URL: https://ketosiookexworks.today/lander/good-nutrition/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b3b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2259d6562bfcf36dcaad3dd550accfeacd8f8173371d7df7eb3bdccda4e668

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ketosiookexworks.today/lander/good-nutrition/style.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 08 Jan 2023 22:29:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23232
last-modified
Sun, 25 Dec 2022 00:38:41 GMT
server
cloudflare
etag
"63a79b91-5ac0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h59Fx%2FF2lKWiduZv%2FGjP11hnfWHEsP90DUQb8zw1vTE9qdPnfucHmhrJ2l2RXsvhei7O8PKY1cV8qNCc%2BNTpJ9XkDWHj6XCZ8D920yrSz3fGdcb0%2FpMPwsi6yhvtXVQ7fW%2F1cSP3kfdjGquH4%2FPw2%2FlS3bFj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
78685f57991a25e6-NRT
expires
Wed, 18 Jan 2023 22:29:31 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ketosiookexworks.today
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 03 Jan 2023 22:28:37 GMT
x-content-type-options
nosniff
age
432054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30856
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 22:28:37 GMT
6xKhdSpbNNCT-sWPCm7bLnwI.woff2
fonts.gstatic.com/s/prata/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/prata/v18/6xKhdSpbNNCT-sWPCm7bLnwI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prata&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a49456e9b12046795b448735b57db12c03974f8bf9f82bb7dbf8c9ff0c1def44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ketosiookexworks.today
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 04 Jan 2023 20:26:04 GMT
x-content-type-options
nosniff
age
353007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11124
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:41:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:26:04 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

3 Cookies

Domain/Path Name / Value
ketosiookexworks.today/ Name: _subid
Value: 10e5sih35sfl
ketosiookexworks.today/ Name: afec5
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU0N1wiOjE2NzMyMTY5NzB9LFwiY2FtcGFpZ25zXCI6e1wiMTM5XCI6MTY3MzIxNjk3MH0sXCJ0aW1lXCI6MTY3MzIxNjk3MH0ifQ.xbXYchs60dNgfzHeMlzO0qJnGwDv43BNPqtbVjRlwb4
ketosiookexworks.today/ Name: _token
Value: uuid_10e5sih35sfl_10e5sih35sfl63bb43ca8800a4.08802669

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ketosiookexworks.today
2404:6800:4004:825::200a
2404:6800:4004:827::2003
2606:4700:3031::6815:4bb0
2606:4700:3035::ac43:b3b6
011ccb0f6920520a6aee0b204f71a571dacc1045668e30695164b9c6ce41962f
2bc4820584650f5a435f06c457276cc0917c85528f1b245e925378e2d944a810
3c94ad3496ed23acb19a622c822da2c6de71166f6b1e1d6da5164e5b4cd7b44e
4173b2eafb33cb4e729c529ec3d4e492e6ffa5aef514324bafaebd34bd1a68d0
4947cc440177e733ea9f3dd658e7f7bb1b76572412ef67099a9bd733ad6cabea
4ebf49839ac2f8506fe10090bd546c5d5e0a9948b5aac4300170de3518cdc42e
5375a6cf4c63594710873510879924b5092cc09c24e4272f21c3ff33e2838f0e
60d0019eae2911311aacb88d0b9fcd40e9006e9469bf8bb9e116906568d603e7
7a551d85185694e091095232f3d3815016719b196e7406bf95e471a39e7aff2b
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
8c2259d6562bfcf36dcaad3dd550accfeacd8f8173371d7df7eb3bdccda4e668
9d49bbb43492db9ba18cbc6a1064d0207b45919666e05443b798e34c5b540a2d
a49456e9b12046795b448735b57db12c03974f8bf9f82bb7dbf8c9ff0c1def44
bd99482eb437efe387d6dcdefc0371c9a03133083ac792e04497e18624a939d3
cc7b70b3b825079a3994e2c52b0d9dd6a00e99696e6ac2a942c93cc3a5fbec4a
e61316ab7b459dea8fd413dba2d2377084248c6fac66918a1a8b37ddf6d4db1a
f8cb810689c45245d6d4242b4496a5bc744353eaae4d46a47faf18be208d2243
fd28ea778fc7c83c8642512c671f55fcb5f073a266cf39e4ab12e4390eb6b77c
fe93466d2181e8a43fa44a78e33e83c2365a3176786968f7ca9c2eb746cb11fb